Engineer Mohamed Abdel-Aty says that he was honored from Facebook by placing him in the honor list for discoverers of vulnerabilities on the site, as he discovered a security problem in one of the infrastructure systems that the company uses that allows extracting some information about the internal system of Facebook servers, where he searched and reported About the vulnerability during the ban period due to the Corona epidemic, where he contacted the Facebook team more than once to review the technical details of the vulnerability carefully before the vulnerability was closed and registered in the honor list.
It is worth noting that Facebook is one of the sites that allow vulnerability discoverers to search for vulnerabilities in it and inform them of the site without using them in a harmful way to the site or users. The two vulnerabilities finders are included in an honor list that is updated annually. The fourth in which my name is included in the honor list of vulnerability discoverers on the site, and it is in the years 2016, 2017, 2018 and 2020.
A security researcher had found a security flaw in the feature of downloading the Facebook application on the Android platform, which could be used to launch attacks and execute remote code (RCE), which prompted Facebook to give this researcher $ 10,000 in exchange for finding the error. The Facebook application on Android has two ways to download files from a group – a built-in Android service called DownloadManager and a second method called Files Tab. According to the Indian website TOI, security researcher Syed Abdel Hafeez, an Egyptian, discovered a defect in the download process in the second method, and he said in a post. On Medium: “I discovered an ACE error on Facebook for Android that can be sorted through a download file from the Files Tab group without opening the file. The vulnerability was in the second method, and while security measures were implemented on the server side when uploading files, it was Easy to surpass.
A shorter engineer honored by the Facebook administration for discovering a security vulnerability (1)
A shorter engineer honored by the Facebook administration for discovering a security vulnerability (2)
A shorter engineer honored by the Facebook administration for discovering a security vulnerability (3)
A shorter engineer honored by the Facebook administration for discovering a security vulnerability (4)
These were the details of the news A shorter engineer discovers a security vulnerability on Facebook … and... for this day. We hope that we have succeeded by giving you the full details and information. To follow all our news, you can subscribe to the alerts system or to one of our different systems to provide you with all that is new.
It is also worth noting that the original news has been published and is available at eg24.news and the editorial team at AlKhaleej Today has confirmed it and it has been modified, and it may have been completely transferred or quoted from it and you can read and follow this news from its main source.