EN 
VI 
ZH After the shock of Facebook being hacked and leaking user information. This social network has decided to be more strict about security issues. After Facebook continuously updated to prevent Token leakage, we can no longer F12 and get Facebook Token like before.
Getting Token used to be very easy. Just open Browser Console (F12). Then Search for the phrase AEEEXXX is to be able to find the Token. But after this security update of Facebook, it seems that this method is no longer effective.
Main Content
What is a token and what role does it play in relation to user accounts?
Token was invented to protect user accounts and protect online transactions. There is a lot of knowledge about it. So I can't say everything in one article. I will briefly outline the concept of Token for you to understand better.
Token is also understood as a form of electronic signature to authenticate the user. This data will be encoded into a string of letters and numbers. Every time the user intends to do something related to security, the server system will carefully check the Token.
The purpose is to identify users, this user cannot take or use the product of another user. A practical example is in Online transactions, each transaction process must carefully check Token to authenticate customers.
Instructions to get Full Rights Token
Get Full Rights IPhone Token
Step 1: Open Bookmark Bar on browser with key combination Ctrl + Shift + B
Step 2: Right click on the Bookmarks Bar and select Add Page
The screen will display the content you need to create a Bookmark:
- Name: name as you like. Example: Get Token IPhone Full Rights
- URL: paste the code below and click Save
|
1
|
javascript: var email = prompt(“Enter account:”, “username/email/phone number”); var password = prompt(“Enter password:”, “pass”); var url = “https://b-graph.facebook.com/auth/login?email=” + email + “&password=” + password + “&access_token=6628568379|c1e620fa708a1d5696fb991c1bde5662&method=post”; var win = window.open(url, '_blank'); win.focus();
|
javascript: var email = prompt(“Enter account:”, “username/email/phone number”); var password = prompt(“Enter password:”, “pass”); var url = “https://b-graph.facebook.com/auth/login?email=” + email + “&password=” + password + “&access_token=6628568379|c1e620fa708a1d5696fb991c1bde5662&method=post”; var win = window.open(url, '_blank'); win.focus();
Step 3: Go to Facebook.com and click on Bookmark “Get Token IPhone Full Rights”.
Enter the Username and Password of the account that needs to get the IPhone Token and you're done.
Watch the video tutorial by author TUT Hieu Pham Doan:
Get Full Rights Token with Instagram
Access to Instagram authorization link. Select Continue as… until the end.
Then Open the Console interface by pressing F12 or combination Ctrl + Shift + C.
Switch the window to the Console Tab as shown above, then paste the JavaScript below and press Enter.
|
1
|
javascript:var uid = document.cookie.match(/c_user=(\d+)/)[1],dtsg = document.getElementsByName(“fb_dtsg”)[0].value,http = new XMLHttpRequest,url = “//www.facebook.com/v1.0/dialog/oauth/confirm”,params = “fb_dtsg=” + dtsg + “&app_id=124024574287414&redirect_uri=fbconnect://success&display=page&access_token=&from_post=1&return_format=access_token&domain=&sso_device=ios&_CONFIRM=1&_user=” + uid;http.open(“POST”, url, !0), http.setRequestHeader(“Content-type”, “application/x-www-form-urlencoded”), http.onreadystatechange = function() {if (4 == http.readyState && 200 == http.status) {var a = http.responseText.match(https://www.anonyviet.com/access_token=(.*)(?=&expires_in)/);a = a ? a[1] : “Failed to Get Access Token.”, prompt(“Token”, a);}}, http.send(params);
|
Get Full Rights Token 2019 Need User and Pass
You need to enter E-mail and Password in the first 2 lines, then copy the Code into Console in F12.
