Showing posts with label Facebook. Show all posts
Showing posts with label Facebook. Show all posts

Sunday, December 16, 2012

How to hack Facebook account pictures

A simple explanation of the Facebook photo URLs

Let's get an example Facebook URL and see what information can be found:

https://www.facebook.com/thehackernews = https://www.facebook.com/172819872731894

Example URL:
https://sphotos-b.xx.fbcdn.net/hphotos-ash3/562956_449111435102735_351919970_n.jpg

This is the photo's album id: 449111435102735
https://facebook.com/449111435102735

Here are different pictures that every user has stored, simply changing the letter at the end of the URL will change it's size.

Normal Picture:
https://sphotos-b.xx.fbcdn.net/hphotos-ash3/562956_449111435102735_351919970_n.jpg
Picture(small):
https://sphotos-b.xx.fbcdn.net/hphotos-ash3/562956_449111435102735_351919970_s.jpg
Small Picture:
https://sphotos-b.xx.fbcdn.net/hphotos-ash3/562956_449111435102735_351919970_t.jpg
Square Picture:
https://sphotos-b.xx.fbcdn.net/hphotos-ash3/562956_449111435102735_351919970_q.jpg



I found this on Pastebin a long time, so for the older Facebook photo ids:

    34330_1531425252044_1427142689_31473272_564909_n.jpg
      ^                    ^                       ^                  ^             ^
      |                      |                        |                   |               |
     No            image id                pid               id            No
    idea                                                                           idea
   
Example URLs:
   
    image id: 1531425252044
    profile.php?id=1531425252044
    redirects to the photo page
    photo.php?pid=31473272&id=1427142689
   
    pid: 31473272
    id of the picture page, needs user id too to work
    photo.php?pid=31473272&id=1427142689
   
    id: 1427142689
    user id
    profile.php?id=1427142689


Saturday, December 8, 2012

How to hack Facebook accounts using the Facebook Query Language

How to use the FQL(Facebook Query Language)

Get the page you want to lookup:
http://www.facebook.com/burrowsapps

Obtain the id:
140257159405760

Go to Facebook Developer Tools:
https://developers.facebook.com/tools/

Go to FQL:
https://developers.facebook.com/tools/explorer?fql

Click on "Get Access Token" and obtain all the permissions you want to use. After you have an active access token, you can now play with FQL. The queries you make are very similar to MySQL and SQL.

Here are some examples to have fun:
Basic information about yourself:
SELECT uid, username, name, sex, pic FROM user WHERE uid = me()

Shows BurrowsApp's stream:
SELECT updated_time, type, timeline_visibility, targeting, target_id, tagged_ids, source_id, privacy.value, privacy.description, post_id, permalink, message, likes, is_hidden, description, created_time, comments FROM stream WHERE source_id = 140257159405760

Shows the user's information from profile:
SELECT about_me, activities, affiliations, allowed_restrictions, birthday, birthday_date, books, can_message, can_post, contact_email, currency, current_address.city, current_location.city, devices, education, email, email_hashes, first_name, friend_count, friend_request_count, hometown_location, inspirational_people, install_type, interests, is_app_user, is_blocked, is_minor, languages, last_name, likes_count, locale, meeting_for, meeting_sex, middle_name, movies, music, mutual_friend_count, name, name_format, notes_count, online_presence, payment_pricepoints, pic, pic_big, pic_big_with_logo, pic_cover, pic_small, pic_small_with_logo, pic_square, pic_square_with_logo, pic_with_logo, political, profile_blurb, profile_update_time, profile_url, proxied_email, quotes, relationship_status, religion, search_tokens, security_settings, sex, significant_other_id, sort_first_name, sort_last_name, sports, status.message, status.time, subscriber_count, third_party_id, timezone, tv, uid, username, verified, video_upload_limits, wall_count, website, work FROM user WHERE uid = USERIDHERE

How to hack Facebook user ID's using the API

How to obtain a user's ID from their username

There are many ways to do this such as simply get the URL of the user's photo. Here is how to do it with curl and the Facebook API:

Example Facebook Page:
https://www.facebook.com/burrowsapps

Username:
burrowsapps

Use the Facebook API:
https://graph.facebook.com/

Open Terminal:
curl "https://graph.facebook.com/burrowsapps"

