
Interactive example of how Facebook leaked access tokens - Glitch-is
https://history.adversary.io/anonymous/facebook/birthday
======
alangpierce
I'm getting errors whenever I visit, but was able to load the "mission" page
earlier and see the format (though it also had errors; the center page didn't
load at all). Seems like a great idea for explaining these sorts of things!

~~~
ibero
The url is incorrect above, it should be
[https://history.adversary.io/missions/facebook](https://history.adversary.io/missions/facebook),
the above url includes the "/birthday" which causes the 400

~~~
m348e912
The link you posted redirects to
[https://history.adversary.io/missions/facebook/birthday](https://history.adversary.io/missions/facebook/birthday).
It seems to not be working right now.

------
Glitch-is
We also wrote an article about the attack. Check it out if you're interested
[https://blog.adversary.io/facebook-hack/](https://blog.adversary.io/facebook-
hack/)

~~~
jamestenglish
I can see the messages from Minea as Lark, but when I click "SUBMIT FLAG" I
get "Invalid Flag Submission"

~~~
Glitch-is
It should work now

------
dandigangi
There really isn't any technical details about this at all from what I read in
the article or using the interactive tool. If this is a SaaS product for
developers, wouldn't the actual "deep dive" I expected contain that? It's to
high level and doesn't offer more value than some general blog telling me a
few basics w/ some links to better content.

Did I miss something?

I think the interactive tool is a cool idea none the less.

------
PunchTornado
the link not working

also shows a security warning in ff

