Private Instagram posts and stories can be accessed and shared publicly using just a web browser


Another latest flaw has been found in Instagram related to the way in which Instagram handles the post of accounts. As per this flaw, anyone can access and share the posts and stories of private Instagram accounts just by using a web browser.

This flaw has been reported today by BuzzFeed that illustrates how a series of mouse clicks on any web browser can expose the persistent URL of private posts and stories cached on Facebook servers. 

Anyone who is having a browser like Google Chrome, can inspect the code of the page and find the URL of the images. They just have to go to the “Inspect Elements” tool and head on to the  “Img” section of the Network header. Now, you will be able to find the URL of any Instagram image you’ve clicked on, be it a disappearing story or a photo posted to a user’s feed. That URL can then be shared and the photo viewed by anyone, including people who do not follow the private account.

We at TechnoCodex also verified this flaw by following the above procedure. And within a few clicks, we were able to get the URL of the images that we click on Instagram. These URL were openly shareable, even you can see the preview of the URL in chat applications like Slack.

In addition to revealing persistent URLs for photos posted to a private account, the same source-code trick also lets you pull URLs for profile photos of other Instagram users who may have interacted with that post and may have their accounts set to private as well. 

According to BuzzFeed, these URLs will still retrieve images from Facebook servers even after the posts have been deleted. This appears to be true both for photos posted to the feed and for stories, which delete after 24 hours. BuzzFeed says URLs for private stories will return the story for multiple days after the expiration date.

We’ve reached out to both Instagram and Facebook for a response to the security flaw and will update this article if we hear back.

For the latest tech news and updates, Install TechnoCodex App and follow us on Facebook and TwitterAlso, if you like our efforts, consider sharing this story with your friends, this will encourage us to bring more exciting updates for you.

Source Source

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More