Step 1: Login to

http://www.facebook.com

with your account.

Step 2: Find the “friend” who you would like to hack.

Step 3: Go to their profile and click the “info” tab.

Most people post all their information under this section, example: birth date, hometown, favorite music, favorite movies, email address… you get the idea. This information is what you will be using to gain access to their facebook account.

Step 4: Locate their “email address”.

(NOTE: some people don’t reveal their email address… that sucks)

Step 5: Go to the account recovery page for that persons email account

GMAIL

https://www.google.com/accounts/ForgotPasswd?service=mail&fpOnly=1

YAHOO
Code:

https://edit.yahoo.com/forgotroot?done=http://mail.yahoo.com&src=ym&partner=&intl=us

HOTMAIL

https://account.live.com/ResetPassword.aspx?mkt=EN-US&ru=https://login.live.com/login.srf%3flc%3d1033%26wa%3dwsignin1.0%26rpsnv%3d11%26ct%3d1249336714%26rver%3d5.5.4177.0%26wp%3dMBI%26wreply%3dhttp:%252F%252Fmail.live.com%252Fdefault.aspx%26id%3d64855%26mkt%3den-US%26bk%3d1249336693%26lc%3d1033%26vv%3d650&lc=1033

Now you have a few options depending on how they setup their account recovery.

You can use their information from their facebook to crack their “secret question”.

I have found that many people do have “secret questions”. I have looked up peoples schools to find out their mascot, I have gone thru their pictures to see if they tagged their pets name or even their first car. Even looking thru wall post or notes will expose these answers.

And for those that don’t have secret questions, but have alternative email addresses. You can try to guess and register their alternative email address if it has expired but thats a long shot.

With this type of approach you will not only gain access to their facebook account but everything else that is registered under their email address.

Facebook is a very good tool to help gain information about people, it’s like everyone is just posting their whole life for the internet to read about.
The end.
h4cKm4sHiNe

Explore More

critical SQL injection (vulnerability) on Burmese Classic http://www.burmeseclassic.com

PlanetCreator.Net’s Security Team member zai22 reported another critical SQL injection (vulnerability) on Burmese Classic http://www.burmeseclassic.com SQL injection is a code injection technique that exploits a security vulnerability occurring in the

Cyber Forensics Workshop in Myanmar

I’m here to invite all of my cyber warriors! My friend U Aung Zaw Myint, Principal of M.S.T Computer Center , EC-Council’s Asia Pacific Academia Partner in Myanmar is going

The internet crash of July 17th 1997

This July 17th marks the eleventh anniversary of the famous internet crash. How did the internet crash; the network which was designed to withstand all sorts of catastrophe; even the