Author's Code dieudv at github:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
var e-mail = “youremail”;
var password = “yourpassword”;
var BASE_URL = “https://api.facebook.com/restserver.php”;
var API_SECRET = “62f8ce9f74b12f84c123cc23437a4a32”;
var md5 = function(d){result = M(V(Y(X(d),8*d.length)));return result.toLowerCase()};function M(d){for(var _,m=“0123456789ABCDEF”,f=“”,r=0;r<d.length;r++)_=d.charCodeAt(r),f+=m.characterAt(_>>>4&15)+m.characterAt(15&_);return f}function X(d){for(var _=Array(d.length>>2),m=0;m<_.length;m++)_[m]=0;for(m=0;m<8*d.length;m+=8)_[m>>5]|=(255&d.charCodeAt(m/8))<m%32;return _}function V(d){for(var _=“”,m=0;m<32*d.length;m+=8)_+=String.fromCharCode(d[m>>5]>>>m%32&255);return _}function Y(d,_){d[_>>5]|=128<_%32,d[14+(_+64>>>9<4)]=_;for(var m=1732584193,f=–271733879,r=–1732584194,i=271733878,n=0;n<d.length;n+=16){var h=m,t=f,g=r,e=i;f=md5_ii(f=md5_ii(f=md5_ii(f=md5_ii(f=md5_hh(f=md5_hh(f=md5_hh(f=md5_hh(f=md5_gg(f=md5_gg(f=md5_gg(f=md5_gg(f=md5_ff(f=md5_ff(f=md5_ff(f=md5_ff(f,r=md5_ff(r,i=md5_ff(i,m=md5_ff(m,f,r,i,d[n+0],7,–680876936),f,r,d[n+1],12,–389564586),m,f,d[n+2],17,606105819),i,m,d[n+3],22,–1044525330),r=md5_ff(r,i=md5_ff(i,m=md5_ff(m,f,r,i,d[n+4],7,–176418897),f,r,d[n+5],12,1200080426),m,f,d[n+6],17,–1473231341),i,m,d[n+7],22,–45705983),r=md5_ff(r,i=md5_ff(i,m=md5_ff(m,f,r,i,d[n+8],7,1770035416),f,r,d[n+9],12,–1958414417),m,f,d[n+10],17,–42063),i,m,d[n+11],22,–1990404162),r=md5_ff(r,i=md5_ff(i,m=md5_ff(m,f,r,i,d[n+12],7,1804603682),f,r,d[n+13],12,–40341101),m,f,d[n+14],17,–1502002290),i,m,d[n+15],22,1236535329),r=md5_gg(r,i=md5_gg(i,m=md5_gg(m,f,r,i,d[n+1],5,–165796510),f,r,d[n+6],9,–1069501632),m,f,d[n+11],14,643717713),i,m,d[n+0],20,–373897302),r=md5_gg(r,i=md5_gg(i,m=md5_gg(m,f,r,i,d[n+5],5,–701558691),f,r,d[n+10],9,38016083),m,f,d[n+15],14,–660478335),i,m,d[n+4],20,–405537848),r=md5_gg(r,i=md5_gg(i,m=md5_gg(m,f,r,i,d[n+9],5,568446438),f,r,d[n+14],9,–1019803690),m,f,d[n+3],14,–187363961),i,m,d[n+8],20,1163531501),r=md5_gg(r,i=md5_gg(i,m=md5_gg(m,f,r,i,d[n+13],5,–1444681467),f,r,d[n+2],9,–51403784),m,f,d[n+7],14,1735328473),i,m,d[n+12],20,–1926607734),r=md5_hh(r,i=md5_hh(i,m=md5_hh(m,f,r,i,d[n+5],4,–378558),f,r,d[n+8],11,–2022574463),m,f,d[n+11],16,1839030562),i,m,d[n+14],23,–35309556),r=md5_hh(r,i=md5_hh(i,m=md5_hh(m,f,r,i,d[n+1],4,–1530992060),f,r,d[n+4],11,1272893353),m,f,d[n+7],16,–155497632),i,m,d[n+10],23,–1094730640),r=md5_hh(r,i=md5_hh(i,m=md5_hh(m,f,r,i,d[n+13],4,681279174),f,r,d[n+0],11,–358537222),m,f,d[n+3],16,–722521979),i,m,d[n+6],23,76029189),r=md5_hh(r,i=md5_hh(i,m=md5_hh(m,f,r,i,d[n+9],4,–640364487),f,r,d[n+12],11,–421815835),m,f,d[n+15],16,530742520),i,m,d[n+2],23,–995338651),r=md5_ii(r,i=md5_ii(i,m=md5_ii(m,f,r,i,d[n+0],6,–198630