1) Other forms of Hacking
Facebook accounts, other than the typical suggestions of
RATs, Key-loggers, Phishers, and so on...
2) Hacking Facebook accounts wirelessly
3) Footprinting your slave
4) How you have to think
5) Spoofing e-mails to the slave (Use direct URL)
6) Slightly re-touch RATs, keyloggers, Phishers because I have already explained in dept on my other tutorial.
Let's jump into it.
1) Other forms of hacking Facebook accounts, other than the typical suggestions of RATs, Keyloggers, Phishers, and so on...
1. Infected Facebook Applications aka "Drive bys"
(Click here to view)
Credits: Endax
http://bit.ly/eAShn5
2. Flooding their walls.
[TuT] Click here to view
Credits: T0X1CV1RU5™
http://bit.ly/eNF3ll
A shout to those two guys for coming up with those tutorials since they appeared to be extremely useful for stealing a Facebook accounts.
1. How can this particular application be useful?
To put it simple, what this application does is it allows you to set up something known as a "drive by" within the Facebook applications where someone enters the application and asks them to accept the application to start.
Once they select Run on the pop up, they can be infected with either a RAT, keylogger, stealer, etc...
You should go on the thread of Endax's for more details on how to set it up.
This particular approach is useful simply because everything looks very innocent and the target is likely to fall for it with a higher risk than the other typical forms of attacks.
2. Flooding their walls.
Now you might imagine that once you have an application that has the potential of infecting your slave, how are you going to convince your target to try out your application?
It's simple, simply name the application based on what your target likes. The customization is mentioned more on Endax's thread, so again look into it for more details.
You can spam the hell out of the walls using T0X1CV1RU5™'s method or you can simply send an innocent message.
Flooding their walls is also useful if you want to visit a particular website that has the potential of infecting as well.
If you need drive-bys, you can see use these.
(Click here to view)
(Click here to view)
2) Hacking Facebook accounts wirelessly
1. Surprisingly, I have not seen a single person here on HackForums suggesting this method and yet it's so simple.
Hacking Facebook accounts through a wireless connection is simple, but unfortunately by "wirelessly" I am referring only if you are under the same wifi or under the same network.
It will save lots of time explaining, if I use a video that has been made. So, here it is a good video explaining everything.
Just a side note is to make sure that you get Firefox: 3.6.12
Be sure to click on the descriptions on that video to see where you can download the tools.
2. Stealing Cookies
If you watched the video that I posted above, you undestand how Facebook works by storing cookies on your computer.
You can also steal cookies through a different form, such as this explained on this tutorial.
[TUT] How to steal cookies (Easy)! [/TUT]
The "cookie" is basically the piece of file that maintains the records that you have done on your account. If you get access to these cookies, you can log in as whoever you want.
3) Footprinting your slave
What is Footprinting?
Basically it's collecting information about your target's computer and themselves.
Personally, I like to open a text editor and save any information I can find about them so I do not forget about it if I need use of it in the future.
http://en.wikipedia.org/wiki/Footprinting
To put it in the most simplistic language, it's stalking your slave for information that you can use in order to gain access.
Information such as Age, Date of Birth, Place of Birth, Parents names, Sibling names, family names, pet names, e-mail are the most common information that you can possible acquire.
Websites such as:
http://com.lullar.com/
http://www.pipl.com/email/
http://www.spokeo.com
http://www.emailfinder.com
http://www.411.com/
http://www.ask.com/
http://www.bebo.com/
http://www.facebook.com/
http://www.flickr.com/
http://www.ip-adress.com/ipaddresstolocation/
http://www.myspace.com/
http://www.myyearbook.com/
http://www.searchenginez.com/findpeople.html
http://www.skipease.com/
http://www.sonico.com/
http://www.spock.com/
http://www.twitter.com/
http://www.usatrace.com/
http://www.whitepages.com
http://www.whois.com/
http://www.whois.net/
http://www.wink.com/
http://www.youtube.com
http://www.zabasearch.com/
http://www.zoominfo.com
Make it extremely easy to search names, e-mails, etc to dig information about whoever you want. There are more websites in which I personally use to dig information about people, but I will not mention them since I do not want the news station going crazy on a new rage of identity exposers.
Again, I have written tutorials on this subject on how to protect your identity online.
The tutorial itself can be used to test the information of others as well without their acknowledgement.
