HACKING FACEBOOK ACCOUNTS USING COOKIE STEALING AND SESSION HI-JACKING

24/07/2013 10:48

Warning: This is only for EDUCATIONAL purposes to make you aware of how your FACEBOOK account may get HACKED so that you may PREVENT it from getting hacked,,,,!!!

The person posting this or the this blog is not responsible for any type malicious activities performed by anyone who is reading this ,,,,!!!

Hey there,,,!!! Many of them have been reuesting me to post about FACEBOOK HACKING,,,!!! Well here it is for you,,,!!!

Authentication Cookies used by Facebook :

The cookie which facebook uses to authenticate it's users is called "Datr", If an attacker can get hold of your authentication cookies, All he needs to do is to inject those cookies in his browser and he will gain access to your account. This is how a facebook authentication cookie looks like:

datr=1276721606-b7f94f977295759399293c5b0767618dc02111ede159a827030fc;

An attacker may use variety of methods in order to steal your facebook authentication cookies depending upon the network he is on, If an attacker is on a hub based network he would just sniff traffic with any ***Packet Sniffer*** and gain access to victims account.

If an attacker is on a Switch based network he would use an ***ARP Poisoning*** request to capture authentication cookies, If an attacker is on a wireless network he uses a tool called ***FIRESHEEP*** in order to capture authentication cookie and gain access to victims account.

Here in the example below I will be explaining in simple STEPS how an attacker can capture your authentication cookies and hack into your Facebook account with ***Wireshark***.

Step 1 - First of all download wireshark from the official website and install it.

Step 2 - Next open up wireshark click on analyze and then click on interfaces.

Step 3 - Next choose the appropriate interface and click on start.

Step 4 - Continue sniffing for around 10 minutes.

Step 5 - After 10minutes stop the packet sniffing by going to the capture menu and clicking on Stop.

Step 6 - Next set the filter to http.cookie contains “datr” at top left, This filter will search for all the http cookies with the name datr, And datr as we know is the name of the facebook authentication cookie.

Step 7 - Next right click on it and goto Copy - Bytes - Printable Text only.

Step 8 - Next you’ll want to open up firefox. You’ll need both Greasemonkey and the cookieinjector script. Now open up Facebook.com and make sure that you are not logged in.

Step 9- Press Alt C to bring up the cookie injector, Simply paste in the cookie value into it.

Step 10 - Now refresh your page and
******************************You are logged in to the victims facebook account.***************

Now comes the important part,,,,,!!!

HOW TO PROTECT YOUR ACCOUNT ??

Well, the best way to protect yourself against a session hijacking attack is to use " https:// " connection each and every time you login to any of your accounts in Facebook, Gmail, Yahoo or any other email account. As your cookies would be encrypted so even if an attacker manages to capture your session cookies he won't be able to do any thing with your cookies. Also avoid using unwanted apps that you use in FACEBOOK. Keep changing your password freequently. Use tough passwords which are hard to guess with a combination of uppercase and lowercase characters with symbols in between to make the password very strong.

Hope you ENJOYED this post,,,!!! Please do like and share if you liked this post,,,!!! ENJOY.. !!!!

Hacking With Shivam..

HACK FACEBOOK PASSWORD USING PHISHING METHOD

HOW TO HACK FACEBOOK PASSWORD USING PHISHING METHOD

22/07/2013 10:58

Phishing is the most widely used hacking method for hacking Facebook passwords. The most widely used technique in phishing is the use of Fake Login Pages, also known as spoofed pages. These fake login pages resemble the original login pages of sites like Facebook,Yahoo , Gmail, MySpace etc.

Here is a tutorial about phishing.>>

Step 1)

First you must sign for a free webhosting service like www.byethost.com or www.t35.com or www.000webhost.com And register your subdomain.

after signing you will have a subdomain like www.yourname.byethost.com

Step 2)

Now login to your account go to "control panel" then in site management option go to "online file manager" and open the folder "htdocs".

Step 3)

Now Click Here to DOWNLOAD THIS FILE to your computer add extract the file. Inside the folder you will find three files index.php and hello.php and login_again.htm.

Step 4)

Now replace the index.php file in the "htdocs" of the "online file manager" with the file index.php of the phisher folder in your computer and also upload hello.php and login_again.htm files in "htdocs" thats it! you are done.

Step 5)

Now your homepage www.yourname.byethost.com has become a phisher. open it, you will see that your page www.yourname.byethost.com has become the login page of the site you want to hack.now all you have to do is send this link to the person whose account you want to hack.when he tries to login through it you will receive a file password.html in your "htdocs" folder of your phpnet.us account which contains the username and password of your victim.

Step 6)

Go to https://www.yourname.byethost.com/lol.htm for see the stored passwords !

Personal Note:- THIS POST IS ONLY ONLY FOR EDUCATIONAL PURPOSE>> NO ANY MISUSE FOR THIS TRICK ....

ENJOY WITH SHIVAM HACKING>>>>

Block Facebook On Your Computer In Few Simple Steps

22/07/2013 09:14

How To Use Facebook Blocker ?

1. First download Facebook Blocker by Clicking Here
2. Extract the file and right click on Facebook Blocker.exe and run it as administator (Important)
3. Press 1 in order to backup your host file to be on the safe side.

4. Now Press 2 to block facebook

5. Its time to check if facebook is blocked or not to do that Press 5

6. Hope this help you if you have any question leave a comment below

All articles

Paste blank Status on Facebook

22/07/2013 09:39

Today i will show you how to publish single line or multiple line blank status on facebook. You can also use this method in facebook comments. So lets get started.

For single line Blank Status

· Copy below codes into your status

@[0:0: ]

· Note:- the text is like @[0:0:space]

· Dont write space where i have writen space rather press spacebar.

For MultiLine Blank Status :

· Paste as shown below in your staus.

@[0:0: ]
@[0:0: ]
@[0:0: ]
@[0:0: ]
@[0:0: ]
@[0:0: ]

· Note there is space after 0:

Another method

· Paste below codes into facebook status

@[2:2: ]

· Done ! subscribe or likes below for such great posts.

Enable Facebook HTTP

SECURE Facebook account..

22/07/2013 09:46

Enable facebook HTTPS

This is old trick but still if you are not aware of this then this is for you. Facebook has added new feature to browse it securely but is not set by default. Facebook has changed without any notification.Take a look at your URL (top box on your screen.). If you see "http" or just "www" instead of "https" you DO NOT have a secure session & can be hacked.To secure your facebook account just follow the below Steps..........

1. Go to Account

2. Then Account Settings

3. Then click on Security

4. Check box (secure browsing)

5. Click on Save changes.

New Facebook Smiley Codes for Chat

Smileys Code.

22/07/2013 09:57

In my previous facebook post i had posted about Facebook Chat Trick and Facebook smiley addon. In this post i will share with you guys some new facebook smiley codes which you can paste in your chat box to get cool smiley faces like angel, gift, love, angry, laugh, wine etc. check the codes below.

Code For Facebook Smileys--

BY_ Shivam Srivastava

‎LOG OUT YOUR FACEBOOK ACCOUNT FROM OTHER COMPUTER

22/07/2013 11:19

Sometimes, we go to Cyber cafe , institute, or any other places just to open our facebook account but we forget to log out our facebook ID..and now you worry to misused your id by any othr person..SIMPLE...

No need to worry ,,,

I give you a way to log it out from any
other computer ..

FOLLOW MY STEPS..

1- log in your account (from anywhere)

2- go to Account Settings (located in the right side of Home)

3- Choose "Security" (You will see the below photo)

4- Go to Active Sessions (All of your Log-ins are listed their everywhere..)

5- Click End Activity and You will be Logged Out.

