[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Facebook name extraction based on email/wrong password + POC

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Facebook name extraction based on email/wrong password + POC
From: White Snow <whit3.sn0w@xxxxxxxx>
Date: Wed, 11 Aug 2010 12:29:22 +0000 (GMT)

When you are signed in to Facebook there is a feature which lets you upload 
your 
whole address book and will tell you if it found any of your friends. That way 
you can check many addresses and don't have to worry that they will present you 
with a captcha at the login form.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] FreeSSHD 1.2.4~1.2.6 Remote Buffer Overflow DoS
Next by Date: [Full-disclosure] Collisions in PDF signatures
Previous by thread: Re: [Full-disclosure] Facebook name extraction based on email/wrong password + POC
Next by thread: [Full-disclosure] Collisions in PDF signatures
Index(es):
- Date
- Thread