It should return a JSON string:
{"about":"Burrows Apps - https:\/\/play.google.com\/store\/apps\/developer?id=Burrows+Apps - Applications - http:\/\/www.burrowsapps.com","awards":"http:\/\/www.youtube.com\/watch?v=bpOY-sa1sCI","description":"Programming and Mobile Applications\nSecurity Fixes and Exploits\nCourses Notes and Solutions","is_published":true,"mission":"To provide top of the line mobile applications and support for all users.","products":"Applications: \ncrypTo: https:\/\/play.google.com\/store\/apps\/details?id=burrows.apps.crypto\nRoot Checker: https:\/\/play.google.com\/store\/apps\/details?id=burrows.apps.rootchecker\nApp Manager:\nhttps:\/\/play.google.com\/store\/apps\/details?id=burrows.apps.appmanager\nProjects:\nCourse Notes:\nhttp:\/\/blog.burrowsapps.com\/p\/notes.html","talking_about_count":3,"username":"burrowsapps","website":"http:\/\/www.burrowsapps.com\/","were_here_count":0,"category":"Computers\/technology","id":"140257159405760","name":"BurrowsApps","link":"http:\/\/www.facebook.com\/burrowsapps","likes":56,"cover":{"cover_id":341087719322702,"source":"http:\/\/sphotos-b.xx.fbcdn.net\/hphotos-snc7\/s720x720\/598549_341087719322702_28686629_n.jpg","offset_y":0}}

Look for the "id" object:
"id":"140257159405760"

Check for yourself:
https://www.facebook.com/burrowsapps = https://www.facebook.com/140257159405760

Monday, February 6, 2012

How to hack the Facebook for Android App

Source Code
I always liked to poke around at things to see how they worked. A while ago I wanted to look inside some of my favorite apps such as the Facebook for Android app:

This is old, however we felt like making a video. So please comment and add helpful suggestions. And there are more ways than one for doing this.

Decompiling *.apks using Dex2Jar and viewing the compiled *.class files in JD-GUI
Tools:
Dex2Jar - http://code.google.com/p/dex2jar/
JD-GUI - http://java.decompiler.free.fr/?q=jdgui
ApkTool - http://code.google.com/p/android-apktool/

Need:
com.facebook.katana.apk
sh dex2jar.sh com.facebook.katana.apk
 - dumps the compiled java *.class files - creates com.facebook.katana_dex2jar.jar
./jd-gui
 - finally, run jd-gui and click on com.facebook.katana_dex2jar.jar
For the resources, use apktool
./apktool d com.facebook.katana.apk
 - this will dump the source files, the xml and images


Dex2Jar is a very powerful tool that dumps the Java compiled *.class files into a folder and then JD-GUI can easily read the compiled *.class files. From here you can read the source code and do whatever you would like.

Saturday, December 10, 2011

How to hack Facebook accounts with a Phishing Scam

Facebook phishing scam

Its so amazing how easily people's emails and passwords are stolen in a matter of seconds. Phishing scams happen all the time, however the "frfacebook.fr" phishing scam went on for sometime, stealing hundreds of people's account information.

Most phishing scams involve Social Engineering, in which the attacker must talk the victim into doing at least one step in order for them to steal their information. In these Facebook phishing scams, they are much easier because Facebook is very social as it is. This particular Facebook scam simply posted the user's credentials in plain text in a text file located on the website.

So, I figured I would create my own to show how easy it really is.
Things you need: website, html, php
-extra: able to create long subdomains
1. Get the source code of the Facebook homepage: 
   curl -s -L facebook.com > index.html
2. Create a sub-domain on your website or buy a website name
3. I simply created a sub-domain called "facebook.com"
   This sub-domain adds on to your real domain. 
   Ex. facebook.com.(your domain).com
4. Now create Facebook-like folders that resemble legitimate 
   Facebook url
      I copied how Facebook did the groups folder and numbering. 
      Ex. facebook.com.(domain).com/groups/(15 digit number)/
5. The last step is to actually retrieve the data. Since php 
   is installed on my server, i created a login php script called
   "index.php" that takes the posts and saves them to a .txt file.
7. For the source code, submit form:
   a. change the action to action="/PATH/TO/PHP/SCRIPT/"
      - best to name the script index.php
   b. change the text field "name" of the email field to something 
      simple "VICTIM_EMAIL"
   c. then change the password field "name" to "VICTIM_PASS"
8. Make sure you have the "pass.txt" for the dumped passes in the 
   specified directory
9. Script I used (index.php): 
In the script above, the header() function redirects the real Facebook url I want my victim to get to after I took their email and pass. This way they believe they were logged out when they clicked the link and will most likely just "sign" back in.



The final result: facebook.com.(domain).com/groups/(15 digit number)/index.php.
Simply give the victim the url without the "index.php" and check the "pass.txt" for the results.