SlideShare una empresa de Scribd logo

Easy Way To Make Facebook Account Backdoor Without Scripting

Descargar como PPTX, PDF
Budi Khoirudin
Budi Khoirudin

Explanation About How To Make Facebook Account Backdoor Using API

Tecnología
1 de 13
Easy Way To Make Facebook Account Backdoor Without Scripting Presented By Budi Khoirudin feedback@khoirudin.com http://budi.khoirudin.com/
About Me Hello My Name is Budi Khoirudin. I’m a IT Security Enthusiast's, IT Developer, Speaker, etc ... Now I’m Working as Web Developer in a Enterprise Corporation Project Freelancer
Knocking On Facebook Don’t be a kiddies forever, You must be know how it works!
Facebook Application (Reference: https://www.facebook.com/help?page=1095)
Facebook Application Authentication Facebook Platform supports two different OAuth 2.0 flows for user login: server-side (known as the authentication code flow in the specification) and client-side (known as the implicit flow). The server-side flow is used whenever you need to call the Graph API from your web server. The client-side flow is used when you need to make calls to the Graph API from a client, such as JavaScript running in a Web browser or from a native mobile or desktop app. (Reference: https://developers.facebook.com/docs/authentication/)
Graph API (Reference: https://developers.facebook.com/docs/reference/api/)
Graph API Permissions (Reference: https://developers.facebook.com/docs/reference/api/permissions/)
Graph API Explorer (Reference: https://developers.facebook.com/tools/explorer)
Let’s Beat Them! …Proof Of Concept.
Facebook Account Backdoor (Request Permissions) https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_uri=YOUR_URL&scope=email,read_stream,offline_access,publish_stream
Facebook Account Backdoor (Act As Vendor) https://graph.facebook.com/oauth/access_token?client_id=YOUR_APP_ID&client_secret=YOUR_APP_SECRET&grant_type=CLIENT_CREDENTIALS
Facebook Account Backdoor(Act As User) https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_uri=YOUR_URL&response_type=token
Any Questions? ...Ask To Me “Backdoorku Menghantuimu!”

Recomendados

How i hacked programer computer
How i hacked programer computerHow i hacked programer computer
How i hacked programer computerBudi Khoirudin
 
Facebook API in the Real World - Myles Noton - Miniclip
Facebook API in the Real World - Myles Noton - MiniclipFacebook API in the Real World - Myles Noton - Miniclip
Facebook API in the Real World - Myles Noton - MiniclipMyles Noton
 
OAuth Introduction
OAuth IntroductionOAuth Introduction
OAuth Introductionh_marvin
 
Facebook api
Facebook api Facebook api
Facebook api snipermkd
 
Samsung Mobile Phone Codes
Samsung Mobile Phone CodesSamsung Mobile Phone Codes
Samsung Mobile Phone CodesLenny Henningham
 
Facebook SSO.docx
Facebook SSO.docxFacebook SSO.docx
Facebook SSO.docxehathis
 
Virtual Tech Days 2010 - Integrating Social Networks with ASP.NET
Virtual Tech Days 2010 - Integrating Social Networks with ASP.NETVirtual Tech Days 2010 - Integrating Social Networks with ASP.NET
Virtual Tech Days 2010 - Integrating Social Networks with ASP.NETKrishna T
 
DevCon 2010 - Facebook Apps development for ASP.NET devs
DevCon 2010 - Facebook Apps development for ASP.NET devsDevCon 2010 - Facebook Apps development for ASP.NET devs
DevCon 2010 - Facebook Apps development for ASP.NET devsKrishna T
 

Recomendados

How i hacked programer computer
How i hacked programer computerHow i hacked programer computer
How i hacked programer computerBudi Khoirudin
 
Facebook API in the Real World - Myles Noton - Miniclip
Facebook API in the Real World - Myles Noton - MiniclipFacebook API in the Real World - Myles Noton - Miniclip
Facebook API in the Real World - Myles Noton - MiniclipMyles Noton
 
OAuth Introduction
OAuth IntroductionOAuth Introduction
OAuth Introductionh_marvin
 
Facebook api
Facebook api Facebook api
Facebook api snipermkd
 
Samsung Mobile Phone Codes
Samsung Mobile Phone CodesSamsung Mobile Phone Codes
Samsung Mobile Phone CodesLenny Henningham
 
Facebook SSO.docx
Facebook SSO.docxFacebook SSO.docx
Facebook SSO.docxehathis
 
Virtual Tech Days 2010 - Integrating Social Networks with ASP.NET
Virtual Tech Days 2010 - Integrating Social Networks with ASP.NETVirtual Tech Days 2010 - Integrating Social Networks with ASP.NET
Virtual Tech Days 2010 - Integrating Social Networks with ASP.NETKrishna T
 
DevCon 2010 - Facebook Apps development for ASP.NET devs
DevCon 2010 - Facebook Apps development for ASP.NET devsDevCon 2010 - Facebook Apps development for ASP.NET devs
DevCon 2010 - Facebook Apps development for ASP.NET devsKrishna T
 
Leveraging Rails to Build Facebook Apps
Leveraging Rails to Build Facebook AppsLeveraging Rails to Build Facebook Apps
Leveraging Rails to Build Facebook AppsDavid Keener
 
Download PowerPoint Project on social programming for engineering students
Download PowerPoint Project on social programming for engineering studentsDownload PowerPoint Project on social programming for engineering students
Download PowerPoint Project on social programming for engineering studentsSkyingBlogger
 
Facebook Connect
Facebook ConnectFacebook Connect
Facebook ConnectPitra Satvika
 
Implementing open authentication_in_your_app
Implementing open authentication_in_your_appImplementing open authentication_in_your_app
Implementing open authentication_in_your_appNuhil Mehdy
 
End-to-end Mobile App Development (with iOS and Azure Mobile Services)
End-to-end Mobile App Development (with iOS and Azure Mobile Services)End-to-end Mobile App Development (with iOS and Azure Mobile Services)
End-to-end Mobile App Development (with iOS and Azure Mobile Services)Andri Yadi
 
Alexa vs Google Assistant - Comparison
Alexa vs Google Assistant - ComparisonAlexa vs Google Assistant - Comparison
Alexa vs Google Assistant - ComparisonTarun Chawdhury
 
Resume
ResumeResume
ResumeBhim Kumar
 
Interactive with-facebook
Interactive with-facebookInteractive with-facebook
Interactive with-facebookTien Nguyen
 
Microsoft identity manoj mittal
Microsoft identity manoj mittalMicrosoft identity manoj mittal
Microsoft identity manoj mittalManoj Mittal
 
End to End Security with MVC and Web API
End to End Security with MVC and Web APIEnd to End Security with MVC and Web API
End to End Security with MVC and Web APIMichele Leroux Bustamante
 
Single sign on - SSO
Single sign on - SSOSingle sign on - SSO
Single sign on - SSOAjit Dadresa
 
Mkp resume.docx
Mkp resume.docxMkp resume.docx
Mkp resume.docxMithilesh Kumar
 
How to create Zoom Meet with Pega
How to create Zoom Meet with PegaHow to create Zoom Meet with Pega
How to create Zoom Meet with PegaSamuelJude1
 
Intro to Bot Framework v3
Intro to Bot Framework v3Intro to Bot Framework v3
Intro to Bot Framework v3Shahed Chowdhuri
 
Facebook Login & Open Graph Introduction
Facebook Login & Open Graph IntroductionFacebook Login & Open Graph Introduction
Facebook Login & Open Graph IntroductionEric Ping
 
What's New on the Facebook Platform, July 2011
What's New on the Facebook Platform, July 2011What's New on the Facebook Platform, July 2011
What's New on the Facebook Platform, July 2011Iskandar Najmuddin
 
Integrate facebook using mule esb
Integrate facebook using mule esbIntegrate facebook using mule esb
Integrate facebook using mule esbSanjeet Pandey
 
