Facebook Cookie Stealing And Session Hijacking

SHARE:

Facebook Cookie Stealing And Session Hijacking


Three days ago I finished the series on Gmail Session Hijacking and Cookie Stealing , due to a tremendous response of readers I planned to write a post on Facebook cookie stealing and Session hijacking. Facebook session hijacking can also be accomplished via a very popular tool called Firesheep (On a Wifi Network Only), which I won't be explaining here because I have already written it before in my post Facebook Hacking Made Easy With Firesheep
In this tutorial I will explain you how an attacker can capture your authentication cookies on a local area network and use them to hack your facebook account,  Before reading this tutorial I would recommend you to  part1, part2 and part 3 of my Gmail Session Hijacking and Cookie stealing series, So you could have better understanding of what I am doing here.
      

Facebook Authentication Cookies

The cookie which facebook uses to authenticate it's users is called "Datr", If an attacker can get hold of your authentication cookies, All he needs to do is to inject those cookies in his browser and he will gain access to your account. This is how a facebook authentication cookie looks like:
Cookie: datr=1276721606-b7f94f977295759399293c5b0767618dc02111ede159a827030fc;
How To Steal Facebook Session Cookies And Hijack An Account?
An attacker can use variety of methods in order to steal your Facebook authentication cookies depending upon the network he is on, If an attacker is on a hub based network he would just sniff traffic with any packet sniffer and gain access to victims account.

If an attacker is on a Switch based network he would use an ARP Poisoning request to capture authentication cookies, If an attacker is on a wireless network he just needs to use a simple tool called firesheep in order to capture authentication cookie and gain access to victims account.

In the example below I will be explaining how an attacker can capture your authentication cookies and hack your Facebook account with wireshark.

Step 1 - First of all download wireshark from the official website and install it.

Step 2 - Next open up wireshark click on analyze and then click on interfaces.

Step 3 - Next choose the appropriate interface and click on start.


Step 4 - Continue sniffing for around 10 minutes.

Step 5 - After 10minutes stop the packet sniffing by going to the capture menu and clicking on Stop.

Step 6 - Next set the filter to http.cookie contains "datr” at top left, This filter will search for all the http cookies with the name datr, And datr as we know is the name of the facebook authentication cookie.


Step 7 -  Next right click on it and goto Copy - Bytes - Printable Text only.


Step 8 - Next you’ll want to open up firefox. You’ll need both Greasemonkey and the cookieinjector script. Now open up Facebook.com and make sure that you are not logged in.

Step 9- Press Alt C to bring up the cookie injector, Simply paste in the cookie value into it.


Step 10 - Now refresh your page and viola you are logged in to the victims facebook account.



Note: This Attack will only work if victim is on a http:// connection and even on https:// if end to end encryption is not enabled.

Countermeasures

The best way to protect yourself against a session hijacking attack is to use https:// connection each and every time you login to your Facebook, Gmail, Hotmail or any other email account. As your cookies would be encrypted so even if an attacker manages to capture your session cookies he won't be able to do any thing with your cookies.


Post by : Zayaan Ibrahim

COMMENTS

Name

2015,1,AdBlock,1,Android,25,Anti-Virus,6,Apps,1,Avast,1,AVg,1,Avira,1,Avira Browser Safety,1,BD Govt.,3,Best,3,Codes,10,Command prompt,1,Computer,13,Cricket,1,Customization,1,Download,48,e-Book,7,Education,3,Extensions,1,Facebook,17,Firefox,4,Free,8,Free Call,3,Free SMS,4,Full Movie,2,FVD Downloader,1,Games,1,Google Chrome,1,Google Tricks,9,Hacking,33,How to,7,How to.,5,ICC,1,Internet,8,iPhone,1,Keylogger,1,Launcher,1,LockScreen,1,Lollipop,1,Mobile Phone,21,Modules,1,Movie Download,11,Nova Launcher,1,Online Recharge,2,PC,1,PC Game,4,PC software,13,PC Suits,4,PDF,1,Playstation,1,Protection,1,Ranking,1,Release date,1,Smart Launcher,1,Software,27,Special Post,1,T20 World Cup,1,The Camelizer,1,Tips Tricks,32,Top,2,Turn Off the Lights,1,Tutorials,16,USB Boot,3,Video Games,1,Viruses,1,Weather,1,Widget,1,WiFi Hacking,22,Windows,26,Windows 8,5,Xbox,1,Xposed Framework,1,
ltr
item
Top One: Facebook Cookie Stealing And Session Hijacking
Facebook Cookie Stealing And Session Hijacking
http://1.bp.blogspot.com/-9Zqt0-Q8wjs/UcrI_8X_DCI/AAAAAAAAAHw/yRdjeqYH20U/s320/Untitled+(1).png
http://1.bp.blogspot.com/-9Zqt0-Q8wjs/UcrI_8X_DCI/AAAAAAAAAHw/yRdjeqYH20U/s72-c/Untitled+(1).png
Top One
https://topone2u.blogspot.com/2013/06/facebook-cookie-stealing-and-session.html
https://topone2u.blogspot.com/
https://topone2u.blogspot.com/
https://topone2u.blogspot.com/2013/06/facebook-cookie-stealing-and-session.html
true
4833290783376190241
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS CONTENT IS PREMIUM Please share to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy