Showing posts with label FACEBOOK HACKED. Show all posts
Showing posts with label FACEBOOK HACKED. Show all posts

Hacking Facebook Account Using Session Hijacking Attack

What Is Session Hijacking Attack ?

Session hijacking, also known as TCP session hijacking, is a method of taking over a Web user session by surreptitiously obtaining the session ID and masquerading as the authorized user. Once the user's session ID has been accessed (through session prediction), the attacker can masquerade as that user and do anything the user is authorized to do on the network.

The session ID is normally stored within a cookie or URL. For most communications, authentication procedures are carried out at set up. Session hijacking takes advantage of that practice by intruding in real time, during a session. The intrusion may or may not be detectable, depending on the user's level of technical knowledge and the nature of the attack. If a Web site does not respond in the normal or expected way to user input or stops responding altogether for an unknown reason, session hijacking is a possible cause

Step By Step Explanation Of How To Carry Out This Attack ?

First of all, you would need to connect to an unsecured wireless connection that others are using. Then we start capturing packets transferred over this network. Note that your wireless adapter needs to support monitor mode to scan all packets transferred over a network. you can check your wi-fi card specifications to see if it supports monitor mode.

We would then need to use a network sniffing tool so sniff packets transferred over the network. In this case, I am using a tool called Wireshark (Download From Here). Within wireshark, there is a menu called "Capture"; Under the capture menu, select interfaces from that menu, and a list of your interfaces will come up.


Next you select Start Next to the interface that you have enabled monitor mode on. most times it is the interface that is capturing the most packets. In my case, Microsoft interface is capturing the most packets, so i will select to start capturing with the microsoft interface. You would leave wireshark to capture packets for a couple of seconds depending on the amount of persons currently using the network. Say 30 seconds if 10 people currently are using the network, or 30 minutes if there is barely network activity going on. While capturing, wireshark will look something like this.

After capturing a certain amount of packets, or running the capture for a certain amount of time, stop it by clicking on the stop current capture button.
After stopping the capture, you will need to look for the user's facebook session cookie which, hopefully was transferred in one of the packets captured. to find this cookie, use the wireshark search which can be found by pressing "ctrl + f" on your keyboard. In this search interface, select Find: By "String"; Search In: "Packet Details". and Filter by the string "Cookie"
When you press find, if there is a cookie, this search will find it, if no cookie was captured, you will have to start back at step 2. However, if youre lucky and some cookies we're captured, when you search for cookie, your interface will come up looking like this in the diagram below. You would notice the cookie next to the arrow contains lots of data, to get the data. the next thing you do is to right click on the cookie and click copy->description.
After copying the description, paste it in a text file, and separate each variable to a new line (note the end of every variable is depicted by a semicolon eg - c_user=100002316516702;). After some research and experimenting, i figured out that facebook authenticated the user session by 2 cookies called c_user and xs. Therefore you will only need the values of these cookies, and then need to inject them into your browser. Before injecting the cookies, here is what my facebook page looked like:
The next thing you would need to do is to inject this information as your own cookie. so firstly you would need to install a cookie manager extension for your browser, I'm using firefox Advance Cookie Manager. After installing this extension, you will find it under Tools->cookie manager. The interface for cookie manager looks like this:


The first thing we would need to do is to clear all cookies, so clear all the cookies you currently have. Then select the "Add Cookie" by clicking on " + sing " to add a new cookie. The first cookie you will add is the c_user cookie which will have the following information:: Domain - ".facebook.com", name-"c_user", value-"the value you copied earlier from the wireshark scanning" and the Path-"/"; leave the isSecure , isSession and Expires On values to default:

The next thing you do is to hit the " + Sing " button and the cookie is saved. Repeat the same steps to add the xs cookie with all of the same information, except the value, which would be the xs value you have.




After adding these 2 cookies, just go to facebook.com, refresh the page and... Boom!! you will see you are logged in as that user whose cookie information you stole. Here is my facebook page after i injected those cookies:


Note: This tutorial is only for Educational Purposes, I did not take any responsibility of any misuse, you will be solely responsible for any misuse that you do. Hacking email accounts is criminal activity and is punishable under cyber crime and you may get up to 3 years of imprisonment, if got caught in doing so.

How to Hack Your Broadband Connection?

