Login To Facebook Using PHP cURL

Question

I'm trying to login to Facebook using cURL And i get the random values from facebook form hidden inputs to use it in post fields like lsd,jazoestm_ts,m_ts etc, The login process is NOT working and I don't know why. I want to get a preview of the profile to continue with my current project.

This Is My PHP Code:

<?php
include("simple_html_domo.php");

//get page data
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://mbasic.facebook.com/login");
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.13) Gecko/20101206 Ubuntu/10.10 (maverick) Firefox/3.6.13');

$data = curl_exec($ch);
$html = new simple_html_dom();
$html->load($data);

//Scraping from Fields
$lsd = $html->find('input[name=lsd]' , 0)->value;
$jazoest = $html->find('input[name=jazoest]' , 0)->value;
$m_ts = $html->find('input[name=m_ts]' , 0)->value;
$li = $html->find('input[name=li]' , 0)->value;
$try_number = $html->find('input[name=try_number]' , 0)->value;
$unrecognized_tries = $html->find('input[name=unrecognized_tries]' , 0)->value;
$bi_xrwh = $html->find('input[name=bi_xrwh]' , 0)->value;
$login = $html->find('input[name=login]' , 0)->value;
$email = "user123456@myemail.com";
$pass = "password123456";


$postFields = array(
    "lsd" => $lsd,
    "jazoest" => $jazoest,
    "m_ts" => $m_ts,
    "li" => $li,
    "try_number" =>$try_number,
    "unrecognized_tries" =>$unrecognized_tries,
    "email" =>$email,
    "pass" =>$pass,
    "login" =>$login,
    "bi_xrwh" => $bi_xrwh
);

//trying to login
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://mbasic.facebook.com/login/device-based/regular/login/?refsrc=deprecated&lwv=100");
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($postFields));
curl_setopt($ch, CURLOPT_COOKIEJAR, "cookie.txt");
curl_exec($ch);

//profile preview
curl_setopt($ch, CURLOPT_URL, "https://mbasic.facebook.com/profile.php");
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_COOKIEJAR, "cookie.txt");
$response = curl_exec($ch);
echo $response;

?>

Answer 1

I have a way how you can login to facebook using PHP Curl. but the drawback here you can not login using email, mobile number and username but using your own facebook ID. This is more like what people who claim to be the most pro hackers do to crack facebook accounts using python with the termux application capital:D

<?php
$uid = '100085889112490';
$pass = 'your own password';

function getCookies($data) {
    preg_match_all('/^Set-Cookie:\s*([^;]*)/mi', $data, $matches);
    $cookies = array();
    foreach($matches[1] as $item) {
        parse_str($item, $cookie);
        $cookies = array_merge($cookies, $cookie);
    }
    return $cookies;
}

function fbLogin($uid, $pass) {
    // Get jazoest & lsd value
    $ch = curl_init("https://m.facebook.com/login/device-based/password/?uid=".$uid."&flow=login_no_pin&refsrc=deprecated&_rdr");
    curl_setopt($ch, CURLOPT_HEADER, 1);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
    $hLogin = array(
        "Host: m.facebook.com",
        "Upgrade-Insecure-Requests: 1",
        "User-Agent:" . $_SERVER['HTTP_USER_AGENT'],
        "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
        "Dnt: 1",
        "X-Requested-With: com.facebook.katana",
        "Sec-Fetch-Site: same-origin",
        "Sec-Fetch-Mode: cors",
        "Sec-Fetch-User: empty",
        "Sec-Fetch-Dest: document",
        "Referer: https://m.facebook.com/",
        "Accept-Language: en-US,en;q=0.9,id-ID;q=0.8,id;q=0.7"
    );
    curl_setopt($ch, CURLOPT_HTTPHEADER, $hLogin);
    $login = curl_exec($ch);

    // Start Scraping
    include("simple_html_dom.php");
    $html = new simple_html_dom();
    $html->load($login);

    // Scraping from Fields
    $lsd = $html->find('input[name=lsd]' , 0)->value;
    $jazoest = $html->find('input[name=jazoest]' , 0)->value;

    // Get Cookie
    $cookie = "datr=".getCookies($login)['datr'].";fr=".getCookies($login)['fr'].";sb=".getCookies($login)['sb'].";m_pixel_ratio=1.7000000476837158;wd=424x781";

    // Post Fields
    $postFields = array(
        "lsd"       => $lsd,
        "jazoest"   => $jazoest,
        "uid"       => $uid,
        "next"      => "https://https://m.facebook.com/login/save-device/",
        "flow"      => "login_no_pin",
        "pass"      => $pass
    );

    // Trying to login
    curl_setopt($ch, CURLOPT_URL, "https://m.facebook.com/login/device-based/validate-password/?shbl=0");
    $hTrueLogin = array(
        "Host: m.facebook.com",
        "Cache-Control: max-age=0",
        "Upgrade-Insecure-Requests: 1",
        "Origin: https://m.facebook.com",
        "Content-Type: application/x-www-form-urlencoded",
        "User-Agent:" . $_SERVER['HTTP_USER_AGENT'],
        "Accept: */*",
        "X-Requested-With: com.facebook.katana",
        "Sec-Fetch-Site: same-origin",
        "Sec-Fetch-Mode: cors",
        "Sec-Fetch-User: empty",
        "Sec-Fetch-Dest: document",
        "Referer: https://m.facebook.com/login/device-based/password/?uid=".$uid."&flow=login_no_pin&refsrc=deprecated&_rdr",
        "Accept-Language: en-US,en;q=0.9,id-ID;q=0.8,id;q=0.7"
    );
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($postFields));
    curl_setopt($ch, CURLOPT_HTTPHEADER, $hTrueLogin);
    curl_setopt($ch, CURLOPT_COOKIE, $cookie);
    $result = curl_exec($ch);

    if (!empty(getCookies($result)['c_user'])) {
        echo "OK";
    } else {
        echo "FAILED";
    }
}

fbLogin($uid, $pass);