An Unemployed developer Hacked Zuckerberg's Timeline to expose Facebook vulnerability
Here's a story where a frustrated Palestinian Unemployed developer hacked Facebook CEO's Page to expose the vulnerability he found on Facebook and check out the reason why he is frustrated.
As some of you may be aware that Internet giants like Google, Facebook and some other companies offer to pay folks or white hat hackers who report the bugs they found on those sites and they get rewarded. Facebook's such white hat disclosure program is such that where you can find out such white hat hackers or developers name who has reported valid bugs to Facebook.
Khalil Shreateh, a Palestinian developer or an Unemployed Under Graduate student who discovered a serious Facebook vulnerability that allows a Facebook user to post to all Facebook user's timeline even they are not in his friend list as quoted in Khalil's blog post. He seems to have reported this bug via Facebook's white hat disclose program but eventually he got a reply from a Facebook's Security Engineer stating "I don't see anything when I click the link except an error and it's not a bug"
Also See: How to Secure your Hacked / Compromised Facebook account
While reporting the bug. He tested the exploit with a link to a Facebook post that he made to Sarah Goodin's (Zuckerber's Former college mate) timeline and mentioned the link. But the beauty here is Facebook's Security Engineer has said that "he couldn't view that post as he was not a friend of Sarah" and Khalil replied that "he was able to view that post cause he is the one who did post it even he is not in her friend list"
Also along with that adding to the frustration he said "that he has no choice than to post to Mark Zuckerberg's timeline" And as he said he posted on Mark's Timeline and the below image is the one.
Once he has posted on Zuckerberg's timeline, Another Facebook Engineer named Ola asked Khalil for details of exploits and eventually they disabled his Facebook account and stated some reasons and told them that "They are not able to pay you for this vulnerability because your actions violated our Terms of Service" and re-enabled his Account. Really sad to hear he didn't get paid for this bug as he was given the above reason.
Read this: Avoid yourself from getting tagged unnecessarily in Facebook
Also he has made a video on this exploit and you can view this.
As some of you may be aware that Internet giants like Google, Facebook and some other companies offer to pay folks or white hat hackers who report the bugs they found on those sites and they get rewarded. Facebook's such white hat disclosure program is such that where you can find out such white hat hackers or developers name who has reported valid bugs to Facebook.
Khalil Shreateh, a Palestinian developer or an Unemployed Under Graduate student who discovered a serious Facebook vulnerability that allows a Facebook user to post to all Facebook user's timeline even they are not in his friend list as quoted in Khalil's blog post. He seems to have reported this bug via Facebook's white hat disclose program but eventually he got a reply from a Facebook's Security Engineer stating "I don't see anything when I click the link except an error and it's not a bug"
Also See: How to Secure your Hacked / Compromised Facebook account
While reporting the bug. He tested the exploit with a link to a Facebook post that he made to Sarah Goodin's (Zuckerber's Former college mate) timeline and mentioned the link. But the beauty here is Facebook's Security Engineer has said that "he couldn't view that post as he was not a friend of Sarah" and Khalil replied that "he was able to view that post cause he is the one who did post it even he is not in her friend list"
Also along with that adding to the frustration he said "that he has no choice than to post to Mark Zuckerberg's timeline" And as he said he posted on Mark's Timeline and the below image is the one.
Once he has posted on Zuckerberg's timeline, Another Facebook Engineer named Ola asked Khalil for details of exploits and eventually they disabled his Facebook account and stated some reasons and told them that "They are not able to pay you for this vulnerability because your actions violated our Terms of Service" and re-enabled his Account. Really sad to hear he didn't get paid for this bug as he was given the above reason.
Read this: Avoid yourself from getting tagged unnecessarily in Facebook
Also he has made a video on this exploit and you can view this.
Please let us know your thoughts on this through comments..
If You find the post more interesting, Please Share it and don't forget to like us -Facebook.com/Technotipsblog and follow on twitter @technotipsblog for regular tech updates !!
A comment would be really helpful me to keep going and Post Better. So, Post a Comment to this topic and Share your Views to It. I really appreciate your Comments
Add a Reply / Comment
(Don't forget to Activate the email subscription from your Inbox)
Add a Reply / Comment
(Don't forget to Activate the email subscription from your Inbox)