MANY PEOPLE ASKED ME ABOUT THE  HACKING BROADBAND!!!
There are many PC tricks to hack the other broadband connection but at this time I am giving all my reader new one PC trick. This one broadband hack method is 100% working. So give a try for this PC trick. To perform this broadband hack follows the following steps of this PC trick.
STEP 1: For this PC trick first of all you have to download any port Scanner. (for example: i prefer Super Scan,  Advance Port Scanner).

STEP 2:  Now you have to get your ip address for this broadband hack as given: Go to Command prompt type "ipconfig /all" without quotes Then hit enter. You will see your ip as a clients ip. suppose your broadband default gateway and I.P. are 172.27.103.1 & 172.27.103.190, see in below picture
    

STEP 3: Write your IP in IP scanner Software and scan for alive IPs in the below range start: 172.27.103.1 to End:172.27.103.255. see in picture below
   

STEP 4: Then check in your scanner which alive IPs has the port 80 open or 23 for telnet.
 
STEP 5: If port 80 is open then Enter that IP in your web browser (in my case http://172.27.103.1 will be enter), if 23 port is open then u should know how to telnet it from command prompt.
 
   
    

STEP 6: Then this broadband hack asks for USER ID and PASSWORD type
                 username =admin
                 password =admin or password
There is a high chance but not 100% that you will be able to login with that username and password. admin-admin is the default username and password that is set while manufacturing the adsl modem devices. If denied then use on another alive IP.
    
      
   

STEP 7: If you get success in this PC trick then  it will show router settings of the IP user There go to Home -> Wan Setting and the username and password of his account will appear there.

STEP 8: Use Show Password tools to view the password in asterisks ********.
Now you have username and password ready for use. That’s all about this PC trick to hack your broadband connection.

  that's it... Enjoy!!!!

Recovering Passwords From Messengers

Recovering Passwords From Messengers

3/07/2011 Author Name: Wamiq Ali

We will use a small software to get passwords from messengers installed in a computer. These passwords are usually encrypted but this software will decrypt them and will show you in the form of normal text. You can also execute this in another computer to get the passwords. You can also make an autorun usb drive to acquire passwords from this software and also from browser. But for browser you have to use other application. I will post this trick later. Now just stick to this software. Its name is Messen Pass.

MessenPass is a password recovery tool that reveals the passwords of the following instant messenger applications:
MSN Messenger
Windows Messenger (In Windows XP)
Windows Live Messenger (In Windows XP/Vista/7)
Yahoo Messenger (Versions 5.x and 6.x)
Google Talk
ICQ Lite 4.x/5.x/2003
AOL Instant Messenger v4.6 or below, AIM 6.x, and AIM Pro.
Trillian
Trillian Astra
Miranda
GAIM/Pidgin
MySpace IM
PaltalkScene
Digsby

Note: MessenPass can only be used to recover the passwords for the current logged-on user on your local computer, and it only works if you chose the remember your password in one of the above programs.Also some antivirus might consider this as virus but not in most cases.

>>>Download Messen Pass
- See more at: http://www.hackersthirst.com/2011/03/recovering-passwords-from-messengers.html#sthash.aMK6YKS7.dpuf

