Presentation Material
Abstract
Video’s are listed below
Facebook have millions of users and nearly everyone wants to have a look at others profile, read their messages to know their secret and facebook itself provides a method to do so. A direct link to your account which will bypass username, password, checkpoint and userβs location based authentication. On successful crafting a legitimate URL one can get unrestricted and full access to the account. Here we will discuss the various parts of the URL and how to form a direct access URL.
AI Generated Summary
The talk focused on security vulnerabilities in Facebook, specifically on a direct link that can bypass various security features. The link, generated by Facebook for users who opt to receive notifications by SMS, contains a secret key and the user’s Facebook ID. This link can be used to access a user’s account without requiring a username or password, and can also bypass checkpoint and geolocation security features.
The researcher presented four types of links that can be used to access a Facebook account, including a type three link that can be brute-forced to obtain the direct link of millions of accounts. The link can be used to access an account, view messages, and modify privacy settings without being tracked by Facebook.
The researcher demonstrated the vulnerability using a test account, showing how the link can be used to access an account without requiring a login notification or username and password. The demonstration also showed that Facebook cannot track who has accessed the account using this link, making it difficult to detect and prevent unauthorized access.
The practical implications of this vulnerability are significant, as it can be used by attackers to access and manipulate Facebook accounts without being detected. The researcher’s findings highlight the need for Facebook to improve its security measures to prevent such vulnerabilities and protect user accounts.