Posts

[XSLeaks] Tracking User with Page Admin/Editor/Moderator roles on Third Party Website

Image
I was reading this blog  about XSLeaks issue in facebook which using window.length to return a number of frames inside the document and use it to extract data from facebook user who visit the Third Party website. So, i start to find the same issue in facebook and i found the same thing in  https://web.facebook.com/[page_username]/inbox . You can check if the endpoint has the same issue by typing frames.length in the browser console, in my case it return 3 and This endpoint is only accessible by user which has admin/editor/moderator role. So, if user with no role or had different role besides admin, editor and moderator, it will display a 404 page and the 404 page has 0 frames.length. The reason why the frames.length return a value of 3 is because my page mailbox is not empty and will return 1 if the mailbox is empty (and your a page admin). Using this lovely behaviour i can track if the page admin A is visiting my website. So here is the javascript : <script> page = "Your Pa
Post a Comment
Read more

[Page Analyst] Inviting group member to join watch party on behalf page

Image
It is possible for page analyst to invite another group-linked-page member to watch party on behalf the page itself. Steps : 1. As page analyst create a watch party in group and you will redirect to https://www.facebook.com/groups/<Group ID>/wp/<Watch Party> 2. Once you redirect, change the url to https://www.facebook.com/groups/<Group ID>/wp/<Watch Party>/?av=<Page ID> 3. Now go to invite menu and invite any group member and they will receive the notification from the page. Here is the video, please skip to 0:55 for the proof of concept. Facebook Team fix the endpoint but the root cause of this issue is from the graphql. Here is another POC (Using FB Android Acc Token) : Impact : This would allow a group-linked Page Analyst to be able to invite Group members to join the watch party as the Page instead of their normal user Timeline : 22 Aug 2018    : Report to Facebook 25 Aug 2018    : Triaged 6 Sept 2018      : First st
Post a Comment
Read more

Disclose the Facebook Learning Unit Group Insight

Image
There is an IDOR issue in a feature called learning unit which lead to disclose the Group Insight. If the targeted group privacy is public, then attacker can disclose the group insight without become a member and for closed/secret group privacy, attacker need to become a member. Steps : 1. Request POST /groups/learning/edit_units_dialog/submit/ ..... group_id=Attacker_Group&description=&unit_ids[0]=Victim_Unit_ID Response : for (;;);{"__ar":1,"payload":null,"jsmods":{"require":[["ServerRedirect","reloadPage",[],[]]]},... Victim unit should appear in attacker group. 2. Attacker go to his group > group insight and request a download to download the group insight data (.csv format) and wait until notification from facebook that his data is ready to be download. 3. From the browser, open a new tab and go to https://www.facebook.com/groups/Attacker_group_ID/completions_export/ 4. The .csv file includi
1 comment
Read more

Cara Membuat Kertas Penghantar Listrik Dengan Conductive Ink

Image
Cara Membuat Kertas Penghantar Listrik Dengan  Conductive Ink Kali ini ane bakalan nge-share cara membuat kertas penghantar listrik dengan  conductive ink  atau tinta konduktif.  "Kertas penghantar listrik ? pasti mahal yah ngebuatnya ?"  ga mahal kok gan bahkan barang-barangnya bisa agan dapat di dekat rumah agan atau mungkin ada di depan agan sendiri.  "Wah masa sih ?"  daripada kebanyakan nanya :v, nih tutorial pembuatan tinta konduktif. Siapkan Alat & Bahan Bahan : 1. Tinta hitam atau Cat hitam (cat air yang biasa dipake kalo menggambar) 2. Lem cair (Bukan Ehabond yah JANGAN!) 3. Arang (Ane saranin arang dari sisa pembakaran kayu, kalo dari tempurung ato yang lain ane belum pernah coba) Alat : 1. Blender 2. Suntik penyedot Gimana ? gak susah kan nyari bahan-bahannya ? dalam tutorial ini arang merupakan komponen utama, karena arang mengandung carbon yang membuat benda hitam imut ini menjadi konduktor yang bagus. Tapi tidak semua arang adalah konduktor
1 comment
Read more

How to Solve "Disk Write Error" in Dota 2.

Image
Indonesian Version Here I want to sharing the knowledge that i've got for 3 hours looking for this problem's solution in a steam forum/google/reddit/pornhub oops :v! Lets do it : 1st Step. 1. The most simple is, run steam! by right clicking the icon of steam! and “Run as Administrator“, if  this step is work it means that there is a problem in ur windows while running steam. But if that ain't work for ya, relax man, there is another way :v. 2nd Step. 1. Go into the folder steam!>steamapps. 2. Go to the folder “downloading“, cut/delete the folder using shortcut CTRL X and move it into other place!. (Recommended to drive besides C:/). Note : Possible the Steam  files are corrupt when u update this DotA 2 patch before. 3. Restart DotA 2, and it will update DotA 2 again it will work again. 3rd Step. (Desperate Step) 1. You need Flashdisk/Hardisk 32 gb++. (Thats why i call this "desperate step" :v) 2. Call your friends that play DotA 2 (
Post a Comment
Read more

Cara Mengatasi "Disk Write Error" di DotA 2.

Image
Agan pernah ketika update dota 2 lewat steam terus jadinya kayak gambar di bawah ini : English Version Sedih pastinya ye bro ? padahal udah bela-belain kehujanan beli kuota, udah semangat 46 mau main dota 2 ehh tau-taunya pas mau di update dota 2nya ga mau sama muka agan *oops* :'v. Disini ane mau sharing pengetahuan yang ane
5 comments
Read more