1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Facebook ID verification is broken (but still breaks blackhatters) !!

Discussion in 'BlackHat Lounge' started by Rock_Shock, Oct 7, 2016.

  1. Rock_Shock

    Rock_Shock Regular Member

    Joined:
    Sep 11, 2016
    Messages:
    436
    Likes Received:
    56
    Occupation:
    Nothing
    Location:
    Nowhere
    I made a post recently on how I intend on creating the most unbreakable FB accounts ( http://www.blackhatworld.com/seo/fb-id-verification-fix.882247/#post-9325118 ). Got some responses but we are far from breaking the code. FB locks you out in 3 ways and there is a way out of 2 of them.

    The 3 methods are:
    - Phone verification (SMSPVA or own SMS.. I use own..never used SMSPVA..can't vouch. According to what I know there are glitches but it works)
    - Friends verification (Change IP to Japan or use FB friends photos tool in Massplanner. Both work as far as i know)
    - ID verification (The most dreaded one is this one..uncracked till now)

    These are implemented usually in that order.. starting with phone.

    Also they have like no more messaging for a few hours to a few days.. no more liking..posting..commenting for a few days kinda bans.. Lame Zuck version of timeouts for kids. Nothing to do about that.. just dont do that.. dont post/like/comment too fast..make real accounts..real personas..real friends..real everything..
    I have a rule of thumb: make the accounts believable to yourself and FB will believe it too. Most IMs have been around the block enough to spot a fake..If you realistically think you wont be able to make out if this account is fake..chances are neither will FB. If that is too much of a hassle..too bad.. find another network..FB wont let you..

    Long story short.. The story I am here to share is of a guy from Pakistan uses fake ID to take over someone's FB, changes email, 2 step verification, changes everything, changes ownership of business pages and FB facilitates it all.

    https://www.reddit.com/r/technology/comments/4q8ywp/til_that_someone_can_change_your_facebook_email/

    Let's make a group to share ideas and crack the code of Facebook's verification process. Telegram is the most secure messenger out there. If someone wants to be in a telegram brainstorming group to try and understand how to make UNBREAKABLE / UNBANNABLE accounts PM me. See above link to my first thread for details. Will need some manpower to do this. :)

    Disclaimer: I do NOT endorse hacking. All i intend to do from posting this is highlight that there is a broken system in FB which is used to reign in blackhatters by demanding ID verification. A noob with a 0.1 MBPS speed internet and no hacking skills took over someone's FB account using a passport scan of another person and here we are losing facebook accounts left right and center.

    P.S.: I have zero coding knowledge but good social engineering and growth hacking knowledge. Let's gut zuck.
    P.P.S. : Did you know zuck used fake FB accounts and destroyed his competition by hacking and stealing their passwords: http://www.thedailybeast.com/articl...vard-the-truth-behind-the-social-network.html

    You are not being a saint by not exploiting his system.. you are becoming a victim. Time to take action.
     
    Last edited: Oct 7, 2016