Hacking Facebook Account Password with a Text SMS

Time and Time ago, New Facebook Hacking tricks are releasing out but today KrackoWorld brings you a tutorial that How to Hack Facebook Password with just a simple text message. Note- This method does not requires any other malicious stuff like Trojans, phishing, keylogger etc. Facebook Hacking is not as easy thing but logical and can be done with a bug. Therefore today we are going to explain you that how a UK based Security Researcher, "fin1te" is able to hack any Facebook account within a minute by doing 1 SMS. Have a look!

This method take use of Facebook account recovery using Mobile Number which allows you to receive Facebook profile updates via SMS directly to your cell phone and also you can login into your account by that linked no. rather than your email address or username. According to hacker, the loophole was in phone number linking process, or in technical terms, at file /ajax/settings/mobile/confirm_phone.php

This process works in background and there are 2 main parameters, one for verification code, and second is profile_id, which is the account to link the number to.

How to Hack Facebook Password with Text Message?

1. Change value of profile_id to the Victim's profile_id value by tampering the parameters.

2. Send the letter F to 32665, which is Facebook’s SMS short code in the UK. You will receive an 8 character verification code back.

3. Enter that code in the box or as confirmation_code parameter value and Submit the form.

4. Now Facebook will accept that confirmation code and attacker's mobile number will be linked to victim's Facebook profile etc.

In the next step, hacker just need to hit the Forgot password option and initiate the password reset request against of victim's account.

Hence Attacker now can get password recovery code to his own mobile number which is linked to victim's account using above steps. Now Enter the code and Reset the password! Get GO!

That’t it! You have Hacked Facebook!

Update: This bug has been successfully reported to Facebook by fin1te and in return, they gave him $20,000. You have no longer control to this hack or it will not work.

Join me on Google+

Respected Readers :- As a 18 years old student, running the top most blog in today's world is something quite difficult to do or handle as we bring the best things available related to ethical hacking and security tips to our readers every day. To keep us strong with this attitude, a small contribution from your side will highly be appreciated.

 

E njoyed this post very much – So why not you Subscribe to our regular Email Updates ! and stay connected with us forever .  

Kindly Bookmark and Share it with your friends :