The tutorials are here:
How to protect your identity online [Part 1/2] [Extremely DETAILED]
How to protect your identity online [Part 2/2][Extremely DETAILED]
All the information that you are able to collect, save it on a text editor such as notepad and save the information.
Do you have the IP of the target?
You can dig more information with the IP adddress. Information that can be very useful, incase if you want to blackmail.
You can read on the subject more in details on this tutorial of mine.
How to track Hackers and attacks Part 1/2 [Super detailed]
How to track Hackers and attacks Part 2/2 [Super detailed]
I covered all the things that you can do with an IP to collect more information regarding your target.
4) How you have to think
This is the classic part of every hacking process.
Any time you want to hack anything, you need the following things:
1) You need a plan
2) You need a strategy
3) You need executions
4) You need results
5) You need to clean up all the evidence
You need to know how to do Social Engineering like a hacker would. Social engineering itself takes lots of clear thinking and noticing every single detail to the point of perfection.
I posted an E-book on the subject if you want to learn like a professional.
The Art Of Human Hacking
You can't simply lie to someone's face online or offline because people aren't exactly stupid.
You have to think exactly what you want to say and how to say it.
You need to know what your target likes, what your target is likely to fall gullible for, what your target dislikes, what your target wants, what your target hates or love, etc...
The other most common form is creating a bogus fake profile and adding them through Facebook by posing as an attractive female or male, depending on what gender they are and their sexuality.
5) Spoofing e-mails to the slave (Use direct URL or Phisher)
Tut on spoofing
This is another form of attack that you can take to fool your target into believing that you are Facebook staff.
Using spoofed e-mails, you can send an e-mail as whoever you want.
E-mail spoofer
Get your self a webhosting and upload the file to use it.
http://www.000webhost.com/
You can use that particular Spoofer that I use. It's someone's scripting, but I edit it slightly so it doesn't go into spam.
You can send them an e-mail such as this:
Again, the spoofed e-mail is using Social Engineering to fool the target. You can customize your fake e-mail message however you want.
2) Hacking Facebook accounts wirelessly
3) Footprinting your slave
4) How you have to think
5) Spoofing e-mails to the slave (Use direct URL)
6) Slightly re-touch RATs, keyloggers, Phishers because I have already explained in dept on my other tutorial.
Let's jump into it.
1) Other forms of hacking Facebook accounts, other than the typical suggestions of RATs, Keyloggers, Phishers, and so on...
1. Infected Facebook Applications aka "Drive bys"
(Click here to view)
Credits: Endax
http://bit.ly/eAShn5
2. Flooding their walls.
[TuT] Click here to view
Credits: T0X1CV1RU5™
http://bit.ly/eNF3ll
A shout to those two guys for coming up with those tutorials since they appeared to be extremely useful for stealing a Facebook accounts.
1. How can this particular application be useful?
To put it simple, what this application does is it allows you to set up something known as a "drive by" within the Facebook applications where someone enters the application and asks them to accept the application to start.
Once they select Run on the pop up, they can be infected with either a RAT, keylogger, stealer, etc...
You should go on the thread of Endax's for more details on how to set it up.
This particular approach is useful simply because everything looks very innocent and the target is likely to fall for it with a higher risk than the other typical forms of attacks.
2. Flooding their walls.
Now you might imagine that once you have an application that has the potential of infecting your slave, how are you going to convince your target to try out your application?
It's simple, simply name the application based on what your target likes. The customization is mentioned more on Endax's thread, so again look into it for more details.
You can spam the hell out of the walls using T0X1CV1RU5™'s method or you can simply send an innocent message.
Flooding their walls is also useful if you want to visit a particular website that has the potential of infecting as well.
If you need drive-bys, you can see use these.
(Click here to view)
(Click here to view)
2) Hacking Facebook accounts wirelessly
1. Surprisingly, I have not seen a single person here on HackForums suggesting this method and yet it's so simple.
Hacking Facebook accounts through a wireless connection is simple, but unfortunately by "wirelessly" I am referring only if you are under the same wifi or under the same network.
It will save lots of time explaining, if I use a video that has been made. So, here it is a good video explaining everything.
Just a side note is to make sure that you get Firefox: 3.6.12
Be sure to click on the descriptions on that video to see where you can download the tools.
