Shulou(Shulou.com)05/31 Report--

How to use the Instagram copyright function to construct CSRF loopholes to delete other user files, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain in detail for you, people with this need can come to learn, I hope you can get something.

Recently, I noticed that a large number of copyright descriptions have been added to Instagram, which claims that when a user uploads a media file to Instagram that infringes intellectual copyright elsewhere, a notice will be displayed reflecting the copyright appeal information for the media file, and Instagram will automatically delete the file.

The description of the Instagram copyright note is as follows:

Upon receipt of a complaint from the right owner that the content on Instagram infringes their intellectual property rights, we may need to delete the relevant content from Instagram immediately without contacting you in advance.

If Instagram deletes your posting based on an intellectual property report submitted through an online form, it will send you a notification message with the name and email address or details of the owner of the right to submit the report. If you think that the relevant content should not be deleted, you can contact the user who submitted the report directly to try to solve the problem.

Based on the above instructions, I decided to run some tests on this feature. I uploaded a video file containing a piece of music facing copyright problems, and tests found that Instagram would use a GET request to delete the file.

The MEDIA_ID represents the video file or posting ID to be deleted. Later, I found that as long as you get the ID number of the relevant file posted or uploaded to the victim, and then send the above link to the victim user, the other party will post or delete the related file, resulting in indirect CSRF scenes and malicious destruction. The Bug can be successfully reproduced in the mobile APP or web version of Instagram.

The following is a reproduction in Android version of APP:

The following is a reproduction in the web version:

Vulnerability reporting and handling process

Preliminary report of 2019.1.29 vulnerability

2019.1.29 vulnerability classification

2019.1.30 vulnerability fix

2019.2.14 Facebook awarded $3000

Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.