Busy busy busy, that’s how my past 2 weeks has been
I am now officially a PADI certified open water diver, yay! (more to come on that later) i went to Dahab (again) but this time to finish then diving course with the amazing Dr. Nabil Fadlallah from CairoDivers.
I am also ISTQB certified (it’s a software testing certificate for those of you non-techie), it was really hard to take that one, not because it’s difficult, but because i forgot how to study, memorize definitions and solve exams. It was a hell, reminded me of college exams, and the fear of failure :S ewww it was horrible.
I also studied for CEH (Certified Ethical Hacker) i should take the exam anytime next week.
So, YEA! if i pass the CEH exam this month, it’ll be the month of certificates for me 3 certificates, one month !
So i was complaining a while ago about not having anything to do blah blah.
my wish turned against me
I have a million thing to do now:
So yea, it’s nice, am so busy, to the extent that i don’t have enough time to focus on one thing and finish it but i don’t complain, am having a good time.
The thing is, i always feel i am late, but that will come in the next post
It’s amazing the amount of information you can get about someone, just from his name or his email using the internet.
I was trying to see what kind of information i can get about someone from either their name or email address.
So i chose a random email address and a random name (i don’t know the persons before) and started my search.
For the email here’s what i did: (the email was associated with a VERY generic nickname, search results would be massive)
- Analyze the address – it shows that it’s an account for a student as the domain is a .edu
- Google the email address - no results
- Using the university search engine on their website search for the user name – results found
- The result included a file which lists the major, year of graduation, full name and picture.
- Using Facebook – a search with the name returned a few results
- Examining the results (through friends, and finding that only one has many friends joined in the network of the university, as the person i was looking for was not joined in that network)
- Through the Facebook profile i was able to find some personal information like the age, more pictures, friends, personal nick from what people call him\her from the wall posts and many other things
For the name here’s what i did: (the name was associated with a fake email, so results with the mail did not return anything)
- Google the name with double quotes “” – the name was posted on several bulletin boards, most topics were on Arabic poems (الشعر العربى) looking through the BB profile showed the second name (i already had the last name)
- Using the last part (father + last name) of his\her name on 140online.com i was able to find the address and phone number
- Using the name on Facebook – one result returned, but profile was accessible to friends only, but the thumbnail picture was still viewable and list of friends was readable too.
To sum things up, using just a name or email address and an internet connection, one can get:
Off course that’s not all, please note that i only got this information in less than 30 mins, i could have invested more time.
Watch out what information you put online, and where you put it it’s a VERY small world
5 Jan 2008 Update: I found an application that does the same function on facebook, it can be found here, i have not tried it though and am not sure it provide the same functionality, but you can try
I wrote a small shell script in Bash and PHP, that takes the friends page from facebook and extracts the ID and names into a CSV file.
It could be useful to keep track of your friends and\or save a backup.
Or you could combine that with the “Hacking Facebook…Exposed” post and try to improvise with your own tricks
It could also be used as a reference, in case you want to check if someone blocked you, or deactivated their account (you can read here to check how to find if someone blocked you or deactivated their account)
#!/bin/bash echo 'Facebook Friends ID and Name extractor a.k.a FBF2CSV by Achraf El Kashef (Charafantah) http:\\charafantah.wordpress.com\ 11 Nov 2007 ' if [ $# -ne 2 ]; then echo 1>&2 Usage: $0 friends.php.html output.txt exit 1 fi grep profile.php $1 | \ grep .jpg | \ grep -v sidebar | \ grep -oE 'id=[0-9]*&*[[:alpha:]]*;*[[:alpha:]]*">*[[:alpha:] -.]*</' | \ sed 's/id=//' | \ sed 's/">/,"/' | \ sed 's/<\//"/' | \ sed 's/&highlight//' > $2 cat $2 exit 0
I wrote this in 15 mins, so don’t complain about the code or tell me the regex could have been written in a better way(i suck at regex anyway)
Am going today to write this into a PHP script, and publish it online, should make it easier for people with no access to linux or cygwin.
You can get it here now: http://www.misr2000online.net/facebook/
If you can provide a better host for the php script (a decent one) please contact me.
Currently, the script will support names with the following:
It will not support non Latin characters (e.g. accented characters like french é ê or anything like that, any entry like this will just be discarded,, you can however change the regex (on line 8 from bottom) to make it parse only the ID# and discard all the names) (anyone know how can i match these in regex?)
Please give me feed back if it doesn’t work as expected with you, i haven’t tested it on other lists than mine, but i expect it should work as fine.
NOTICE: THIS POST IS VERY OLD, AM NOT SURE THAT THIS INFO WILL BE WORKING AT THE TIME YOU TRY IT….DO NOT CONTACT ME ASKING TO HACK SOMEONE’S FACEBOOK ACCOUNT
d00d i0wn3d f4c3b00kzzzz!!! LOLLLLZROLFLMAO!!*!@!111
Ok, let’s be honest, it’s not exactly Hacking Facebook exposed, It’s merely some few tips for Facebook.
I found a few ways to know things that you should not know about, like who blocked you for example
First, let’s state a few fast facts about Facebook:
Ok, so you have this person on your friends list, and s\he suddenly disappears from your contact, you want to know whether they deactivated their account, or they blocked you?
Here are a few more things i noticed in Facebook:
You can view any wall-to-wall conversation between you and any user, even if he has his account deactivated, or if he removed you from his friends list using this URL:
where XXXXX = your ID and YYYYY = his ID
Here are a few things i noticed about the wall-to-wall page:
Here is how wall posts will look like:
Post is removed
You can also find out the name of anyone on Facebook, even if s\he blocked you, and even if the account is deactivated.
All you have to do is go to the send message page, and change the ID parameter, like this:
where the XXXXs are the ID of the person , you can try to randomly change this number, it would work.
But sending the messages to anyone would not work in the following cases:
Instead, this message will appear:
Also, another nice trick you could is use Google to see other people’s photo albums, even if they do not have a public profile and you can’t see any of their details. This started to happen since facebook started to announce it will make records public.
also you can add another inurl:id=XXXXX to search for someone specific
Also, i noticed that when you try to poke or send messages to non-friends simultaneously, it will tell you that you are about to get blocked, this happens after you poke\message more than 10 (i didn’t count exactly, am not too good with counting when it’s more than 10, math has never been my thing you know )
But you can send pokes\messages to your friends as much as you want (at least as much as i tried )
It’s not much, but still could be useful
I spent a few days, trying to know if that person blocked or just deactivated their account after it disappeared suddenly from my friends list….well, i wish i didn’t know