Saturday, December 12, 2009

Facebook passwords?

When logging into facebook your login account name/email address is passed of in login_x, there are the three more variables. One of them is most likely the password. c_user appears to be your facebook user id number. h_user and xs are unknown. I believe one of them is an encrypted version of the password and I don't know about the other.

I made a fake account with these user credentials.
login:bsdpunk@gmail.com
Password:Mosssalad

These are the returns
login_x=bsdpunk%40gmail.com
c_user=1089782116
h_user=9856f1ae07ca
xs=d771ba051a12a4ad7c5f898d71a1482a

So if you want more info to deal with here is how you capture your own stuff. Open wireshark, and start sniffing. Login to facebook. Once you are done stop sniffing. Right click on your first http packet, probably coming from a 204.x.x.x click follow tcp stream. If you make a fake facebook account to do this, and you feel like sharing please send me the same variable information I have provided here. The c_user and h_user stay the same, the xs is different.


This post would have been more thorough but, work calls, and I just got my eeePC. Bleh. Maybe more tommorrow.


EDIT so I looked at the source and it looks like it's passing some

EDIT login stuff to ssl and there is a shit ton of Javascript

EDIT that I didn't go through, so in closing I would like to say

EDIT that I feel unqualified to talk about this subject.

No comments:

Post a Comment