Loading...

Facebook Application Autopwn with BeEF

12,416 views

Loading...

Loading...

Loading...

Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Feb 8, 2010

This is one of the demo's from my presentation at Shmoocon 2010 "Social Zombies II: Your Friends Need More Brains" presented with Robin Wood and Kevin Johnson. In this demo I show getting your machine pwnd by simply viewing the profile page of a vulnerable Facebook application. This particular Facebook application was found vulnerable to persistent XSS (via theharmonyguy). I used a simple hook using the BeEF tool (Browser Exploitation Framework http://www.bindshell.net/tools/beef/) to launch the Metasploit Browser Autopwn module to attack the victim machine.

Loading...

When autoplay is enabled, a suggested video will automatically play next.

Up next


to add this to Watch Later

Add to

Loading playlists...