844),f,r,d[n+7],10,1126891415),m,f,d[n+14],15,–1416354905),i,m,d[n+5],21,–57434055),r=md5_ii(r,i=md5_ii(i,m=md5_ii(m,f,r,i,d[n+12],6,1700485571),f,r,d[n+3],10,–1894986606),m,f,d[n+10],15,–1051523),i,m,d[n+1],21,–2054922799),r=md5_ii(r,i=md5_ii(i,m=md5_ii(m,f,r,i,d[n+8],6,1873313359),f,r,d[n+15],10,–30611744),m,f,d[n+6],15,–1560198380),i,m,d[n+13],21,1309151649),r=md5_ii(r,i=md5_ii(i,m=md5_ii(m,f,r,i,d[n+4],6,–145523070),f,r,d[n+11],10,–1120210379),m,f,d[n+2],15,718787259),i,m,d[n+9],21,–343485551),m=safe_add(m,h),f=safe_add(f,t),r=safe_add(r,g),i=safe_add(i,e)}return Array(m,f,r,i)}function md5_cmn(d,_,m,f,r,i){return safe_add(bit_rol(safe_add(safe_add(_,d),safe_add(f,i)),r),m)}function md5_ff(d,_,m,f,r,i,n){return md5_cmn(_&m|~_&f,d,_,r,i,n)}function md5_gg(d,_,m,f,r,i,n){return md5_cmn(_&f|m&~f,d,_,r,i,n)}function md5_hh(d,_,m,f,r,i,n){return md5_cmn(_^m^f,d,_,r,i,n)}function md5_ii(d,_,m,f,r,i,n){return md5_cmn(m^(_|~f),d,_,r,i,n)}function safe_add(d,_){var m=(65535&d)+(65535&_);return(d>>16)+(_>>16)+(m>>16)<16|65535&m}function bit_rol(d,_){return d<_|d>>>32–_};
var data = {
“api_key”: “882a8490361da98702bf97a021ddc14d”,
"e-mail": e-mail,
“format”: “JSON”,
local: “vi_vn”,
method: “auth.login”,
“password”: password,
“return_ssl_resources”: 0,
“v”: “1.0”
};
var str = “”;
for (var key print data){
if (data.hasOwnProperty(key)) {
str += key + “=” + data[key];
}
}
str += API_SECRET;
var sig = md5(str);
data[“sig”] = sig;
var parameters = “”;
for (var key print data){
if (data.hasOwnProperty(key)) {
parameters += “&” + key + “=” + data[key];
}
}
var URL = BASE_URL + “?” + parameters;
var win = window.open(URL, '_blank');
win.focus();
|
Update to get Full Rights Token without entering Password
(Disabled)
Use the Code below and paste it into the Console in F12
|
1
|
javascript:var uid = document.cookies.match(/c_user=(\d+)/)[1],dtsg = document.getElementsByName(“fb_dtsg”)[0].value,http = new XMLHttpRequest,URL = “//www.facebook.com/v1.0/dialog/oauth/confirm”,parameters = “fb_dtsg=” + dtsg + “&app_id=124024574287414&redirect_uri=fbconnect%3A%2F%2Fsuccess&display=page&access_token=&from_post=1&return_format=access_token&domain=&sso_device=ios&_CONFIRM=1&_user=” + uid;http.open(“POST”, URL, !0), http.setRequestHeader(“Content-type”, “application/x-www-form-urlencoded”), http.onreadystatechange = function() {if (4 == http.readyState && 200 == http.status) {var a = http.responseText.match(/access_token=(.*)(?=&expires_in)/);a = a ? a[1] : “Failed to Get Access Token.”, prompt(“Token”, a);}}, http.send(parameters);
|
In case you cannot use the Code, follow these steps:
Step 1: Visit this link: http://bit.ly/2TlLQK0
Step 2: Click Accept permission
Step 3: Go back and repeat the steps in the user manual.
