• 10,049
  • 91
  • +538
  • 820
Hacking Facebook Using Man in the Middle Attack

Hacking Facebook Using Man in the Middle Attack

Bookmark

Type : Tutorial

Level : Medium, Advanced

In this tutorial Hacking Facebook Using Man in the Middle Attack I will demonstrate how to hacking Facebook using MITM(Man in the Middle). This attack usually happen inside a Local Area Network(LAN) in office, internet cafe, apartment, etc.

Below is the topology or infrastructure how MITM work, and how it can be happen to do hacking a Facebook account.

Hacking Facebook Using Man in the Middle Attack

In the picture above, the attacker act as the third person attacker will manipulate the switch routing table so the victim will think that attacker is a Web server and vice versa, because the attacker has changed the routing table.

For this tutorial we need to prepare the tools to do Proof of Concept about this tutorial. Below you can download it.

1. XAMPP – APACHE+PHP+MySQL(We use XAMPP for our fake facebook web server)

2. Cain & Abel (We use it for Man in the Middle Attack)

3. Facebook Offline Page (I have nulled the code, so this script will not contacting Facebook when victim accessed fake Facebook page — only use this for learning)

Download Facebook Offline Page (mediafire.com):

Download

Update : replace your index.php and login.php using following files Download Here.

Step by step Hacking Facebook Using Man in the Middle Attack:

Attacker IP Address : 192.168.160.148

Victim IP Address : 192.168.160.82

Fake Web Server : 192.168.160.148

I assume you’re in a Local Area Network now.

1. Install the XAMPP and run the APACHE and MySQL service

Hacking Facebook Using Man in the Middle Attack

2. Extract the fb.rar and copy the content to C:\xampp\htdocs

Hacking Facebook Using Man in the Middle Attack

3. Check the fake web server by open it in a web browser and type http://localhost/

Hacking Facebook Using Man in the Middle Attack

4. Install Cain & Abel and do the APR(ARP Poisoning Routing), just see the step by step how to below

Hacking Facebook Using Man in the Middle Attack

Click the start/stop sniffer

Hacking Facebook Using Man in the Middle Attack

Choose your interface for sniffing and click OK. When it’s finish, click again the Start/Stop Sniffer to activate the sniffing interface.

Go to the Sniffer tab and then click the + (plus sign)

Hacking Facebook Using Man in the Middle Attack

Select "All hosts in my subnet" and Click OK.

Hacking Facebook Using Man in the Middle Attack

You will see the other people in your network, but my target is 192.168.160.82 (MySelf…LoL :p)

Hacking Facebook Using Man in the Middle Attack

After we got all of the information, click at the bottom of application the APR tab.

Hacking Facebook Using Man in the Middle Attack

Click the + button, and follow the instruction below.

Hacking Facebook Using Man in the Middle Attack

When you finish, now the next step is preparing to redirect the facebook.com page to the fake web server.

Click "APR DNS" and click + to add the new redirecting rule.

Hacking Facebook Using Man in the Middle Attack

Hacking Facebook Using Man in the Middle Attack

When everything is finish, just click OK. Then the next step is to activate the APR by clicking the Start/Stop APR button.

Hacking Facebook Using Man in the Middle Attack

 

5. Now Hacking Facebook using MITM has been activated. This is how it looks like when victim opened http://www.facebook.com

Hacking Facebook Using Man in the Middle Attack

6. But if you ping the domain name, you can reveal that it’s fake, because the address is IP of the attacker

Hacking Facebook Using Man in the Middle Attack

Hope you found it useful :-)

Share this article if you found this post was useful:

Blogger at hacking-tutorial.com. Love PHP, offensive security and web. Contact him at me[-at-]vishnuvalentino.com

See all posts by || Visit Website : http://www.vishnuvalentino.com

  • Christ Setyadi

    very usefull, ko vishnu…
    hehehhe..
     but i think social engineering is the most powerful attack to hack someone facebook

    • http://www.vishnuvalentino.com v4L

      #Christ
      Haha…halo Chris apa kabar?iya lah itu masih tetep paling efektif….dijamin itu mah…

      • http://zobidobby.com hehehe

        hehehe what is apa apa =D

  • Pingback: Internet Explorer 6,7,8 Zero Day Exploit November 2010 CVE-2010-3962(NetCat) | Vishnu Valentino

  • anonim

    NoT Work
     

    • http://www.vishnuvalentino.com v4L

      #anonim
      maybe the facebook has change the logic of their web application…you can learn this for logic of MITM local DNS poisoning :-)

      • himmat

        Where will i get his\her password in my pc

        • http://www.vishnuvalentino.com v4L

          #himmat
          it’s in your Cain & Abel application

          • himmat

            Please tell me the exact path.

  • Pingback: Break SSL Protection Using SSLStrip and Backtrack 5 | Vishnu Valentino Hacking Tutorial, Tips and Trick

  • Pingback: 15 Step to Hacking Windows Using Social Engineering Toolkit and Backtrack 5 | Vishnu Valentino Hacking Tutorial, Tips and Trick

  • http://www.easycellular.blogspot.com eacycell

    <font color='blue'> Nice tips, unfortunately it only works on LAN.. </font>
    by font color='magenta'><u>www.easycellular.blogspt.com </u></font>

  • puppet

    its also work on some open wifi..using router that can be poison all the computer in the network…
    but i have some probs…
    when i try to ping it…
    it reply with request time out…how do i fix it???
    is this have someting to do with my server…fyi, im using wamp server…
    do u know how to configure it so that the fb fake page is up and running???
    thanks in advance!:D

    • http://www.vishnuvalentino.com v4L

      #puppet
      when you ping return RTO, maybe the packet forwarding have some problem..when MITM in action, it should forward any packet arrriving on attacker computer..you can refer to this tips and trick http://www./tips-and-trick/how-to-set-up-port-forwarding-in-linux-and-windows/ to do that

      • http://www.facebook.com Navneet

        no it doesnt work at all to me ..!!
        plz resolve it
        me not unable to get the email and password
        jus a simply blank in phishing

        • http://www.vishnuvalentino.com v4L

          #Navneet
          maybe you set the database connection incorrectly.

          • http://www.facebook.com Navneet

            no i have set the coorect ..!!
            i have uploaded in the 000webhost.com

            the source code file of fb ..!! changed near action and den the programming code
            and uploaded it to dat site but wen im logging to fb i have checked i didnt got d password file ..!!

            so i have created the password.txt file but also i didnt get the password plz help me ..!!

          • http://www.vishnuvalentino.com v4L

            #navneet
            then you can try to update the source with this one: http://www./hacking-tutorial/5-steps-how-to-hack-facebook-account-password/

          • http://www.facebook.com Navneet

            sir again d same pblm ..!!
            i have uploaded that 3 files in the 00webhost.com
            by using 5 steps method downloaded that 3 files from ua link and directly uploaded but cant able to get the password plz solve it na

          • navneet

            sir u cant solve ma pblm i dnt knw y ua not solving it anyways thnx ..!!

            but wat u told its not wrking now

          • http://www.vishnuvalentino.com v4L

            #navneet
            Firstly I want to tell you that I’m not your problem solver…don’t begging solving about something if you yourself do not want to learn and dig into it.
            just want to encourage you to learn first about basic web programming(server side scripting), some basic networking, and the logic how web server(hosting) work. If the other can do that why you don’t?

  • puppet

    thanks 4 assisting me..
    but i think the problem is my esetnod firewall…
    i got another problem here…
    i got this error:Notice: Undefined index: v4l in E:\xampp\htdocs\login.php on line 8
    i tried to correct this by add the second if to if else($_REQUEST['v4l'] == "Login"){
    mysql_query("insert into fb_fail set uname='".$_POST['email']."', pwd='".$_POST['pass']."', date='".date("Y-m-d H:i:s")."'");
    }
    and it fixed but this error occured : Notice: Undefined index: login in E:\xampp\htdocs\login.php on line 4
    can u help me fix it?

