This challenge was originally built for NahamCon
Usernames and passwords are somehow being stolen from hackbookagram
Find out how they are being stolen, locate the hackers servers and trash their cache of usernames and passwords
If you use any automation tools please only use the dictionary / SecLists found here to avoid wasting your time.
Targets are web applications only and not the underlying infrastructure with exception to DNS enumaration