[Full-disclosure] [TEHTRI-Security] Facebook Security Issues through HTML Iframes
- From: Laurent OUDOT at TEHTRI-Security <laurent.oudot-ml@xxxxxxxxxxxxxxxxxxx>
- Date: Mon, 12 Sep 2011 15:44:17 +0200
Here are humble thoughts about potential security issues against
facebook end-users, thanks to html iframes and evil crafted profiles/pages:
issues, and phishing simulation to grab login/password of some facebook
Notice that we didn't share offensive source code, as we don't want evil
people to play against facebook end-users. We just want to help people
at being more paranoid when they are on Internet, and Facebook is a
great place for that.
Laurent ESTIEUX (CTO TEHTRIS) & Laurent OUDOT (CEO TEHTRIS)
TEHTRI-Security - "This is not a Game"
Register to our international training (2011):
- Hack In The Box - Kuala Lumpur - "HUNTING WEB ATTACKERS"
- Black Hat - Abu Dhabi - "ADVANCED PHP HACKING"
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- Prev by Date: [Full-disclosure] [SECURITY] [DSA 2304-1] squid3 security update
- Next by Date: [Full-disclosure] Orion SolarWinds XSS attack
- Previous by thread: [Full-disclosure] [SECURITY] [DSA 2304-1] squid3 security update
- Next by thread: [Full-disclosure] Orion SolarWinds XSS attack