One the way to hack Facebook is Social Engineering,
but the question asked by nearly all the people who are new
to hacking scene is that "What is social Engineering and how to
hack a (Facebook) account by it?"
So i decided to write this article to explain what it is and give a real life example of my own.
First lets see what Wikipedia have to say:
"Social engineering is commonly understood to mean the art of manipulating people into performing actions or divulging confidential information."
According to Hacker's Jargon Dictionary:
"Social Engineering: n. Term used among crackers and samurai for cracking
So i decided to write this article to explain what it is and give a real life example of my own.
First lets see what Wikipedia have to say:
"Social engineering is commonly understood to mean the art of manipulating people into performing actions or divulging confidential information."
According to Hacker's Jargon Dictionary:
"Social Engineering: n. Term used among crackers and samurai for cracking
techniques that rely on weaknesses in wetware rather than software; the aim
is to trick people into revealing passwords or other
information that
compromises a target
system's security. Classic scams
include phoning up a
mark who has
the required information and posing as a field service tech or a
fellow employee with an urgent access problem. "
So actually if you trick some one to give you the
confidential information he is manipulated by you. So now its clear
that our beloved Phishing is also a kind of social manipulation. This
might give you the size of it!
Lets get started:
So Phishing is a way to hack and its social engineering, but what are the other ways? Well apart from this you could trick the other person to give you his password. I know this might be really difficult but once you have mastered you could really make your name. Because the most wanted hacker of all times Kevin Mithnik actually used Social manipulation to hack though he himself couldn't write his own exploit!
An easy way is to guess the password from the information given, normally people use following things as their password:
Lets get started:
So Phishing is a way to hack and its social engineering, but what are the other ways? Well apart from this you could trick the other person to give you his password. I know this might be really difficult but once you have mastered you could really make your name. Because the most wanted hacker of all times Kevin Mithnik actually used Social manipulation to hack though he himself couldn't write his own exploit!
An easy way is to guess the password from the information given, normally people use following things as their password:
- Date of birth
- Surname
- Phone Number
- School's name
- Girl Friend's name :)
- Favourite Movie
- Favourite Band
- Favourite Hero/Heroine
- Favourite Fruit! (I used one when I was
young!)
These are only some, but if you know the other person
very well these might work!
Another idea is to manipulate the other person in
giving you the Answer to their security Question! This is what I am going to
cover in Real Life Example!
"THE MAIN TRICK IS TO EXPLOIT THE TRUST BASE TO
HACK!"
So it means you should exploit the trust that victim have in you to get the information, the trust could be of a friend, colleague or official (If you are pretending to be a Facebook guy who need their password).
REAL LIFE EXAMPLE:
Some months back my best friend challenged me to hack his Facebook account, unfortunately he was a reader of my blog and knew all the ways like Phishing or Keylogging. So I couldn't hack him for much time every time i tried i failed. So I though of social engineering.
What I did first was to got the primary Email Address of Facebook, I got that easily by Visiting his Profile page. The email was in Hotmail!
So I opened the Hotmail password reset page > https://account.live.com/password/reset and gave his email this gave me the following page:
Here the security Question was " Name of Best
Friend from Childhood?", it seemed pretty easy so
started entering the name of all his friends but to my
amazement the name was someone's whom i didn't knew.
So I went to the Chat and manipulated him. Following
is some text from chat:
====================================================
Me: Hello, how are you/
He: Fine. whatsup!
Me: Nothing, just getting ready for your party.
He: Ohh great, it is going to be fun!
Me: Yah i know, who else is comming?
He: Only you and [He named some which were not the
answer]
Me: Hey havent you called
you old friends? I wanted to meet them.He: Nupp!!!
Me: Are in contact with them, BTW who is your best friend apart from our group?
He : Ohh my best friend apart form you people is Arslan.
Me: ohh great looking forward to the party! bye.
====================================================
So those people who don't know ARSLAN is a name and to my Good Luck it was also the password! So I hacked his email and from their I hacked his Facebook account,
Don't worry no harm was done I just showed him that i did it and returned him the account because it is unethical to hack people to harm them. Real Hackers don't do this and I for my self only hack my dearest friends (who don't mind) for fun that all for me!
So from this example you people might have learn that how easy it is to hack through Social Engineering. But ALAS! the success rate is very low, but still where nothing works this works!
Comments
Post a Comment
If you have any doubts.. Let me know 😊