This is the most advanced guide about Facebook hacking by android phone. Here you will find all the working methods. It took me 12 hours to create this amazing content.
On the internet, you can find websites & apps claiming to hack FB account in 5 minutes or less.
These websites/apps are completely fraudulent. After getting account details they will send you to survey sites. That’s how they make money. At the end, you get nothing & and you wasted your precious time.
If this something sounds similar to you, don’t worry I will not send you the survey site. In fact, I will show you step by step guide on how to hack a Facebook account in 2021
Keep Reading you will learn every single method to hack facebook.
Table of Contents
Phishing is the oldest & still working 2021 to hack social media accounts. Basically in this hacker develop a fake login page that looks like the original Facebook website. Then he somehow convinces the victim to log in. Here is the screenshot of the fake login page.
As you can see URL is not facebook.com. When the target person will enter his email & password. He will be redirected to the original Facebook site and the hacker received his username & password.
Convincing the victim to login account is the main part. That’s where common skills come into play.
You can say something like it is a referral program, we both can win free mobile recharge.
Making something like Login & Get Free recharge can work in 2021. Or something else so you can convince the victim to login into your account.
How To Create Facebook Phishing Page
Making a phishing page is easy but making an undetectable page is tricky. Browser warns users, the site may be fake, etc.
But still, after these hurdles making undetectable phishing pages is possible. It just takes few extra steps. Here is what you need to create a phishing page
- Phishing script (You don’t need to write any code): Download Here
- Firebase Account: Create a free Firebase account & Setup a Project as well, Learn here
- Free Hosting: Sign Up for 000webhost.
Here are the steps that you need following after doing above three things.
- After creating your account & Add New Project. Go to Project Settings, and click on Add App under Your Apps.
- This will take you to a new window where you need to type the app name. On Clicking Register Button, will show you a firebase code.
- As shown in the screenshot, copy the code starting from var= to (firebaseConfig);
- Save these Codes somewhere you need it later on.
- Here in the firebase click on go to console button then Chose the Real-Time database from the left sidebar. Then click on the Create Database button. You’ll be prompted to choose a test or locked Mode. Select the test code and click on the enable button.
- Now Go to Rules & Change both read & write to true
- After downloading the script extract it on your computer. If you are a phone user then you can also extract the zip folder on the phone with help of some software.
- You will get two items, the first one is the index.htm file & the second item is a folder. Now Open the index.htm using any text editor such as notepad. Android users can use the HTML Editor.
- Scroll Down until you did not find firebase settings as shown in the screenshot.
- Change these codes that you have copied in the 3rd step of Firebase Settings
- Save the File, Make zip folder of both index.htm file & folder
- Now login to your 000webhosting account. After that find the File Manager.
- Open it & go to public_html folder. Upload the Zip Folder. The following screenshot describes how to upload a zip folder
- After uploading Select the file and select the Extract icon. It will prompt you to the location. Type . (Dot)
- Now Go back to My Sites open site URL. It will show you something like this
- Login with any account to check your account.
In the Firebase→Realtime Database, you will get your login details as you can see in the screenshot.
If you didn’t receive anything probably you haven’t change the code successfully.
Creating a phishing page is a different thing but the convincing victim is totally different concept. On this page, I write down Earn RS 100 as you can see in the screenshot. So you can convince by something like I will get free recharge.
How to Protect yourself
- Always check URL before login
- Do not Open Any link from an unknown source
Keylogger is another famous way of hacking social media accounts. keyloggers are spy apps that record every key activity & send it to the hacker remotely. For installing keylogger you need access computer.
On the internet, you can find thousands of free keyloggers. The problem with free keyloggers apps is they don’t transfer data remotely. You need to access the device again & again for viewing captured data.
Paid keyloggers such as hoverwatch that can send you every typed keyword remotely.
But the installation part is complicated especially if you are a non-techy person. I recommend watching the following video. If you prefer text over video then keep scrolling.
Go to hoverwatch website make your free account.
Once you signup you will see something like this one. Download the app.
