Hack Facebook with Brute Force

This tutorial is based on hacking a website login page by brute force attack. There are many attack to hack a website’s login page e.g Phishing ,tab napping similarly Brute Force attack. This Attack has following advantages as followed,

Advantages:

1. One of the Most successful Attack
2. Most Easiest of all attacks
3. Easy to Use
4. Possibility is high because there are so many related options
5. Fairly simplistic attack not require much hard-work

It’s only disadvantage is that it Takes alot Processing Power and time consuming.

How it Works:

It works on the method of cipher by trying every possible Key. Here is the Step to Step Guide to hack website login page

.

Hack Facebook with Brute Force

• You need Mozilla Firefox because the Add-ones we use won’t work on other browsers.

• Install the Add-one FireForce on your browser.
• Restart Firefox and go to login page of any website that won’t require CAPCHA
• Write Username in Username Tab and Right Click on Password Tab.
• Select FireForce from the content menu and select any of them according to your guess as shown in figure

.

• Select the minimum no. of letters = 6
• Select maximum no. of letters to = 16
• In Failed Authentication type = Invalid
• No. of Request Per Second = 500

.

.

• If you Have Selected LOAD Dictionary Option then

.

.

• It will show Pop-up then select a relevant file that contains dictionary words.

.

.

• Enter the Word that will tell Failed Authentication = Invalid
• No. of request per Second again type = 500

.

.

It Will Start Searching the Password by 500 attempts in a second. Once it will find Password it will tell you you are done. This technique can be used for every social websites but note this is for educational purpose only, Any Illegal attempt will be an act of Crime.

.

Brute-Force attack using HYDRA

What is BRUTE-FORCE attack ?

A password attack that does not attempt to decrypt any information, but continue to try different passwords. For example, a brute-force attack may have a dictionary of all words or a listing of commonly used passwords. To gain access to an account using a brute-force attack, a program tries all available words it has to gain access to the account. Another type of brute-force attack is a program that runs through all letters or letters and numbers until it gets a match.

How to install THC-hydra ?

Open your terminal & type following command

(1)sudo bash

(2)wget http://freeworld.thc.org/releases/hydra-6.3-src.tar.gz

(3)After downloading ,we are going to extract it

tar -xvf hydra-6.3-src.tar.gz

(4)tar -xvf hydra-6.3-src.tar.gz

(5)./configure && make && install

(6)make install

How to use THC-hydra?

If you are attacking FTP service then first make sure to run an nmap scan for any open FTP ports (by default it should be 21)

Now in order to brute-force a specific login form you need to define the user-name (if you don't know it include a file containing some), the word-lists directory, the service attacking and form method and the page itself.

Type following command in terminal

hydra -l admin -P /root/pass  127.0.0.1 http-post-form "/mutillidae/index.php?page=login.php:username=^USER^&password=^PASS^&login-php-submit-button=Login:Not Logged In"

The -l switch defines the username and the capital -L - a list of usernames for the brute-force attack (if you don't know the login).

The -p switch defines the password and the capital -P - the directory for the wordlists ( the -P is used almost always)

If we're attacking a web form over http and the method is post then we use "http-post-form" if the service is FTP simply use "ftp".

Another thing you should be aware of is that the variables username and password are not always the same. They different depending on the code.

They could be usr,pwd etc - it's not necessarily for them to be as in most cases "username" & "password". Just view the source and make sure what their names are.

Now there are a lot more options of Hydra. I'll explain some of them below no matter that they are included in the MAN page of hydra

-vV - The verbose mode. This mode shows you every login attempt hydra tries.

-s - We specify the port on which we're running our attack.

-x - For brute-force parameters generation. We define our charset and minimum & maximum length of it.

-R - Restores a previously aborted session of an attack.

-e ns - Checks for blank or no password fields.

Creating custom username list & wordlist for bruteforciing.

During brute-forcing every time you need custom  password list & username list. Username list is as well as important as password list, it should be unique for every organization.If we use traditional large number of username list , then it will be tedious process.Custom username list also useful in username enumeration.

Creating custom username list:-

(1)Jigsaw:-

During information gathering stage , you may use jigsaw script. It is great script for gathering employees `s details like fullname, position, department, email addresses.You should use script with your jigsaw credential.

some times email address`s initial can be username of employee.So you can get different username from output of jigsaw script.

(2)Username script:-

If you have full name of users then you can use username.py script to generate possible username by using different combination of first name & last name.

I also write bash script which generate possible username using first name, last name & birth date.

Creating Custom word list:-

(1)Cewl:-

Custom Word List generator. CeWL is a ruby app which spiders a given url to a specified depth, optionally following external links, and returns a list of words.

(2)Wyd:-

wyd is a password profiling tool that extracts words/strings from supplied files and directories. It parses files according to the file-types and extracts the useful information, e.g. song titles, authors and so on from mp3's or descriptions and titles from images.

(3)Cupp:-

People spend a lot of time preparing for effective dictionary attack. Common User Passwords Profiler (CUPP) is made to simplify this attack method that is often used as last resort in penetration testing and forensic crime investigations. A weak password might be very short or only use alphanumeric characters, making decryption simple. A weak password can also be one that is easily guessed by someone profiling the user, such as a birthday, nickname, address, name of a pet or relative, or a common word such as God, love, money or password.