[Owasp-delhi] Fwd: Fackbook Password Disclosure - Vulnerability

Soi, Dhruv dhruv.soi at owasp.org
Thu Nov 18 04:18:10 EST 2010


Or may be, passed the BUG to save own time ;-)

 

From: owasp-delhi-bounces at lists.owasp.org [mailto:owasp-delhi-bounces at lists.owasp.org] On Behalf Of Chintan Dave
Sent: 18 November 2010 13:51
To: Muslim Koser
Cc: owasp-delhi at lists.owasp.org
Subject: Re: [Owasp-delhi] Fwd: Fackbook Password Disclosure - Vulnerability

 

Or is it social engineering to entice security professionals, thinking they might not understand whats happening? :P

Wait a minute..... Should this be tried here? May be not!

On Thu, Nov 18, 2010 at 12:43 PM, Muslim Koser <mkoser at isightpartners.com> wrote:

Hi Komal, 

Have you tested this before posting on the list ? I found this to be a possible malware dropper. 

There are two suspicious files in the /data folder which write in to remote process memory.
/data/app.exe and /data/dummy.exe


Best Regards,
Muslim 


On 17/11/10 10:47 PM, "Komal Taneja - DHL Delhi" <komal.dhl.1665 at gmail.com> wrote:


Facebook recently launched its email and it created a vulnerability , 

Malicous user can change the passowrd of victim.

Download the POC tool and tutorial from http://www.mediafire.com/?9xllotl0n4nla6f , Hurry before facebook fix the gap.

Komal




  _____  


_______________________________________________
Owasp-delhi mailing list
Owasp-delhi at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-delhi


_______________________________________________
Owasp-delhi mailing list
Owasp-delhi at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-delhi




-- 
Regards,
Chintan Dave,

LinkedIn: http://in.linkedin.com/in/chintandave
Blog:http://www.chintandave.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20101118/3a112dff/attachment-0001.html 


More information about the Owasp-delhi mailing list