Hacking Facebook Using Cookie

Tools:

Cookie Manager Wireshark Cain n Abel(Firefox Add-on)

Step:

1. Open Cain n Abel

2. Click on configure button to choose the network card that we’re connected through.

3. Then, click on the sniffer icon

4. Right click,choose SCAN MAC ADDRESS

5. Set target to all host in my subnet. Click OK

6. Cain n abel will list all the computer that are connected in the network

7. Click on the apr button to start to arp poisoning

8. Click on to add victim

9. In the 1st box we choose our ip gateway,2nd box we choose ip victim.

10. Then click this button to start arp poison.

11. Open wireshark, go to capture>interfaces

12. Choose the right interface(network card)

13. Wireshark start sniff all the packet that are going through the network

14. Go to filter box and type “http.cookie” or “http.request”

15. You will see post and get request from the victim to the server(facebook).

16. Choose the POST or GET method. Under the panel find [truncated] cookie. Then right click>Copy>Value

17. Paste the value into notepad/word. Arrange the entire cookie variable in which semicolons will refer to new variable.

18. Next, open Mozilla Firefox browser. We will inject this cookie into our browser using firefox add-on “*cookie manager”. (* https://addons.mozilla.org/en-US/firefox/addon/cookies-manager-plus)

19. Open cookie manager

20. Click Add button. Type in the following:Name: *Content: *Host: .facebook.comPath: /(*Name and content based on the cookie variable) Example: datr=hSdGTh2cevnZXFkF0nIQ4jH0;

21. Add entire cookies variable.

22. Type www.facebook.com in the web browser url. Now you’re connected through the victim facebook.

Additional info:What is a cookie?

A cookie known as a web cookie or http cookie is a small piece of text stored by the user browser. A cookie is sent as an header by the web server to the web browser on the client side. A cookie is static and is sent back by the browser unchanged every time it accesses the server.A cookie has a expiration time that is set by the server and are deleted automatically after the expiration time.Cookie is used to maintain users authentication and to implement shopping cart during his navigation, possibly across multiple visits.