I mean, I know he got the knowledge, but how can he hack so easily, whereas people take days to hack a fb id.
- Hot
- Active
-
Forum Thread: Hydra Syntax Issue Stops After 16 Attempts 2 Replies
49 min ago -
Forum Thread: Hack Instagram Account Using BruteForce 208 Replies
8 hrs ago -
Forum Thread: How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More 6 Replies
5 days ago -
How to: Crack Instagram Passwords Using Instainsane 37 Replies
5 days ago -
Forum Thread: Metasploit reverse_tcp Handler Problem 47 Replies
1 mo ago -
Forum Thread: How to Train to Be an IT Security Professional (Ethical Hacker) 22 Replies
1 mo ago -
Metasploit Error: Handler Failed to Bind 41 Replies
2 mo ago -
Forum Thread: How to Hack Android Phone Using Same Wifi 21 Replies
2 mo ago -
How to: HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide] 177 Replies
2 mo ago -
Forum Thread: How Many Hackers Have Played Watch_Dogs Game Before? 13 Replies
2 mo ago -
Forum Thread: How to Hack an Android Device with Only a Ip Adress 55 Replies
3 mo ago -
How to: Sign the APK File with Embedded Payload (The Ultimate Guide) 10 Replies
3 mo ago -
Forum Thread: How to Run and Install Kali Linux on a Chromebook 18 Replies
4 mo ago -
Forum Thread: How to Find Admin Panel Page of a Website? 13 Replies
5 mo ago -
Forum Thread: can i run kali lenux in windows 10 without reboting my computer 4 Replies
5 mo ago -
Forum Thread: How to Hack School Website 11 Replies
5 mo ago -
Forum Thread: Make a Phishing Page for Harvesting Credentials Yourself 8 Replies
5 mo ago -
Forum Thread: Creating an Completely Undetectable Executable in Under 15 Minutes! 38 Replies
6 mo ago -
Forum Thread: Hacking with Ip Only Part [1] { by : Mohamed Ahmed } 5 Replies
7 mo ago -
Forum Thread: Problem with Airmon-Ng and VM 3 Replies
7 mo ago
-
How To: Find Identifying Information from a Phone Number Using OSINT Tools
-
How to Hack Wi-Fi: Cracking WEP Passwords with Aircrack-Ng
-
How To: Brute-Force FTP Credentials & Get Server Access
-
How To: Scan for Vulnerabilities on Any Website Using Nikto
-
How to Hack Wi-Fi: Stealing Wi-Fi Passwords with an Evil Twin Attack
-
How to Hack Wi-Fi: Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How To: Crack Shadow Hashes After Getting Root on a Linux System
-
How To: Find Vulnerable Webcams Across the Globe Using Shodan
-
How To: Enumerate SMB with Enum4linux & Smbclient
-
How To: Gain SSH Access to Servers by Brute-Forcing Credentials
-
How To: Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
-
Hacking Windows 10: How to Dump NTLM Hashes & Crack Windows Passwords
-
How To: Get Root with Metasploit's Local Exploit Suggester
-
How to Hack Wi-Fi: Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To: Crack SSH Private Key Passwords with John the Ripper
-
How To: Exploit EternalBlue on Windows Server with Metasploit
-
How To: Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
-
How To: Make Your Own Bad USB
-
Tutorial: Create Wordlists with Crunch
-
How To: Perform Advanced Man-in-the-Middle Attacks with Xerosploit
24 Responses
First of all there is no such thing as hacking Facebook ID, Second of all the show won't be 100% real right? The only ways to hack someone facebook is by phishing or installing a keylogger on their computer or stealing the saved data from the browser.
And that's what Elliot did, he hacked a target and got access by others ways in order to use malware/keylogger
There was also a password generator with keywords, that were obtained from social engineering
If you think that, you have no idea what you are talking about, you can easily hack ANY social Media account with bruters or using exploit tools such as metasploit.
What do you mean by "those are the only ways"? Where did you put data dumps, dictionary attacks, rainbow tables, brute-force?
