In this tutorial I will demonstrate how to hack Facebook using MITM (Man in the Middle).
This attack usually happen inside a Local Area Network (LAN) in office, internet cafe, apartments, flats, Coffee shops etc.
Below is the topology or infrastructure how MITM works, and how it can be used to hack a Facebook account.
Below is the topology or infrastructure how MITM works, and how it can be used to hack a Facebook account.
Basic Requirements
- XAMPP – APACHE+PHP+MySQL (We use XAMPP for our fake facebook web server)
- Cain & Abel (We use it for Man in the Middle Attack)
- Facebook Phishing Page
- Windows OS: Windows XP-Windows 7
STEPS
Okay, let’s start the step-by-step how to do this:
Attacker IP Address : 192.168.1.4
Victim IP Address : 192.168.1.3
Fake Web Server : 192.168.1.4
Victim IP Address : 192.168.1.3
Fake Web Server : 192.168.1.4
I assume you’re in a Local Area Network (Wireless) no
- Install the XAMPP and run the APACHE and MySQL service
- Extract the fb.rar and copy the contents inside fb folder to C:\xampp\htdocs
- Check the fake web server by opening it in a web browser and type http://localhost/
- Install Cain & Abel and do the APR(ARP Poisoning Routing), just see the step by step how to below
- Open Cain n Abel. Click the start/stop sniffer button
- Choose your interface for sniffing and click OK. When it’s finish, click again the Start/Stop Sniffer to activate the sniffing interface.
- Go to the Sniffer tab and then click the + (plus sign).
- Select “All hosts in my subnet” and Click OK.
- After we got all of the information, click at the bottom of application the APR tab.
- Click the + button, and follow the instruction below.
- When you finish, now the next step is preparing to redirect the www.facebook.com page to the fake web server.
- Click “APR DNS” and click + to add the new redirecting rule.
- Add the redirection rule as shown below:
- Then the next step is to activate the APR by clicking the Start/Stop APR button.
- Open Cain n Abel. Click the start/stop sniffer button
- Setting the “hosts” file
- Run “Notepad” in Administrator Mode
- Click File-> Open… to bring up the Open File Dialog box
- Navigate to “C:\Windows\System32\drivers\etc”
- Choose “All Files” from file type dropdown
- Open “hosts” file having it’s Type as “File”
- Type “127.0.0.1 www.facebook.com” on the last line Save file and Exit Notepad
- Run “Notepad” in Administrator Mode
- Now Hacking Facebook using MITM has been activated. This is how it looks like when victim opens http://www.facebook.com
- But if you ping the domain name, you can reveal that it’s fake, because the address is IP of the attacker.
No comments:
Post a Comment