Php day 2011 - Interactive-with-facebook
Php day 2011 - Interactive-with-facebookPhp day 2011 - Interactive-with-facebook
Php day 2011 - Interactive-with-facebookQuang Anh Le
 
Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008Jorgen Thelin
 
SharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsSharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsShailen Sukul
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 

Más contenido relacionado

Similar a Easy Way To Make Facebook Account Backdoor Without Scripting

Leveraging Rails to Build Facebook Apps
Leveraging Rails to Build Facebook AppsLeveraging Rails to Build Facebook Apps
Leveraging Rails to Build Facebook AppsDavid Keener
 
Download PowerPoint Project on social programming for engineering students
Download PowerPoint Project on social programming for engineering studentsDownload PowerPoint Project on social programming for engineering students
Download PowerPoint Project on social programming for engineering studentsSkyingBlogger
 
Implementing open authentication_in_your_app
Implementing open authentication_in_your_appImplementing open authentication_in_your_app
Implementing open authentication_in_your_appNuhil Mehdy
 
End-to-end Mobile App Development (with iOS and Azure Mobile Services)
End-to-end Mobile App Development (with iOS and Azure Mobile Services)End-to-end Mobile App Development (with iOS and Azure Mobile Services)
End-to-end Mobile App Development (with iOS and Azure Mobile Services)Andri Yadi
 
Alexa vs Google Assistant - Comparison
Alexa vs Google Assistant - ComparisonAlexa vs Google Assistant - Comparison
Alexa vs Google Assistant - ComparisonTarun Chawdhury
 
Interactive with-facebook
Interactive with-facebookInteractive with-facebook
Interactive with-facebookTien Nguyen
 
Microsoft identity manoj mittal
Microsoft identity manoj mittalMicrosoft identity manoj mittal
Microsoft identity manoj mittalManoj Mittal
 
Single sign on - SSO
Single sign on - SSOSingle sign on - SSO
Single sign on - SSOAjit Dadresa
 
How to create Zoom Meet with Pega
How to create Zoom Meet with PegaHow to create Zoom Meet with Pega
How to create Zoom Meet with PegaSamuelJude1
 
Facebook Login & Open Graph Introduction
Facebook Login & Open Graph IntroductionFacebook Login & Open Graph Introduction
Facebook Login & Open Graph IntroductionEric Ping
 
What's New on the Facebook Platform, July 2011
What's New on the Facebook Platform, July 2011What's New on the Facebook Platform, July 2011
What's New on the Facebook Platform, July 2011Iskandar Najmuddin
 
Integrate facebook using mule esb
Integrate facebook using mule esbIntegrate facebook using mule esb
Integrate facebook using mule esbSanjeet Pandey
 
Php day 2011 - Interactive-with-facebook
Php day 2011 - Interactive-with-facebookPhp day 2011 - Interactive-with-facebook
Php day 2011 - Interactive-with-facebookQuang Anh Le
 
Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008Jorgen Thelin
 
SharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsSharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsShailen Sukul
 

Similar a Easy Way To Make Facebook Account Backdoor Without Scripting (20)

Leveraging Rails to Build Facebook Apps
Leveraging Rails to Build Facebook AppsLeveraging Rails to Build Facebook Apps
Leveraging Rails to Build Facebook Apps
 
Download PowerPoint Project on social programming for engineering students
Download PowerPoint Project on social programming for engineering studentsDownload PowerPoint Project on social programming for engineering students
Download PowerPoint Project on social programming for engineering students
 
Facebook Connect
Facebook ConnectFacebook Connect
Facebook Connect
 
Implementing open authentication_in_your_app
Implementing open authentication_in_your_appImplementing open authentication_in_your_app
Implementing open authentication_in_your_app
 
End-to-end Mobile App Development (with iOS and Azure Mobile Services)
End-to-end Mobile App Development (with iOS and Azure Mobile Services)End-to-end Mobile App Development (with iOS and Azure Mobile Services)
End-to-end Mobile App Development (with iOS and Azure Mobile Services)
 
