Before introducing you to the attack, let me inform you that method works only if the victim is using http connection, hence if you want to be safe from the same do use “https” connection instead of “http”.
Facebook like many site’s uses authentication cookie. This cookie has a large information in the same.
Following is a Part of one such:-[message type=alert ]Cookie: datr=1276721606-b7f94f977295759399293c5b0767618dc02111ede159a827030fc; lsd=Xesut; lxe=greg.evans%40****************; c_user=100001230367821; lo=wl9fcGXMhPfoT4bAhKFP3Q; lxs=1; sct=1276721745; xs=a615cfe596448194d6e2a8d062a90e4e[/message]
Here ‘lxe’ field is login. I have not researched for any further information into what the various other fields mean, but using facebook without any kind of security you’re both leaking the email address used for your login and the session cookie.
- Please note: You might use variety of methods in order to steal facebook authentication cookies depending upon the network the lol you are hacking is on;
- If you are on a hub based network you would just sniff traffic with any packet sniffer and gain access to victims account.
- On a Switch based network you might be interested in ARP Poisoning request to capture authentication cookies,
- On a Wireless network the hell is near by use of a simple tool called firesheep in order to capture authentication cookie.
Follow the steps for processing the cookie stealing attack using wireshark:-
Step 1: Download wireshark
Step 2: You need some geek tool like wireshark(formally etheral) to capture packets.
Step 3: Install and open Wireshark: to analyse -> and then to interfaces
Step 4: Next choose the appropriate interface and click on start. Sniff for 10 minutes or so.
Step 5: Almost over by now just set the filter at top left to http.cookie contains “datr”
Step 6: Once you’ve found a suitable cookie, just right click on cookie line, ~> Copy ~> Bytes (Printable Text Only)
Step 8: Go to facebook.com do not login.
Step 8: press alt+c to bring cookie injector script and finally paste cookie code in same.
For long time access paste cookie code in a notepad file and save.
THIS IS JUST FOR EDUCATIONAL PURPOSE N’T TO SERVE ANYONE’S NASTY PURPOSE.