Brute force Facebook username
About a month ago I came across the form of inviting friends through mail and / or mobile phone number (which voluntarily-compulsory require during registration). I think for a long time I inserted 1,500 random numbers into the form, 500 in each format (89 *********, +79 *********, 9 ********* ). The field "Message" left blank. The next morning, a surprise awaited me: a couple of dozen new dialogs in which I began the conversation with the message “Optional message”. Without hesitation, I sent the report through the form on Facebook. But after a week of waiting and re-reporting I received the answer: “This is not a bug. It's a core Facebook feature. ”
Thus, it is most advantageous to pick up phone numbers of Ukrainians.
First you need to generate all possible numbers. Let's take 16 codes and for each we will substitute numbers from 0 to 10 million. Since the density of users per phone number is sufficiently high, we can safely divide the list into groups of 50 numbers. As a result, we get 160 000 000/50 = 3 200 000 blocks.
A request for a Facebook server takes on average up to 200 ms (depending on the channel). Thus, one client can generate 5 requests per second in one stream. 3.2M / 5 / 60sek / 60min ≈ 177.7 hours, which is a little longer than a week. Doubling flows and / or customers will cut the time costs by half.
Finding matches is quite simple:
From obvious flaws: the number of requests and messages is too large for Facebook not to notice the catch. This is easily solved by additional accounts and proxy servers. Also, the user can understand that someone used his number in the form of an invitation: he will receive a friend invitation and a message. This can be solved by instantly canceling the invitation (the user will receive a notification in the mail) or by adding the user to the black list immediately after finding the number.
Of the benefits: by default, all adult users are enabled to find them by phone number (can be turned off in the privacy settings) and usually the associated number is also connected to online banks, kiwi, WebMoney wallets, etc.
PS For protection, in the privacy settings you can select those who can search for you by e-mail address and phone number.
What we have
- There are 52 codes of mobile operators in Russia, but Ukraine has only 16, and Belarus has only 4.
- After each code is a seven-digit number. That is, 10,000,000 possible combinations.
- According to different, unconfirmed, data in Russia at least 7 million Facebook users, Ukraine has 2.5 million, and Belarus has more than 400 thousand.
- Total 520/7 ≈ 74 numbers per user in Russia, 160 / 2.5 = 64 in / in Ukraine and 40 / 0.4 = 100 in Belarus.
Thus, it is most advantageous to pick up phone numbers of Ukrainians.
Action algorithm
First you need to generate all possible numbers. Let's take 16 codes and for each we will substitute numbers from 0 to 10 million. Since the density of users per phone number is sufficiently high, we can safely divide the list into groups of 50 numbers. As a result, we get 160 000 000/50 = 3 200 000 blocks.
A request for a Facebook server takes on average up to 200 ms (depending on the channel). Thus, one client can generate 5 requests per second in one stream. 3.2M / 5 / 60sek / 60min ≈ 177.7 hours, which is a little longer than a week. Doubling flows and / or customers will cut the time costs by half.
Finding matches is quite simple:
- Send a request (invitation) through the form to one block of numbers, indicating in the message a random sequence of letters (possibly a hash of the block).
- After sending the request, Facebook will go through the list for several hours and send friends requests to those already on Facebook, as well as notify them by sending a personal message with the specified hash. Plus Facebook is that while the user has not added to friends (and if there are basic privacy settings), the sent message will go to the Other folder, and the user will not receive notifications.
- We just have to check the client's dialogs and compare the hash from the message with the saved hashes.
- In case of coincidence, the block can be divided into smaller pieces and repeat the request.
From obvious flaws: the number of requests and messages is too large for Facebook not to notice the catch. This is easily solved by additional accounts and proxy servers. Also, the user can understand that someone used his number in the form of an invitation: he will receive a friend invitation and a message. This can be solved by instantly canceling the invitation (the user will receive a notification in the mail) or by adding the user to the black list immediately after finding the number.
Of the benefits: by default, all adult users are enabled to find them by phone number (can be turned off in the privacy settings) and usually the associated number is also connected to online banks, kiwi, WebMoney wallets, etc.
PS For protection, in the privacy settings you can select those who can search for you by e-mail address and phone number.
')
Source: https://habr.com/ru/post/194898/
All Articles