Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Windscribe
Login or Register to Hide ads and Accessing all features on the forum
Thread Rating:
  • 4 Vote(s) - 1.75 Average
  • 1
  • 2
  • 3
  • 4
  • 5
News Remote Code Execution Vulerability Patched by Facebook
#1
[Image: facebook-logo-hacked-729x445.jpg]

    A serious vulnerability that was disclosed earlier this summer, has finally been patched. This critical flaw had the potential for remote code execution.
A one Daniel Blaklis Le Gall, a security researcher from SCRT Information Security has been awarded a large sum for discovering the bug. The bug itself was
discovered on a server belonging to Facebook.

    The bug was discovered after Daniel began scanning Facebook's IP ranges, and saw a sentry service written in Python and Django.
The service also seemed vulnerable.

    “The application appeared to be unstable regarding the user password reset feature” the researcher said. “Django debug mode was not turned off, which consequently prints the whole environment when a stack trace occurs. However, Django snips critical data (passwords, secrets, key…)"


   

      Digging deeper, he soon discovered a binary protocol used to unserialize Python Object Structures, also the secret key was not available
in the Stack trace. The key was also obtained by Daniel using the Sentry list.


    The key utilized for session singing, and if compromised it can be used to hijack a user's session. Daniel created a script
which was used to forge malicious cookies with arbitrary Pickle content which also included a payload to override Sentry cookies.
The researcher reported his find on July 30th, and since then Facebook has patched the bug, and restarted the server.


---- Sh7nk-Z0id



   
  
01001001 00100000 01000001 01001101 00100000 01011010 01001111 01000100 01001001 01000001 01000011
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
Star News ASUS TM-AC1900 Arbitrary Command Execution - CXSecurity.com News 0 411 11-14-2020, 04:40 AM
Last Post: News
Star News WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug News 0 400 11-07-2020, 04:13 PM
Last Post: News
Star News Joplin 1.0.245 Cross Site Scripting / Code Execution ≈ Packet Storm News 0 340 09-29-2020, 07:43 AM
Last Post: News
Star News Microsoft Exchange Server DlpUtils AddTenantDlpPolicy Remote Code Execution - CXSecu News 0 435 09-18-2020, 08:12 AM
Last Post: News
Star News ManageEngine Applications Manager Authenticated Remote Code Execution - CXSecurity.c News 0 400 09-06-2020, 01:51 PM
Last Post: News
Star News Four More Bugs Patched in Microsoft’s Azure Sphere IoT Platform News 0 448 08-26-2020, 03:41 AM
Last Post: News
Thumbs Up News Citrix Bugs Allow Unauthenticated Code Injection, Data Theft Mr.Kurd 1 736 07-15-2020, 12:28 AM
Last Post: EthelCrife
Exclamation News Windows SMB Protocol Bug Let Hackers Leak Kernel Memory & Execute a Code Remotely Mr.Kurd 0 718 06-12-2020, 08:24 AM
Last Post: Mr.Kurd
Question News Critical Remote Code Execution Bug in Linux Based OpenWrt OS Affects Millions of Netw Mr.Kurd 0 707 03-25-2020, 08:11 AM
Last Post: Mr.Kurd
Star News Trend Micro Patched Zero-Day Vulnerabilities Under Active Exploit Mr.Kurd 0 626 03-23-2020, 07:54 AM
Last Post: Mr.Kurd



Users browsing this thread: 1 Guest(s)