above all demeaning above all demeaning
Home
Articles
About
Revealing Facebook Application XSS Holes
by theharmonyguy on August 31st, 2009
Beginning tomorrow, September 1st, I on frank posting bursting mechanical details of cross-site scripting vulnerabilities that I acquire discovered in Facebook applications. Following the poser of the Month of Twitter Bugs, I on broadcast each germaneness developer 24 hours former to revealing any holes. After 24 hours acquire passed, I on broadcast a renewed appointment on theharmonyguy.com with the inscription “FAXX Hack:” (for Facebook Application XSS/XSRF) and the fine of the germaneness. I on also broadcast a corresponding update to my Twitter account with the hashtag #FAXX and a element to the appointment.
At this habits, I acquire rib forward five extensively in use accustomed to Facebook applications unprotected to XSS. I on express bursting cartel respecting any renewed holes submitted. I aim to look respecting more upward of the next additional days, and I am frank to submissions from others via theharmonyguy on Gmail.
Once I acquire posted all known XSS vulnerabilities in Facebook applications, I aim on releasing the bursting author orthodoxy of XSS/CSRF demos I acquire created which evaluate the ways a hacker can manage such problems.
Let the games frank.