1 Hack any Facebook account with a mobile SMS
How to Change Your PlayStation Password
Resetting a lost password is one thing, but what if you already know it andwant to change your PSN password to something stronger? If you already knowit, don’t follow the steps above. Instead, you can use the account managementpage to change your password quickly.To start, open the PlayStation Account Management page. Log in, then click onthe Security section on the left. To the right of Password, click Edit.You’ll then be prompted to enter your old password to verify it’s you. Onceyou’ve done this, you can then choose your new password for your PlayStationNetwork login.Before you set a new password, make sure you check out how to make up a secureand memorable password. That way, you can reduce the chance of being hackedwhile ensuring you don’t forget your password and get locked out.
How to Change Your PlayStation Email Address
If you want to migrate your PlayStation account to a different email address,you can do that too.Because your email doubles as your login username, it’s a good idea to setyour PlayStation Network email to something more memorable for easier logins.You could also have a dedicated PlayStation email address for additionalsecurity, in case your other accounts are ever hacked.To do this, follow the same steps as changing your password. This involveslogging on through the Sony Account Management page and navigating toSecurity.However, instead of editing the password, edit the email instead. It’s rightnext to the password field, so you should be able to find it easily!
How to reset Apple ID Email Address
Let’s start by learning how to reset Apple ID email addresses.The process to change the email address attached to your Apple ID and accountis a bit labor-intensive. But that doesn’t mean it’s difficult. It may takeyou some time to accomplish, and unfortunately, the more Apple products youown, the more work you’ll have to put in.Note: If you are using an @icloud.com, @me.com or @mac.com email address, youwill not be able to change your email address on account. Sorry.First up, nice and simple, log out of all devices, apps, and services that useyour Apple ID. [Insert dropped-jaw emoji here.]That’s right, before you can make this change, you are going to need to stopusing the account as credentials for everything. Yes, everything. Once youremail address is changed you can log back in, and most services/devices willpick up from where you left off. It’s not like you’re wiping your account onApple’s servers, you’re just logging out temporarily.Sit at a computer, head over to appleid.apple.com and log into your account.In the “Account” section look for, and click on “Edit.”If you’ve properly logged out of all devices and services, find and click the“Change Email Address” link.You may be asked for additional verification like your security questions, sohave those answers ready.Enter your new email address. A confirmation code will be sent to the newemail address, go retrieve it and bring it back to the page for validation.AppleThat’s it. Now you just have the fun task of going back to all of your devicesand Apple services to log back in with your new email address. Keep in mindthat your account is still using your old password, keep reading if you’d liketo change that as well.
Change Apple ID Password
Next, let’s learn how to change Apple ID passwords. Resetting your password isa little more common. Fortunately, getting to the password reset tools is alittle bit easier than your email address, but only just.There are a couple of different options when it comes to changing your AppleID password. If you are doing it voluntarily, you’ll want to follow the samepath as you did above, logging in through appleid.apple.com, and finding the“Change Password” button in the “Security” section.From there, enter your current password, followed by a new password. If you’rechanging your password because you suspect nefarious behavior with youraccount, you have the option to check “Sign out devices and websites using myApple ID.” If all is well on the security front, it’s nice to know you won’thave to log out and back into all of your devices.Now, what if you have completely forgotten your password? Follow the stepsbelow.Return to the main login page at appleid.apple.com.AppleBelow the login boxes, click the link titled “Forgot Apple ID or Password?”Hint: If you’ve forgotten your Apple ID, this is the same link to click on,though the process from there is a little more complicated.Enter your Apple ID email address.AppleChoose from one of the options to continue, including answering your securityquestions or getting an email with a link to update your password.If you are using two-factor or two-step authentication, head over toiforgot.apple.com. The instructions from there will you get you taken care of.
Reset Apple ID Password from iPhone or iPad
In the case that you don’t have access to your computer, or if you just preferto handle things from your phone or iPad, that’s no problem at all. All youwill need is a connected and trusted mobile device on your account from whichyou can change up your password in a few easy steps.The first thing you will want to do is head into the main system “Settings”and select “iCloud.”Tap on your name, then tap on Password & Security.Tap on “Change Password” and then, you guessed it, enter a new password.So as you can see, when it comes to how to reset Apple ID, it’s not asdaunting of a task as it might seem. However, as we mentioned at the top,depending on the number of Apple products and services tied to your Apple ID,it can be a bit time-consuming. Hopefully, with the steps above, you’re ableto navigate your way around a little easier and get everything taken care of.Have you updated your Apple ID email address or password – was it as tough asit sounds?How Do I Change My Email Address?This question and its variants are incredibly common.Unfortunately, the answer is rarely simple. Changing an email address oftenmeans one thing to the person asking and something very different to theservices that provide email.Some services make the change easy(ish).Others? Not so much.
What changing an email address means
Conceptually, changing an email address is very simple. You used to get email@example.com now you want to firstname.lastname@example.orgEverything about those email addresses is different – the name, the domain,and the provider.Unfortunately, changing an email address also means changing where you log inand where all of your information is stored. In other words, it means changingyour email account.Thus, changing your email address often means setting up a new email accountfrom scratch.
A new email address: the online, “simple” version
Let’s assume our two email addresses are for free online email accountservices, like Yahoo!, Gmail, Outlook.com, or any of a host of others.The process looks like this: * Create a new account at the new provider. * Tell all your friends to start using that new email address. * Change the email address on record at all your other online services (like stores, social media sites, newsletter subscriptions, online registrations, and so on). All of them. * Export your contact list from your old account and import it to to your new one, if possible. If you cannot, begin building your new contact list from scratch in your new account. * Start using your new email account. * Move any email saved in your old account that you want to preserve to your new account. Exactly how you do this is rarely easy, other than simply forwarding each email individually to your new address. * Watch your old email account for people or services who haven’t switched yet, and remind them (from the new address) to use your new email address and update their address books or change your registration as appropriate.As you can see, even the “simple” version isn’t very simple.
A new email address: using an email program
If you already use a desktop email program like Thunderbird, Outlook, orsimilar, the process is somewhat simpler. * Create a new account at the new provider. * Configure your email program to use that account as the default. * Tell all your friends to start using that new email address. * Change the email address on record at all your other online services, like stores, social media sites, online registrations, and so on. All of them. * Watch your old email account for people or services who haven’t switched yet, and remind them (from the new address) to use your new email address and update their address books or change your registration as appropriate.Because all your email and contacts are stored on your computer, there’snothing to worry about — all your old email is saved, regardless of what emailaccount you use, and all your contacts are there as well.
But I don’t want a new account — just a new email address!
Many people simply want a new email address that delivers to the same placetheir old email address did. Unfortunately, while email addresses and emailaccounts are technically two different things, in most cases your emailaddress is used to identify your email account.Setting up a new email address means setting up a new account with all thehassle that entails. Email providers make it difficult (if not nearlyimpossible) to move the information stored in one account to another.Email sent to the old email address is delivered to the old email account, andemail sent to the new email address is delivered to the new email account. Endof story.Or is it?
Let me change my username, you cowards.
The next is the family of applications which have their own auth. Before emailbecame the standard way to identify users, we had the username. Manyapplications have long since migrated off letting users specify usernames.Those apps are now authenticating only with email address.I’ve found that certain applications don’t let you change your username. Iused my deadname as my primary internet identifier up until I changed my name.If I can’t change my username, and I’ve accumulated significant data on yourapplication, I don’t want to have to destroy my account and start a new one.This puts me in a place where your application is repeatedly deadnaming me,and I can’t do anything about it. Build in fungibility of your usernames, letfolks change them. Please for the love of all that is holy don’t use a userprovided string as a primary database key.
1. Hack any Facebook account with a mobile SMS
This vulnerability could allow a user to hack FB account easily in a fractionof seconds. All you need is an active mobile number. This flaw existed inconfirm mobile number endpoint where users verify their mobile number.Execution of this vulnerability is very simple. We should send a message inthe following format.FBOOK to 32665 (for the US)You should receive a shortcode. Then, a request to the FB server with thetarget user ID, shortcode, and a few other parameters could do the magic.
4. Hacking any Facebook account using a Cross Site Request Forgery Attack
This method requires the victim to visit a website link (in a browser wherethe victim should be logged into Facebook) to complete the hacking attack.For those of you who don’t know about CSRF attacks, read about it here.The flaw existed in claiming email address endpoint of Facebook. When a userclaims an email address, there was no server-side validation performed ofwhich user is making the request thus it allows an email to be claimed on anyFB account.You need to get the email claim URL before create a CSRF attack page. Forthat, try to change your email address to an email address that is alreadyused for a FB account. Then you will be asked to claim the email if thatbelongs to you.A popup with claim button should redirect you to the URL we need once we clickon the claim button.URL should look likehttps://www.facebook.com/support/openid/accept_hotmail.php?appdata=%7B%22fbid%22%3A%22&code=
You have got the URL. The last thing we have to do is to create a page to putthe URL in an iframe and send it to the victim.The email address will be attached to the victim’s Facebook account oncehe/she navigates to the URL. That’s it. You can now hack victim’s Facebookaccount through reset password option.This CSRF account takeover vulnerability was found by Dan Melamed in 2013 andwas patched immediately by FB security team.