Hack Facebook accounts using COOKIE STEALING and SESSION HI-JACKING

This post is about Hack Facebook accounts using COOKIE STEALING and SESSION HI-JACKING. Many of them have been requesting to post about Facebook Hacking. To be frank no one can hack unknown facebook account. But here is a trick to hack your known victims account.

Authentication Cookies used by Facebook :

The cookie which facebook uses to authenticate it's users is called "Datr", If an attacker can get hold of your authentication cookies, All he needs to do is to inject those cookies in his browser and he will gain access to your account. This is how a facebook authentication cookie looks like:

datr=1276721606-b7f94f977295759399293c5b0767618dc02111ede159a827030fc;

An attacker may use variety of methods in order to steal your facebook authentication cookies depending upon the network he is on, If an attacker is on a hub based network he would just sniff traffic with any ***Packet Sniffer*** and gain access to victims account.

If an attacker is on a Switch based network he would use an ***ARP Poisoning*** request to capture authentication cookies, If an attacker is on a wireless network he uses a tool called ***FIRESHEEP*** in order to capture authentication cookie and gain access to victims account.

Here in the example below I will be explaining in simple STEPS how an attacker can capture your authentication cookies and hack into your Facebook account with ***Wireshark***.

Steps:

1) First of all download wireshark from the official website and install it.

2) Next open up wireshark click on analyze and then click on interfaces.

3) Next choose the appropriate interface and click on start.

4) Continue sniffing for around 10 minutes.

5) After 10 minutes stop the packet sniffing by going to the capture menu and clicking on Stop.

6) Next set the filter to http.cookie contains “datr” at top left, This filter will search for all the  http cookies with the name datr, And datr as we know is the name of the facebook authentication cookie.

7) Next right click on it and goto Copy - Bytes - Printable Text only.

8) Next you’ll want to open up firefox. You’ll need both Greasemonkey and the cookieinjector script. Now open up Facebook.com and make sure that you are not logged in.

9) Press Alt+C to bring up the cookie injector, Simply paste in the cookie value into it.

 10) Now refresh your page and You are logged in to the victims facebook account.

Warning: This is only for EDUCATIONAL purposes to make you aware of how your FACEBOOK account may get HACKED so that you may PREVENT it from getting hacked !!! We are not responsible for any type malicuous activities performed by anyone who is reading this.

     Hope you enjoy this post. For any queries or suggestions please mention in the below comment box. Thank you...!!!