1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Facebook mobile fb_dtsg exploit

Discussion in 'FaceBook' started by Maxell, Sep 28, 2011.

  1. Maxell

    Maxell Regular Member

    Joined:
    May 10, 2007
    Messages:
    456
    Likes Received:
    563
    hey guys, the latest FB script was exploiting mobile version.. we were ale to iFrame this url :)

    http://m.facebook.com/ajax/dtsg.php

    and the form only looking for fb_dtsg regardless of post_form_id :)

    so you get the idea :) for future findings..

    cheers
     
  2. pole88

    pole88 Newbie

    Joined:
    Jul 14, 2009
    Messages:
    27
    Likes Received:
    0
    what to do with it?
     
  3. Crazy

    Crazy Jr. Executive VIP

    Joined:
    Jun 13, 2009
    Messages:
    640
    Likes Received:
    319
    Occupation:
    VB, C#, XHTML, CSS, PHP, MySQL, JavaScript, jQuery
    Location:
    Everywhere
    X-Frame-Options: Deny

    Finito.