Type : Tutorial
Level : Medium, Advanced
In this tutorial Hacking Facebook Using Man in the Middle Attack I will demonstrate how to hacking Facebook using MITM(Man in the Middle). This attack usually happen inside a Local Area Network(LAN) in office, internet cafe, apartment, etc.
Below is the topology or infrastructure how MITM work, and how it can be happen to do hacking a Facebook account.
In the picture above, the attacker act as the third person attacker will manipulate the switch routing table so the victim will think that attacker is a Web server and vice versa, because the attacker has changed the routing table.
For this tutorial we need to prepare the tools to do Proof of Concept about this tutorial. Below you can download it.
1. XAMPP – APACHE+PHP+MySQL(We use XAMPP for our fake facebook web server)
2. Cain & Abel (We use it for Man in the Middle Attack)
3. Facebook Offline Page (I have nulled the code, so this script will not contacting Facebook when victim accessed fake Facebook page — only use this for learning)
Download Facebook Offline Page (mediafire.com):
Update : replace your index.php and login.php using following files Download Here.
Attacker IP Address : 192.168.160.148
Victim IP Address : 192.168.160.82
Fake Web Server : 192.168.160.148
I assume you’re in a Local Area Network now.
1. Install the XAMPP and run the APACHE and MySQL service
2. Extract the fb.rar and copy the content to
3. Check the fake web server by open it in a web browser and type
4. Install Cain & Abel and do the APR(ARP Poisoning Routing), just see the step by step how to below
Click the start/stop sniffer
Choose your interface for sniffing and click OK. When it’s finish, click again the Start/Stop Sniffer to activate the sniffing interface.
Go to the Sniffer tab and then click the
+ (plus sign)