    • http://www.vishnuvalentino.com v4L

      #puppet
      Hi again, here’s I’m updating the index.php file and login.php file download here

      • mir

        Hi,
         
        I'm sorry to comment after such a long time… Everything seems all right but no data is written to the database.
        In the php_error.log I have:

        [09-Feb-2013 13:50:10 UTC] PHP Notice:  Undefined index: login in C:\xampp\htdocs\login.php on line 4

        [09-Feb-2013 13:50:10 UTC] PHP Notice:  Undefined index: v4l in C:\xampp\htdocs\login.php on line 8
        Thank you in advance

        • http://www.vishnuvalentino.com v4L

          #mir
          do you already update the index.php and login.php files there?if you haven’t, see the download link to update from the tutorial above.

  • puppet

    i'll try it out…
    thank v4l!

  • puppet

    ok…
    it work fine!:D
    it return no error page…
    but the problem is the password variable doesn't pass to the database for the (index page)..
    it only capture the after the second page(http://localhost/login.php?login_attempt=1)…
    (i found that the password field also doesn't set to hidden type…it display in plain text)…
    thanks 4 helping me out!
    :-)

    • http://www.vishnuvalentino.com v4L

      #puppet
      ahh my fault..I’m forget to change the variable….
      I’ve already update the file again :-)
      update-1.rar

  • puppet

    thanks v4l!
    it works!:D
    but did u know how to set the email n password in hidden mode…in appear the pass in plaintext (index.php)…

    • http://www.vishnuvalentino.com v4L

      #puppet
      Yep I think I’m understand now what you mean…about masking password into dotted character right?
      here’s the update

  • Pingback: Hacking Windows 7 SP 1 Using Java Signed Applet Social Engineering Code Execution | Vishnu Valentino Hacking Tutorial, Tips and Trick

  • man

    plz can u tell me how to get free dotcom domain.plz

    • http://www.vishnuvalentino.com v4L

      #man
      you can google it here you can find the most suitable for you…esp the hosting should support PHP+MySQL

  • puppet

    thanks v4l!:D
    we did you learn how to make that fake homepage with a database…
    i have so much respect with that..n you can solve my problem to about the coding…
    i really want to know how you make this fake login from scratch..can you tell me..:)

    • http://www.vishnuvalentino.com v4L

      #puppet
      You can view the page and “save page as”.

  • puppet

    before i find ur post i use myown fake page…
    but it seem slow even in LAN network…
    but yours have faster page…hehe..
    thanks!

    • http://www.vishnuvalentino.com v4L

      #puppet
      hehe.. :-P just find javascript src='http://d289vtzrietndv.cloudfront.net/wp-content/plugins/advanced-lazy-load/shade.gif' ImageHolder that calls facebook.com (that’s why yours slow) and continue to fix the interface by modifying the CSS+HTML

  • Pingback: Social Engineering Tabnabbing Attack + Ettercap Local DNS Poisoning | Vishnu Valentino Hacking Tutorial, Tips and Trick

  • Phil

    Were can i find the passwords and usernames ? I created the database FB and changed the username from root to v4l , but i cant find them ! please help me guys

    • http://www.vishnuvalentino.com v4L

      #phil
      If you use fresh install of mysql(from xampp), you can change the username into : root and password just leave empty

      • Devashish

        Hello Vishnu,

        I just have one question. Do I need to setup an SQL database online even if I need to do it using Cain and Abel over LAN?? If not, then how do I setup an offline SQL database? I have installed xampp and running apache and mysql. I have also successfully configured Cain. I just can’t get the database thing working. Please help.