Alexa vs Google Assistant - Comparison
Alexa vs Google Assistant - ComparisonAlexa vs Google Assistant - Comparison
Alexa vs Google Assistant - Comparison
 
Resume
ResumeResume
Resume
 
Interactive with-facebook
Interactive with-facebookInteractive with-facebook
Interactive with-facebook
 
Microsoft identity manoj mittal
Microsoft identity manoj mittalMicrosoft identity manoj mittal
Microsoft identity manoj mittal
 
End to End Security with MVC and Web API
End to End Security with MVC and Web APIEnd to End Security with MVC and Web API
End to End Security with MVC and Web API
 
Single sign on - SSO
Single sign on - SSOSingle sign on - SSO
Single sign on - SSO
 
Mkp resume.docx
Mkp resume.docxMkp resume.docx
Mkp resume.docx
 
How to create Zoom Meet with Pega
How to create Zoom Meet with PegaHow to create Zoom Meet with Pega
How to create Zoom Meet with Pega
 
Intro to Bot Framework v3
Intro to Bot Framework v3Intro to Bot Framework v3
Intro to Bot Framework v3
 
Facebook Login & Open Graph Introduction
Facebook Login & Open Graph IntroductionFacebook Login & Open Graph Introduction
Facebook Login & Open Graph Introduction
 
What's New on the Facebook Platform, July 2011
What's New on the Facebook Platform, July 2011What's New on the Facebook Platform, July 2011
What's New on the Facebook Platform, July 2011
 
Integrate facebook using mule esb
Integrate facebook using mule esbIntegrate facebook using mule esb
Integrate facebook using mule esb
 
Php day 2011 - Interactive-with-facebook
Php day 2011 - Interactive-with-facebookPhp day 2011 - Interactive-with-facebook
Php day 2011 - Interactive-with-facebook
 
Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008
 
SharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsSharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning Models
 

Último

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 

Último (20)

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 

Easy Way To Make Facebook Account Backdoor Without Scripting

  • 1. Easy Way To Make Facebook Account Backdoor Without Scripting Presented By Budi Khoirudin feedback@khoirudin.com http://budi.khoirudin.com/
  • 2. About Me Hello My Name is Budi Khoirudin. I’m a IT Security Enthusiast's, IT Developer, Speaker, etc ... Now I’m Working as Web Developer in a Enterprise Corporation Project Freelancer
  • 3. Knocking On Facebook Don’t be a kiddies forever, You must be know how it works!
  • 4. Facebook Application (Reference: https://www.facebook.com/help?page=1095)
  • 5. Facebook Application Authentication Facebook Platform supports two different OAuth 2.0 flows for user login: server-side (known as the authentication code flow in the specification) and client-side (known as the implicit flow). The server-side flow is used whenever you need to call the Graph API from your web server. The client-side flow is used when you need to make calls to the Graph API from a client, such as JavaScript running in a Web browser or from a native mobile or desktop app. (Reference: https://developers.facebook.com/docs/authentication/)
  • 6. Graph API (Reference: https://developers.facebook.com/docs/reference/api/)
  • 7. Graph API Permissions (Reference: https://developers.facebook.com/docs/reference/api/permissions/)
  • 8. Graph API Explorer (Reference: https://developers.facebook.com/tools/explorer)
  • 9. Let’s Beat Them! …Proof Of Concept.
  • 10. Facebook Account Backdoor (Request Permissions) https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_uri=YOUR_URL&scope=email,read_stream,offline_access,publish_stream
  • 11. Facebook Account Backdoor (Act As Vendor) https://graph.facebook.com/oauth/access_token?client_id=YOUR_APP_ID&client_secret=YOUR_APP_SECRET&grant_type=CLIENT_CREDENTIALS
  • 12. Facebook Account Backdoor(Act As User) https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_uri=YOUR_URL&response_type=token
  • 13. Any Questions? ...Ask To Me “Backdoorku Menghantuimu!”