SlideShare una empresa de Scribd logo

Easy Way To Make Facebook Account Backdoor Without Scripting

Descargar como PPTX, PDF
Budi Khoirudin
Budi Khoirudin

Explanation About How To Make Facebook Account Backdoor Using API

Tecnología
1 de 13
Easy Way To Make Facebook Account Backdoor Without Scripting Presented By Budi Khoirudin feedback@khoirudin.com http://budi.khoirudin.com/
About Me Hello My Name is Budi Khoirudin. I’m a IT Security Enthusiast's, IT Developer, Speaker, etc ... Now I’m Working as Web Developer in a Enterprise Corporation Project Freelancer
Knocking On Facebook Don’t be a kiddies forever, You must be know how it works!
Facebook Application (Reference: https://www.facebook.com/help?page=1095)
Facebook Application Authentication Facebook Platform supports two different OAuth 2.0 flows for user login: server-side (known as the authentication code flow in the specification) and client-side (known as the implicit flow). The server-side flow is used whenever you need to call the Graph API from your web server. The client-side flow is used when you need to make calls to the Graph API from a client, such as JavaScript running in a Web browser or from a native mobile or desktop app. (Reference: https://developers.facebook.com/docs/authentication/)
Graph API (Reference: https://developers.facebook.com/docs/reference/api/)
Graph API Permissions (Reference: https://developers.facebook.com/docs/reference/api/permissions/)
Graph API Explorer (Reference: https://developers.facebook.com/tools/explorer)
Let’s Beat Them! …Proof Of Concept.
Facebook Account Backdoor (Request Permissions) https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_uri=YOUR_URL&scope=email,read_stream,offline_access,publish_stream
Facebook Account Backdoor (Act As Vendor) https://graph.facebook.com/oauth/access_token?client_id=YOUR_APP_ID&client_secret=YOUR_APP_SECRET&grant_type=CLIENT_CREDENTIALS
Facebook Account Backdoor(Act As User) https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_uri=YOUR_URL&response_type=token
Any Questions? ...Ask To Me “Backdoorku Menghantuimu!”

Recomendados

How i hacked programer computer
How i hacked programer computerHow i hacked programer computer
How i hacked programer computerBudi Khoirudin
 
Facebook API in the Real World - Myles Noton - Miniclip
Facebook API in the Real World - Myles Noton - MiniclipFacebook API in the Real World - Myles Noton - Miniclip
Facebook API in the Real World - Myles Noton - MiniclipMyles Noton
 
OAuth Introduction
OAuth IntroductionOAuth Introduction
OAuth Introductionh_marvin
 
Facebook api
Facebook api Facebook api
Facebook api snipermkd
 
Samsung Mobile Phone Codes
Samsung Mobile Phone CodesSamsung Mobile Phone Codes
Samsung Mobile Phone CodesLenny Henningham
 
Facebook SSO.docx
Facebook SSO.docxFacebook SSO.docx
Facebook SSO.docxehathis
 
Virtual Tech Days 2010 - Integrating Social Networks with ASP.NET
Virtual Tech Days 2010 - Integrating Social Networks with ASP.NETVirtual Tech Days 2010 - Integrating Social Networks with ASP.NET
Virtual Tech Days 2010 - Integrating Social Networks with ASP.NETKrishna T
 
DevCon 2010 - Facebook Apps development for ASP.NET devs
DevCon 2010 - Facebook Apps development for ASP.NET devsDevCon 2010 - Facebook Apps development for ASP.NET devs
DevCon 2010 - Facebook Apps development for ASP.NET devsKrishna T
 

Recomendados

How i hacked programer computer
How i hacked programer computerHow i hacked programer computer
How i hacked programer computerBudi Khoirudin
 
Facebook API in the Real World - Myles Noton - Miniclip
Facebook API in the Real World - Myles Noton - MiniclipFacebook API in the Real World - Myles Noton - Miniclip
Facebook API in the Real World - Myles Noton - MiniclipMyles Noton
 
