This is the most advanced guide about Facebook hacking by android phone. Here you will find all the working methods. It took me 12 hours to create this amazing content.
On the internet, you can find websites & apps claiming to hack FB account in 5 minutes or less.
These websites/apps are completely fraudulent. After getting account details they will send you to survey sites. That’s how they make money. At the end, you get nothing & and you wasted your precious time.
If this something sounds similar to you, don’t worry I will not send you the survey site. In fact, I will show you step by step guide on how to hack a Facebook account in [currentyear]
Keep Reading you will learn every single method to hack facebook.
Table of Contents
Phishing is the oldest & still working [currentyear] to hack social media accounts. Basically in this hacker develop a fake login page that looks like the original Facebook website. Then he somehow convinces the victim to log in. Here is the screenshot of the fake login page.
As you can see URL is not facebook.com. When the target person will enter his email & password. He will be redirected to the original Facebook site and the hacker received his username & password.
Convincing the victim to login account is the main part. That’s where common skills come into play.
You can say something like it is a referral program, we both can win free mobile recharge.
Making something like Login & Get Free recharge can work in [currentyear]. Or something else so you can convince the victim to login into your account.
How To Create Instagram Phishing Page
These days, the modern browser starts warning users when they visit phishing sites. However, I found the solution to this method. I made changes to the phishing script.
On other side, free hosting companies also start suspended accounts that use phishing scripts.
You can use paid hosting such as fastcomet, hostmaria, hostingspell.
The paid hosting companies also provide you 30 days money-back guarantee. Within 30 days, you can cancel your account and get the money back.
If you want to use free hosting then try 000webhost. It will allow phishing for some time. After that, they will suspend your account. If you are doing it for educational purposes you can use 000webhost.
I have made a single script that can hack the following accounts.
Yes, single script to create phishing page for all three of them.
I assume you know that how to create an account for 000webhost. Just make sure you don’t install WordPress or don’t use any website builder.
We need to use file manager for uploading the files. Here are the steps for uploading.
- Now login to your 000webhosting account. After that find the File Manager.
- Open it & go to public_html folder. Upload the phishing script that you downloaded. The following screenshot describes how to upload a zip folder
- Once the upload is complete you need to upload another file. Unzipper.php, basically we can’t extract files using 000webhost. Download here unzipper.php. After download again upload just like you have uploaded the zip file.
- Once the upload is complete then open your site ur l(you will get it from 000webhost dashboard) you need to open example.com/unzipper.php here example.com means your site. It will show you something similar to the following page. As you can see I have selected the Archive.zip file. After selecting it, click on the Unzip Archive Button. It will extract all the files.
- Now Go back to My Sites, copy the site url. Now open the example.com/archieve/. (here example.com means your site url) It will show you something like this.
- Great you have done everything correctly. Now at the end of url, just type ?id=instagram. It will open a page similar to the following page.
If your victim clicks on the Login with Facebook this will open a Facebook phishing page. When the user login into the account his username & password will be saved in the users.txt file
You can access this file by typing yourwebsites..com/users.txt
When you want to view facebook phishing then type type ?id=facebook at the end of the url.
when you want to access snapchat phishing page then type /?id=snapchat at the end of the url.
Snapchat and Facebook login details will also be saved into users.txt file.
You can also apply Cloudflare for HTTPS also known as SSL certificate. It convinces users that the site is safe to use.
How to Protect yourself
- Always check URL before login
- Do not Open Any link from an unknown source
Keylogger is another famous way of hacking social media accounts. keyloggers are spy apps that record every key activity & send it to the hacker remotely. For installing keylogger you need access computer.
On the internet, you can find thousands of free keyloggers. The problem with free keyloggers apps is they don’t transfer data remotely. You need to access the device again & again for viewing captured data.
Paid keyloggers such as hoverwatch that can send you every typed keyword remotely.
But the installation part is complicated especially if you are a non-techy person. I recommend watching the following video. If you prefer text over video then keep scrolling.
Go to hoverwatch website make your free account.
Once you signup you will see something like this one. Download the app.
