So, how to hack facebook account by hijacking cookies?
In order to get started, we need the following few tools.
- Kali Linux OS
Ferret is a great piece of tool that grabs session cookies that travel across the LAN. Hamster is the proxy that “manipulates” everything collected by the Ferret. Ferret doesn’t come with Kali 64-bit version. In order to install it, we need to add the i386 (32-bit) repository. After that we can install it. You can install it by running the following line of code in the terminal.
dpkg –add-architecture i386 && apt-get update && apt-get install ferret-sidejack:i386
After you do that, let’s move on.
Setting Up the MitM Attack
- Sniff > Unified sniffing.
- MitM > ARP poisoning and check Sniff Remote Connections.
- Finally, Start > Start sniffing.
- Now that Ferret is installed, all we have to do is run ferret -i interface. For instance, I’ll be using Ethernet.
- To run Hamster, just type hamster in a new terminal.
- To view the cookies that we have “hijacked,” simply open your web browser and type in your localhost ip and port like this: 127.0.0.1:1234.
- Now just put the interface name in Hamster to listen on. Go to adapters and enter the same interface that just you entered in Ferret.
- Press Submit Query and wait for a while, and you’ll see cookies begin to appear.
- As you’ll start to see some IP addresses pop up (also yours). To view the cookies, simply click on the IP address. Just hit the URLs the view them.
- If you want to view the original cookies, just click that cookies button and replace hamster with your localhost ip and port as before at the beginning of the URL, or you can open up the .pcap file in the home folder.
Note: Use Virtual Machine and scan on VirusTotal before downloading any program on Host Machine for your privacy.