You are currently viewing Spoofing Cookies to Hack Facebook Sessions

Spoofing Cookies to Hack Facebook Sessions

Spoofing Cookies to Hack Facebook Sessions 

Spoofing Cookies to Hack Facebook Sessions 
Today we’ll be hacking Facebook profiles on your local network. You may think, “How is this useful, nobody but me is using my network.” Well, you can use this on other Wi-Fi networks that are available for free (like at Starbucks) and crack their precious Facebook profile!

Quick note: This only works if your target is actually browsing through Facebook over http (not https) at the time you’re doing the hack.

How?

We are going to use a well known method called “The cookie injection method.” This might be far off from becoming “elite,” but you need to get familiar with your Linux distribution first.

Step 1Get the Right “Stuff”

For this hack, you’ll need a few things. Nothing special, but you’ll need this stuff. My best suggestion is that you first install BackTrack, Kali Linux, or Bugtraq because they have almost everything we need.

For this little magic trick, we’ll need:

A working Linux distribution (preferably Kali, Backtrack or Bugtraq)
Wireshark (a packet sniffer)
Firefox (web browser)
Nmap (scanner)
Greasemonkey (addon for Firefox)
Cookie injector (script for Greasemonkey)*
Now let’s start doing some magic! 

Step 2Network Scan

First, to actually connect to a target, we’ll need an IP address. In order to get that, you’ll need to do a network scan with Nmap. So go ahead and boot up your terminal and enter the following command:

nmap -F 192.168.xx.xx/24
Note: If this doesn’t work, use 10.0.x.x/24 instead.

This command will scan your network for any IP addresses connected to it. The -F gives the console the instruction to use “Fast mode.”

Step 3Starting the Man-in-the-Middle Attack

Now we’re going to start a man-in-the-middle attack, MITM for short.

An MITM attack is an attack were we spoof our MAC address so that when a server/responding person sends a message to the other, he won’t be receiving that message, but he will receive messages that we send, as we’re the Man in the middle.

A man-in-the-middle attack!

Starting the Attack
To start, enter the following command in a NEW terminal window:

sudo echo 1 >> /proc/sys/net/ipv4/ip_forward
This will forward your IP address. Now we’re starting the MITM by opening a NEW terminal window and entering this command:

sudo arpspoof -i [Interface] -t [target] [default gateway]
If you don’t know your interface and default gateway, start a new terminal and enter: ifconfig.

Open (once again -_-) a new terminal window and enter the following command:

sudo arpspoof -i [interface] -t [default gateway] [target]

Note: After you entered both the arpspoof commands DON’T CLOSE THE TERMINALS.

Step 4Firefox and Wireshark (Almost Done!)

We need a few more things in order to complete this hack!

First install Firefox,

then Greasemonkey and the cookie injector script. Then, install Wireshark, which you can do by entering this command into a terminal window:

sudo apt-get install wireshark
After that, open up a Wireshark session (open a terminal and enter sudo Wireshark as command). Select your interface and start capturing. At the top, you should see an input box where you can add filters. Now enter this filter:

http.cookie contains DATR
Now you should get a list in Wireshark. Search for a cookie that contains the text GET. Locate it, click on it with the left mouse button, select copy, select bytes, select printable text only.

Here you can clearly see the cookie injector script input box.

If my magic worked, you should see the main Facebook timeline. If not, then you’ve done something wrong.

My Final Comments

This hack may seem advanced, but it’s actually really easy. Once you break down all the steps, it’s a piece of cake! default_biggrin.png

Now that you’ve done this, it should be clear that Facebook security isn’t very strong default_tongue.png

Good luck, my fellow hackerians, and I’ll see you next time!

 

Henceforth, WE WISH TO ANNOUNCE THAT OUR SERVICES ARE NOT AVAILABLE TO PEOPLE FROM NIGERIA AND INDIA. THESE ARE USELESS TIME WASTERS AND THIEVES TRYING TO BEG OR SCAM US OF OUR PRODUCTS. OUR SERVICES ARE NOT FREE AND PAYMENT IS UPFRONT

A LOT OF FOOLS FROM NIGERIA AND INDIA. on the off chance that YOU DON’T TRUST TO USE OUR SERVICES, DON’T CONTACT US AS WE HAVE NO FREE SERVICE

CONTACT US FOR PURCHASES/INQUIRIES, WE RESPOND ALMOST INSTANTLY 

HI BUYERS, WE ARE A PROFESSIONAL CARDING AND HACKING TEAM. HOVATOOLS HAS BEEN AROUND SINCE THE TIME OF EVO MARKET, ALPHABAY, WALLSTREET MARKET AND MORE. WE REMAIN STRONG AND RELIABLE IN THE INDUSTRY, ALWAYS PROVIDING YOU WITH THE BEST QUALITY TOOLS TO HELP YOU MAKE MONEY AND MAXIMIZE PROFIT IN THE FRAUD GAME.

TO GET STARTED, YOU CAN VISIT OUR ONLINE SHOP/STORE TO BUY EVERYTHING YOU NEED TO START CASHING OUT.  AT THE SHOP YOU GET Accounts & Bank Drops CVV & CARDS DUMPS PERSONAL INFORMATION & SCAN.

BANK HACKING SOFTWARE – WIRE/ACH DARKWEB MONEY TRANSFER HACKERS

Buy Fresh Credit Cards for Carding, BIN LIST Buy Bank Login, RDP, Buy Hacked Paypal accounts. Contact us to buy all tools and carding software. CLICK HERE TO VISIT OUR SHOP
Buy Socks 5, Email Leads, Buy Latest CC to Bitcoin Cashout Guide, Buy Hacked Zelle transfer , Western Union Money Transfer Hack, Buy Hacked Money Transfer service to your bank account.
Enroll for Paid private Carding Class.

 

Admin

The enigmatic hacking blogger who unravels the digital mysteries through his captivating blog. With relentless curiosity and a nimble touch on the keyboard, I explore the intricate web of cyberspace, exposing vulnerabilities and advocating for responsible digital citizenship. My poetic and insightful articles paint vivid pictures of the ethical dilemmas surrounding privacy, encryption, and the convergence of technology and humanity. Join me on an exhilarating journey through the labyrinth of hacking and cybersecurity as he empowers readers to become guardians of their online identities.

Leave a Reply