Forum Thread: facebook.py ( Need Help)

facebook.py ( Need Help)

I am trying to crack my own facebook account with not luck....
here what i did:

  1. i run facebook.py in terminal and enter the email
  2. i created a passwords list and I enter the passwords in the terminal
  3. it always writes the first number , word in the wordlist and it does not work...
  4. I have some pictures anyway

i put 2 more pirctures to show you..... the first the program show me just the first number , word in the wordlist.

someone can show me the way to crack the password

54 Responses

Wouldnt it stop working because facebook got passwords attempts limit? i mean if it tries 10 wrong passwords facebook will not allow any other attempts and the script will not work properly?

apparently, that filter isn't applied in it's webpage it seems.

talk about "responsible" corporations...

-Phoenix750

I think you are correct, cause I only tested putting the password at the second item of the list. I'm still trying to fix the Python scripts, I will post if get any successful results.

try to test it on your account make like a random words list and put the real password at the end and see if it works

I will try that today. will post the results here.

-Phoenix750

Alright, we're waiting

tested it, and it looks like facebook blocks your IP address, but not the account. this issue can be solved if we could modify the script to switch proxies every 5-10 attempts.

-Phoenix750

the problem is that facebook locks you out AUTOMATICALLY after i think it was 50 attempts for me.

-Phoenix750

can you help me phoenix because im getting now this

Bad arg length for Socket::packsockaddrin....

you can use tor-buddy.sh to change your ip, say every 30 seconds as I do. make sure you have proxychains and tor installed then download tor buddy from sourceforge and run it

Link:
TOR BUDDY

that might work yes, but the problem here is timing.

if tor buddy switches the second a password is being sent, it will mess up the program.

-Phoenix750

Basically Facebook is un-hackable, they did a great job at that, the only way to hack Facebook is either to use social engineering and getting the password directly, Or getting access to the victim computer and use a keylogger and deauth the victim from his Facebook and when he connects back you get the pass in the keylogger, or get the password from the navigator saved passwords

Nothing is unhackable. Some are just easier than others.

you're wrong. like OTW said, NOTHING is unhackable. all you need to do is make this perl script auto-switch between proxies every 5 attempts or so. et voila, you've just hacked facebook!

i'd do it, but i know sh*t about perl.

-Phoenix750

Like OTW and Phoenix said... definitely not unhackable. They wouldn't offer bug bounties if they thought they were perfect.

I've found that the account itself is temporarily blocked after using the Perl script. If I try to access it from different IPs it says "You're trying too often. Please try again later." As far as I can see this is an impentrable defence against password lists.

well, we could try to slow down the perl script.

-Phoenix750

Trust facebook with this bounty hunter program or whatever its called is getting stronger and stronger, as i told you the only ways to do hack it are Keylogger or social engineering or browser hashes, if anyone knows another way feel free to share with us, and forget the brute force attack shit because its useless nowadays since they block the attempts from the login not the IP and also you could hack the victim email account and restore the fb password but thats not direct hacking

nothing is unhackable nor impossible, including brute-force attacks. it's just different, but NEVER impossible.

-Phoenix750

I can't replyy to you, the hell? and i dont know how you're gonna achieve brute force attacks anymore but maybe you could like try to use the username and email , switching between them after each attempt may make facebook not recongnize the attack but changing the vpn will not work since that way it will look more suspicious, facebook isnt stupid, as i told you there are easier indirect ways to hack a facebook account

Regarding the point you made about changing the email/username, you can do that (facebook will accept either your email (@yahoo.com), your facebook email (@facebook.com) or you phone number (and I believe all accounts are now required to verify their account with 1 phone number).

However, this even if this works it may only extend our cracking attempts from 50 per day to 150 per day.

That could be a good idea but I think facebook will limit our password attempts to 50 a day. Even at 100 a day it's still going to take years, unless the password is incredibly weak.

how is it save...?

you can edit facebook.py easily with this login URL and still make it work though.

-Phoenix750

tried it, but still not working...i googled that and found that something related to cookies has to be edited also, not just that URL

That's right HXROFO. I tried both scripts, the written in Perl worked! Also, you can try this tutorial, for another Python script (more understandable, in my opinion) and make some changes in it, as the url to m.facebook.com/login.php to avoid cookies issues, and if your language isn't English you'll have to modify the if's statements of contents to what is shown in your language's facebook login page.

you can edit the code in a python program easily by opening it in a text editor.

-Phoenix750

Usage:

perl fb-brute.pl login wordlist

You got to have Perl installed in your machine. Then save the Perl script as fb-brute.pl, and type perl fb-brute.pl <email or login> <path to wordlist>

u dont open it you use it open up terminal then write perl filepath its how to use for options use help of that script it should help you out.

can someone make a video or explain to us step by step how to crack password facebook account with wordlist and facebook.py

yes i worked for half hour nou i get the same as omar loratm

someone can please help us to understand this problem with video or explain us step by step it will help us a lot ...

I use this brute forcer ... https://github.com/mthbernardes/GFBBF

It uses the Facebook chat client to attempt to login instead of using the HTTP form which is awesome since the chat login doesn't seem to reach attempt limits and lock you out like the form would.

I have python-xmpp but neither "simple login" nor "brute force" work. I just get error messages. I tried multiple email addresses for the "username" field.

Me too. Lot of errors and the last one was something like 'internal server error'. I searched and only reached at the documentation. Not sure if is worth to read just for this.

BURNCT i am trying to run the script but it does not open
i got this error
Traceback (most recent call last):
file "GFbBf.py.py" , line 3 , in <module>
importError:No module named xmpp

do you know what is mean?
can you help me to open this script...

install python xmpp by typing apt-get install python-xmpp

lol its worked stupid of my that i dont have used a vpn now have facebook blocked my IP :P
but now i use a vpn so i can use facebook again

dude i dont know how to do it i tried everything can you make a video or something ??
i want to understand how to do it

I may be resurrecting this, but I found a Python script that works with Instagram. I put my password at the 20th item in the wordlist and it worked. Apparently, Instagram does not block you from excessive attempts, but I can't test with a huge wordlist cause my connection keeps falling and this break the script. If the target has the same password for both social networks, congratulations, you just hacked facebook. Script

This thread is probably dead, but on line 60 of facebook.py the following is written:

if log != login:
print "\n\n\n * Password found .. !!"

Simply meaning that if the login doesn't work it gives you the password.
Changing line 60 to:
if log is login:

The program will continue to attempt login properly.

P.S: The link for logging in doesn't matter. https://www.facebook.com/login.php?login_attempt=1 is still a valid login url.

heyya, actually it works thanks alot! Still there is the problem of facebook logging you out after some tries but the facebook.py works now. Awesome!

@Zach Landon

-- Adam

Actually it didnt really say password found. It stopped identifying it! Any ideas about that?
@Zach Landon

-- Adam

Share Your Thoughts

  • Hot
  • Active