2022-style OAuth account takeover on Facebook - $45,000 bug bounty

Check out Intigriti: https://ift.tt/q6NsxW3 📧 Subscribe to BBRE Premium: https://ift.tt/CIjmHws ✉️ Sign up for the mailing list: https://bbre.dev/nl 📣 Follow me on Twitter: https://bbre.dev/tw This video is an explanation of a bug bounty report submitted by Youssef Sammouda to Facebook bug bounty program. The vulnerability was an OAuth account takeover in login with Gmail functionality. The hunter got almost $45k for it. 🖥 Get $100 in credits for Digital Ocean: https://bbre.dev/do Report: https://ift.tt/ET03CkZ Reporter's Twitter: https://twitter.com/samm0uda Timestamps: 00:00 Intro 00:55 Oauth protocol a typical attack 03:09 Breaking the Oauth flow 05:20 Leaking the code 06:52 The full exploit
For more hacking info and tutorials visit: https://ift.tt/wSW27gG
Hello and welcome to the temple of cybersecurity. Now you are watching 2022-style OAuth account takeover on Facebook - $45,000 bug bounty published at July 25, 2022 at 08:35AM. If you are looking for tutorials and all the news about the world of hacking and computer security, you have come to the right place. We invite you to subscribe to our newsletter in the box at the top and to follow us on our social networks:
NFT store: https://mintable.app/u/cha0smagick
Twitter: https://twitter.com/freakbizarro
Facebook: https://web.facebook.com/sectempleblogspotcom/
Discord: https://discord.gg/5SmaP39rdM



Ignore tags:
#hacking,#infosec,#tutorial,#bugbounty,#threat,#hunting,#pentest,#hacked,#ethical,#hacker,#cyber,#learn,#security,#computer,#pc,#news