Code to get HTC Token
(Disabled)
|
1
2
3
4
5
6
7
8
9
10
11
|
var uid = document.cookies.match(/c_user=(\d+)/)[1],
dtsg = document.getElementsByName(“fb_dtsg”)[0].value,
http = new XMLHttpRequest,
URL = “//www.facebook.com/v1.0/dialog/oauth/confirm”,
parameters = “fb_dtsg=” + dtsg + “&app_id=165907476854626&redirect_uri=fbconnect%3A%2F%2Fsuccess&display=page&access_token=&from_post=1&return_format=access_token&domain=&sso_device=ios&__CONFIRM__=1&__user=” + uid;
http.open(“POST”, URL, !0), http.setRequestHeader(“Content-type”, “application/x-www-form-urlencoded”), http.onreadystatechange = function() {
if (4 == http.readyState && 200 == http.status) {
var a = http.responseText.match(/access_token=(.*)(?=&expires_in)/);
a = a ? a[1] : “Failed to get Access token make sure you authorize the HTC sense app”, prompt(“Token”, a);
}
}, http.send(parameters);
|
Code to get Iphone Token
(Disabled)
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
var fb_dtsg = document.getElementsByName('fb_dtsg')[0].value;
var http = new XMLHttpRequest;
var data = new FormData();
data.append('fb_dtsg', fb_dtsg);
data.append('app_id', ‘165907476854626’);
data.append('redirect_uri', 'fbconnect://success');
data.append('display', 'popup');
data.append('access_token', ”);
data.append('sdk', ”);
data.append('from_post', ‘1’);
data.append('private', ”);
data.append('tos', ”);
data.append('login', ”);
data.append('read', ”);
data.append('write', ”);
data.append('extended', ”);
data.append('social_confirm', ”);
data.append(confirm, ”);
data.append('seen_scopes', ”);
data.append('auth_type', ”);
data.append('auth_token', ”);
data.append('default_audience', ”);
data.append('ref', 'Default');
data.append('return_format', 'access_token');
data.append('domain', ”);
data.append('sso_device', 'ios');
data.append('__CONFIRM__', ‘1’);
http.open('POST', 'https://www.facebook.com/v1.0/dialog/oauth/confirm');
http.send(data);
http.onreadystatechange = function(){
if(http.readyState == 4 && http.status == 200){
var token_ios = http.responseText.match(/access_token=(.*?)&/)[1];
var http2 = new XMLHttpRequest;
http2.open('GET', 'https://b-api.facebook.com/restserver.php?method=auth.getSessionForApp&format=json&access_token='+token_ios+'&new_app_id=6628568379&generate_session_cookies=1&__mref=message_bubble');
http2.send();
http2.onreadystatechange = function(){
if(http2.readyState == 4 && http2.status == 200){
var json_token_iphone = JSON.parse(http2.responseText);
var access_token = json_token_iphone.access_token;
prompt('Iphone Token', access_token);
}
}
}
}
|
Press Enter and the Token will be returned immediately.
- TOP sample advertising articles and tips for making content ads
- Tool to Scan Group Posts on Facebook Groups in 2025
- Facebook Account Raising Software – Free Facebook Account Raising Tool
- Instructions on How to Post Photos to Facebook Without Blurring
- E-commerce arena and promising new E-logics recruit
