Hacker, Researcher and Author.

How I Hack Your Facebook By Stealing Your Cookies



We have already written several posts on hacking a facebook account and the article that sparked the most of the reader's interest was on "Hack A Facebook Account With ARP Poisoning". However, still as you can clearly see from the comments that there are lost of issues with the readers especially the beginners with replicating the process. So, I have recorded a video in which i will show you step by step how an attacker sitting on your local area network (Wifi) could steal your cookies and hack your facebook account. However, if you are sniffing on a LAN instead of WLAN, you would need to perform an ARP Spoofing attack.

Lan Sniffing - Core Concepts

  • If you are sniffing on a local area network (LAN), first of all you should make sure that your Network card is in the promiscuous mode. 
  • Next up you should know the difference between a hub and a switch based network, in case of a hub based network a normal packet sniffer would do the job, however in case of a switch based network we would need to launch an attack called "ARP Poisoning attack" or "Man in the Middle attack" in order to route the victims traffic through us.
Monitor a Facebook Account from any where in the world
I have recorded a video, in which, i will show you how an attacker can sniff/capture http cookies for facebook, the two cookies that are important to us are c_user and xs, because they are facebook's authentication cookies. 


15 comments:

  1. Bro did Facebook paid this as bounty?

    ReplyDelete
  2. does this work if people on the same network are using facebook from their mobile phones?

    ReplyDelete
  3. Does this work if people on the same network are using facebook on their mobile phones??
    can i steal cookies then?

    ReplyDelete
  4. Great Rafay Bro.... Proud to be a Pakistani Pro Ethical Hacker.....

    ReplyDelete
  5. Its not allowing me to enter in facebook because users dos't save that browser I have tried many friends account.

    ReplyDelete
  6. @anonymous

    No, because this is not a facebook bug.

    @Xiii

    It would be the same process buddy..


    @Adeel

    Thanks buddy..

    ReplyDelete
  7. @Huzoor Bux

    I have explained the process step by step, i don't think you should have a problem by now.

    ReplyDelete
  8. nice article bro. explained it very well.

    ReplyDelete
  9. Thats old but nice one bro.. keep it up..

    ReplyDelete
  10. How would this work with SSL?

    Because the account you snatched cookies from was not using SSL at that very time.

    ReplyDelete
  11. So, how would this work with SSL? :)

    ReplyDelete
  12. very useful article, for all users of facebook,

    ReplyDelete
  13. how to hack a credit card?

    ReplyDelete
  14. Excellent video... but rafay bhai being as beginner i want to know how to steal cookies of someone account.....

    ReplyDelete
  15. After clicked on Capture >> Interfaces >> The option "REALTEK PCIe GBE Family Controller " not appearing. Even I have the same version of software, What's that?

    ReplyDelete

© 2016 All Rights Reserved by RHA Info Sec. Top

Contact Form

Name

Email *

Message *

Powered by Blogger.