Easy Decryption of Facebook Passwords

Facebook PasswordAll good pentesters have their own “survival kit” with a lot of tools and scripts grabbed here and there. Here is a new one released a few days ago: FacebookPasswordDecryptor.

“FacebookPasswordDecryptor – small, simple, free, and yet truly reliable application that helps you recover stored Facebook account passwords, quickly and easily. Truly great little tool that works like a charm. Highly-recommended.”

Again, the well-known social website is a nice target for pentesters. But this time, no brute-force attack nor invasive cracking. The real targets are just the tools used to store the credentials and their poorly implemented security. More details about how the applications store the Facebook passwords is available here.

Once installed, it will scan stored data of the following applications:

  • Internet Explorer (all versions from 4 to the newest)
  • Firefox
  • Google Chrome
  • Opera Browser
  • Paltalk Messenger
  • Miranda Messenger

If interesting stuff is found, just click on “Show password” to reveal it:

FacebookPassworDecrytor Screenshot
(Click to enlarge)

You can install the tool in your regular Windows environment but, even more interesting, there is a portable version which can be used right from an USB stick…

As a conclusion (or reminder), do NOT store your passwords in your browsers/instant messaging applications! Use a strong password manager.

The application can be downloaded here.


  1. I added a Firefox Master Password and that stopped this tool. Unless I am missing something, it’s not doing anything you couldn’t do with the Options menu in Firefox, anyway.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.