Then on device where you want to install keylogger disable the play protect. Go to Play store Menu > Play Protect > Settings. Turn off Scan apps with Play Protect as shown in the screenshot.
Now install the app of hoverwatch that you have downloaded in the second step. Once the installation is done, launch the app. It will show you something like the following screenshot.
Select anything, it doesn’t matter. After selecting click on the next.
Then it will show you End-user License Agreement that you have to accept if you want to install keylogger on the phone.
The next step is all about allowing permissions. First, some basic permissions such as call, files, etc permissions. Make sure you turn on every one of them.
Then you need to enable Accessibility service. It will take you to the settings. Where you need to enable Sync Service.
After that Turn on Access to Usage. A popup will appear with instructions. Clicking on the ok button will take you to Usage Access. Where again you need to turn on Sync service
ike this, you have to enable overplay permission, Disable app notification & Disable Battery Optimization as well.
After that login into the hoverwatch account that you have created while purchasing.
On successful login, you can select turn on service that want to monitor. you may need to allow several other permission as well.
Last but not least It will ask you to type a pin. Because the app is hidden. If you want to access the app you need to Dial ***pin-code###.
Hoverwatch dashboard: Here I have login into hoverwatch after installing it.
How to Protect
- Keep Your Device Up to Date
- Apply step 2 verification on your accounts
If you are looking for free keylogger apps for android then check this article
Saved Password on the Browser
We all save password in the browser. In recent days, Google & Apple also sync app password.
If you have access person’s phone/computer then you can find the saved password easily.
Getting password steps are different depending upon the Browser & device.
But I assume most of you are using Google Chrome on android. Go to Chrome Settings→Passwords.
It will display all websites saved username. Find Facebook and then click on Facebook URL. Then it will open new activity, where you will see something like this. I hide confidential information.
When you clicking on the show button, it will ask you a device-protected pattern or password, whatever victim has applied.
On successful authorization, you will see the password. If your victim is using computer then steps are almost similar. You can also google How to find saved password in …. Browser.
Some of you already tried social engineering before searching on Google. Social Engineering is basically guessing the password or convince the victim to get his password without letting him know
I’m not saying you to sit in front of the computer for 6-8 hours just for guessing the password.
But you can try some common passwords for example generally people use their loved names with two or three numbers.
Most people use the same password on every account. If you can find password of any other account maybe you can try same password for the fb account.
How to Protect yourself From social engineering
Use a Strong Password. Here is my recipe to create a strong password. Think about a sentence in mind, anything. For this example let’s use the following one.
Tinku was Our First Dog.
Now Pick first character of every word. It will look something like this
Last but least add some special characters to it.
I have picked 098 special characters so I can remember. Now you have a strong password.
By Creating Fake Login App
A lot of users use insta by an app. If you know app development knowledge then why not create a fake Instagram app.
Here is what I did to hack account.
- Get the phone to browse Facebook
- Uninstall original app
- Installed Fake App
In the fake app when my victim tried to login into his account. App Show an error
Something is wrong, Please uninstall current version & install latest version from play store.
In the backend, it forward me his username & password. To create fake either you can spend 2-3 months in app development or hire a app developer from fiverr.
How to Protect yourself
- Apply step-2 verification on your account
By Hacking Gmail
A lot of people use Gmail to login. Some smart people use both Gmail & mobile number. Hacking Gmail is much easier than hacking FB.
For hack the Gmail account all you need a device where the victim has login previously & some basic social engineering knowledge.
Go to Gmail login enter his email id and press enter, Then it will ask for the password. Click on Forgot password. It will ask for the last password. Click on Try another way
It may send Code on the phone, within certain seconds it will show the Try another way link.
Like this, later on, it will ask for when you have created your Gmail account, last login date, etc.
If you entered all the details correctly then soon you will hack the Gmail then by forgetting the password you will hack the Facebook account
No matter how secure the internet becomes there will be always some ways to hack other people’s accounts. But there will never an automatic method.
I hope you got value from this article. It took a lot of hard work for writing this article. Please share your feedback in the comment section.