🏴‍☠️ HACKERS CREED 🏴‍☠️

2021-07-18 14:35:07 six ways to hack Facebook account.

#requested

1. Hack any Facebook account with a mobile SMS

This vulnerability could allow a user to hack FB account easily in a fraction of seconds. All you need is an active mobile number. This flaw existed in confirm mobile number endpoint where users verify their mobile number.
Execution of this vulnerability is very simple. We should send a message in the following format.
FBOOK to 32665 (for the US)
You should receive a shortcode. Then, a request to the FB server with the target user ID, shortcode, and a few other parameters could do the magic.

Sample Request

Post /ajax/settings/mobile/confirm_phone.php
Host: www.facebook.com
profile_id=&code=&other_boring_parameters

That’s it. Sending this request to Facebook server with any user cookies can hack the target account. Your mobile number will be attached to the target user’s FB account once you get a response from the FB server. Now you can initiate a password reset request using the mobile number and hack into the target account easily.

This vulnerability was found by Jack in 2013. FB security team patched the issue pretty quickly and rewarded him $20,000 USD as a part of their bounty program.

2. Hack any Facebook account using Brute Force Attack

This brute force vulnerability leads to complete FB account takeover which was found by Anand in 2016. Facebook rewarded him $15,000 as a part of their bug bounty program.
This flaw found on reset password endpoint of Facebook. Whenever a user forgets his password, he/she can reset their password using this option by entering his/her phone number or email address.
A 6 digit code will be sent to the user to verify whether the request is made by the concerned person. The user can then reset their password by entering the 6 digit verification code.
One cannot try different combinations of the code more than 10 to 12 attempts since the FB server will block the account for password reset temporarily.
Anand found that mbasic.facebook.com and beta.facebook.com failed to perform the brute force validation thus allowing an attacker to try all the possibilities of the six-digit code.

Sample Request

Post /recover/as/code/
Host: mbasic.facebook.com
n=<6_digit_code>&other_boring_parameters
Trying all the possibilities (brute forcing) of the six-digit parameter (n=123456) allows an attacker to set a new password for any FB user. This can be achieved by any brute force tool available online.
Facebook fixed this vulnerability by placing limits on the number of attempts one can execute on the reset code endpoint.

3. Hacking any Facebook account using Brute Force Attack – 2

Arun found the same brute force vulnerability in another subdomain (lookaside.facebook.com) of Facebook that had got him $10,000 reward from Facebook in 2016.
Initially, they rejected the bug by saying that they are unable to reproduce it. The vulnerability was accepted only after a few weeks time and the patch was rolled out as soon as their security team was able to reproduce the issue.
And the sample request looks like this

Post /recover/as/code/
Host: lookaside.facebook.com
n=<6_digit_code>&other_boring_parameters

The attack scenario is exactly the same that we have seen in the previous method and the only difference is the domain name.

4. Hacking any Facebook account using a Cross Site Request Forgery Attack

This method requires the victim to visit a website link (in a browser where the victim should be logged into Facebook) to complete the hacking attack.


The flaw existed in claiming email address endpoint of Facebook. When a user claims an email address, there was no server-side validation performed of which user is making the request thus it allows an email to be claimed on any FB account.
You need to get the email claim URL before create a CSRF attack page. For that, try to change your email address to an email address that is already used for a FB account. Then you will be asked to claim the email if that belongs to you.

