FB COOKIE STEALING AND SESSION HACKING


HACKED BY THE HACKER


THE COOKIE WHICH FACEBOOK USES TO AUTHENTICATE IT’S USERS IS CALLED “Datr”. IF AN ATTACKER CAN GET HOLD OF YOUR AUTHENTICATION COOKIES, THEN ALL HE NEEDS TO DO IS TO INJECT THOSE COOKIES IN HIS BROWSER AND THEN HE WILL GAIN ACCESS TO HIS VICTIMS ACCOUNT. THIS IS HOW A FACEBOOK AUTHENTICATION COOKIE LOOKS LIKE:

COOKIE: datr=1276721606b7f94f977295759399293c5b0767618dc02111ede159a827030fc;

HOW TO STEAL FACEBOOK SESSION COOKIES AND HIJACK AN ACCOUNT ?

AN ATTACKER CAN USE VARIETY OF METHODS IN ORDER TO STEAL YOUR FACEBOOK AUTHENTICATION COOKIES DEPENDING UPON THE NETWORK HE IS ON, IF AN ATTACKER IS ON A HUB BASED NETWORK HE WOULD JUST SNIFF TRAFFIC WITH ANY PACKET SNIFFER AND GAIN ACCESS TO VICTIMS ACCOUNT.

IF AN ATTACKER IS ON A SWITCH BASED NETWORK HE WOULD USE AN "ARP" POISONING REQUEST TO CAPTURE AUTHENTICATION COOKIES. IF AN ATTACKER IS ON A WIRELESS NETWORK HE JUST NEEDS TO USE A SIMPLE TOOL CALLED "FIRESHEEP" IN ORDER TO CAPTURE AUTHENTICATION COOKIE AND GAIN ACCESS TO VICTIMS ACCOUNT. IN THE EXAMPLE BELOW I WILL BE EXPLAINING HOW AN ATTACKER CAN CAPTURE YOUR AUTHENTICATION COOKIES AND HACK YOUR FACEBOOK ACCOUNT WITH WIRESHARK.

STEP 1: - FIRST OF ALL DOWNLOAD "WIRESHARK" FROM THE OFFICIAL WEBSITE AND INSTALL IT. 

STEP 2: - NEXT OPEN UP WIRESHARK CLICK ON ANALYZE AND THEN CLICK ON INTERFACES.

STEP 3: - NEXT CHOOSE THE APPROPRIATE INTERFACE AND CLICK ON START.

 

STEP 4: - CONTINUE SNIFFING FOR AROUND 10 MINUTES.

STEP 5: - AFTER 10MINUTES STOP THE PACKET SNIFFING BY GOING TO THE CAPTURE MENU AND CLICKING ON STOP.

STEP 6: - NEXT SET THE FILTER TO HTTP.COOKIE CONTAINS “datr” AT TOP LEFT, THIS FILTER WILL SEARCH FOR ALL THE HTTP COOKIES WITH THE NAME datr, AND datr AS WE KNOW IS THE NAME OF THE FACEBOOK AUTHENTICATION COOKIE.

 

STEP 7: -  NEXT RIGHT CLICK ON IT AND GO TO COPY – BYTES – PRINTABLE TEXT ONLY.

STEP 8: - NEXT YOU’LL WANT TO OPEN UP FIREFOX. YOU’LL NEED BOTH "GREASEMONKEY" AND THE "COOKIEINJECTOR SCRIPT". NOW OPEN UP FACEBOOK.COM AND MAKE SURE THAT YOU ARE NOT LOGGED IN.




STEP 9: - PRESS ALT C TO BRING UP THE COOKIE INJECTOR, SIMPLY PASTE IN THE COOKIE VALUE INTO IT.

 

STEP 10: - NOW REFRESH YOUR PAGE AND WHOOOSH. YOU ARE LOGGED IN TO THE VICTIMS FACEBOOK ACCOUNT.

****** NOTE *******

THIS ATTACK WILL ONLY WORK IF VICTIM IS ON A "HTTP:// CONNECTION" AND EVEN ON "HTTPS://" IF END TO END ENCRYPTION IS NOT ENABLED.

****** COUNTER-MEASURES ******


THE BEST WAY TO PROTECT YOURSELF AGAINST A SESSION HIJACKING ATTACK IS TO USE "HTTPS:// CONNECTION". EACH AND EVERY TIME YOU LOGIN TO YOUR FACEBOOK, GMAIL, HOTMAIL OR ANY OTHER EMAIL ACCOUNT. AS YOUR COOKIES WOULD BE ENCRYPTED SO EVEN IF AN ATTACKER MANAGES TO CAPTURE YOUR SESSION COOKIES HE WON’T BE ABLE TO DO ANY THING WITH YOUR COOKIES.

Comments

  1. Admin121 August 2013 at 07:10

    i am using mobile broadband so,which method i hava to use?

