Help with Facebook Cracking Script [Solved]

(0x5) #1

Hello guys ! i just decide to pentesting something with ( the thing is i need password list i was searching like hour or so but cant find the right one ! may someone help me to find it . Thanks in advance mates !
Edit: i tried to create one simple with crunch but nah :slight_smile: thats why i decide to post here !



Could you give the source code? You can send a pastebin, github link
or do

<the code>

For example:

var = "foo"
def func(var):
  return var
1 Like

(0x5) #3

This is if u talk about not password list also i made one with crunch but no idea when i choose the text doc i always got the first line ! like if inside the txt first line is with 12345 i always got that the password’s found and its 123456 like there’s nothing other always 123456


remove the comments on the top

1 Like

(0x5) #5

Thanks buddy :slight_smile: !!



(0x5) #6

any ideas why when it just starting to crack always showing that the password’s found but actually its not searching… it just picking the first line for example in my case its i love you and it just shows that’s the password ?


(The Philosopher) #7

i think it’s the firewall

1 Like

(0x5) #8

Tried that before not working :slight_smile:


(Cal0X) #9

I think the vulnerability got patched by the Facebook about an year ago. That script doesn’t work anymore.

1 Like

(Leader & Offsec Engineer & Forum Daddy) #10

I wouldn’t think this would work. If you read the code its just a standard PHP post cracker.

1 Like

(0x5) #11

Ah alright i just saw that people keep using it


(0x5) #12

Thanks for the reply i was exactly with the same reaction like i’m not sure its working but why not to try it ! aand it looks it doesnt work :slight_smile:


(Leader & Offsec Engineer & Forum Daddy) #13

Are you trying to break into anybody particular? I know a numerous amount of ways to successfully break into a Facebook account.

These include Social Engineering, Phising + Checking password dumps and password reuse.


(0x5) #14

i want to improve myself with this for example if someone lost his account i can try to restore it now i’m doing other thing it might be too far from my mission but i’m using now BeFF and trying to do the same thing


(Leader & Offsec Engineer & Forum Daddy) #15

Well they will do an email reset, also they should have two factor auth enabled.


(0x5) #16

The general problem is there most of people are not using their two factor auth and plus when they got hacked their emails got changed too


(Leader & Offsec Engineer & Forum Daddy) #17

I actually got my email hacked, and then they tried to reset my facebook. Good thing I had two factor auth on my facebook.

I was a victim of password leak reuse. It’s a common attack now a days. Especially by bots.

1 Like

(0x5) #18

This is so true the bad thing is those days we cant feel safe since there’s too many ways to get your account hacked ! even if you register at random sites . I remember before 5-6 years one friend just got one database when he decrypt the hashes 70% of the ppl are using the same password like in this site(with database) and their emails



I can confirm that Facebook patched this a long time ago.


1 Like

(Not a N00b, but still learning) #20

That’s one of the reasons why I use Keepass :slight_smile: