Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Feb 8, 2010
This is one of the demo's from my presentation at Shmoocon 2010 "Social Zombies II: Your Friends Need More Brains" presented with Robin Wood and Kevin Johnson. In this demo I show getting your machine pwnd by simply viewing the profile page of a vulnerable Facebook application. This particular Facebook application was found vulnerable to persistent XSS (via theharmonyguy). I used a simple hook using the BeEF tool (Browser Exploitation Framework http://www.bindshell.net/tools/beef/) to launch the Metasploit Browser Autopwn module to attack the victim machine.