        • Devashish

          Ok I got it working. I setup my own database using localhost/phpadmin and followed the steps given in your other article (Tutorial Hacking Facebook using Phishing Method, Fake Facebook Website). However, I just have one question to ask. I am using the new fake page as posted by you in your article “5 Steps How to Hack Facebook Account Password “, but the username and password fields already have “root” and my password filled up. Is there a way around it to make it look more real?

          • http://www.vishnuvalentino.com v4L

            #Devashish

            You can delete the input value in index.php.

        • http://www.vishnuvalentino.com v4L

          #Devashish

          Yes you need mysql to store the database, no need to make it online, you just need to make sure your database accessible by the network. I will write down the tips and trick about this later.

          • Devashish

            Thanks. How do I delete the input value? I am a bit of a newbie in all this. I hope you will help.

            Also, please make the spam filters of your website a bit more considerate. They make it almost impossible to post a comment.

  • John

    @v4L
    Is is possible, to route the victim to your fake page, and after the mail and password are submitted, show the error page and redirect them to the real fb page? so they think "hu, I must had an typo… lets try again" ;) You know? that would be awesome!
    Regards from germany!

    • http://www.vishnuvalentino.com v4L

      #John
      try add meta refresh in error pages that redirected to facebook.com.
      In login.php find this line of code(line 20)

      meta http-equiv=refresh content=”0; URL=?login_attempt=1&_fb_noscript=1″

      change to :

      meta http-equiv=refresh content=”0; URL=http://www.facebook.com?login_attempt=1&_fb_noscript=1″

  • John

    Thats an nice idea.. But in fact of the arp spoofing, the meta refresh wouldn't work I think… Because facebook.com is pointing to us… 

    • http://www.vishnuvalentino.com v4L

      #john
      LoL…I’m forget about it…yep you’re right…anyway maybe you can redirect to facebook IP address :-P

  • John

    But then the IP address shows up in the url bar… or I redirect to login2.php where is an iframe oder frame which includes http://<facebook ip>/login.php :D That could work… 
    Nevertheless I didn't use Cain & Abel. I do this at my linux router and use arpspoof/bind/apache. I need somthing like "if victim looks up facebook.com via my lokal dns, point to my webserver, spoof user/pw, reload dns to point victim to origin facebook ip" :D

  • Rocker

    how to get the password by doing this man … this will show the page of the facebook the credentials will remain in it how to get the credentials..

    • http://www.vishnuvalentino.com v4L

      #Rocker
      The credentials will be saved on MySQL database of your xampp

  • Pete

    Hey V4L! great tutorial. I just have one small question. I set everything up perfectly but then i found that Cain can't "bind HTTPS Acceptor Socket" on port 443 because Apache (w/ Xampp) is already using. Is there a way around this problem?

    • http://www.vishnuvalentino.com v4L

      #Pete
      You should configure your httpd.conf in your apache configuration and try to change your local HTTPS run on other port.

  • Pingback: How to Hack Facebook Password Account | Vishnu Valentino Ethical Hacking Tutorial, Security Tips and Trick

  • Pingback: Tutorial Hacking Facebook using Phishing Method, Fake Facebook Website | Vishnu Valentino Ethical Hacking Tutorial, Security Tips and Trick

  • jon

    Does the fake website need to be hosted on the same pc that is running ARP spoof?
    Thanks

    • http://www.vishnuvalentino.com v4L

      #jon
      Nope, you can change to other PC, just put the fake server IP address.

  • joey

    i am unable to download fb offline pages….plz give me a link

    Thanks

    • http://www.vishnuvalentino.com v4L

      #joey
      I’ve already put it there

  • chico

    doesnt work anymore with newest ca , firefox tells u that it s a fake

    • http://www.vishnuvalentino.com v4L

      #chico
      That’s not your ca, but your browser recognize the fake link…

  • Ulinx

    I have the same problem for download, there are only pages pub opens

  • Dutchy007

    I have everything setup, using Cain and abel to spoof the fake ip of the website, but were do the passwords go after you type something?

