SlideShare uma empresa Scribd logo

Facebook

Stefan Fodor
Stefan Fodor

It Security demonstration - Hacking Facebook using Man-in-the-middle attack and XSS

TecnologiaDiversão e humor
1 de 15
Baixar para ler offline
Hacking Facebook Stefan FODOR(backb0ne fl00d3r ) 17 th of May Vlad ZAHAN
Overview ,[object Object]
Man-in-the-middle-atack
Hacking no 1 (ARP poisoning)
Hacking no 2 (Firesheep)
XSS
Facebook applications
Hacking no 3 (XSSing)
Questions?
Web-Cookies ,[object Object]
Save user's preferences ,[object Object]
Location ,[object Object],[object Object]
Last login
Autologin (“remember me” box)
Cookie jar

Recomendados

Simple Two Factor Authentication
Simple Two Factor AuthenticationSimple Two Factor Authentication
Simple Two Factor AuthenticationJohn Congdon
 
social engineering
social engineeringsocial engineering
social engineeringHarri Levo
 
Facebook Password Sniper
Facebook Password SniperFacebook Password Sniper
Facebook Password Sniperhellishyard9256
 
Coding Gateway - Exam Stefan
Coding Gateway - Exam StefanCoding Gateway - Exam Stefan
Coding Gateway - Exam StefanStefan Fodor
 
Collaboration Tools and Methods in Software Development
Collaboration Tools and Methods in Software DevelopmentCollaboration Tools and Methods in Software Development
Collaboration Tools and Methods in Software DevelopmentStefan Fodor
 
PacMan Rebourn
PacMan RebournPacMan Rebourn
PacMan RebournStefan Fodor
 
Attack of the BEAST
Attack of the BEASTAttack of the BEAST
Attack of the BEASTStefan Fodor
 
Risk assesment IT Security project
Risk assesment IT Security projectRisk assesment IT Security project
Risk assesment IT Security projectStefan Fodor
 

Recomendados

Simple Two Factor Authentication
Simple Two Factor AuthenticationSimple Two Factor Authentication
Simple Two Factor AuthenticationJohn Congdon
 
social engineering
social engineeringsocial engineering
social engineeringHarri Levo
 
Facebook Password Sniper
Facebook Password SniperFacebook Password Sniper
Facebook Password Sniperhellishyard9256
 
Coding Gateway - Exam Stefan
Coding Gateway - Exam StefanCoding Gateway - Exam Stefan
Coding Gateway - Exam StefanStefan Fodor
 
Collaboration Tools and Methods in Software Development
Collaboration Tools and Methods in Software DevelopmentCollaboration Tools and Methods in Software Development
Collaboration Tools and Methods in Software DevelopmentStefan Fodor
 
PacMan Rebourn
PacMan RebournPacMan Rebourn
PacMan RebournStefan Fodor
 
Attack of the BEAST
Attack of the BEASTAttack of the BEAST
Attack of the BEASTStefan Fodor
 
Risk assesment IT Security project
Risk assesment IT Security projectRisk assesment IT Security project
Risk assesment IT Security projectStefan Fodor
 
It Security Project
It Security ProjectIt Security Project
It Security ProjectStefan Fodor
 
Squash that Bug!
Squash that Bug!Squash that Bug!
Squash that Bug!Stefan Fodor
 
Protocols for Embedded Node
Protocols for Embedded NodeProtocols for Embedded Node
Protocols for Embedded NodeStefan Fodor
 
Qualys Threads
Qualys ThreadsQualys Threads
Qualys ThreadsStefan Fodor
 
2FLogin
2FLogin2FLogin
2FLoginStefan Fodor
 
Lillebaelt Academy - ro
Lillebaelt Academy - roLillebaelt Academy - ro
Lillebaelt Academy - roStefan Fodor
 
Ruby on Rails 3
Ruby on Rails 3Ruby on Rails 3
Ruby on Rails 3Stefan Fodor
 
Side channel attacks
Side channel attacksSide channel attacks
Side channel attacksStefan Fodor
 
