Zero-Day Facebook Hack, Phishing on an all new Level, target=”_blank” Vulnerability

Facebook hacking has always been the first thing one wishes to do in cyber security field. And those who are familiar with the current scenario knows that its not that easy to hack facebook. One can hack Facebook user but not facebook. Here we are also going to do that. We are going to use the famous technique phishing but all together a new way so that the user has no chance to get away. We will be using a vulnerability in facebook that will help us go smooth.

Prerequisite:

I assume that you all know about phishing and how to create facebook phishing page. If you don’t, I suggest to see online tutorial for that, there are plenty for phishing.

What is target=”_blank”

target=”_blank” is a vulnerability which gives newly opened tab the power to control the old tab. Assume you have a window open in front of you. it contains a link to click. You click on it and it opens in the next tab. This happens because of html code that consists of target=”_blank” operator but if used improperly can be very dangerous.

Facebook by default add target=”_blank” in every link that is posted on it.

How to Hack

Simple create a phishing page and host it on so many available free hosting available. Here the difference comes, create another page with some meaningful information. For example this blog. The catch is to include the following code in the program of your created page:

  if (window.opener) { opener.location = 'http://your phishing-page-link'; }

Now post the webpage link on facebook where you people to come and get hacked. People will come normally and click the link, it will open a new tab to the link with usefull information as we gave that link only, but silently the facebook page will redirect to your phishing page in background. When user come back and see’s login page he will just think an accidental logout and fills his/her credential and there you have it……;-)

If still confused here are some pointers:

  • 2 webpages need to be created. A phishing and one with useful content.
  • No changes to phishing page
  • put above given code with your phishing website link in your created useful content page.
  • Give link of useful content on facebook.

Fun fact

  • It works with mostly all social media and blogging.

  • Its always gonna be there as this has been already reported to facebook but no action taken

Is there a solution

Yes, there is, just put rel=”noreferrer” in addition to target=”_blank”. That’s enough.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s