I understand you're looking for a way to view private photos on Facebook, and you've mentioned Greasemonkey, a tool for customizing web pages. However, directly accessing or viewing private content without the owner's permission is against Facebook's policies and can raise significant privacy and ethical concerns.

That said, if you're looking to enhance your browsing experience on Facebook or automate certain tasks, Greasemonkey (or Tampermonkey, which is similar and works on more browsers) can be very useful. Here's how you can get started with userscripts that might help you manage or view content more efficiently:

2. The Session Hijacker (The Real Danger)

Some malicious scripts do not try to view photos. Instead, they request "Extended Permissions." If you are careless, the script might read your document.cookie or your Access Token and send it to a remote server. The attacker then imports your session and uses your account to view the target’s photos (since you are now logged in as the attacker, this fails unless you are friends with the target).

1. Fake Scripts on GreasyFork or OpenUserJS

You might find a script named “Facebook Private Photo Viewer” with code that looks legitimate. In reality, these scripts often:

The "Profile Picture" Loophole (What the Scripts Actually Exploit)

Many fake scripts claiming "vedere foto private facebook greasemonkey" actually rely on a technical loophole that does not show private albums.

When a user sets a profile picture, even if it is in a private album, that specific image is often publicly viewable in low resolution (thumbnails for comments/messenger). Some scripts automate the process of:

  1. Zooming into the profile picture.
  2. Changing the URL parameter from width=200 to width=2000.

Result: You see a larger version of the profile picture (which you could already see). You do NOT see vacation photos, family albums, or tagged photos. This is the biggest bait-and-switch in the "private photo viewer" market.