Facebook Vulnerability allows any one to Ddos the sites using Facebook servers

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

According to chr13 Facebook Notes allows users to include <img> tags. Whenever a <img> tag is used, Facebook crawls the image from the external server and caches it. Facebook will only cache the image once however using random get parameters the cache can be by-passed and the feature can be abused to cause a huge HTTP GET flood.

Reading a ‘Note’ created by anyone on the Facebook could trick you automatically to do malicious attacks against others unknowingly

Initial Response: Bug was denied as they misinterpreted the bug would only cause a 404 request and is not capable of causing high impact.

Researcher demonstrated the proof-of-concept with 400 Mbps attack, by attacking on his own web serve
DDoS Websites Using Facebook Servers


The following two tabs change content below.

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Leave a Reply