xGamer Posted October 28, 2013 Share Posted October 28, 2013 Hi, We are going to use facebook's redirector to spread our virus, bot, java drive by. The url that let us do this is "https://www.facebook.com/l.php?u=", this is not an open redirector, but it will serve our purpose because 80% of people will trust it and will confirm without hesitation because it's primary url it's from facebook, and they trust facebook! This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up As you can see, this works even if the user isn't logged into facebook. I recommend that you shorten your URL "strategically" so you won't raise any suspicion in the confirmation dialog. Happy phishing! Copy & Paste rstforums.com Link to comment Share on other sites More sharing options...
Recommended Posts