BLOCK FACEBOOK ON YOUR COMPUTER .__

HOW to BLOCK FACEBOOK

1. Go to Start > Programmes > Accesories

2. Then Right click on Notepad and Run it as administrator.

3. Now open host file by clicking on File > Open and locate to followiing adress..

C:\WINDOWS\system32\drivers\etc

4. Then just below # 127.0.0.1 localhost paste folowing code

# Blocking Facebook

127.0.0.1 login.facebook.com

127.0.0.1 www.facebook.com

127.0.0.1 apps.facebook.com

127.0.0.1 blog.facebook.com

5 . Now save the host file and done.

6. Open any browser and try to open facebook. It won't open. If facebook opens then you might have done somthing went wrong.

ENJOY.................

How To Turn Off Facebook Notification Sound

Facebook has started testing a new sound for whenever a user receives a notification, the social networking titan confirmed today to VentureBeat.You could also argue that these sounds would be handy for some folks. If you only occasionally receive likes or comments on your posts, then these pings Within the last couple of weeks we’ve noticed a certain “beep” emanating from one of the office computers here at AudioAcrobat HQ.
Knowing that there hadn’t been any manual updates to sound notifications on our end, we started an all out investigation into the source of this (slightly annoying) new sound, including both software applications and all open tabs in Google Chrome. Much to our surprise, the culprit ended up being an Today it seems Facebook made yet another change. When you are logged on to Facebook on your computer every time you get a notification it plays a sound.

It was driving me crazy so off I went on a mission to find out how to turn Facebook sound notification off. Guess what SUPER SIMPLE. Here is how to turn off Facebook sound notifications.

1 First, open your Facebook profile and click on setting.

2 Now click on Account Settings.

3 After that click on Notification option (left side).

4 Under the "How you Get Notifications" option, you can see "On Facebook" option click on that.

5 Now uncheck "Play a sound when each new notification is received".

Like the Post? Do share with your Friends.

9 Ways To Keep Hackers Off Your

If you are like millions out there, Facebook has become your no. 1 website on the Web. As you login to it every single day from many devices, be it from your mobile phone, computer, laptop and office workstation, there is a chance that you may leave your Facebook account on without logging out. If your account gets accessed by strangers, it’s going to open up a large can of worms, so you should seriously try to prevent unwanted access to your account.

There are many ways to prevent access to your account by the next person to use the device, the easiest of which is to log out. However if your smartphone or device gets stolen, it’s a whole different matter. In this article, we will go through some important options you can take to prevent others from accessing your personal Facebook account.

1. Create Strong Password

Chances are, you already have your password created for Facebook however it is advisable for you to make sure your Facebook password is one of a kind and different from your other online accounts e.g. email, blog, hosting etc.

To change your password, go to Account Settings > General > Password.

The best passwords would have the combination of small and capital letters, numbers and symbols.

2. Confirm Your Mobile Number

Confirming your mobile number is one of many ways to enhance your account security on Facebook. This way, even when you lose or forget your password, Facebook will be able to send you a new one via SMS.

To add your mobile number, go to Account Settings > Mobile and click on Add a Phone.

Select your country and set the mobile carrier before clicking Next.

Now you will be given an instruction to send an SMS to the given number. Follow the instructions to get a code via SMS, and then enter the code into the column. You also have the option to Share your number with friends on Facebook and Allow friends to text me from Facebook. Select your preferences and click Next.

Now your mobile phone is registered with Facebook, and when the need arises, this connection will be useful to reactivate your Facebook account.

3. Activate Secure Browsing, Now

Among other things, to make sure your browsing activity within Facebook is safe, you can turn on theSecure browsing option. By doing this, you automatically limit all external applications that are integrated with Facebook from doing any harm or taking your personal information without your knowledge or approval.

To start securing your account, click on the drop down menu from the top right corner of your Facebook account and go to Account Settings.

Select Security from the left menu.

At the Secure Browsing section, click on the Edit link at the right.

