© Copy rights 2012. This is a copy right material. Do not copy any thing from this blog. View Google Copy rights policy to learn more about copy rights and penalties for copy rights violation.©
Description:
In this article i am describing a way of hacking a Facebook account with wireshark (stealing your victim's cookies) also known as session hijacking
The cookie which facebook uses to authenticate it's users is called "Datr", If an attacker can get hold of your authentication cookies, All he needs to do is to inject those cookies in his browser and he will gain access to your account. This is how a facebook authentication cookie looks like:
How To Steal Facebook Session Cookies And Hijack An Account?
An attacker can use variety of methods in order to steal your facebook authentication cookies depending upon the network he is on, If an attacker is on a hub based network he would just sniff traffic with any packet sniffer and gain access to victims account.
If an attacker is on a Switch based network he would use an ARP Poisoning request to capture authentication cookies, If an attacker is on a wireless network he just needs to use a simple tool called firesheep in order to capture authentication cookie and gain access to victims account.
In the example below I will be explaining how an attacker can capture your authentication cookies and hack your facebook account with wireshark.
Step 1 - First of all download wireshark from [here] and install it.
Step 2 - Go to Facebook or any other social media websites, Chat with your victim for 5 to 10 minutes. File sharing is better like shown in the image below:
Step 3 - Next open up wireshark click on capture and then click on interfaces.
Step 4 - Next choose the appropriate interface and click on start.
Description:
In this article i am describing a way of hacking a Facebook account with wireshark (stealing your victim's cookies) also known as session hijacking
The cookie which facebook uses to authenticate it's users is called "Datr", If an attacker can get hold of your authentication cookies, All he needs to do is to inject those cookies in his browser and he will gain access to your account. This is how a facebook authentication cookie looks like:
Cookie: datr=1276721606-b7f94f977295759399293c5b0767618dc02111ede159a827030fc;
How To Steal Facebook Session Cookies And Hijack An Account?
An attacker can use variety of methods in order to steal your facebook authentication cookies depending upon the network he is on, If an attacker is on a hub based network he would just sniff traffic with any packet sniffer and gain access to victims account.
If an attacker is on a Switch based network he would use an ARP Poisoning request to capture authentication cookies, If an attacker is on a wireless network he just needs to use a simple tool called firesheep in order to capture authentication cookie and gain access to victims account.
In the example below I will be explaining how an attacker can capture your authentication cookies and hack your facebook account with wireshark.
Step 1 - First of all download wireshark from [here] and install it.
Step 2 - Go to Facebook or any other social media websites, Chat with your victim for 5 to 10 minutes. File sharing is better like shown in the image below:
Step 3 - Next open up wireshark click on capture and then click on interfaces.
Step 4 - Next choose the appropriate interface and click on start.
Step 5 - Continue sniffing for around 10 minutes.
Step 6 - After 10minutes stop the packet sniffing by going to the capture menu and clicking on Stop.
Step 7 - Next set the filter to http.cookie contains datr at top left, This filter will search for all the http cookies with the name datr, And datr as we know is the name of the facebook authentication cookies
Step 8 - Next you’ll want to open up firefox. You’ll need both Greasemonkey and thecookieinjector script. Now open up Facebook.com and make sure that you are not logged in.
Step 9- Press Alt C to bring up the cookie injector, Simply paste in the cookie value into it.
Step 10 - Now refresh your page and voilla!! you are logged in to the victims facebook account. In the picture below, I hacked into the girl;s account i was chatting with. You can send any file like .jpg image etc during file sharing
© Copy rights 2012. This is a copy right material. Do not copy any thing from this blog. View Google Copy rights policy to learn more about copy rights and penalties for copy rights violation.©
The warwolf is a Web developer and Technology enthusiast who focuses on helping web users find free and simple solutions to their everyday problems.
I WILL TRY...
ReplyDeleteYOURS FAITHFULLY
IRFAN
done! but i doesn't work lo0olx :P
ReplyDeleteIt does.. @anonymous REfresh th page..
ReplyDeleteyar thora msg main explain kar do
ReplyDeletehello it showing"allcookies have been written message"...if u got please inform me
ReplyDeletemy id prasanthkosuru@ymail.com