    ReplyDelete

Post a Comment

Popular posts from this blog

HOW TO HACK VBULLETIN FORUMS

Image
HELLO ALL , TODAY I AM GOING TO SHOW HOW TO HACK VBULLETIN USING A PRIVATE 0 DAY EXPLOITS STEP 1 :- FINDING THE VULNERABLE FORUMS USING GOOGLE DORKS.   GO TO  www.google.com   AND TYPE : INURL: infernoshout.php OR inurl:  infernoshout.php?do=options&area=commands STEP 2 :- FINDING THE SITE (CHECK THE PICS) I HAVE TAKEN www.grinderscape.org AS THE LIVE POC FOR THIS 0 DAY EXPLOIT STEP 3 :- KEEP SEEING THE PICS AND FIGURE IT OUT. STEP 4 :- INPUTTING THE CODE : GO TO THE COMMANDS AREA WHERE IT SAYS COMMAND INPUT AND COMMAND OUTPUT IN THE FIRST LINK. PASS THESE COMMANDS : COMMAND INPUT :-   ’ and (select 1 from (select count(*),concat((select(select concat(cast(concat(username,0x3a,password,0x3a,salt) as char),0x7e)) from user where userid=1 limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) AND ”=’# COMMAND OUTPUT :- TYPE ANYTHING THERE IT DOESNT REALLY MATTER . AND HIT SAVE SETTING. STEP 5 :- DATABASE ERROR : WHEN Y
READ MORE »

HACKING FACEBOOK ACCOUNTS LATEST TRICK

Image
2013 HACKING FACEBOOK ACCOUNTS LATEST TRICK PHISHING IS THE MOST WIDELY USED HACKING METHOD FOR HACKING FACEBOOK PASSWORDS. THE MOST WIDELY USED TECHNIQUE IN PHISHING IS THE USE OF FAKE LOG-IN PAGES, ALSO KNOWN AS SPOOFED PAGES. THESE FAKE LOG-IN PAGES RESEMBLE THE ORIGINAL LOG-IN PAGES OF SITES LIKE YAHOO, GMAIL, MYSPACE ETC. THE VICTIM IS FOOLED TO BELIEVE THE FAKE FACEBOOK PAGE TO BE THE REAL ONE AND ENTER HIS/HER PASSWORD. BUT ONCE THE USER ATTEMPTS TO LOG-IN THROUGH THESE PAGES, HIS/HER FACEBOOK LOG-IN DETAILS ARE STOLEN AWAY. HOWEVER PHISHING REQUIRES SPECIALIZED KNOWLEDGE AND HIGH LEVEL SKILLS TO IMPLEMENT. SO I RECOMMEND THE USE OF PHISHING TO HACK FACEBOOK ACCOUNT SINCE IT IS THE EASIEST ONE. HERE IS A TUTORIAL ABOUT PHISHING LET'S GET STARTED : FIRST YOU MUST SIGNUP FOR A FREE "WEBHOSTING" SERVICE SITE LIKE www.byethost.com or www.t35.com or www.000webhost.com   AND REGISTER YOUR SUBDOMAIN. AFTER SIGNING YOU WILL HAVE A SUBDOMAIN LIK
READ MORE »

HOW TO COPY PROTECTED AUDIO CDS

Image
FRIENDS, WHEN YOU BUY A NEW AUDIO OR VIDEO CD/DVD, SOME OF YOU MIGHT HAVE FACED THIS PROBLEM THAT WE CANNOT COPY CD/DVD DATA, WHEN WE SEE PROPERTIES IT SAYS 0 BYTES. BUT WE OPEN IT IN EXPLORER AND SEE THAT THERE ARE MANY FILES OF THE SAME SIZE. AMAZING FACT IS THAT THE TOTAL OF ALL FILES EXCEEDS MAX SIZE OF CD/DVD!! SO, TODAY WE ARE GOING TO LEARN HOW TO COPY ANY PROTECTED AUDIO CD.  THERE ARE MANY TYPES OF PROTECTION METHODS AVAILABLE. LIKE FOR AUDIO CD, FOR GAMES, FOR MOVIES, ALL USES DIFFERENT METHODS. METHOD USED FOR GAMES IS A BIT DIFFICULT TO CRACK (BUT NOT IMPOSSIBLE). HERE IN OUR CASE OF THIS TYPE OF PROTECTED AUDIO DISC. WE CAN BREAK IT THROUGH SOFTWARE (HOWEVER SOFTWARE DOES THIS JOB ITSELF) AND THEN COPY DATA INTO OUR HARD DRIVE.     SO, FIRST OF ALL INSERT YOUR PROTECTED AUDIO CD/DVD INTO DRIVE : : PROTECTED DISC SHOWING 0 BYTES FREE NOW OPEN MY COMPUTER AND NOTICE THE SIZE OF DISC. AMAZED! IT SAYS 0 BYTES FREE OUT OF 0 BYTES. THIS IS BECAUSE OF SOFT
READ MORE »