HACK FACEBOOK BY HIJACKING THE SESSION

Hello friends ! Previously I've posted different ways to hack the user account of Email Serve...


Hello friends ! Previously I've posted different ways to hack the user account of Email Server or Social Networking site. For more information please click here. Today I'll illustrate the SESSION HIJACKING technique to hack FB Account.



In this scope I will be using BACKTRACK, a Penetration Testing Distribution integrated with the below tools for Network Scan, MIMA and Packet Analysis.

1. NMAP
2. ARPSPOOF
3. WIRESHARK

And two below scripts which are compatible with Mozilla Firefox will be used for Cookie Injection:

1. GREASEMONKEY
2. COOKIE INJECTOR

  • Techniques:   
1. First Scan your network and find the target using NMAP, a Network Scanner. In this case i got 192.168.1.3 as the Target.



2. Next I need to start the IP Forwarding which enables my machine to forward any network traffic it receives from the target to the router.



3.  Next Man-In-The-Middle-Attack (MIMA) is begun by exploiting ARP Cache Poisoning to intercept network traffic between the target and the router.  

First  a malicious ARP reply is sent to the target, associating my MAC address with the router's IP (192.168.1.1).


Secondly  another malicious ARP reply is sent to the router, associating my MAC address with the target's IP (192.168.1.3).


4. Next I start packet capturing using WIRESHARK at my wlan0 interface and 
applied a filter with http.cookie contains datr. The cookie string printable text with GET label is then copied.



5. GREASEMONKEY and COOKIE INJECTOR scripts are then installed in my Firefox browser. After restarting the browser Facebook login page is opened and Alt+C is pressed to inject cookie strings captured in Wireshark.



Reloading the page and I am able to login target's account !


  • Protection:
1. Browse Facebook on a secure connection (https) when possible. Make sure Secure Browsing option in Security Settings tab is enabled.



2. Arpwatch is a computer software tool for monitoring Address Resolution Protocol traffic on a computer network. Network administrators monitor ARP activity to detect ARP spoofing.

3. Capsa Network Analyzer (Packet Sniffer) is an easy-to-use Ethernet network analyzer (aka. packet sniffer or protocol analyzer) for network monitoring and troubleshooting purposes.

Keep Visiting
Name

android facebook free-zone Freebies hacking How-to programming scripts video whatsapp
false
ltr
item
Mr Tricks: HACK FACEBOOK BY HIJACKING THE SESSION
HACK FACEBOOK BY HIJACKING THE SESSION
http://1.bp.blogspot.com/-UCtO2WpSulk/UYp5lqTFgJI/AAAAAAAAAxY/D2IZw_eIQ64/s320/fb+hack.jpg
http://1.bp.blogspot.com/-UCtO2WpSulk/UYp5lqTFgJI/AAAAAAAAAxY/D2IZw_eIQ64/s72-c/fb+hack.jpg
Mr Tricks
http://mr-tricks.blogspot.com/2015/01/hack-facebook-by-hijacking-session.html
http://mr-tricks.blogspot.com/
http://mr-tricks.blogspot.com/
http://mr-tricks.blogspot.com/2015/01/hack-facebook-by-hijacking-session.html
true
248440411475805434
UTF-8
Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS CONTENT IS PREMIUM Please share to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy