Facebook. A flaw would have to hack any account – Ouest-France

 
     

 
                   
                               High Tech
           -
         
                                   Published on 03.09.2016 12:33

 
           
     
     
       
         
 
       
                   

            West France with agency
       

     
 

The discovery flaw could have allowed any hack Facebook account. Anand Prakash, a security researcher said on his blog how he discovered that the password reset service of the social network was vulnerable.

In principle, a six-digit code is sent by email or SMS the user wishes to change his password. But after ten failed attempts, the account gets stuck, precisely to avoid hackers to try all the possibilities code says 01Net .

$ 15 000 reward If the classic Facebook server ( facebook.com) has proven to be well protected, the engineer discovered that through the s ites beta.facebook.com and mbasic.beta.facebook.com, any number of times in terms of limit was imposed. As proof, Anand Prakash hacked his own account after trying all combinations, as shown in a video.

Reported on February 22 in Facebook, the flaw was corrected the next day, refers 20 Minutes . As for Anand Prakash, he pocketed a reward of 15,000 dollars from the company Mark Zuckerberg.