A security researcher has found a clever way to take over any Facebook account
by manipulating weaknesses in the social network’s password reset mechanism.
by manipulating weaknesses in the social network’s password reset mechanism.
In a moment of boredom, bug bounty hunter Samip Aryal from Nepal discovered
[https://infosecwriteups.com/0-click-account-takeover-on-facebook-e4120651e23e]
that by uninstalling and re-installing the Facebook app with different
user-agents he could manipulate Facebook’s password reset flow to brute force
the authentication/login code, and ta