OAuth Introduction
OAuth IntroductionOAuth Introduction
OAuth Introductionh_marvin
 
Facebook api
Facebook api Facebook api
Facebook api snipermkd
 
Samsung Mobile Phone Codes
Samsung Mobile Phone CodesSamsung Mobile Phone Codes
Samsung Mobile Phone CodesLenny Henningham
 
Facebook SSO.docx
Facebook SSO.docxFacebook SSO.docx
Facebook SSO.docxehathis
 
Virtual Tech Days 2010 - Integrating Social Networks with ASP.NET
Virtual Tech Days 2010 - Integrating Social Networks with ASP.NETVirtual Tech Days 2010 - Integrating Social Networks with ASP.NET
Virtual Tech Days 2010 - Integrating Social Networks with ASP.NETKrishna T
 
DevCon 2010 - Facebook Apps development for ASP.NET devs
DevCon 2010 - Facebook Apps development for ASP.NET devsDevCon 2010 - Facebook Apps development for ASP.NET devs
DevCon 2010 - Facebook Apps development for ASP.NET devsKrishna T
 
Leveraging Rails to Build Facebook Apps
Leveraging Rails to Build Facebook AppsLeveraging Rails to Build Facebook Apps
Leveraging Rails to Build Facebook AppsDavid Keener
 
Download PowerPoint Project on social programming for engineering students
Download PowerPoint Project on social programming for engineering studentsDownload PowerPoint Project on social programming for engineering students
Download PowerPoint Project on social programming for engineering studentsSkyingBlogger
 
Facebook Connect
Facebook ConnectFacebook Connect
Facebook ConnectPitra Satvika
 
Implementing open authentication_in_your_app
Implementing open authentication_in_your_appImplementing open authentication_in_your_app
Implementing open authentication_in_your_appNuhil Mehdy
 
End-to-end Mobile App Development (with iOS and Azure Mobile Services)
End-to-end Mobile App Development (with iOS and Azure Mobile Services)End-to-end Mobile App Development (with iOS and Azure Mobile Services)
End-to-end Mobile App Development (with iOS and Azure Mobile Services)Andri Yadi
 
Alexa vs Google Assistant - Comparison
Alexa vs Google Assistant - ComparisonAlexa vs Google Assistant - Comparison
Alexa vs Google Assistant - ComparisonTarun Chawdhury
 
Resume
ResumeResume
ResumeBhim Kumar
 
Interactive with-facebook
Interactive with-facebookInteractive with-facebook
Interactive with-facebookTien Nguyen
 
Microsoft identity manoj mittal
Microsoft identity manoj mittalMicrosoft identity manoj mittal
Microsoft identity manoj mittalManoj Mittal
 
End to End Security with MVC and Web API
End to End Security with MVC and Web APIEnd to End Security with MVC and Web API
End to End Security with MVC and Web APIMichele Leroux Bustamante
 
Single sign on - SSO
Single sign on - SSOSingle sign on - SSO
Single sign on - SSOAjit Dadresa
 
Mkp resume.docx
Mkp resume.docxMkp resume.docx
Mkp resume.docxMithilesh Kumar
 
How to create Zoom Meet with Pega
How to create Zoom Meet with PegaHow to create Zoom Meet with Pega
How to create Zoom Meet with PegaSamuelJude1
 
Intro to Bot Framework v3
Intro to Bot Framework v3Intro to Bot Framework v3
Intro to Bot Framework v3Shahed Chowdhuri
 
Facebook Login & Open Graph Introduction
Facebook Login & Open Graph IntroductionFacebook Login & Open Graph Introduction
Facebook Login & Open Graph IntroductionEric Ping
 
What's New on the Facebook Platform, July 2011
What's New on the Facebook Platform, July 2011What's New on the Facebook Platform, July 2011
What's New on the Facebook Platform, July 2011Iskandar Najmuddin
 
Integrate facebook using mule esb
Integrate facebook using mule esbIntegrate facebook using mule esb
Integrate facebook using mule esbSanjeet Pandey
 
