My FirST Facebook Bug: Recovery Account Using QR Code Will Lead to Hack Someone Account. My First Facebook Bug:
#No Reward :)
#Better Luck Next Bug
Reproduction Instructions / Proof of Concept
I am an Ordinary user of Facebook.
i played around about how to recover a missing or forgotten account.
i found that the QR Code Security Scanner is not very good. It Can lead to hack somebody targeted account using social engineering.
The hacker or someone can hack the user account by sending the generated QR code to the target.
Sequence of attack:
1. Chat your target and do some social engineering.
2. Send the Facebook QR Code to the target and make him to click it.
3. Once he click and allow or confirm the code. BOOM! You have him
For me this is not Very Good Security. Because it give a way to hack someone account.
Please watch my video how do i hack my other dummy account.
I Conclude: It is better to hide those codes to avoid someone using it to hack somebody account.
My Video is out of timing. But i hope i will help us.
Tags: My FirST Facebook Bug: Recovery Account Using QR Code Will Lead to Hack Someone Account, qr code hack, facebook hack