Special Subject 1+2: RoR 2
Special Subject 1+2: RoR 2Special Subject 1+2: RoR 2
Special Subject 1+2: RoR 2Stefan Fodor
 
dry_run_exam
dry_run_examdry_run_exam
dry_run_examStefan Fodor
 
Logs
LogsLogs
LogsStefan Fodor
 
Reconnaissance software
Reconnaissance software Reconnaissance software
Reconnaissance software Stefan Fodor
 
Special Subject 1+2: RoR 1
Special Subject 1+2: RoR 1Special Subject 1+2: RoR 1
Special Subject 1+2: RoR 1Stefan Fodor
 
Network proj 1.1
Network proj 1.1Network proj 1.1
Network proj 1.1Stefan Fodor
 
Network telnet ssh
Network telnet sshNetwork telnet ssh
Network telnet sshStefan Fodor
 
Lunar
LunarLunar
LunarStefan Fodor
 
Hitchikers guide, rev3
Hitchikers guide, rev3Hitchikers guide, rev3
Hitchikers guide, rev3Stefan Fodor
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 

Mais conteúdo relacionado

Mais de Stefan Fodor

It Security Project
It Security ProjectIt Security Project
It Security ProjectStefan Fodor
 
Protocols for Embedded Node
Protocols for Embedded NodeProtocols for Embedded Node
Protocols for Embedded NodeStefan Fodor
 
Lillebaelt Academy - ro
Lillebaelt Academy - roLillebaelt Academy - ro
Lillebaelt Academy - roStefan Fodor
 
Side channel attacks
Side channel attacksSide channel attacks
Side channel attacksStefan Fodor
 
Special Subject 1+2: RoR 2
Special Subject 1+2: RoR 2Special Subject 1+2: RoR 2
Special Subject 1+2: RoR 2Stefan Fodor
 
Reconnaissance software
Reconnaissance software Reconnaissance software
Reconnaissance software Stefan Fodor
 
Special Subject 1+2: RoR 1
Special Subject 1+2: RoR 1Special Subject 1+2: RoR 1
Special Subject 1+2: RoR 1Stefan Fodor
 
Network telnet ssh
Network telnet sshNetwork telnet ssh
Network telnet sshStefan Fodor
 
Hitchikers guide, rev3
Hitchikers guide, rev3Hitchikers guide, rev3
Hitchikers guide, rev3Stefan Fodor
 

Mais de Stefan Fodor (17)

It Security Project
It Security ProjectIt Security Project
It Security Project
 
Squash that Bug!
Squash that Bug!Squash that Bug!
Squash that Bug!
 
Protocols for Embedded Node
Protocols for Embedded NodeProtocols for Embedded Node
Protocols for Embedded Node
 
Qualys Threads
Qualys ThreadsQualys Threads
Qualys Threads
 
2FLogin
2FLogin2FLogin
2FLogin
 
Lillebaelt Academy - ro
Lillebaelt Academy - roLillebaelt Academy - ro
Lillebaelt Academy - ro
 
Ruby on Rails 3
Ruby on Rails 3Ruby on Rails 3
Ruby on Rails 3
 
Side channel attacks
Side channel attacksSide channel attacks
Side channel attacks
 
Special Subject 1+2: RoR 2
Special Subject 1+2: RoR 2Special Subject 1+2: RoR 2
Special Subject 1+2: RoR 2
 
dry_run_exam
dry_run_examdry_run_exam
dry_run_exam
 
Logs
LogsLogs
Logs
 
Reconnaissance software
Reconnaissance software Reconnaissance software
Reconnaissance software
 
Special Subject 1+2: RoR 1
Special Subject 1+2: RoR 1Special Subject 1+2: RoR 1
Special Subject 1+2: RoR 1
 
Network proj 1.1
Network proj 1.1Network proj 1.1
Network proj 1.1
 
Network telnet ssh
Network telnet sshNetwork telnet ssh
Network telnet ssh
 
Lunar
LunarLunar
Lunar
 
Hitchikers guide, rev3
Hitchikers guide, rev3Hitchikers guide, rev3
Hitchikers guide, rev3
 

Último

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 

Último (20)

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 

Facebook

Notas do Editor

  1. Dmesg – messages from kernel