Php day 2011 - Interactive-with-facebook
Php day 2011 - Interactive-with-facebookPhp day 2011 - Interactive-with-facebook
Php day 2011 - Interactive-with-facebookQuang Anh Le
 
Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008Jorgen Thelin
 
SharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsSharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsShailen Sukul
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 

Más contenido relacionado

Similar a Easy Way To Make Facebook Account Backdoor Without Scripting

Leveraging Rails to Build Facebook Apps
Leveraging Rails to Build Facebook AppsLeveraging Rails to Build Facebook Apps
Leveraging Rails to Build Facebook AppsDavid Keener
 
Download PowerPoint Project on social programming for engineering students
Download PowerPoint Project on social programming for engineering studentsDownload PowerPoint Project on social programming for engineering students
Download PowerPoint Project on social programming for engineering studentsSkyingBlogger
 
Implementing open authentication_in_your_app
Implementing open authentication_in_your_appImplementing open authentication_in_your_app
Implementing open authentication_in_your_appNuhil Mehdy
 
End-to-end Mobile App Development (with iOS and Azure Mobile Services)
End-to-end Mobile App Development (with iOS and Azure Mobile Services)End-to-end Mobile App Development (with iOS and Azure Mobile Services)
End-to-end Mobile App Development (with iOS and Azure Mobile Services)Andri Yadi
 
Alexa vs Google Assistant - Comparison
Alexa vs Google Assistant - ComparisonAlexa vs Google Assistant - Comparison
Alexa vs Google Assistant - ComparisonTarun Chawdhury
 
Interactive with-facebook
Interactive with-facebookInteractive with-facebook
Interactive with-facebookTien Nguyen
 
Microsoft identity manoj mittal
Microsoft identity manoj mittalMicrosoft identity manoj mittal
Microsoft identity manoj mittalManoj Mittal
 
Single sign on - SSO
Single sign on - SSOSingle sign on - SSO
Single sign on - SSOAjit Dadresa
 
How to create Zoom Meet with Pega
How to create Zoom Meet with PegaHow to create Zoom Meet with Pega
How to create Zoom Meet with PegaSamuelJude1
 
Facebook Login & Open Graph Introduction
Facebook Login & Open Graph IntroductionFacebook Login & Open Graph Introduction
Facebook Login & Open Graph IntroductionEric Ping
 
What's New on the Facebook Platform, July 2011
What's New on the Facebook Platform, July 2011What's New on the Facebook Platform, July 2011
What's New on the Facebook Platform, July 2011Iskandar Najmuddin
 
Integrate facebook using mule esb
Integrate facebook using mule esbIntegrate facebook using mule esb
Integrate facebook using mule esbSanjeet Pandey
 
Php day 2011 - Interactive-with-facebook
Php day 2011 - Interactive-with-facebookPhp day 2011 - Interactive-with-facebook
Php day 2011 - Interactive-with-facebookQuang Anh Le
 
Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008Jorgen Thelin
 
SharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsSharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsShailen Sukul
 

Similar a Easy Way To Make Facebook Account Backdoor Without Scripting (20)

Leveraging Rails to Build Facebook Apps
Leveraging Rails to Build Facebook AppsLeveraging Rails to Build Facebook Apps
Leveraging Rails to Build Facebook Apps
 
Download PowerPoint Project on social programming for engineering students
Download PowerPoint Project on social programming for engineering studentsDownload PowerPoint Project on social programming for engineering students
Download PowerPoint Project on social programming for engineering students
 
Facebook Connect
Facebook ConnectFacebook Connect
Facebook Connect
 
Implementing open authentication_in_your_app
Implementing open authentication_in_your_appImplementing open authentication_in_your_app
Implementing open authentication_in_your_app
 
End-to-end Mobile App Development (with iOS and Azure Mobile Services)
End-to-end Mobile App Development (with iOS and Azure Mobile Services)End-to-end Mobile App Development (with iOS and Azure Mobile Services)
End-to-end Mobile App Development (with iOS and Azure Mobile Services)
 
