Hack facebook, hacking facebook passwords from user accounts and find out someones facebook password...Is any of it really possible? Yes it is, thanks to Twitter!. By now, you have probably heard the rumors of how unsafe Facebook is with a few celebrities having had their accounts hacked. You may also have seen Twitter allows you to synchronize your tweets with Facebook status updates so whatever you tweet appears as a Facebook status update. In providing this service, Facebook has created many vulnerabilities for itself by allowing a third party (Twitter) to access their database. This problem is due to Facebooks API service which permits exterior websites or applications (like FarmVille) to modify or post stuff on your profile.A couple of month's ago I wanted to check my old FaceBook account but forgot what email and password I had used to sign up, I sent an email to their technical support but they didn't reply so I decided to put my geek skills to good use and find a way to get my login information back by writing a facebook account hacking code or exploit as they are called.
HOW HACKING FACEBOOK ACCOUNTS WORKS
Facebook has two databases (one for males and one for females users) where they keep all the information from their users, if you remember the email you use to login but forget your password, you can use the 'Forgot your password?' option, however if like me you don't have any of that information it's impossible to legally recover that account.
If you know anything about programming websites you know the 'Forgot your password?' service has to be in direct contact with the databases in order to send requests to retrieve the forgotten information for you, basically what that means is if you 'ask' the database for the login information with the right 'code' (in our case exploit), it will send you back that information.
So all I had to figure out is what the code was and what system they used to contact the databases through the 'Forgot your password?' service, after a few weeks of writing and testing codes I came up with the right one for the job and after doing a bit of research I learned FaceBook uses something similar to an email service to contact their databases.
For security reasons the databases are programmed to verify the account your requesting is actually yours and not someone elses so they need some type of authentication or verification (thats why they send you a verification link to your email when creating your account or changing your password).
Luckily for us, as mentioned above, through the use of Twitter combined with Facebooks 'Mutual Friend' feature, we can use a friends account to verify your own, in other words, if the person you want to get the login information from is on your friends list on Facebook...you can use your Twitter account to verify your their friend on Facebook taking advantage of the vulnerability of the twitter status sync exploit, and get their login email and password sent to you. But the victim must be on your friends list on Facebook.
No comments:
Post a Comment