This is another simple and easy method to get your Facebook Page ID, but this method will only work with your Facebook pages not with your Fb profile and you must be the admin of that page. Now you are done, And you will get a Facebook ID number as Shown in the Image Below.After Opening above URL, Paste your Facebook Profile or Page Id on the forum and Click Find Numeric ID.
Once you copy your Facebook Page or profile url, Open the below link.Now Open Your Facebook Profile or Your Facebook Page and Copy Their URL from the browser address Bar as shown in the image below.Just follow Below steps to find your Facebook Id via online Tools. The easiest and fastest way to Find your Facebook Id is using a online tool.
And – although it would have been better if the privacy loophole hadn’t been there in the first place – well done to Facebook for fixing it so quickly after being informed.Also Read> How to generate Facebook ID Card or How to do a Facebook Logout Find my Facebook ID in Easy Way with Online Tool. Well done to Sclafani for finding the flaw and acting responsibly. “We have provided a bounty to the researcher to thank him for his contribution to Facebook security.” We have no evidence that it was exploited maliciously.” We worked with the researcher to evaluate the scope of the issue and fix this bug quickly. “We appreciate the security researcher’s effort to report this issue to our White Hat Program.
Sclafani says that Facebook fixed the flaw within 24 hours, and rewarded him $3,500 for his efforts under their Bug Bounty program.įacebook certainly appear to be grateful that he acted in the way he did, telling me: And rather than try to make a big splash by publishing details of Facebook’s embarrassing flaw, he chose to disclose it responsibly to the social network. It’s easy to imagine how a database of such email addresses could be abused.įortunately, Stephen Sclafani has some ethics. Indeed, it’s possible to imagine how someone interested in grabbing the email address of *every* *single* Facebook user could write a script to trawl the profile directory, turn each ID into hex, and then use the modified URL to ultimately scoop up each address. You can get them easily via sites like Find My Facebook ID or from Facebook’s own profile directory. In other words, if you replaced that part of the “mid” parameter with the hex value of a different Facebook users’ numerical profile ID, you would be shown their primary email address.įacebook profile IDs aren’t secret. A user’s numerical ID is considered public information and can be obtained from the source of their profile or through the Graph API. A Facebook user’s numerical ID could be put as this value and their primary email address would be displayed. The value was an ID associated with the address that the invitation was sent to in hex. Taking a closer at the parameter, its value was actually a string of values with “G” acting as a delimiter: re=245bf2da75118af20d917bdd34babddb& mid=59b63aG5af3107aba69G0G46Ĭhanging the re parameter did nothing however, changing parts of the mid parameter resulted in other addresses being displayed. The link contained two parameters: “re” and “mid”: Sclafani took a closer look at the link, and discovered something interesting: When Sclafani clicked on the link, he was taken to a Facebook sign up page already filled in with the mailing list’s address and the name of the person who used the link to sign up for an account: What is interesting is the clickable URL at the bottom of the invite message. One of the messages he came across contained a Facebook invitation reminder email, seemingly sent by accident when the user made the mistake of following Facebook’s advice to invite their entire contacts list to the social network: Security researcher Stephen Sclafani described how he stumbled across the privacy hole while ambling through some old mailing lists. For instance, if you tell the social network not to reveal your email address to any other members, you expect it to remain private.īut a security researcher has detailed how he found a way to find out *any* Facebook user’s primary email address, regardless of their privacy settings, by exploiting a weakness on the social network. When you sign-up for a social network you expect it to keep its privacy promises.