Cookie Stealing Attack ?

In this tutorial i will explain how you can hack a Facebook/twitter accounts by stealing cookies. This method works only when the victims computer is in a LAN (local area network ).Best place to try out this is in schools ,collages ,cafes . where computers are connected in LAN .Before i proceed let me first explain cookies.

What Are Cookies ? And What Is The Use Of Stealing Cookies ?

Cookies are small files that stored on users computer by websites when a user visits them. The stored Cookies are used by the web server to identify and authenticate the user .For example when a user logins in Facebook a unique string is generated and one copy of it is saved on the server and other is saved on the users browser as Cookies. Both are matched every time the user does any thing in his account

So if we steal the victims cookie and inject them in our browser we will be able to imitate the victims identity to the web server and thus we will be able to login is his account . This is called as Side jacking .The best thing about this is that we need not no the victims id or password all we need is the victims cookie.

Hack Facebook / Twitter By Stealing Cookies ?

1. Ettercap or Cain and able for ARP poisoning the victim
2. Wire shark for sniffing and stealing cookies
3. Firefox browser and Cookie logger add on for injecting the stolen cookies in our browser

1. First ARP poison the victim .For this you can refer my previous articles on how to ARP poison the victims computer using Cain and able or Ettercap

2. After ARP poisoning open Wire shark ,click capture button from the menu bar , then select interface .Now select your interface (usually eth0 ) finally click start capture .

3. Now you can see the packets being captured , wait for a while till the victim logs in his account( Facebook /twitter ),

4. Mean while Find the IP address of Facebook ,for this you can open CMD (command prompt ) and enter .Ping Facebook.com to find its IP address.

5. Now filter the packets by entering the the IP address (Facebook) in the filter bar and click apply

6. Now Locate HTTP Get /home.php  and copy all the cookie names and values in a notepad.

7. Now open Firefox and open add and edit cookies ,which we downloaded earlier , add all the cookie values and save them.

 8. Now open Facebook in a new tab , you will be logged in the victims account .


Ra Du ......you have hacked the victims Facebook account by stealing cookies , You can also follow the same steps to hack  Twitter accounts


Hope you enjoyed this tutorial , If you have any doubts please feel  free to post a comment.

Note: This tutorial is only for Educational Purposes, I did not take any responsibility of any misuse, you will be solely responsible for any misuse that you do. Hacking email accounts is criminal activity and is punishable under cyber crime and you may get upto 40 years of imprisonment, if got caught in doing so.