One the way to Facebook Hacking is Social Engineering, but the question asked by nearly all the people who are new to hacking scene is that “What is social Engineering and how to hack a (Facebook) account by it?”
So i decided to write this article to explain what it is and give a real life example of my own.
First lets see what Wikipedia have to say:
“Social engineering is commonly understood to mean the art of manipulating people into performing actions or divulging confidential information.”
According to Hacker’s Jargon Dictionary:
“Social Engineering: n. Term used among crackers and samurai for cracking
techniques that rely on weaknesses in wetware rather than software; the aim is to trick people into revealing passwords or other information that compromises a target system's security. Classic scams include phoning up a mark who has the required information and posing as a field service tech or a fellow employee with an urgent access problem. "
So actually if you trick some one to give you the confidential information he is manipulated by you. So now its clear that our beloved Phishing is also a kind of social manipulation. This might give you the size of it!
||For those who don’t know about Phishing, read this >
Lets get started:
So Phishing is a way to hack and its social engineering, but what are the other ways? Well apart from this you could trick the other person to give you his password. I know this might be really difficult but once you have mastered you could really make your name. Because the most wanted hacker of all times Kevin Mithnik actually used Social manipulation to hack though he himself couldn’t write his own exploit!
An easy way is to guess the password from the information given, normally people use following things as their password:
- Date of birth
- Phone Number
- School’s name
- Girl Friend’s name 🙂
- Favourite Movie
- Favourite Band
- Favourite Hero/Heroine
- Favourite Fruit! (I used one when I was young!)
So it means you should exploit the trust that victim have in you to get the information, the trust could be of a friend, colleague or official (If you are pretending to be a Facebook guy who need their password).
REAL LIFE EXAMPLE:
Some months back my best friend challenged me to hack his Facebook account, unfortunately he was a reader of my blog and knew all the ways like Phishing or Keylogging. So I couldn’t hack him for much time every time i tried i failed. So I though of social engineering.
What I did first was to got the primary Email Address of Facebook, I got that easily by Visiting his Profile page. The email was in Hotmail!
So I opened the Hotmail password reset page > https://account.live.com/password/reset and gave his email this gave me the following page:
Me: Hey havent you called you old friends? I wanted to meet them.
Me: Are in contact with them, BTW who is your best friend apart from our group?
He : Ohh my best friend apart form you people is Arslan.
Me: ohh great looking forward to the party! bye.
So those people who don’t know ARSLAN is a name and to my Good Luck it was also the password! So I hacked his email and from their I hacked his Facebook account,
Don’t worry no harm was done I just showed him that i did it and returned him the account because it is unethical to hack people to harm them. Real Hackers don’t do this and I for my self only hack my dearest friends (who don’t mind) for fun that all for me!
So from this example you people might have learn that how easy it is to hack through Social Engineering. But ALAS! the success rate is very low, but still where nothing works this works!