Facebook New Account Verification Bypass

On September 22, 2019, at 11:30 pm, I was preparing for my board exam and I feel tired reading all those stuff. Then I think to open Facebook and see some news-feed but I don’t what comes in my mind that I opened a new private tab in my Firefox and tried to create a new account. Firstly I filled the new account form with all correct and valid details and all of a sudden I thought what if I give wrong email address can I verify it somehow and I fill the form with the wrong email and clicked for sign up. Then I was redirected to a new page/verification page. I thought I can’t do anything without verification but I saw an option to see our profile I thought it won’t work if I click that option also it will redirect me to verification page again but I was surprised when I tried that I was able to visit my profile and do anything I want like change profile pictures, posting status and other things. But the thing was there was no more option than that like no option for search and others.

Then I thought what if I change the URL and try to visit someone profile and I change the URL to my original account profile and boom I was able to visit my profile and I was able to see an option for search and all other options what we see in a verified account.

I was more shocked when I got to know that I can send a friend request, comment, share and like any public or friends post. Then I sent a friend request to my original id and I accept that friend request to see what more can I do. After accepting the friend request I was also able to send messages to my real account.

It took me around 15 minutes to find all those stuff. I immediately report it to Facebook at around 11:50–12:00. After waiting for 3 days they finally reply to me I was happy with that notification but all of a sudden all my happiness was stolen from me I got a reply that Facebook team know about it internally and are working to improve the verification flow.

Though I didn’t receive any bounty I thought it will be good if I share my finding to you all. Thanks for reading all till last. This is my first write-up on such topic so there may be some mistakes so I am sorry for those silly mistakes.

PoC Video Link:- https://youtu.be/UDetCErBD9E

Find Me On:-
Facebook:- https://facebook.com/santoshbrl5
Instagram:- https://instagram.com/santoshbrl5
Twitter:- https://twitter.com/Openhacker

See this write-up on my site:- https://blogs.techohnepal.com

My Site:-

Hits: 10

Leave a Comment