Sunday, September 30, 2012

cookies stealing



In this tutorial i will explain how you can hack a Facebook/twitter accounts by stealing cookies. This method works only when the victims computer is in a LAN (local area network ).Best place to try out this is in schools ,collages ,cafes . where computers are connected in LAN .Before i proceed let me first explain "cookies "

Description: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiSZDwgjhgzWXk7w_h3PucYph8XZ8s_cG-6OIXNpWsUTtfNmbDseuI7aO2KIY1aPvWRefmYiU8whYxMF_W45CQsKcj8Bhz-l65sTX5526LbzY1C9oELWo3r3DqgVLycifEQyu6FUeY7iKM/s1600/boy-hand-cookie.jpg

What Are Cookies ? And What Is The Use Of Stealing Cookies ?
Cookies are small files that stored on users computer by websites when a user visits them. The stored Cookies are used by the web server to identify and authenticate the user .For example when a user logins in Facebook a unique string is generated and one copy of it is saved on the server and other is saved on the users browser as Cookies. Both are matched every time the user does any thing in his account

So if we steal the victims cookie and inject them in our browser we will be able to imitate the victims identity to the web server and thus we will be able to login is his account . This is called as Side jacking .The best thing about this is that we need not no the victims id or password all we need is the victims cookie



Hack Facebook / Twitter By Stealing Cookies
Things we need :-
1.
Ettercap or Cain and able for ARP poisoning the victim
2.
Wire shark for sniffing and stealing cookies
3.
Firefox browser and Cookie logger add on for injecting the stolen cookies in our browser


Procedure :-


1. First ARP poison the victim .For this you can refer my previous articles on how to ARP poison the victims computer using
Cain and able or Ettercap

2. After ARP poisoning open Wire shark ,click capture button from the menu bar , then select interface .Now select your interface (usually eth0 ) finally click start capture .

3. Now you can see the packets being captured , wait for a while till the victim logs in his account( Facebook /twitter ),

4. Mean while Find the IP address of Facebook ,for this you can open CMD (command prompt ) and enter .Ping Facebook.com to find its IP address
Description: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvDDKC3G2Dq6RCaifKGY1ABLgM5Clgc8hYZrzxY19ukihCZdxpl3R0Pj_3Q5bNRbfmBa6a5QEVeWpFXgosRR28SYh5N8Fyj-QavFRoMuRyDFIHN66nArSo74I-FzhFx4AcMypi7sdLz3Q/s320/4.png

5. Now filter the packets by entering the the IP address (Facebook) in the filter bar and click apply

Description: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWU432YfDzBI5-QJ-AGwwBotMBNL-TspMz4V4MX5p-DDRVkvEoH6-Dkb3n0O4qX0nUtLxiZhLphzN58OMZa0n28cOlrEYlEeDNqc6kb2qJOIvFytaa57z4DQ9_ngDz7SnvTXRxu7ummHY/s400/2.png


6. Now Locate HTTP Get /home.php and copy all the cookie names and values in a note pad as shown

Description: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXvk0RRoxUGv6EhkZtROR6dTNdT5KRpLGFY47fm0Ikc3BUA0SWwU8JTRLZ1JzmNaRfWr8418gLhCeKf5ckssnzzls3dfX1B1g3VczocLS6PPkLaY9Dcq8AUWZKRkG6oAS4uJMYnKjDN5M/s400/1.png

7. Now open Firefox and open add and edit cookies ,which we downloaded earlier , add all the cookie values and save them as shown
Description: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgWiYTXG6Kv1aYTWFZORL3mKuQcOADM7bFqWbnE8ssWjYYNvXVHb9YjqfkGCHHHeXZyEOrkEz686-O5kAFZqDwQRbSe9PzPvcVw8jeA8-nglZsNmRjTTQATF9G7z5xsgB2dEmGq19SSAjI/s320/3.png

8. Now open Facebook in a new tab , you will be logged in the victims account .


VoilĂ  ......you have hacked the victims Facebook account by stealing cookies , You can also follow the same steps to hack Twitter accounts


Hope you enjoyed this tutorial , If you have any doubts please feel free to post a comment

WORLD TOP HACKERS

Top hackers

1. Gary McKinnon:


Gary McKinnon


USA declared him as the biggest military computer hacker ever. He whacked the security system of NASA and Pentagon. This made him one of the great black hat hacker celebrities and got his name into the hacker's community. The nerd is now facing 70 years of imprisonment and is deprived from accessing internet. He has illegally accessed 97 computers and has caused around $700,000 damage to the economy.

2. Robert Tappan Morris:


tappan morris


He is the creator of first internet worm ?Morris worm? he was a student at Cornell and from that where he started writing codes to create worms as he wanted to know how large the internet world is. But the worm lead to the slow speed of internet and made the systems no longer usable. There was no ways to know how many computers were affected but the experts alleged that around 6000 machines. He was sent to 3 years imprisonment, 400 hours of community service and was fined $10,500. At present he is a professor at Massachusetts institute of technology, computer science and artificial intelligence laboratory. He was the first person prosecuted under the 1986 Computer Fraud and Abuse Act.

3. Kevin David Mitnick:


kevin


The computer security consultant, author and a hacker was accused of many cases. He broke into the computer of top technology and telecommunications like Nokia, Motorola, Fujitsu Siemens and sun Microsystems. He termed his activity as ?social engineering? to legalize his acts. He hacked the Los Angeles bus transfer system to get free rides the biggest hacking was the breaking into the DEC system to view the VMS source code (open virtual memory system which lead to the clean-up cost of around $160,000. He also gained the full administration privileges to IBM minicomputers at the computer learning institute in Los Angeles for a bet.



4. Kevin Poulson:


poulson


  He is best known for his takeover of the KIIS-FM phone lines, a Los Angeles based radio station. He was also known as dark Dante. The former black hat hacker is currently a senior editor at wired news 

5. Jonathan James:


jonathan james


He is maestro of all hackers who broke into the server of department of defense in the year 1999 which gave him a nick name c0mrade at the age of 16. He also got into the hacking of NASA. Stealing softwares of NASA and DoD later put him into big trouble. As he was a minor the punishment was for for 6 months imprisonment and has to pledge that he won?t be using computers forever.