For the best experience on desktop, install the Chrome extension to track your reading on news.ycombinator.com
Hacker Newsnew | past | comments | ask | show | jobs | submit | history | franjkovic's submissionsregister
1.
Getting any Facebook user's friend list and partial payment card details (josipfranjkovic.com)
416 points by franjkovic on March 9, 2018 | past | 91 comments
2.
Taking over Facebook accounts using Free Basics partner portal (josipfranjkovic.com)
1 point by franjkovic on Feb 8, 2018 | past
3.
Hacking Facebook accounts using CSRF in Oculus-Facebook integration (josipfranjkovic.com)
5 points by franjkovic on Jan 18, 2018 | past
4.
Stealing Facebook access_tokens using CSRF in device login flow (josipfranjkovic.com)
127 points by franjkovic on July 19, 2016 | past | 82 comments
5.
The easiest bug bounties I have won (josipfranjkovic.blogspot.com)
145 points by franjkovic on July 13, 2015 | past | 27 comments
6.
Race conditions on Facebook, DigitalOcean and others (fixed) (josipfranjkovic.blogspot.com)
294 points by franjkovic on April 27, 2015 | past | 88 comments
7.
Reading local files from Facebook's server (fixed) (josipfranjkovic.blogspot.com)
44 points by franjkovic on Dec 6, 2014 | past | 19 comments
8.
Step-by-step: exploiting SQL injection(s) in Oculus' website (josipfranjkovic.blogspot.com)
1 point by franjkovic on Sept 4, 2014 | past
9.
Facebook bug bounty: secondary damage bugs and fairness (josipfranjkovic.blogspot.com)
60 points by franjkovic on Nov 21, 2013 | past | 10 comments
10.
Facebook CSRF leading to full account takeover (fixed) (pyx.io)
222 points by franjkovic on Oct 20, 2013 | past | 51 comments

Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search:

HN For You