Sunday, 20 November 2011

How to hack facebook accounts?
Facebook is one of the most widely used Social Networking website by many across the world . Most of them are now a days making the fake accounts both for abuse or maintaining secret relations. So, it’s no wonder that many people have started to devise methods to hack a Facebook account.

There are two methods available which are basic common methods and advanced methods (based on user's knowledge)
Basic method includes:
         Use of
=>> Keylogger
=>> Trojan
=>> Phishing

Advanced method include
=>> Metasploit
=>> Cookie Stealing

We'll discuss each one in brief ..

#Using a Keylogger
The hacker sends a client keylogger software that captures everything the user types in, including passwords. The captured keysrokes are sent by email, FTP or sare stored on the victim’s computer for later removal.
Counter : Use a firewall and don’t accept suspicious programs(specially when they are light) Using a virtual keybord also helps.

#Using a Trojan
This is same as the keyloggers if u want more control over the victom then u can use Trojans (Rats) these are remote administrator tools which give the complete control over the victim system. Relies fully on whether the user accepts the infected file or not. Trojans are quickly detected by antivirus software but packing the Trojan can get around that. Trojans or Rats can also be binded with legitimate software using exe binders.
Counter : Antivirus and Suspicion. Trojan also generate a lot of network activity when operating, so it is easy to spot them. Firewalls also work gr8.

PHISHING is the most commonly used method to hack into any web based systems like orkut ,gmail ,yahoo.
Phishing is proved the best and easy way to hack into any web based system u can even hack into Facebook it has high success rate . And also there is no need of any scripting knowledge like html just upload the page to any free hosting accounts and send the link to the victim. It works by creating a copy of a Login page (facebook login) ,changing some stuffs in it so as it emails the input username and password to the hacker and redirect to the REAL Facebook login page after so as the user does not get a hint of what is happening. Once the user has input his credentials, they are sent as plain text to the hacker.
Counter: The fake login page usually have to be hosted somewhere and must have a domain name. Naturally it cannot be the same as so check for the URL when you are login in.

I personally hate this tool. Won’t talk much about it.. damn automatic hacker
The attacker just needs the victims IP and some skill to pull the attack. So don’t just give out your Ip and don’t download stuffs from Instant Messengers as it is in this way that the attackers obtain the ip address. Beware also of emails containing strange link as clicking on a link can send your IP adrress to the hacker.

#Cookie Stealing
Involves using an exploit to steal session cookies which when injected into the hackers session (cookie injection), gives him access to your facebook account without needing to input your password. But that limits the damage he can do.
A > Downloads the HomePage.
B > Allows you to the Target’s Wall and
C > Retrieve your Target’s Friend’s List

The hacker needs your IP, skills and skills.
A software I heard that can give you control of a facebook account is FBcontroller. You have to feed it the live cookies of a victim and it does the rest.
You can get the target’s cookie by sniffing, XSS, amusing engineering, ARP Poison-Sniffing, Scroogle chase or about you like. 

for till then,
stay protected and stay connected

No comments:

Post a Comment