15
fractal
5y

Acquaintance of mine brags that he made a "Facebook password cracker" that took less than 30 lines of code.

I take a look at it, then I realize it's brute force password cracking.

Oh dear.

Facebook doesn't even let you do that many password attempts, not to mention that brute forcing passwords is going to take more time than the expected lifetime of the sun. (exaggeration? Maybe. But you get my point.)

Why are we still here? Just to suffer?

Comments
  • 7
    I'm pretty sure, even if you deploy this via proxied requests, VPN or maybe even RAT slaves; Fb will probably disable Auth from unknown sources for that account..

    Slap him, and tell him to give up scriptkiddying.
  • 7
    Just trick your victim into installing a keylogger and then grabbing his password directly.
  • 1
    @N0-Flux-Given It would have been a lot easier for him.
  • 2
    @xewl My exact words when I saw what he did:

    "Oh that's cool man."

    I didn't want to be the asshole know it all, but just seeing what he was doing made me cringe super hard.
  • 1
    How does brute forcing a password require 30 lines? That part saddens me. That's a 10 line job at best.

    Also session hijacking and phishing portals are 1000x more effective and so much easier.
  • 2
    @deadPix3l rubber hosing is no code
Add Comment