The option panel will appear, ‘check’ the box Browse Facebook on a secure connection then click on the Save Changes button.

4. Activate ‘Login Approvals’

Login approvals is an extended security feature offered by Facebook, and it will require you to enter a security code each time you try to access your Facebook account from unrecognized devices. To activate Login Approvals, go to Account Settings > Security, look for Login Approvals and click on theEdit button.

An option to activate Login Approvals will appear, tick the check box to activate.

A popup window will appear with descriptions of login approvals, click on the Set Up Now button to continue.

If you already register your mobile number, Facebook will automatically send you a code via SMS. Enter this code in the given box and click Submit Code.

Now you have completed with Login Approvals request, click Next to continue.

Next, Facebook will offer you to setup a Code Generator from your mobile phone; this is useful in case you are unable to receive SMS. Click Continue.

Code Generator For Android Phones

Since I am using an Android phone, I’ll use the Android activation as an example.

Download the Facebook Mobile App from Google Play if you don’t already have it. After downloading it to your mobile, click Next.

Once downloaded, Facebook will provide instructions to install the Code Generator. To install, launch your Facebook App, tap on menu > Account > Code Generator > Add App. Then click on Finish Setupbelow.

Now that your Code Generator is active, Facebook will guide you with the correct steps to use the code generator. Next time when you want to generate a new code, simply launch your app, tap on Account > Code Generator and the code will appear. For now, click Close as you have completed the steps to activate your Login Approvals.

5. Disconnect Previous Active Sessions

The good thing about Facebook is that it lets you know about your previous active sessions, where you login from, and what devices you used to access your Facebook account. Now to make sure your account is safe, from the Account Settings > Security page, look for ‘Active Sessions‘ and click onEdit.

Now all previous sessions will be listed, together with the current active session at the top of the list. Click on the link ‘End Activity‘ to kill the activities from other devices.

6. Activate Private Browsing

Another way to prevent another person from accessing your account is by activating the ‘Private Browsing’ option from your browsers. All browsers have this private browsing option, and by activating this option, your activity will not be logged into the browsing history.

Safari

If you are using the Safari Browser on Mac, activate Private Browsing from the menu with Safari > Private Browing.

Firefox

For Firefox, go to Tools > Start Private Browsing.

Chrome

If you are using Chrome, there’s an option to browse using the Incognito window, it’s a version of Chrome window where all browsing activity will not be logged in. To open this window, go to File > New Incognito Window.

7. Don’t ‘Keep Me Logged In’

The moment you want to login to your Facebook account, at the Log In page, there’s a small checkbox that says Keep me logged in. Make sure this box is unchecked. Then, log in as usual. With this on, you will be asked for your email and password every time you launch Facebook.

8. Avoid Spam Links

Facebook is serious about spam and is always enhancing its features to make sure you are safe from being a victim to scams. The types of attacks include money scams through direct or indirect requests via Facebook messages, chat etc, phishing links that will redirect you to fake websites, malicious links that could retrieve your personal information or even harm your computer. There are also chances you may receive emails from ‘Facebook’ but it is actually from a phishing website, this modus operandi is part of a scam.

There are many ways you can avoid being a victim:

Never click on suspicious links whenever or wherever you find it, even if it came from your friends. If you receive a link, always take the extra step of asking your friend what the link is to confirm that they had sent it. Usually these links are ‘sent’ without the sender’s knowledge. This includes all links that appear in your Facebook Chat, Messages, friend’s status post or even from your email.
Never give out your username or password to anyone, including websites with suspicious links and layouts. Giving your passwords freely could jeopardize the security of your personal information on Facebook.
Log in only at www.facebook.com and not from any other link or website, unless you are accessing via Facebook App.
Update your browser to its latest version to ensure your browser’s security is up to date so it would detect and alert you with a warning when you are navigating to a suspected phishing site.

9. Sign Out After Use

Lastly which is the most important of all (and definitely worth repeating), never forget to log out from your Facebook account.