Tags: oauth web
## Writeup in 30 seconds
1. goto `/profile/1` to know the target is login as `firstname.lastname@example.org`
2. with analyzing you can find the feature that removing `+` in email's name when sending messages
* send to `email@example.com` will actually to `firstname.lastname@example.org`
* is this feature exists when login?
2. do port forwarding and use http://127.0.0.1:3000 for connection
3. register an account in dropbox.com with email `email@example.com`
4. login footbook with dropbox oauth
5. you can see the flaaaaaag
## Some interesting things
1. I've tested some oauth providers, only `dropbox.com` gives unauthorized email.
* But Dropbox will say the email is not verified in `extra_info`, don't ignore it!
2. You guys are really creative :p, some interesting fake flags posted on Footbook: