Lokesh KumarFacebook SMS Captcha Was Vulnerable to CSRF AttackThis post is about an bug that I found on Meta (aka Facebook) which allows to make any Endpoint as POST request in SMS Captcha flow which…2 min read·Oct 17, 2022--3--3
Lokesh KumarContact Point Deanonymization Vulnerability in MetaThis post is about an bug that I found on Meta (aka Facebook) which used to find a linked Primary email address of a account using mobile…3 min read·Apr 28, 2022--1--1
Lokesh KumarConfirming any new Email Address bug in Facebook (Part-4)This post is about an bug that I found on Facebook which used to Confirming any email address in new Facebook account by using IP and…3 min read·Aug 17, 2021--1--1
Lokesh KumarHow to Rotate IP ADDRESS For Each Request in Burp SuiteThis post is about to explain how to rotate IP address for each request using Burp Suite.3 min read·Aug 17, 2021--3--3
Lokesh KumarDelete Any Photos In FacebookThis post is about an bug that I found on Facebook which used to delete any publicly visible photos by editing the series feature2 min read·Nov 3, 2020--1--1
Lokesh KumarReveal the page admin that uploaded a video on the page in comment sectionThis post is about an bug that I found on Facebook which used to disclose the page role person’s User ID when posted a video on comment…3 min read·Nov 2, 2020----
Lokesh KumarDisable Any Unconfirmed Account in FacebookThis post is about an bug that i found on Facebook which used to Disable any new unconfirmed account in Facebook by using IP Rotation…2 min read·Nov 21, 2019--1--1
Lokesh KumarCSRF Email Confirmation Vulnerability for Gmail & G-Suite in FacebookThis post is about an bug that i found on Facebook which used to verify any new Gmail and G-Suite account with minimal Victim’s…3 min read·Jul 16, 2019--1--1
Lokesh KumarBypass OAuth nonce and steal oculus response codeThis post is about an bug that i found on Facebook Oculus Application OAuth which could have been used to bypass nonce and steal…3 min read·Nov 7, 2017--1--1
Lokesh KumarStealing Facebook MailChimp Application OAuth 2.0 Access TokenThis post is about an bug that i found on Facebook MailChimp Application OAuth 2.0 which could have been used to steal Access_token. and…2 min read·Nov 7, 2017--1--1