Facebook false positives

[astera]

Not a huge deal, but it's possible to log in to Facebook with your email, phone number, or account name (permalink). However, as opposed to logging in with a wrong email or phone #, logging in with a nonexistent permalink will always result in Facebook's error message, 'Please re-enter your password [...]'.

So when trying to log in with a wrong username, Scythe reports:
[X] Account aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa exists on facebook.com
although it actually doesn't. The only thing preventing one from false assumptions would be to ensure the permalink exists, or add a note like for Backtrack & github, I guess.

[ChrisJohnRiley]

Thanks for the feedback. It seems that detection of the permalinks isn't going to be possible as the response from a non-existing permalink is the same as if the email of a registered user was put in with the wrong password.

I've added a note and renamed the module to better convey the email/phone number style input of the module.

I'll look at other enumeration options when I have a chance (new user reg or forgotten password maybe)

Let me know if you find anything else ;) and thanks again for looking at the project