Wednesday, February 19, 2020

Hacking Facebook Using Man in the Middle Attack

0
Level: Medium, Advanced
Facebook hacking
Facebook hacking


In this tutorial Hacking Facebook Using Man in the Middle Attack I will demonstrate how to hacking Facebook using MITM(Man in the Middle). This attack usually happen inside a Local Area Network(LAN) in office, internet cafe, apartment, etc.
Below is the topology or infrastructure how MITM work, and how it can be happen to do hacking a Facebook account.


Hacking Facebook Using Man in the Middle Attack


In the picture above, the attacker act as the third person attacker will manipulate the switch routing table so the victim will think that attacker is a Web server and vice versa, because the attacker has changed the routing table.


For this tutorial we need to prepare the tools to do Proof of Concept about this tutorial. Below you can download it.


1. XAMPP – APACHE+PHP+MySQL(We use XAMPP for our fake facebook web server)

2. Cain & Abel (We use it for Man in the Middle Attack)


3. Facebook Offline Page (I have nulled the code, so this script will not contacting Facebook when victim accessed fake Facebook page — only use this for learning)

Download Facebook Offline Page (mediafire.com):


Download
Update : replace your index.php and login.php using following files Download Here.

Step by step Hacking Facebook Using Man in the Middle Attack:

 

Attacker IP Address : 192.168.160.148
Victim IP Address : 192.168.160.82
Fake Web Server : 192.168.160.148

I assume you’re in a Local Area Network now.
1. Install the XAMPP and run the APACHE and MySQL service


Hacking Facebook Using Man in the Middle Attack


2. Extract the fb.rar and copy the content to C:\xampp\htdocs
Hacking Facebook Using Man in the Middle Attack


3. Check the fake web server by open it in a web browser and type http://localhost/
Hacking Facebook Using Man in the Middle Attack


4. Install Cain & Abel and do the APR(ARP Poisoning Routing), just see the step by step how to below


Hacking Facebook Using Man in the Middle Attack

Click the start/stop sniffer


Hacking Facebook Using Man in the Middle Attack


Choose your interface for sniffing and click OK. When it’s finish, click again the Start/Stop Sniffer to activate the sniffing interface.

Go to the Sniffer tab and then click the + (plus sign)


Hacking Facebook Using Man in the Middle Attack


Select "All hosts in my subnet" and Click OK.


Hacking Facebook Using Man in the Middle Attack


You will see the other people in your network, but my target is 192.168.160.82 (MySelf…LoL :p)


Hacking Facebook Using Man in the Middle Attack

 
After we got all of the information, click at the bottom of application the APR tab.


Hacking Facebook Using Man in the Middle Attack


Click the + button, and follow the instruction below.


Hacking Facebook Using Man in the Middle Attack


When you finish, now the next step is preparing to redirect the facebook.com page to the fake web server.


Click "APR DNS" and click + to add the new redirecting rule.


Hacking Facebook Using Man in the Middle Attack
Hacking Facebook Using Man in the Middle Attack


When everything is finish, just click OK. Then the next step is to activate the APR by clicking the Start/Stop APR button.


Hacking Facebook Using Man in the Middle Attack

5. Now Hacking Facebook using MITM has been activated. This is how it looks like when victim opened http://www.facebook.com


Hacking Facebook Using Man in the Middle Attack


6. But if you ping the domain name, you can reveal that it’s fake, because the address is IP of the attacker


Hacking Facebook Using Man in the Middle Attack


Hope you found it useful 🙂
Author Image

About Adam stiffman
Soratemplates is a blogger resources site is a provider of high quality blogger template with premium looking layout and robust design

No comments:

Post a Comment