As Butwhy42 already mentioned Elliot has an Wordlist generator.
The good news is: Kali already has one pre installed AND here is an Tutorial for that Bad news: I'm to fool to search for the tutorial right now and i'm running Arch and don't have everything installed so i cannot even tell you the name but i will explain to you how it works.
Elliot also explains most of this in the Show.
At the End of the first Episode Elliot is trying to crack the password of Michael Handson (i hope that's how you spell it haha :)).
As you probably know it didn't work and he says that he is too old to have an complicated password.
People often use password which include their Birthday (i have to mention that my birthday is not in 1967..) so they can memorize it easier.
For sure this 2-3 minutes attacks are really unrealistic but i think when you have the right informations about your victim you can get the password in 1-2 hours.
You don't even have to crack the Facebook password.
It's important to attack the weakest link.
The reason for this is that most people use the same password for every service. When you know you're victim is on an Website which isn't really secure against any Brute-Force or Wordlists attacks you should try to attack those because then you most likely will have access to all other Accounts like Facebook, Amazon or G-Mail.
Firstly, Elliot uses his own program called elpsrk. But that is not a realistic tool. In order to mimic elliot's attack u will need cupp and hydra or even medusa.
Hope this helps.
You can't crack facebook accounts since they are brute-force protected
Does brute-force protected mean "IMPENETRABLE" to you? And with the right time, nothing is brute-force protected. Facebook accounts, with the right knowledge and time, CAN be hacked. Facebook is a not a godly, impenetrable, holy system.
But if u use the attack I mentioned u can brute force the brute "forcable" accounts. Get the password, try it out on the other accounts like fb, maybe u'll be lucky.
Yeah i know, but other websites are implementing anti-brute force techniques, so it's getting harder
you can write some sort of script that changes your IP automatically after a number of attempts,so the anti-brute force systems won't be a problem.
They aren't that stupid, the anti-brute force system doesn't rely on the ip but Rely on the account ID, so changing ip's won't help
I would go after email since that would be a way to reset the FB account to get access. Just saying.
Gmail implented an anti-brute force system afaik, you could try for yourself
Elliot didn't really brute force the passwords. He attempted well known passwords (such as 123456seven ) and built password lists that included information he knew about the target (birthdate reversed for his psychotherapist).
People build passwords based upon things they can easily remember. These passwords usually embed some characteristic of the target such as pet names, spouse names, birthdates, etc. Elliot simply is exploiting this human "flaw". He is not brute forcing millions of passwords. That is inefficient and should only be used as a last resort.
CUPP wordlist profiler is the solution.
what about this?
Facebook is constantly updating, look the date of the video: 2012. There will always be weakness in programs/websites, but if you can't find it, you wont be able (more or less) to use it before it got patched.
also you can use the following
social engineering attack buy cloning FB, use tiny url so you dont make suspicious URL, then gather information about victim to create a trust,
shit, iam helping the evil to breed...
anyway its what called Credential Harvester Attack Method
One word: Social engineering, oops those are two words :p
In the real world, hacking websites like Facebook is not always a one trick pony. I believe I mentioned this in another forum, but I love hacking because of it's creative aspects. That is also why I love social engineering; There will never be just one way to do anything.
Hopefully this will help you come to a conclusion and maybe even plan a well thought out Facebook attack to post to Null Byte!
I agree with all of you. there can be numerous possibilities. people at fb and gmail are not fools who would let anyone hack the accounts.
but the way elliot did in the show was very quick. I mean he would just crack passwords in minutes (again im not talking about brute force).
he even logged into the bank account of her friend. Maybe it is unreal. Hacking is not that easy. we all know this.
I think it's good that it show how it's easy to crack anything, because even if it's obviously more difficult, for the random user there is no difference between the show and the 'little more difficult reality' and let's be honest, it's a low price to pay for such a (finally) good serie about security
You all seem to forget elliot had physical/proximity access to everything he hacked
Share Your Thoughts