Welcome to XDA

Search to go directly to your device's forum

Register an account

Unlock full posting privileges

Ask a question

No registration required
Post Reply

[APP][2.0+]FB SDK Checker

OP vvieux

12th April 2012, 12:03 PM   |  #1  
OP Junior Member
Flag Paris
Thanks Meter: 13
 
9 posts
Join Date:Joined: Nov 2010
Hi,

You've probably heard this: On 10 Apr 2012 a blog post from Parse (http://blog.parse.com/2012/04/10/dis...s-android-sdk/) indicates they found a major security issue in the Facebook SDK. they reported the issue in mid-february and the issue is now solved.

But tons of apps didn't update the Facebook SDK yet and still have the security hole.

With FB SDK Checker, you can check if any of you app is exposing your access token.

Google Play: https://market.android.com/details?i...x.fbsdkchecker
Source: https://github.com/vieux/FB-SDK-Checker

It's scary, for exemple Draw Something exposes the access token each time you launch the app.
The Following 11 Users Say Thank You to vvieux For This Useful Post: [ View ]
13th April 2012, 04:32 PM   |  #2  
SalsaForte's Avatar
Senior Member
Flag Montreal
Thanks Meter: 14
 
253 posts
Join Date:Joined: Dec 2010
Donate to Me
More
Just tested it on my phone. I'm exposed!

Is there a way for the FB:SDK checker to show which app(s) exposed the token?
13th April 2012, 04:38 PM   |  #3  
OP Junior Member
Flag Paris
Thanks Meter: 13
 
9 posts
Join Date:Joined: Nov 2010
I'm working on it.
The Following 2 Users Say Thank You to vvieux For This Useful Post: [ View ]
13th April 2012, 11:01 PM   |  #4  
sinatra_shinoda's Avatar
Senior Member
Flag Kota Kinabalu
Thanks Meter: 34
 
119 posts
Join Date:Joined: Apr 2011
Donate to Me
More
Lightbulb
Quote:
Originally Posted by vvieux

I'm working on it.

Is it working now?

EDIT: Installed & Tested. It's working, but it didn't tell which app(s)is exposing the token.
Last edited by sinatra_shinoda; 17th April 2012 at 01:16 AM.
16th April 2012, 05:16 PM   |  #5  
trestevenson's Avatar
Senior Member
Thanks Meter: 13
 
127 posts
Join Date:Joined: Oct 2010
Donate to Me
More
Quote:
Originally Posted by vvieux

I'm working on it.

Thanks for the heads up!
Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes