Get Facebook Credential Without Hacking Facebook
Welcome back my followers, who want to learn hacking 🙂 !!
Hacking facebook is concern for lots of people. One thing I must say is facebook is far from unhackable. It is difficult but not impossible. Posting every thing here is for the educational and develop skill purpose.
In this tutorial you can get the idea of getting control into somebody’s account without hacking facebook. For this tutorial you need bit of luck, skills and social engineering concepts. If you do not have knowledge about the kali, networking and linux, this will not work for you.
- Install Kali Linux
- Within Kali, there is an app called the Browser Exploitation Framework (BeEF). It is capable of helping you hack the victim’s browser and take control of it.
- open BeEF
- Terminal window pop up
- BeEF runs in the background on a web server on your system which you access from your browser. Then open iceweasel browser to access interface.
- login with username: beef and password: beef
- get into the start screen.
The simplest way is to simply embed the code into your website and entice the user to click on it. This might be done by such text as ‘Click here for more information” or ‘Click here to see the video’, Use your imagination.
The script looks something like below. Embed it into a webpage, and when someone clicks on it, you own their browser!
From here, I will be assuming you have “hooked” the victim’s browser and are ready to own it.
- Now send dialogue box to the user
When you have hooked the victim’s browser, its IP address, along with the operating system and browser type icons, will appear in the “Hooked Browsers” panel on the left. Here, I have simply used my own browser to demonstrate.
If we click on the hooked browser, it opens a BeEF interface on the right side. Notice that it gives us the details of the browser initially. It also provides us with a number of tabs. For our purposes here, we are interested in the ‘Commands” tab.
Click on the “Commands” tab, then scroll down the “Modules Tree” until you come to “Social Engineering” and click to expand it. It will display numerous social engineering modules. Click on “Pretty Theft,” which will open a “Module Results History” and “Pretty Theft” window.
This module enables you to send a pop-up window in the user’s browser. In our case, we will be using the Facebook dialog box.
If we click on the “Dialog Type” box, we can see that this module can not only create a Facebook dialog box, but also a LinkedIn, Windows, YouTube, Yammer, and a generic dialog box. Select the Facebook dialog type,then click on the “Execute” button the the bottom.
Dialogue box appear in the target system.
When you click “Execute” in BeEF, a dialog box will appear in the victim’s browser like that below. It tells the victim that their Facebook session has expired and they need to re-enter their credentials.
Although you may be suspicious of such a pop-up box, most users will trust that their Facebook session expired and will simply enter their email and password in.
- Harvest the credentials
Back on our system in the BeEf interface, we can see that the credentials appear in the “Command results” window. The victim has entered their email address “[email protected]” and their password “sweetbippy” and they have been captured and presented to you in BeEF.
If you are really determined to get those Facebook credentials, it can be most definitely be done, and this is just one way of many methods (but probably the simplest).