Alexa vs Google Assistant - Comparison
Alexa vs Google Assistant - ComparisonAlexa vs Google Assistant - Comparison
Alexa vs Google Assistant - Comparison
 
Resume
ResumeResume
Resume
 
Interactive with-facebook
Interactive with-facebookInteractive with-facebook
Interactive with-facebook
 
Microsoft identity manoj mittal
Microsoft identity manoj mittalMicrosoft identity manoj mittal
Microsoft identity manoj mittal
 
End to End Security with MVC and Web API
End to End Security with MVC and Web APIEnd to End Security with MVC and Web API
End to End Security with MVC and Web API
 
Single sign on - SSO
Single sign on - SSOSingle sign on - SSO
Single sign on - SSO
 
Mkp resume.docx
Mkp resume.docxMkp resume.docx
Mkp resume.docx
 
How to create Zoom Meet with Pega
How to create Zoom Meet with PegaHow to create Zoom Meet with Pega
How to create Zoom Meet with Pega
 
Intro to Bot Framework v3
Intro to Bot Framework v3Intro to Bot Framework v3
Intro to Bot Framework v3
 
Facebook Login & Open Graph Introduction
Facebook Login & Open Graph IntroductionFacebook Login & Open Graph Introduction
Facebook Login & Open Graph Introduction
 
What's New on the Facebook Platform, July 2011
What's New on the Facebook Platform, July 2011What's New on the Facebook Platform, July 2011
What's New on the Facebook Platform, July 2011
 
Integrate facebook using mule esb
Integrate facebook using mule esbIntegrate facebook using mule esb
Integrate facebook using mule esb
 
Php day 2011 - Interactive-with-facebook
Php day 2011 - Interactive-with-facebookPhp day 2011 - Interactive-with-facebook
Php day 2011 - Interactive-with-facebook
 
Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008
 
SharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsSharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning Models
 

Último

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdfChristopherTHyatt
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 

Último (20)

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 

Easy Way To Make Facebook Account Backdoor Without Scripting

  • 1. Easy Way To Make Facebook Account Backdoor Without Scripting Presented By Budi Khoirudin feedback@khoirudin.com http://budi.khoirudin.com/
  • 2. About Me Hello My Name is Budi Khoirudin. I’m a IT Security Enthusiast's, IT Developer, Speaker, etc ... Now I’m Working as Web Developer in a Enterprise Corporation Project Freelancer
  • 3. Knocking On Facebook Don’t be a kiddies forever, You must be know how it works!
  • 4. Facebook Application (Reference: https://www.facebook.com/help?page=1095)
  • 5. Facebook Application Authentication Facebook Platform supports two different OAuth 2.0 flows for user login: server-side (known as the authentication code flow in the specification) and client-side (known as the implicit flow). The server-side flow is used whenever you need to call the Graph API from your web server. The client-side flow is used when you need to make calls to the Graph API from a client, such as JavaScript running in a Web browser or from a native mobile or desktop app. (Reference: https://developers.facebook.com/docs/authentication/)
  • 6. Graph API (Reference: https://developers.facebook.com/docs/reference/api/)
  • 7. Graph API Permissions (Reference: https://developers.facebook.com/docs/reference/api/permissions/)
  • 8. Graph API Explorer (Reference: https://developers.facebook.com/tools/explorer)
  • 9. Let’s Beat Them! …Proof Of Concept.
  • 10. Facebook Account Backdoor (Request Permissions) https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_uri=YOUR_URL&scope=email,read_stream,offline_access,publish_stream
  • 11. Facebook Account Backdoor (Act As Vendor) https://graph.facebook.com/oauth/access_token?client_id=YOUR_APP_ID&client_secret=YOUR_APP_SECRET&grant_type=CLIENT_CREDENTIALS
  • 12. Facebook Account Backdoor(Act As User) https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_uri=YOUR_URL&response_type=token
  • 13. Any Questions? ...Ask To Me “Backdoorku Menghantuimu!”