Friends, now a days, Social networking is ruling the world and the queen of social networking is obviously Facebook. It has currently over 900 million users and day by day they are increasing. As the popularity increasing, do the frauds are also... Every day a lot of people are searching for the methods of Facebook hacking and "How to hack Facebook" is one of the trending search terms of Google these days. And so
Today, i am back to you again with a new kind of attack to hack Facebook passwords.
.jpg)
This attack is called as Man in the middle attack. And here it goes..
But before going to the details, i wanna mention here that this method is somewhat moderately difficult and needs some expertise in the field of computers and networking.
So if you are a newbie, the i will strictly recommend you to learn the following things first and then go into this tutorial:
OK, Now lets proceed with the tutorial. For this attack, you need the following tools:
1. XAMPP – APACHE+PHP +MySQL(We use XAMPP for our fake facebook web server)
2. Cain & Abel (We use it for Man in the Middle Attack)
3. Facebook Offline Page (I have nulled the code, so this script will not contacting Facebook when victim accessed fake Facebook page — only use this for learning )
Update: Once you download the Facebook offline page, extract it and replace the login.php and index.php files in it with the files you download from the below link
Step by step Hacking Facebook Using Man in the Middle Attack:
Attacker IP Address : 192.168.160.148
Victim IP Address : 192.168.160.82
Fake Web Server : 192.168.160.148
I assume you’re in a Local Area Network now. (Man in the middle attack can be done in Local area networks only)
1. Install the XAMPP and run the APACHE and MySQL service
2. Extract the fb.rar and copy the content to C:\xampp\
3. Check the fake web server by open it in a web browser and type http://localhost so that the fake Facebook page will be opened. Which is the fake page relied on your MySQL server.
4. Install Cain & Abel and do the APR(ARP Poisoning Routing) as following.
Click the start/stop sniffer then
Choose your interface for sniffing and click OK. When it’s finish, click again the Start/Stop Sniffer to activate the sniffing interface.
Go to the Sniffer tab and then click the + (plus sign)
Select "All hosts in my subnet" and Click OK.
You will see the other people in your network, but my target is 192.168.160.82 (MySelf…LoL :p)
After we got all of the information, click at the bottom of application the APR tab.
Click the + button, and follow the instruction below.
When you finish, now the next step is preparing to redirect the facebook.com page to the fake web server.
Click "APR DNS" and click + to add the new redirecting rule.
When everything is finish, just click OK. Then the next step is to activate the APR by clicking the Start/Stop APR button.
5. Now Hacking Facebook using MITM has been activated.
Whenever the victim opens the Facebook, he goes to your fake FB page instead of the original Facebook login. So once he enters his login credentials, you will be having them in your view.php.
6. But if you ping the domain name , you can reveal that it’s fake, because the address is IP of the attacker .
0 comments:
Post a Comment