Easy Way To Make Facebook Account Backdoor Without Scripting

  • 15,507 views
Uploaded on

Explanation About How To Make Facebook Account Backdoor Using API

Explanation About How To Make Facebook Account Backdoor Using API

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
15,507
On Slideshare
0
From Embeds
0
Number of Embeds
2

Actions

Shares
Downloads
39
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Easy Way To Make Facebook Account Backdoor Without Scripting
    Presented By Budi Khoirudin
    feedback@khoirudin.com
    http://budi.khoirudin.com/
  • 2. About Me
    Hello My Name is Budi Khoirudin.
    I’m a IT Security Enthusiast's, IT Developer, Speaker, etc ...
    Now I’m Working as Web Developer in a Enterprise Corporation
    Project Freelancer
  • 3. Knocking On Facebook
    Don’t be a kiddies forever, You must be know how it works!
  • 4. Facebook Application
    (Reference: https://www.facebook.com/help?page=1095)
  • 5. Facebook Application Authentication
    Facebook Platform supports two different OAuth 2.0 flows for user login: server-side (known as the authentication code flow in the specification) and client-side (known as the implicit flow).
    The server-side flow is used whenever you need to call the Graph API from your web server.
    The client-side flow is used when you need to make calls to the Graph API from a client, such as JavaScript running in a Web browser or from a native mobile or desktop app.
    (Reference: https://developers.facebook.com/docs/authentication/)
  • 6. Graph API
    (Reference: https://developers.facebook.com/docs/reference/api/)
  • 7. Graph API Permissions
    (Reference: https://developers.facebook.com/docs/reference/api/permissions/)
  • 8. Graph API Explorer
    (Reference: https://developers.facebook.com/tools/explorer)
  • 9. Let’s Beat Them!
    …Proof Of Concept.
  • 10. Facebook Account Backdoor (Request Permissions)
    https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_uri=YOUR_URL&scope=email,read_stream,offline_access,publish_stream
  • 11. Facebook Account Backdoor (Act As Vendor)
    https://graph.facebook.com/oauth/access_token?client_id=YOUR_APP_ID&client_secret=YOUR_APP_SECRET&grant_type=CLIENT_CREDENTIALS
  • 12. Facebook Account Backdoor(Act As User)
    https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_uri=YOUR_URL&response_type=token
  • 13. Any Questions?
    ...Ask To Me
    “Backdoorku Menghantuimu!”