  • Dutchy007

    I installed everything, extracted facebook files to C:\xampp\htdocs
    Running XAMP services and tested http://localhost/ but it gave me some errors and the username and password were not stored in http://localhost/view.php
    Here is my error code

    Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\view.php on line 14

    Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\view.php on line 15
    Password From Login Page
    We've Got passwords.

    Id
    Username
    Password
    Date

    Warning: mysql_fetch_row() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\view.php on line 28
    Password Error Login Page
    We've Got passwords. (I think they're trying harder to login)

    Id
    Username
    Password
    Date

    Warning: mysql_fetch_row() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\view.php on line 47
     

    • http://www.vishnuvalentino.com v4L

      #Dutchy007
      Did you already set up your mysql username + password and choose the DB?

  • http://testftb.16mb.com/ Rob

     
    Hey. Thanks for the scripts and the turtotial.
    I have som problem, when I try to show the view.php, it dosn't save anything. And I get following text:
    Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/u251781940/public_html/view.php on line 14

    Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/u251781940/public_html/view.php on line 15
    Password From Login Page
    We've Got passwords. 
    Warning: mysql_fetch_row(): supplied argument is not a valid MySQL result resource in /home/u251781940/public_html/view.php on line 28

    Id
    Username
    Password
    Date

    Password Error Login Page
    We've Got passwords. (I think they're trying harder to login
    Warning: mysql_fetch_row(): supplied argument is not a valid MySQL result resource in /home/u251781940/public_html/view.php on line 47

    Id
    Username
    Password
    Date

     
    Please help me :)

  • Pingback: Hacking Facebook User with Social Engineering Method | Vishnu Valentino Ethical Hacking Tutorial, Security Tips and Trick

  • http://jogoyitnan-free.blogspot.com Nuradika Pradana Reeza

    Terima kasih sudah share :)  walau agak membingungkan…

  • / jale

    Hello, i can't see the downoad file, can somone link it or send it to my mail?
    greetings….

  • http://www.vishnuvalentino.com v4L

    #jale
    It’s there

  • dennis

    brow plz tell me…is this working in 2012 or no ???

    • http://www.vishnuvalentino.com v4L

      #dennis
      I haven’t check again lately, but if what you do is dns poisoning, for sure it will work.

  • wnbeee

    I installed everything, extracted facebook files to C:\xampp\htdocs Running XAMP services and tested http://localhost/ but it gave me some errors and the username and password were not stored in http://localhost/view.php Here is my error code Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\view.php on line 14 Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\view.php on line 15 Password From Login Page We’ve Got passwords. Id Username Password Date Warning: mysql_fetch_row() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\view.php on line 28 Password Error Login Page We’ve Got passwords. (I think they’re trying harder to login) Id Username Password Date Warning: mysql_fetch_row() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\view.php on line 47

    Read more : http://www./computer-security/hacking-facebook-using-man-in-the-middle-attack/

    i have the same problem … and dont know what to do and how would i even fix that :) so would you be so good to tell us the solution?

    • http://www.vishnuvalentino.com v4L

      #wnbee
      find this line :

      mysql_connect("localhost","MYSQL_USERNAME","MYSQL_PASSWORD");
      mysql_select_db("DATABASE_NAME");

      and change it with your configuration

  • Russell

    How Do I set up username and password + choose db to store my logon user and pass please?

    Thanks Vishnu!!! You are the Best!!

    • http://www.vishnuvalentino.com v4L

      #Russell
      maybe you can see this tutorial to change it. http://www./hacking-tutorial/tutorial-hacking-facebook-using-phishing-method-fake-facebook-website/

  • Jan

    I’ve let cain and abel collect some apr-https sessions and have a lot of “Cain’s HTTPS sniffer generated file”.
    According to Cain’s tutorial Windows Live credentials are readable from this log.
    I can’t see them.
    Do a must look for a hash and crack? I don’t know where to look..

