Facebook Security Flaw – Database Table Names Exposed

Leave a reply

Ever wondered what mysql table names Facebook use? Well, now you can see thanks to Facebook’s Advertising Platform, which under the right set of circumstances will spit out a lovely (by lovely we mean potentially dangerous) error which reveals a little more than Facebook probably intended:

 

 

 

 

 

 

 

 

The error reads:

QueryConnectionException: connection dropped; ‘SELECT `account_id`,`admarket_id`,`friendly_name`,`status`,`channel`,`max_budget`,`funding_type`,`funding_id`,`abtest_id`, `credit_status`,`terms`,`currency`,`vertical_type`,`timezone_id`,vat_status,tier,manager_id FROM `account` WHERE `account_id` IN (7*******) LOCK IN SHARE MODE’

Be Sociable, Share!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>