79 viewsLa, 11:35

Open / Comment

2021-07-18 14:27:36 < > Learn to Code — Get 2021 Master Bundle of 13 Online Courses @ 99% OFF < />

Kickstart your lucrative programming career with 119 ours of video tutorials: https://thehackernews.com/2021/07/learn-to-code-get-2021-master-bundle-of.html Open / Comment

2021-07-18 06:32:22 Fondeur Promotions || 1K+ Trending Channels
✤▬▬▬▬▬▬▬▬▬▬▬▬✤

The best website to buy followers, likes, views...
https://socialservicespanel.com/services

Buy 1000 subscribers for your channel in just 1.29 USD
https://socialservicespanel.com/

Services for:
Telegram
Instagram
Youtube
TikTok

Questions and manual payments:
@AdrianFFF

✤▬▬▬▬▬▬▬▬▬▬▬▬✤ Open / Comment

2021-07-18 04:05:35 Mega Promo Presents List - 2 (1k+)

тσρ тяєη∂ιηg ¢нαηηєℓѕ ση тєℓєgяα𝔪

╔╦════════• •✠•❀•✠ • •════════╦╗
↡↡↡ Presented by ↡↡↡
ᴍᴇɢᴀ proмoтιon
╚╩════════• •✠•❀•✠ • •════════╩╝

╔═══════════════════════╗
ʝօɨռ ❭❭❭ тє¢н ¢нαηηєℓ ❬❬❬ ʝօɨռ
╚═══════════════════════╝

╔═══════════════════════════╗
ʝօɨռ ❭❭❭ ꜰяєє ʋ∂є𝔪ʏ ϲσuяѕєѕ ❬❬❬ ʝօɨռ
╚═══════════════════════════╝

◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ Hᴀᴄᴋɪɴɢ Cᴀʀᴅɪɴɢ Cʀᴀᴄᴋɪɴɢ ➽ @CCARDERZ 9.3k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ Gaming kingdom ➽ @ronzagaming2 7.0k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ ᴘʀᴏғɪʟᴇ ᴘɪᴄs ➽ @Profile_pictures_TM 5.3k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ Movies + WebSeries ➽ @AllMoviesWebserieesss 4k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ WEB MOVIES ➽ @nettmovie 3.8k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ Status Gallery ➽ @status_galery_30 3.1k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ रोचक फैक्ट्स ➽ @sotruefact 2.7k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ THE HACKERS BROTHERHOOD ➽ @hackinginstyle 2.6k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ Hollywood Movies HINDI ➽ @hollywood_movies_hindi_hd 2.4k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ QUOTES ARENA ➽ @quotes_arena 2.3k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ Spiritual PDF ➽ @shankar_kinkar_pdf 2.3k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ Amazon prime ➽ @amazonprimeidandpassword 2.2k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ Crypto guru ➽ @abbeymediaa 2k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ CYBER PUNK ➽ @cyber_punk_channel 1.5k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ BOOKS MAGAZINES LIBRARY ➽ Private Channel 1.7k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ Apps Hackers ➽ @theandroidpirate 1.7k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ 𝘼𝙥𝙥𝙨𝙝𝙪𝙗 ➽ @appshubs 1.5k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ ηєтƒℓιχ нσтѕтαя gινєαωαу ➽ @premiumhitss 1.5k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ Learn English | Tests ➽ @English_learning_for_us 1.5k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ FREE $5000 UDEMY COURSES ➽ Private Channel 1.4k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ UdemyMasters Free Courses! ➽ @freeudemyresources 1.3k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ Status Star ➽ @status_00_m 1.3k
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ Free Hacking Tricks ➽ @freehackingtricks143 1.2k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ Collection of Ebooks ➽ @booksomatic 1.2k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ Learn To Code ➽ @learn_programming_coding 1.1k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►
❱❱ AUDIO BOOK MUSEUM ➽ Private Channel 1.1k+
◄▬▬▬▬▬▬▬▬▬▬▬▬▬►


【❱】【❱】 ★ 🅳🅳 🆈 🆄🆁 🅲🅷 🅽🅽🅴🅻 🅷🅴🆁🅴 ★ 【❬】【❬】

●❯─── 【Ａｕｔｏ Ｄｅｌｅｔｅ ｉｓ Ａｖａｉｌａｂｌｅ】 ───❮●
●❯──── 𝙒𝙖𝙧𝙣𝙞𝙣𝙜 𝘿𝙤𝙣'𝙩 𝘿𝙚𝙡𝙚𝙩𝙚 𝙇𝙞𝙨𝙩 𝙈𝙖𝙣𝙪𝙖𝙡𝙡𝙮 ────❮●a Open / Comment

2021-07-17 22:44:36 𝗧𝗼𝗽 𝗖𝗵𝗮𝗻𝗻𝗲𝗹𝘀 𝗬𝗼𝘂 𝗦𝗵𝗼𝘂𝗹𝗱 𝗝𝗼𝗶𝗻 𝗢𝗻 𝗧𝗲𝗹𝗲𝗴𝗿𝗮𝗺

༺═─────────────
@deep_thoughtsx
@brightside_1
@Craziwa
@Thought_hub
@Laws_of_Human_Nature
@newwallp
@cool_thoughts
@theweekndupdates
@tentacionniggas
@profile_pictures_TM
@bookstoretelegram
@asweshapit
@best_daily_quotes
@MemeHub_zone
@Artisticpassion
@TheWeeknd_et
@ONLYBLACKLOVERS
@flawsome_poetry
@funny247
@sabseachestatus
@relation_ship_goal
@kaleab_thoughts
@ninthplanett
@BIOOZOO
@hackinginstyle
@RuthBOfficial
@deathology
@HS_hotstuff
@chillout_h
@TheWeekndlegend
@chewebe
@RelaxMusically
@ethiosaqs
@Real_shits
@queendomers
@entertain_ur_life
@Deep_like_X
@chemlka
@lovequotesvideo
@TRIPLEX_FAN
@funny_memesh
@inside_football_world
@JustinBieber_Discographyi
@New_MusicVideo1
@ethiofunnyes
@tinatidoy
@special_pictures
@Musics_and_Quotes
@biochemistryscience
@Motivation_X20

༺═─────────────

𝗣𝗼𝘄𝗲𝗿𝗲𝗱 𝗕𝘆:
@cactipromo
1𝗛𝗿 𝗢𝗻 𝗧𝗼𝗽, 24𝗛𝗿𝘀 𝗜𝗻 𝗧𝗵𝗲 𝗖𝗵𝗮𝗻𝗻𝗲𝗹

𝗧𝗼 𝗔𝗱𝗱 𝗬𝗼𝘂𝗿 𝗖𝗵𝗮𝗻𝗻𝗲𝗹: @xannyreal
1𝗞+ 𝗢𝗻𝗹𝘆 Open / Comment

2021-07-17 22:00:20 How To Check Site Vulnerabilities. Step by Step

Hey Freaks! Hackfreaks here In this article, we will tell you step by step how to comprehensively scan a site for vulnerabilities in half an hour, even if you are not hackers.

Read article : let's Hunt begin ;)

Part 1 : https://hackfreaks.medium.com/how-to-check-site-vulnerabilities-step-by-step-part-1-41e1be6a9181

Part 2 : https://hackfreaks.medium.com/we-are-looking-for-site-vulnerabilities-step-by-step-part-2-e19aaa026e84

Author : @Aasr12| #vulnerableSite #bughunting

Enjoy and Thank me later.

Unmute and pin us on top for more such content Open / Comment

2021-07-17 20:50:56 ǫᴜᴀʀᴀɴᴛɪɴᴇ ᴄᴏᴏʟ ᴄʜᴀɴɴᴇʟs ᴜ ɴᴇᴇᴅ ᴛᴏ ᴄʜᴇᴇᴋ
Powerd by @wave_promo
________________________________________________

