Hacker, Researcher and Author.

How I Hack Your Facebook By Stealing Your Cookies

We have already written several posts on hacking a facebook account and the article that sparked the most of the reader's interest was on "Hack A Facebook Account With ARP Poisoning". However, still as you can clearly see from the comments that there are lost of issues with the readers especially the beginners with replicating the process. So, I have recorded a video in which i will show you step by step how an attacker sitting on your local area network (Wifi) could steal your cookies and hack your facebook account. However, if you are sniffing on a LAN instead of WLAN, you would need to perform an ARP Spoofing attack.

Lan Sniffing - Core Concepts

  • If you are sniffing on a local area network (LAN), first of all you should make sure that your Network card is in the promiscuous mode. 
  • Next up you should know the difference between a hub and a switch based network, in case of a hub based network a normal packet sniffer would do the job, however in case of a switch based network we would need to launch an attack called "ARP Poisoning attack" or "Man in the Middle attack" in order to route the victims traffic through us.
Monitor a Facebook Account from any where in the world
I have recorded a video, in which, i will show you how an attacker can sniff/capture http cookies for facebook, the two cookies that are important to us are c_user and xs, because they are facebook's authentication cookies. 


  1. Bro did Facebook paid this as bounty?

  2. does this work if people on the same network are using facebook from their mobile phones?

  3. Does this work if people on the same network are using facebook on their mobile phones??
    can i steal cookies then?

  4. Great Rafay Bro.... Proud to be a Pakistani Pro Ethical Hacker.....

  5. Its not allowing me to enter in facebook because users dos't save that browser I have tried many friends account.

  6. @anonymous

    No, because this is not a facebook bug.


    It would be the same process buddy..


    Thanks buddy..

  7. @Huzoor Bux

    I have explained the process step by step, i don't think you should have a problem by now.

  8. nice article bro. explained it very well.

  9. Thats old but nice one bro.. keep it up..

  10. How would this work with SSL?

    Because the account you snatched cookies from was not using SSL at that very time.

  11. So, how would this work with SSL? :)

  12. very useful article, for all users of facebook,

  13. how to hack a credit card?

  14. Excellent video... but rafay bhai being as beginner i want to know how to steal cookies of someone account.....

  15. After clicked on Capture >> Interfaces >> The option "REALTEK PCIe GBE Family Controller " not appearing. Even I have the same version of software, What's that?


© 2016 All Rights Reserved by RHA Info Sec. Top

Contact Form


Email *

Message *

Powered by Blogger.