The Hacker’s Choice releases SSL DOS Tool



______________ ___ _________ \__ ___/ | \ \_ ___ \ | | / ~ \/ \ \/ | | \ Y /\ \____ |____| \___|_ / \______ / \/ \/ http://www.thc.org THC-SSL-DOS is a tool to verify the performance of SSL. Establishing a secure SSL connection requires 15x more processing power on the server than on the client. THC-SSL-DOS exploits this asymmetric property by overloading the server and knocking it off the Internet. This problem affects all SSL implementations today. The vendors are aware of this problem since 2003 and the topic has been widely discussed. This attack further exploits the SSL secure Renegotiation feature to trigger thousands of renegotiations via single TCP connection. Download: Windows binary: thc-ssl-dos-1.4-win-bin.zip Unix Source : thc-ssl-dos-1.4.tar.gz Use "./configure; make all install" to build. Usage: ./thc-ssl-dos 127.3.133.7 443 Handshakes 0 [0.00 h/s], 0 Conn, 0 Err Secure Renegotiation support: yes Handshakes 0 [0.00 h/s], 97 Conn, 0 Err Handshakes 68 [67.39 h/s], 97 Conn, 0 Err Handshakes 148 [79.91 h/s], 97 Conn, 0 Err Handshakes 228 [80.32 h/s], 100 Conn, 0 Err Handshakes 308 [80.62 h/s], 100 Conn, 0 Err Handshakes 390 [81.10 h/s], 100 Conn, 0 Err Handshakes 470 [80.24 h/s], 100 Conn, 0 Err Comparing flood DDoS vs. SSL-Exhaustion attack: A traditional flood DDoS attack cannot be mounted from a single DSL connection. This is because the bandwidth of a server is far superior to the bandwidth of a DSL connection: A DSL connection is not an equal opponent to challenge the bandwidth of a server. This is turned upside down for THC-SSL-DOS: The processing capacity for SSL handshakes is far superior at the client side: A laptop on a DSL connection can challenge a server on a 30Gbit link. Traditional DDoS attacks based on flooding are sub optimal: Servers are prepared to handle large amount of traffic and clients are constantly sending requests to the server even when not under attack. The SSL-handshake is only done at the beginning of a secure session and only if security is required. Servers are _not_ prepared to handle large amount of SSL Handshakes. The worst attack scenario is an SSL-Exhaustion attack mounted from thousands of clients (SSL-DDoS). Tips & Tricks for whitehats 1. The average server can do 300 handshakes per second. This would require 10-25% of your laptops CPU. 2. Use multiple hosts (SSL-DOS) if an SSL Accelerator is used. 3. Be smart in target acquisition: The HTTPS Port (443) is not always the best choice. Other SSL enabled ports are more unlikely to use an SSL Accelerator (like the POP3S, SMTPS, ... or the secure database port). Counter measurements: No real solutions exists. The following steps can mitigate (but not solve) the problem: 1. Disable SSL-Renegotiation 2. Invest into SSL Accelerator Either of these countermeasures can be circumventing by modifying THC-SSL-DOS. A better solution is desireable. Somebody should fix this www.blogbari.com

Phishing Facebook Hack.


Welcome to the pleasehack in a series educating you on Social Engineering awareness and techniques. Today, I'm going to show you how a saavy Social Engineer would trick a friend into unknowingly surrendering their Facebook password. My intent is to warn and demonstrate how easy it is to succumb to phishing via Social Engineering, and therefore expose yourself.

What is Phishing?

Phishing is the act of tricking someone into signing onto a fake website, which mimics a real site, such as Facebook. The phishing page will log the credentials that the user enters in the password field, and usually goes unnoticed with the right circumstances and some Social Engineering.
The phishing page is created by visiting the website you want to mock, copying the source HTML code, and then altering it to use a custom PHP script to log the victim's credentials. A good phishing page will seamlessly use cookies to bypass redirect filters. So if a cookie for the site exists, the user will be logged in and more than likely won't realize what happened.

Warnings

  • Phishing is illegal.
  • Only phish your friends who give you consent to do so.

Step 1 Get a Web Host

You need a place to host your phishing page. I like T35—they are free, and offer cPanel hosting.
  1. Make a free account on T35.
  2. Go to your email that you used and click the link confirming the account.

Step 2 Create the Phishing Page

Now we need to create the site that will log the victim's credentials.
  1. Open up a text document using notepad, or your choice in text editors.
  2. Go to the Facebook login page.
  3. Right-click somewhere on the page, and click View page source.
  4. Copy all of the contents of the source code and paste them into your text document.
  5. Hit ctrl + f, and search for "action=" and change the method to "GET", and the text to the right of"action=" to "log.php".
  6. Click File > Save as and save it with the name "index.php" (make sure to click the drop-down menu to select "all files" if it's not selected already).
  7. Make a new text file, and paste this as the contents (paste the raw text, not the numbered). This is the file written in PHP that logs the victim's login details.
  8. Save the file as "log.php". Again, make sure "all files" is selected in the file type drop-down menu.
  9. Log in to your T35 account and click Upload. Upload both files to the root of your website (not in a folder).
  10. When credentials are logged, they will be in a file called "passwords.txt" in the root of your website. Check the box next to the "passwords.txt" file when you get some logs, and click chmod. Change the file to 466 permissions, so other people can't read the victim's passwords.

Step 3 Perform the Phish

In a status update on Facebook, post something like the following:
    "Check out this funny picture of me on my website xD <post link to phishing page here>."
It's really that simple. You should start to see people's login credentials getting stored in your "passwords.txt" file. Simply because it comes from a "trusted" Facebook friend, they will go with their instincts and click the link without thinking twice about it. The best part about that PHP code posted above, is the header sends you back to the Facebook homepage, bypassing the redirect filter warning that Facebook has implemented, which will make it nearly seamless to the user who fell for it.
Subscribe to: Posts (Atom)