@confess_your_feelings ᴢ ᴛᴇᴇɴᴀɢᴇ ᴍɪɴᴅ
@asweshapit ᴄʀᴀᴢʏ ᴍɪɴᴅ
@Un_said_thoughts ᴛʜᴇ ᴜɴsᴀɪᴅ
@random_tshirts ᴛsʜɪʀᴛs & ᴍᴀsᴋs
@best_daily_quotes ᴍᴏᴛɪᴠᴀᴛɪᴏɴ ᴠɪᴅᴇᴏs
@trapped_minds ᴍᴏᴠɪᴇs & ᴍᴜsɪᴄ
@fuckin_cheaters ʙʀᴏᴋᴇɴ ғᴀᴋᴇ sᴍɪʟᴇs
@Hackinginstyle ‍ ᴊᴏɪɴ ᴢ ʜᴀᴄᴋɪɴɢ ʙʀᴏʜᴏᴏᴅ
@RelaxMusically ᴇɴᴛᴇʀᴛᴀɪɴᴍᴇɴᴛ, ғᴇᴇʟɪɴɢs,ᴍᴜsɪᴄ
@friends_withbenefits ғʀɪᴇɴᴅs ᴡɪᴛʜ ʙᴇɴᴇғɪᴛs
@kaleab_thoughts ʀᴇᴀʟ ᴛʜᴏᴜɢʜᴛs
@losttsoullll
@broken_sad_f sᴀᴅ sᴏᴜʟs
@Quotesfreaky ɢᴇᴛ ᴀʟʟ ғʀᴇᴀᴋʏ
@Inner_Words ᴡᴏʀᴅs ᴏғ ʜᴇᴀʀᴛ
@cool_thoughts +ᴠᴇ ᴛʜᴏᴜɢʜᴛs &ᴊᴏᴋᴇs
@onlyblacklovers ʙʟᴀᴄᴋ ғᴇᴇʟɪɴɢ
@Highsexdrive ʜᴏʀɴʏ ᴛʜᴏᴜɢʜᴛs
@perfectpretenders ᴘᴇʀғᴇᴄᴛ ᴘʀᴇᴛᴇɴᴅᴇʀ
@entertain_ur_life ǫᴜᴏᴛᴇs, ᴍᴜsɪᴄ, ᴡᴀʟʟᴘᴀᴘᴇʀs
@profile_pictures_TM ᴘʀᴏғɪʟᴇ ᴘɪᴄs
@Drmusic_covers ɪɴsᴛʀᴜᴍᴇɴᴛᴀʟ ᴍᴜsɪᴄ
@Behind_The_Door_official ʙᴇsᴛ ᴍᴇᴍᴇ ᴄʜᴀɴɴᴇʟ
@ninthplanett ᴡᴇ ᴍᴀᴋᴇ ᴜ sᴍɪʟᴇ
@onemindset ᴍɪɴᴅsᴇᴛ
@confessions20 ᴡʜᴀᴛ's ᴜʀ sᴛᴏʀʏ?
@Artisticpassion ᴀʀᴛɪsᴛɪᴄ ɴ ᴘᴀssɪᴏɴᴀᴛᴇ
@bellee_ame ʜᴏᴘᴇ 4 ᴜʀ ʜᴇᴀʀᴛs
@flawsome_poetry ᴇᴄʜᴏ ᴏғ sᴏᴜʟs
@Humorousmeme ғᴜɴɴʏ ᴍᴇᴍᴇs
@Euphoric_vibes ᴇᴜᴘʜᴏʀɪᴀ


______________________________________________________
sʜᴀʀᴇ ᴛᴏ ᴜʀ ʙᴏᴀʀᴅ ғʀɪᴇɴᴅs
ᴛᴏ ᴀᴅᴅ ʏᴏᴜʀ ᴄʜᴀɴɴᴇʟ ᴄᴏɴᴛᴀᴄᴛ @Flat_ass ᴏɴʟʏ 1ᴋ+
ᴜɴᴅᴇʀ 1ᴋ ᴘᴀɪᴅ ᴘʀᴏᴍᴏᴛɪᴏɴ
Ig : https://www.instagram.com/sam.eshetu?r=nametag
𝙀𝙣𝙟𝙤𝙮 ! Open / Comment