Monday, 31 October 2011

Exploiting "Facebook Trusted Friend" Security Feature

Last week Facebook announced that in one day 600,000 accounts possibly get hacked. Another possible solution for Facebook to combat security issues is to find 3 to 5 "Trusted friends". Facebook will be adding two new security features that will allow users to regain control of their account if it gets hijacked.

In Facebook's case, the keys are codes, and the user can choose from three to five "Trusted friends" who are then provided with a code. If you ever get locked out of your account (and you can't access your email to follow the link after resetting your Facebook password), you gather all the codes and use them to gain access to it again.  This method is used by hackers to hack most of the Facebook account using little bit of Social Engineering.


How to hack using this feature ? 


For this technique you need to create 3 fake Facebook account and you need to surely add these as friends into your victims account whose account you are going to hack.
After success full addition of your fake accounts into victims account as friends follow the below steps .:


1. Go to Facebook and click Forgot your Password ?


2. Than you will get something like below just enter the details you know about him enter his Username, email address and full name.


3. After entering everything check it again and click on submit.
4. After succeful search for the user Facebook will show some information about how many emails are linked to the account and there is simple option saying 
No Longer Access to These click that one.
5. Now it will promote you to enter a new email address on which you will get the password resetting option so enter your email address I suggest you creating a Fake or Temporary email address for safety purpose.


6. Than it will promote you to enter the Security well if you have some security guess about that one than that’s ok but if you don’t know it than simply enter 3 wrong answers and it will take you to the 3 trusted friends recovery page like below.

7. Now just click continue and facebook will ask you to choose 3 trusted friends choose the 3 fake profiles of your which you created and added into the victims account. 
8. After selecting 3 accounts facebook will send security codes to these accounts just enter these codes and you will get Password Resetting email from Facebook on the account you created in Step 5

That’s it now you are successful in Hacking Facebook Password with the 3 Trusted Friends Method.

No comments:

Post a Comment