About Facebook password hacking : do NOT be naive !
Fake websites & programs
You might have seen a lot of websites that offer to hack Facebook account password, some claim to hack them using the "expertise" they gained in last X years , some claim to hack it using previously existing loopholes...
Goes same for "Facebook password crackers" or "Facebook password stealers" or "Facebook password hacking" ...
Just type "Facebook password hacker" in Google & see for your self. Countless results of websites who claim to hack Facebook passwords or help you to steal Facebook passwords...
There is NO Facebook Hacking Software, no Site that can hack or crack Facebook.
So ? What's the truth then ? There are no magical techniques
These websites demand $20 to $300 per account for hacking facebook & get you...absolutely nothing! DO NOT PAY ! It's a TRAP ! They claim Facebook has a MD5 password : it's bullshit too. Facebook DO NOT USE MD5 for password hashing. They use more complex systems.
As for (fake) Facebook Password cracker "software", any company or website that claims to hack password using software usually show a (fake) MD5 hash of the password which is indecipherable.
Not convinced yet ?
Have a try by yourself : type "hacking facebook" in Google, choose one of these crappy website. You'll be asked to enter a Facebook ID number or Facebook email to crack. Enter "123" as ID number or "[email protected]" as email, anything as long as the ID or email does not exist in the real life..
http://www.facebook.com/profile.php?id=123 <- this ID does not exist but these (fake) websites are sooo magical that they can hack this (ghost) Facebook account ! Congratulations...
Ok, Facebook site/software are all bullshit. But I need to steal a Facebook password !
As any other website or web services (Yahoo, Gmail...), it's possible to get credentials using conventional techniques :
- Phishing : use of Fake Login Pages, also known as spoofed or phishing pages. These fake login pages resemble the original login pages of sites like Yahoo, Gmail, etc. The victim is fooled to believe the fake facebook page to be the real one and enter his/her password. But once the user attempts to login through these pages, his/her facebook login details are stolen away.
- Keylogging : locally or remotely install a keylogger application on the victim's computer. It records the keystrokes into a log file and then you can use these logs to get required Facebook, GMail, etc password.
- Primary email address hack / Reset : simply ask Facebook to send password reset email to the victim's primary email address - of course if this email account is already compromised : reset page.
- Social engineering : method of retrieving password or answer of security question simply be quering with the victim. You have to be careful while using this as victim must not be aware of your intention. Just ask him cautiously using your logic.
- Cookie Stealing / Session Hijacking : Google it. See for example FireSheep
- Password re-use : Use of a password for multiple websites. If one website is compromised and database is leaked, the password can be tested against Facebook.
- "Remember my password" : Need access to the computer (physically or remotely) - Modern browser can remember facebook password if user ask for it. The password can thus be easily retrieved.
Note
We obviously do NOT crack facebook password here. DO NOT ask us for, nor anything related to Facebook.