Then on device where you want to install keylogger disable the play protect. Go to Play store Menu > Play Protect > Settings. Turn off Scan apps with Play Protect as shown in the screenshot.
Now install the app of hoverwatch that you have downloaded in the second step. Once the installation is done, launch the app. It will show you something like the following screenshot.
Select anything, it doesn’t matter. After selecting click on the next.
Then it will show you End-user License Agreement that you have to accept if you want to install keylogger on the phone.
The next step is all about allowing permissions. First, some basic permissions such as call, files, etc permissions. Make sure you turn on every one of them.
Then you need to enable Accessibility service. It will take you to the settings. Where you need to enable Sync Service.
After that Turn on Access to Usage. A popup will appear with instructions. Clicking on the ok button will take you to Usage Access. Where again you need to turn on Sync service
ike this, you have to enable overplay permission, Disable app notification & Disable Battery Optimization as well.
After that login into the hoverwatch account that you have created while purchasing.
On successful login, you can select turn on service that want to monitor. you may need to allow several other permission as well.
Last but not least It will ask you to type a pin. Because the app is hidden. If you want to access the app you need to Dial ***pin-code###.
Hoverwatch dashboard: Here I have login into hoverwatch after installing it.
How to Protect
- Keep Your Device Up to Date
- Apply step 2 verification on your accounts
If you are looking for free keylogger apps for android then check this article
Saved Password on the Browser
We all save password in the browser. In recent days, Google & Apple also sync app password.
If you have access person’s phone/computer then you can find the saved password easily.
Getting password steps are different depending upon the Browser & device.
But I assume most of you are using Google Chrome on android. Go to Chrome Settings→Passwords.
It will display all websites saved username. Find Facebook and then click on Facebook URL. Then it will open new activity, where you will see something like this. I hide confidential information.
When you clicking on the show button, it will ask you a device-protected pattern or password, whatever victim has applied.
On successful authorization, you will see the password. If your victim is using computer then steps are almost similar. You can also google How to find saved password in …. Browser.
Some of you already tried social engineering before searching on Google. Social Engineering is basically guessing the password or convince the victim to get his password without letting him know
I’m not saying you to sit in front of the computer for 6-8 hours just for guessing the password.
But you can try some common passwords for example generally people use their loved names with two or three numbers.
Most people use the same password on every account. If you can find password of any other account maybe you can try same password for the fb account.
How to Protect yourself From social engineering
Use a Strong Password. Here is my recipe to create a strong password. Think about a sentence in mind, anything. For this example let’s use the following one.
Tinku was Our First Dog.
Now Pick first character of every word. It will look something like this
Last but least add some special characters to it.
I have picked 098 special characters so I can remember. Now you have a strong password.
By Creating Fake Login App
A lot of users use insta by an app. If you know app development knowledge then why not create a fake Instagram app.
Here is what I did to hack account.
- Get the phone to browse Facebook
- Uninstall original app
- Installed Fake App
In the fake app when my victim tried to login into his account. App Show an error
Something is wrong, Please uninstall current version & install latest version from play store.
In the backend, it forward me his username & password. To create fake either you can spend 2-3 months in app development or hire a app developer from fiverr.
How to Protect yourself
- Apply step-2 verification on your account
By Hacking Gmail
A lot of people use Gmail to login. Some smart people use both Gmail & mobile number. Hacking Gmail is much easier than hacking FB.
For hack the Gmail account all you need a device where the victim has login previously & some basic social engineering knowledge.
Go to Gmail login enter his email id and press enter, Then it will ask for the password. Click on Forgot password. It will ask for the last password. Click on Try another way
It may send Code on the phone, within certain seconds it will show the Try another way link.
Like this, later on, it will ask for when you have created your Gmail account, last login date, etc.
If you entered all the details correctly then soon you will hack the Gmail then by forgetting the password you will hack the Facebook account
No matter how secure the internet becomes there will be always some ways to hack other people’s accounts. But there will never an automatic method.
I hope you got value from this article. It took a lot of hard work for writing this article. Please share your feedback in the comment section.