2. Stealing Cookies
If you watched the video that I posted above, you undestand how Facebook works by storing cookies on your computer.
You can also steal cookies through a different form, such as this explained on this tutorial.
[TUT] How to steal cookies (Easy)! [/TUT]
The "cookie" is basically the piece of file that maintains the records that you have done on your account. If you get access to these cookies, you can log in as whoever you want.
3) Footprinting your slave
What is Footprinting?
Basically it's collecting information about your target's computer and themselves.
Personally, I like to open a text editor and save any information I can find about them so I do not forget about it if I need use of it in the future.
http://en.wikipedia.org/wiki/Footprinting
To put it in the most simplistic language, it's stalking your slave for information that you can use in order to gain access.
Information such as Age, Date of Birth, Place of Birth, Parents names, Sibling names, family names, pet names, e-mail are the most common information that you can possible acquire.
Websites such as:
http://com.lullar.com/
http://www.pipl.com/email/
http://www.spokeo.com
http://www.emailfinder.com
http://www.411.com/
http://www.ask.com/
http://www.bebo.com/
http://www.facebook.com/
http://www.flickr.com/
http://www.ip-adress.com/ipaddresstolocation/
http://www.myspace.com/
http://www.myyearbook.com/
http://www.searchenginez.com/findpeople.html
http://www.skipease.com/
http://www.sonico.com/
http://www.spock.com/
http://www.twitter.com/
http://www.usatrace.com/
http://www.whitepages.com
http://www.whois.com/
http://www.whois.net/
http://www.wink.com/
http://www.youtube.com
http://www.zabasearch.com/
http://www.zoominfo.com
Make it extremely easy to search names, e-mails, etc to dig information about whoever you want. There are more websites in which I personally use to dig information about people, but I will not mention them since I do not want the news station going crazy on a new rage of identity exposers.
Again, I have written tutorials on this subject on how to protect your identity online.
The tutorial itself can be used to test the information of others as well without their acknowledgement.
The tutorials are here:
How to protect your identity online [Part 1/2] [Extremely DETAILED]
How to protect your identity online [Part 2/2][Extremely DETAILED]
All the information that you are able to collect, save it on a text editor such as notepad and save the information.
Do you have the IP of the target?
You can dig more information with the IP adddress. Information that can be very useful, incase if you want to blackmail.
You can read on the subject more in details on this tutorial of mine.
How to track Hackers and attacks Part 1/2 [Super detailed]
How to track Hackers and attacks Part 2/2 [Super detailed]
I covered all the things that you can do with an IP to collect more information regarding your target.
4) How you have to think
This is the classic part of every hacking process.
Any time you want to hack anything, you need the following things:
1) You need a plan
2) You need a strategy
3) You need executions
4) You need results
5) You need to clean up all the evidence
You need to know how to do Social Engineering like a hacker would. Social engineering itself takes lots of clear thinking and noticing every single detail to the point of perfection.
I posted an E-book on the subject if you want to learn like a professional.
The Art Of Human Hacking
You can't simply lie to someone's face online or offline because people aren't exactly stupid.
You have to think exactly what you want to say and how to say it.
You need to know what your target likes, what your target is likely to fall gullible for, what your target dislikes, what your target wants, what your target hates or love, etc...
The other most common form is creating a bogus fake profile and adding them through Facebook by posing as an attractive female or male, depending on what gender they are and their sexuality.
5) Spoofing e-mails to the slave (Use direct URL or Phisher)
Tut on spoofing
This is another form of attack that you can take to fool your target into believing that you are Facebook staff.
Using spoofed e-mails, you can send an e-mail as whoever you want.
E-mail spoofer
Get your self a webhosting and upload the file to use it.
http://www.000webhost.com/
You can use that particular Spoofer that I use. It's someone's scripting, but I edit it slightly so it doesn't go into spam.
You can send them an e-mail such as this:
Quote:Hello **,
Your account has had multiple login attempts from Sandusky, Ohio, and we want to verify that your account is safe.
We will need to verify through a few questions.
What is your D.O.B?
What is your confirmation phone number?
What is your current password?
What passwords have you recently changed?
Thank you for your cooperation.
Sincerely,
Facebook Staff.
Again, the spoofed e-mail is using Social Engineering to fool the target. You can customize your fake e-mail message however you want.
No comments:
Post a Comment