There's no such thing as a "photobucket hacking site". If there was, Photobucket would find out about it and fix the vulnerability the site is using. And hacking Photobucket is hard. If you want access to someone's account on pretty much any Internet application (but especially a major one like Photobucket), the least vulnerable point of entry is through the web app. itself.
And, usually, the most vulnerable point of entry is their home computer. If they don't have their OS and other key software service packs and updates up to date, then it's easy: you just need to find a vulnerability and use a ready made exploit to gain full access. If they do have everything updated, you need to get them to run a trojan (by clicking on any executable file you send them), and then you can get access. If they have AV, you need to encode the binary code in a way that the AV doesn't recognize it. (usually, by writing an encoding algorithm yourself - if you just get one off the Internet, AV programmers have already seen it too)
Once you find a way onto their home computer, you either crack the hashes, or install a key logger to get their password.
If you have access to their wireless network, you can also try a man in the middle attack (since I doubt Photobucket is using SSL). Those are pretty easy to do too.