Friday 13 December 2013

In , by // 03:47 // 6 comments

Spoofing Cookies to Hack Facebook

Welcome back, my friends !!! Today we'll be hacking Facebook profiles on your local network. You may think, "How is this useful ?? , nobody but me is using my network.! " Well, you can use this on other Wi-Fi networks that are available for free (open Wi-fi) and crack their precious Facebook profile!! it sounds good is in it ??

 note: This only works if your target is actually browsing through Facebook over http (not https) at the time you're doing the hack.

 How ??
We are going to use a well known method called "The cookie injection method." This might be far off from becoming "elite," but you need to get familiar with your Linux distribution first.

Step 1 : Get the right "stuff" 

For this hack, you'll need a few things. Nothing special, but you'll need this stuff. My best suggestion is that you first install BackTrack, Kali Linux, or Bugtraq because they have almost everything we need.
For this little trick, we'll need:
  • A working Linux distribution (preferably Kali, Backtrack or Bugtraq)
  • Wireshark (a packet sniffer)
  • Firefox (web browser)
  • Nmap (scanner)
  • Greasemonkey (addon for Firefox)
  • Cookie injector (script for Greasemonkey)*

Step 2 : Network scan

First, to actually connect to a target, we'll need an IP address. In order to get that, you'll need to do a network scan with Nmap. So go ahead and boot up your terminal and enter the following command: 


  • nmap -F 192.168.xx.xx/24
Note: If this doesn't work, use 10.0.x.x/24 instead.

This command will scan your network for any IP addresses connected to it. The -F gives the console the instruction to use "Fast mode." If done correctly, you should see something like this:

That's how your Nmap scan should look like.


Step 3 : Starting the Man-In-Middle Attrck


Now we're going to start a man-in-the-middle attack, MITM for short.
An MITM attack is an attack were we spoof our MAC address so that when a server/responding person sends a message to the other, he won't be receiving that message, but he will receive messages that we send, as we're the Man in the middle.
This might help you understand:

A man in the middle attack!


Starting the attack 

 To start, enter the following command in a NEW terminal window:
  • sudo echo 1 >> /proc/sys/net/ipv4/ip_forward
This will forward your IP address. Now we're starting the MITM by opening a NEW terminal window and entering this command:
  • sudo arpspoof -i [Interface] -t [target] [default gateway]

If you don't know your interface and default gateway, start a new terminal and enter: ifconfig.
This is the result form the arpspoof.

Open (once again ) a new terminal window and enter the following command:

  • sudo arpspoof -i [interface] -t [default gateway] [target]

Another result from the arpspoof!

Note: After you entered both the arpspoof commands DON'T CLOSE THE TERMINALS.

Step 4 : Firefox and Wireshark (Almost finished)

We need a few more things in order to complete this hack!
First install Firefox,
then Greasemonkey and the cookie injector script. Then, install Wireshark, which you can do by entering this command into a terminal window:
  • sudo apt-get install wireshark
After that, open up a Wireshark session (open a terminal and enter sudo Wireshark as command). Select your interface and start capturing. At the top, you should see an input box where you can add filters. Now enter this filter:
  • http.cookie contains DATR
Now you should get a list in Wireshark. Search for a cookie that contains the text GET. Locate it, click on it with the left mouse button, select copy, select bytes, select printable text only.
Wireshark result. The one you need is in the black circle.

Now go to Wireshark and go to Facebook. Make sure you're NOT logged in. If you are, go to settings and delete all the cookies. Then go back to the Facebook log-in page, press [ALT]+C, and paste the cookie. Press OK andrefresh the page.

Here you can clearly see the cookie injector script input box.

If my magic worked, you should see the main Facebook timeline. If not, then you've done something wrong. Check the steps one again and try again. Don't Give it up :)


This hack may seem advanced, but it's actually really easy. Once you break down all the steps, it's a piece of cake! :D
Now that you've done this, it should be clear that Facebook security isn't very strong :P 

In my next post i am going to write about How yo Hide Ip and other simple stuffs so Don't miss them 

Note: If you enjoyed this post, you might want to Follow our Twitter or become our Facebook fan.  You will get all the latest updates at both the places. And also don't be selfish Share this post with your friends


Don't be selfish... Share the resource with your friends :)

Facebook Twitter Google Digg StumbleUpon Reddit LinkedIn Pinterest buffer
Author image

Sivarathan :


Hi i am sivarathan an 18 years old young boy from Jaffna, Srilanka. I am interested in computer and technology i stated this blog to share my knowldge with others...If you have any doubt feel free to contract me

Connect with me on :

6 comments:

  1. Siva13 December 2013 at 22:24

    Thanks for the visit and comment :)

    ReplyDelete
  2. Unknown13 December 2013 at 22:25

    Good Job Siva... Join With Me Here For More Pc Tricks http://thetechsbot.blogspot.com/

    ReplyDelete
  3. Unknown15 December 2013 at 21:17

    Not getting http.cookie contains DATR....

    ReplyDelete
  4. Unknown15 December 2013 at 21:32

    Not getting http packets of target pc.

    ReplyDelete
    Replies
    1. Siva16 December 2013 at 00:03

      Then make sure that the victim uses as HTTP Not HTTPS because it only works in HTTP :)

      Delete

Designed By Namonivi. In Association With Sivarathan.

© 2013 school of Grey hats