Welcome to BARMAGY Sign in | Join | Help

Fake Facebook Wall Posts Using FBML

Today while playing around with Facebook markup language (FBML) which is used in Facebook applications I found that through using the tag </fb:wallpost> it’s possible to fake user posts with ease just by using their user id as Facebook don’t validate that if the posts is really originating from the legitimate user so it allows anybody to use FBML to post wall posts to his/her application with the identity of another user. Here is proof of concept FMBL that you can use in your Facebook application

<fb:wall>

  <fb:wallpost uid="[victim id goes here]">

    Fady ownz me

  </fb:wallpost>

</fb:wall>

Published Sunday, January 20, 2008 8:32 PM by Fady

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Comments

# Facebook &raquo; Fake Facebook Wall Posts Using FBML

PingBack from http://facebook.freedombloghost.info/?p=8269
Sunday, January 20, 2008 9:38 PM by Facebook » Fake Facebook Wall Posts Using FBML

# Facebook &raquo; Fake Facebook Wall Posts Using FBML

PingBack from http://facebook.blogspace4you.info/?p=1913
Sunday, January 20, 2008 9:51 PM by Facebook » Fake Facebook Wall Posts Using FBML

# re: Fake Facebook Wall Posts Using FBML

These FBML tags are only for display purposes within an application... they render content so that it's styled the same way a profile wall is styled, but have no effect on a user's actual wall.
Monday, February 18, 2008 11:39 PM by theharmonyguy

# re: Fake Facebook Wall Posts Using FBML

yes indeed, but mostly users won't be able to tell the difference
Wednesday, February 20, 2008 4:40 PM by Fady

# re: Fake Facebook Wall Posts Using FBML

WCsyB4  <a href="http://lgpxefvvplva.com/">lgpxefvvplva</a>, [url=http://gtaovswuxevi.com/]gtaovswuxevi[/url], [link=http://hzrdliaehmdv.com/]hzrdliaehmdv[/link], http://kjerqcxlnfji.com/
Friday, March 21, 2008 4:44 PM by rqatmtcdgk

# re: Fake Facebook Wall Posts Using FBML

<a href="http://umypygimoni.narod.ru/index.html">просмотр порно без регистрации бесплатно</a>

Monday, June 30, 2008 9:19 PM by opooo234

What do you think?

(required) 
required 
(required)