Breaking

Monday, 3 July 2017

How to Hack Facebook Account by cookie Hijacking using Kali Linux and WireShark







*this tutorial is only for education purpose . stealing someone wifi data and cookies is a offencive crime.


What is Cookie?
cookie (also called web cookie, Internet cookie, browser cookie, or simply cookie) is a small piece of data sent from a website and stored on the user's computer by the user's web browser while the user is browsing. Cookies were designed to be a reliable mechanism for websites to remember stateful information (such as items added in the shopping cart in an online store) or to record the user's browsing activity (including clicking particular buttons, logging in, or recording which pages were visited in the past). They can also be used to remember arbitrary pieces of information that the user previously entered into form fields such as names, addresses, passwords, and credit card numbers.
Perhaps most importantly, authentication cookies are the most common method used by web servers to know whether the user is logged in or not, and which account they are logged in with. Without such a mechanism, the site would not know whether to send a page containing sensitive information, or require the user to authenticate themselves by logging in. The security of an authentication cookie generally depends on the security of the issuing website and the user's web browser, and on whether the cookie data is encrypted. Security vulnerabilities may allow a cookie's data to be read by a hacker, used to gain access to user data, or used to gain access (with the user's credentials) to the website to which the cookie belongs .



Such that when you logged into facebook  account using your browser facebook sends cookie which saved in your computer.Which helps facebook to remember that you are logged in or not .

The cookie which Facebook uses to authenticate its users is called “Datr”, If an attacker can get hold of your authentication cookies, All he needs to do is to inject those cookies in his browser and he will gain access to your Facebook account. This is how a facebook authentication cookie looks like:
Cookie: datr=1276721606-b7f94f977295759399293c5b0767618dc02111ede159a827030fc;

How can you hijack cookies?
 Hijacking cookies can be done in various way depending upon the network .
 If an attacker is on a hub based network he would just sniff traffic with any packet sniffer and gain access to victims account.
If an attacker is on a Switch based network, he will use an ARP Poisoning request to capture authentication cookies, If an attacker is on a wireless network he just needs to use a simple tool called Firesheep to capture authentication cookie and gain access to victims account.
 and if attacker have directly physical access to computer than he directly export cookie from browser in form of text file and copy paste in his external device.

Hijack facebook cookies of client in your local network ( Wifi)
 so to hack in into a facebook account you firstly you have to hijack cookies than importing it into your browser


Hijacking facebook cookies.

Step 1: Fire up your Kali Linux and open a terminal.

 Step 2: type "arp-scan --interface=wlan0 --local"



this will scan all clients connected to your wifi .


my target ip address is 192.168.1.100 your may be different.
  note down this ip adress.

Step 3: type :  gedit /etc/ettercap/etter.conf

this open a etter.conf file like this:


 now scroll download and find linux section than ip tables and remove that hash tag #


and save the file .

Step 4:- Now download this file  
this contain a script ......and move this file named capture.sh  to your desktop ..and than change your directory to desktop by entering cd Desktop in terminal.

Step 5:-Run capture.sh 
 run this script by entering ./capture.sh 
 this will ask some question like your interface:
 i.e wlan0 only .
 your gateway i.e 192.168.1.1
your target ip .copied from step 2 .mine 192.168.1.100
  
Now you have to wait while your client logged in to his facebook account  .As he looged in packets capture in .pcap file root directry


Step 6: Open wireshark
  and open that  .pcap file
now go to filter and type http.cookie 



go to find packet and type DATR  than click find

now copy this

Congrats you finally succeed to get authentication cookies . Now time to inject this cookie into your your web browser .

Check out complete video tutorial  of the same and how to inject cookies into your browser.



 

No comments:

Post a Comment