Download - One link Facebook (Anand Pandey)
![Page 1: One link Facebook (Anand Pandey)](https://reader033.vdocuments.site/reader033/viewer/2022052900/55635f9bd8b42a2f508b4d2c/html5/thumbnails/1.jpg)
One Link
Access the account without restriction with just one link
Anand K. Pandey
![Page 2: One link Facebook (Anand Pandey)](https://reader033.vdocuments.site/reader033/viewer/2022052900/55635f9bd8b42a2f508b4d2c/html5/thumbnails/2.jpg)
• Social networking website
• Founded in February 2004 by Mark Zuckerberg
• Used to interact with friends, colleague and to make new friends
![Page 3: One link Facebook (Anand Pandey)](https://reader033.vdocuments.site/reader033/viewer/2022052900/55635f9bd8b42a2f508b4d2c/html5/thumbnails/3.jpg)
• Get 10 Billion hits per day
• Second most visited site
• More than 800 million active users
• More then 250 million photos are uploaded daily
• More than 900 million objects that people interact with
![Page 4: One link Facebook (Anand Pandey)](https://reader033.vdocuments.site/reader033/viewer/2022052900/55635f9bd8b42a2f508b4d2c/html5/thumbnails/4.jpg)
50
100
350
500
750
0
100
200
300
400
500
600
700
800
2007 2008 2009 2010 2011
Number of active users
Number of users (in million)
![Page 5: One link Facebook (Anand Pandey)](https://reader033.vdocuments.site/reader033/viewer/2022052900/55635f9bd8b42a2f508b4d2c/html5/thumbnails/5.jpg)
20 Minutes of Facebook
Link Shared
Event Invites
Friend Request
Accepted
Photos Uploaded
Message Sent
Tagged Photos
Status Update
Wall Posts
Comment Made
14,84,000
10,00,000
27,16,000
15,87,000 1,02,08,000
27,16,000
19,72,000
18,51,000
13,23,000
![Page 6: One link Facebook (Anand Pandey)](https://reader033.vdocuments.site/reader033/viewer/2022052900/55635f9bd8b42a2f508b4d2c/html5/thumbnails/6.jpg)
Facebook in News
• Massive hack/spam attack
• Facebook tracks users activity
• Anonymous threaten facebook
![Page 7: One link Facebook (Anand Pandey)](https://reader033.vdocuments.site/reader033/viewer/2022052900/55635f9bd8b42a2f508b4d2c/html5/thumbnails/7.jpg)
Facebook Security
• Unique Username
• Password
![Page 8: One link Facebook (Anand Pandey)](https://reader033.vdocuments.site/reader033/viewer/2022052900/55635f9bd8b42a2f508b4d2c/html5/thumbnails/8.jpg)
Facebook Security
• Check Point
![Page 9: One link Facebook (Anand Pandey)](https://reader033.vdocuments.site/reader033/viewer/2022052900/55635f9bd8b42a2f508b4d2c/html5/thumbnails/9.jpg)
Facebook Security
• Geo Location Restriction
![Page 10: One link Facebook (Anand Pandey)](https://reader033.vdocuments.site/reader033/viewer/2022052900/55635f9bd8b42a2f508b4d2c/html5/thumbnails/10.jpg)
Facebook Security
• Login review
![Page 11: One link Facebook (Anand Pandey)](https://reader033.vdocuments.site/reader033/viewer/2022052900/55635f9bd8b42a2f508b4d2c/html5/thumbnails/11.jpg)
Direct Link
• One single link
• Bypass all security points
• Username
• Password
• Check points
• Geo location restriction
![Page 12: One link Facebook (Anand Pandey)](https://reader033.vdocuments.site/reader033/viewer/2022052900/55635f9bd8b42a2f508b4d2c/html5/thumbnails/12.jpg)
Direct Link
When someone
• Comments on your photo
• Comments on your link
• Tags you
• Comments after you
![Page 13: One link Facebook (Anand Pandey)](https://reader033.vdocuments.site/reader033/viewer/2022052900/55635f9bd8b42a2f508b4d2c/html5/thumbnails/13.jpg)
Type 1
• Parameters
• pid – Photo id
• id – FB id of user who commented
• mlid – FB id of target user
• l (s52giOr8) – Secret key
http://m.facebook.com/photo.php?pid=xxxxxx&id=x
xxxxxxxxxxxxxxx&mlid=xxxxxxxxxx&l=xxxxxxxx
![Page 14: One link Facebook (Anand Pandey)](https://reader033.vdocuments.site/reader033/viewer/2022052900/55635f9bd8b42a2f508b4d2c/html5/thumbnails/14.jpg)
Type 2
• Parameters
• Share_id – FB id for sharing the link
• mlid – FB id of target user
• l (s59gpZr8) – Secret key
http://m.facebook.com/story.php?share_id=xxxxxx
xxxxxxxxxx&mlid=xxxxxxxxxx&l=xxxxxxxx
![Page 15: One link Facebook (Anand Pandey)](https://reader033.vdocuments.site/reader033/viewer/2022052900/55635f9bd8b42a2f508b4d2c/html5/thumbnails/15.jpg)
Type 3
• URL Shortening
• Contain 14 character random alpha-numeric
• Use specially for shortening the magic link sent via sms when someone comments on your link
• Database of random FB accounts with magic link
http://fb.me/xxxxxxxxxxxxxx
![Page 16: One link Facebook (Anand Pandey)](https://reader033.vdocuments.site/reader033/viewer/2022052900/55635f9bd8b42a2f508b4d2c/html5/thumbnails/16.jpg)
Type 4
• URL Shortening
• Contain “id” and “l”
• Series of “x” are the FB id or user who commented on your photo
• Series of “y” is the special key
• Used specially for shortening the direct link sent via sms when someone comments on your photo
http://fb.me/p/xxxxxxxxxxxxxxx.yyyyyyyy
![Page 17: One link Facebook (Anand Pandey)](https://reader033.vdocuments.site/reader033/viewer/2022052900/55635f9bd8b42a2f508b4d2c/html5/thumbnails/17.jpg)
What you can do
• Brute-force or social engineer the direct URL
• Brute-force the shortened URL to hit random accounts with full access
• Remember the most important
• FB user ID (mlid)
• Secret key (l)
![Page 18: One link Facebook (Anand Pandey)](https://reader033.vdocuments.site/reader033/viewer/2022052900/55635f9bd8b42a2f508b4d2c/html5/thumbnails/18.jpg)
![Page 20: One link Facebook (Anand Pandey)](https://reader033.vdocuments.site/reader033/viewer/2022052900/55635f9bd8b42a2f508b4d2c/html5/thumbnails/20.jpg)