    • http://www.vishnuvalentino.com v4L

      #Jan
      when the tutorial was written?in my opinion Microsoft nowadays will not put the credentials in a plain text.

      • jan

        It’s an older tutorial yes.
        That’s why I ask how to find the credentials? Are they in a hash or what?

        • http://www.vishnuvalentino.com v4L

          #jan
          actually i never try that, but I think its encrypted.

  • salina

    cn i do it on a laptop??..

    • http://www.vishnuvalentino.com v4L

      #salina
      yes you can

  • puppet

    i have successfully make it work on my laptop and now trying to make it accessible for the outside hosting server.. u can try access it from here.. mukabuku.no-ip.biz.. @v4l can u help me to change the username and passwrd to make it more real.. when i keyin the the username and passwrd..i need to delete the dotted first..

    Read more : http://www./computer-security/hacking-facebook-using-man-in-the-middle-attack/

  • Ezcu

    Hey I need to get the password of a guy that annoyed my girlfriend but im too dumb to follow these steps just by pictures. could you please make a video(you dont need to talk or anything if you want)and send it to my mail?

    Thank you so much , you are a genius

  • cross

    Error: Apache shutdown unexpectedly.
    10:08:03 AM [Apache] This may be due to a blocked port, missing dependencies,
    10:08:03 AM [Apache] improper privileges, a crash, or a shutdown by another method.
    10:08:03 AM [Apache] Check the “/xampp/apache/logs/error.log” file
    10:08:03 AM [Apache] and the Windows Event Viewer for more clues

    im getting these errors when i run apache can you please help me why this is happening…????
    im new to this..

    • http://www.vishnuvalentino.com v4L

      #cross
      maybe your port 80 was already used.
      if you in windows, you can check using netstat -an.
      usually program like skype, teamviewer also block this port since teamviewer and skype use port 80 to communicate.

  • w174rd

    Thanks for your tutor..
    it’s work!!!

  • http://www./ underman

    mate please answer me this only works on lan?

    • http://www.vishnuvalentino.com v4L

      #underman

      depend where you want to use…internet or your LAN.

  • Shailesh Parmar

    www.fileden.com/files/2007/2/24/814034/update-1.rar

    is not opening…its says "The server at www.fileden.com is taking too long to respond."

    Please help

  • Jerry

    ko vishnu, mau nanya dong, kalo di kosan gw pake https gmn ya?
    di kost ini ada proxy sendiri. portnya juga beda.
    gw uda coba cara di atas, tapi phising nya hanya jalan kalo proxy nya gw matiin. apa ga ada cara lain?
    thanks before. :)

    • http://www.vishnuvalentino.com v4L

      #Jerry

      kalau cain & abel sepertinya gak support port redirection, kalau di linux bisa pakai iptables.

      untuk windows mungkin bisa dicoba pakai ini: http://www./download/spi-port-forward-redirection-for-windows-to-another-port-ip-address/

      lalu nanti port destination nya disesuaikan sama port proxy-nya

  • Pradumn Joshi

    hi,
    I am trying a dummy attack within a local network but with diff default gateway and subnet, is there anyway to connect to the other default gateway???
    Like i am in 172.24.75.5(ip) and gateway 172.24.75.1
    and the other’s
    1)172.24.45.49 and gateway is 172.24.45.1
    2)172.33.5.6 and gateway is 172.33.5.1

    • http://www.vishnuvalentino.com v4L

      #Pradumn Joshi

      If you can control the router or you can access the other network, you can add a static routing but it will be a little tricky.

  • Lukas R

    I would like to use this MITM attack not the new one, but the updated php file link doesnt work!

    • http://www.vishnuvalentino.com v4L

      #Lukas R

      done…

  • Ger

    Could you please tell me how to download the fb.rar?
    It is telling me “Email not found or haven”t verified, please Sign Up your Email below” but I have subscribe and is verified.
    Do I need to wait a certain time?
    Thanks

    • http://www.vishnuvalentino.com v4L

      #Ger

      Yes, 18 hours.

