Burpy v0.1 Report


Author : Debasish Mandal

Total Number of Request(s) Tested : 48
Scan Scope : www.facebook.com

Base Request
POST /messages/action/ HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:20.0) Gecko/20100101 Firefox/20.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.facebook.com/messagingconfirmation?action_url=/messages/action/?mm_action=delete&tids=mid.1375723992343%3A9fb37a810424df2016&tid=mid.1375723992343:9fb37a810424df2016&action=delete&refid=12&_rdr
Cookie: Deleted
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 61

mm_action=delete&tids=mid.1375723992343:9fb37a810424df2016&fb_dtsg=xy8asd_

Crafted Request   [Token Removed from Request]

POST /messages/action/ HTTP/1.1
Content-Length: 61
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:20.0) Gecko/20100101 Firefox/20.0
Host: www.facebook.com
Referer: http://www.facebook.com/messagingconfirmation?action_url=/messages/action/?mm_action=delete&tids=mid.1375723992343%3A9fb37a810424df201&tid=mid.1375723992343:9fb37a810424df2016&action=delete&refid=12&_rdr
Fun: Fun
Cookie: Deleted
Content-Type: application/x-www-form-urlencoded

mm_action=delete&tids=mid.1375723992343:9fb37a810424df2016&
Live Response
HTTP/1.1 408 Client timeout
date: Thu, 17 Oct 2013 07:54:30 GMT
connection: keep-alive
content-type: text/html; charset=utf-8
content-length: 2131

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook"> <head> <title>Facebook | Error</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta http-equiv="Cache-Control" content="no-cache" /> <meta name="robots" content="noindex,nofollow" /> <style type="text/css"> html, body { margin: 0px; padding: 0px; text-align: center; font-family: "Lucida Grande", "Tahoma", "Verdana", "Arial", sans-serif; color: #333333; } a.menu { margin: auto; position: relative; display: block; width: 964px; height: 29px; background: #3B5998 url('https://s-static.ak.fbcdn.net/common/error.png') top center no-repeat; } .core { text-align: left; margin: auto; width: 904px; padding: 1em 0em; } h1 { font-size: 18px; } p { font-size: 13px; } .footer { border-top: 1px solid #DDDDDD; color: #777777; float: left; width: 904px; padding: 5px 8px 6px 0; font-size: 11px; } </style> <script type="text/javascript" charset="utf-8"> function back() { if (1 < history.length) { history.back(); return false; } return true; } </script> </head> <body> <a class="menu" href="http://www.facebook.com/"></a> <div class="core"> <h1>Sorry, something went wrong.</h1> <p>We're working on getting this fixed as soon as we can.</p> <p><a onclick="return back();" href="http://www.facebook.com/">Go Back</a></p> <div class="footer" id="pagefooter_copyright"> Facebook &copy; 2013 &#183; <a href="http://www.facebook.com/help/">Help</a> </div> </div> </body> </html>