Facebook offers double reward on ad coding bugs

shutterstock_126039806

Through the end of the year, researchers who alert Facebook to Whitehat coding bugs in advertisements will receive double the usual bounty.

Colin Greene, a Security Engineer at Facebook, explained in a blog post:

Starting today and extending through the end of 2014, all Whitehat bugs in our ads code will receive double bounties. We recently completed a comprehensive security audit of this area ourselves. We found and fixed a number of security bugs but would like to encourage additional scrutiny from Whitehats to see what we might have missed. Also, since the vast majority of bug reports we work on with the Whitehat community are focused on the more common parts of Facebook code, we hope to encourage researchers to become more familiar with the surface area of ads to better protect the businesses that use them.

Thanks to researchers, Facebook has recently fixed the following bugs:

  1. Redeeming the same ads coupon multiple times without expiry.
  2. Retrieving the name of an unpublished Page via the Ads Create Flow by guessing its Page ID.
  3. Arbitrary local file read via a .zip symlink (more details in this post)
  4. Injecting JavaScript into an ads report email and then leveraging a CSRF bug to make a victim send a malicious email to a target on your behalf.

To start a Whitehat researcher account on Facebook and start reporting bugs, click here.

Top image courtesy of Shutterstock.