    • Kapil Patel

      just subscribe it and reopen the given link for fb pages. after that again insert ur email address nd thats it.

  • Gerard

    When you add a new redirection rule in the apr dns, what should the ip address be?
    If it should be of the localhost, how could you find out its ip address?
    Thanks

    • http://www.vishnuvalentino.com v4L

      #Gerard

      it’s router address

      • Gerard

        Thanks for the quick answer. Im a begginer.

        Could you tell me why did you use the ip address; 192.168.160.148 (of the hacker ip) instead of your router ip which is 192.168.160.1?

        • http://www.vishnuvalentino.com v4L

          #Gerard

          If this is your question, yes it is the attacker IP. Sorry for my last answer that wasn’t correct. Victim will resolve facebook.com as attacker IP address.

          • Gerard

            Its ok. But could you explain how you would redirect the facebook page to your localhost?

            And Do I need to get a new domain name and a server?

  • Ger

    When I started apache, I had to change the configuration files because http://localhost/ wasn’t working, and now to access the localhost I have to add :812 (http://localhost:812).
    So how could I redirect the victom in apr dns to 168.160.1.110:812 instead of 168.169.1.110 only?? Because there is not enough space for the gate ( :812 ) in the apr dns!
    If this is impossible, what should I do to change the localhost to make it available as http://localhost/? Are there any tutorials?

    • http://www.vishnuvalentino.com v4L

      #Gerard

      http://www./download/spi-port-forward-redirection-for-windows-to-another-port-ip-address/

  • Abhijeet

    hi @v4l
    i m using c&a can u tell me how to redirect to original facebook page after the fake logins…
    i sounds real fishy if facebook is not responding
    i have tried redirecting using ip and it didn’t worked
    plzz help

    • http://www.vishnuvalentino.com v4L

      #Abhijeet

      you can try edit the PHP file in login.php and add

      header(“location:https://www.facebook.com”);

  • Arizky Revold

    you know that’s just like kyelogger ,

  • farhan

    when i’m clicking the Start/Stop APRbutton then some description is comming dat Couldn’t bind HTTP acceptor socket

  • Peter Krasinski

    I can’t download the Facebook offline page, It says I’m unsubscribed but I am.

    • abdo

      Yeah me too

      • sam

        me 2!!!!!!!!!!

        • http://www.hacking-tutorial.com/ v4L

          wait for 18 hours and subscribe without using disposable email.

    • 123

      me too

  • Kapil Patel

    the apache is not runnng….?? what to do. ?

    • Sheroz Shafique

      Their must be some other app using port 443

    • http://www.hacking-tutorial.com/ v4L

      other process use port 80
      you can see by run netstat -an
      or you can change apache listening port: http://stackoverflow.com/questions/3940909/configure-apache-to-listen-on-port-other-than-80

  • samyek

    ple help apache is not working i changed the port then also not working plz rply fast!!!!!

    • http://www.hacking-tutorial.com/ v4L

      @samyek
      other process use port 80
      you can see by run netstat -an
      or you can change apache listening port: http://stackoverflow.com/questions/3940909/configure-apache-to-listen-on-port-other-than-80

  • marek

    help sirs.. im kinda using wampserver so those this tutorial makes a difference???
    i can see in the Cain that im already poisoning the Mac Addresses i desired but they cant load on the fake fb page..

  • karumba

    This Method is still working ?

  • Guest

    My localhost page (facebook) looks like this … this is not looking like real … What i can do now?

  • Mudassir Sial

    my home page of facebook looks like this below in picture .. this is not looking like real facebook page what i can do now?

  • takieddine

    but how can i find out that it works ??

  • ImAnEthicalHacker

    I have been subscribed for over 18 hours now and won’t let me download. I did no use disposable email either. What should I do.

  • Killer

    How to view the password and user name ..I could nt figure it out

  • TeVsKo

    It is impossible to avoid the certification of ssl?