Hacking facebook is nearly impossible. Then how facebook accounts are hacked? Actually hacking into facebook database is nearly impossible. Its not an easy job (only a few had done it.. lol). But still there are many other ways to hack an account. Here is one method – ‘phishing’. Phising means collecting sensitive data like passwords and usernames or even credit card details with specially crafted webpage that which is the exact clone of the genuine one. we have to setup a trap and wait for the prey to get in. Now Just follow the steps.

Step 1

As said before, We are setting up a trap. We have to make a fake login page and a script to capture the username and password. If you don’t have much experience in PHP and HTML don’t worry just download the codes from below link.

Phishing scripts


Step 2

After downloading the files we need a server to host it. If you have one server (kali linux have Apache built in) just host it. If you dont have one just make one account in a free hosting service.


Step 3

Here we are using a free hosting service 000webhost.com Go to the home page and click signup.

ALTERNATIVE (built in apache server)

Kali Linux have built in apache web server. copy the files index.html and login.php to “/var/www/html/” directory. Forward the port 80 in your router. Your public IP will be your web address. Open a browser “http://<your public ip>/” this will give you the phishing page. I don’t recommend this method because no one will open the ip address unless you have a domain name


Step 4

Register with your email id and make an attractive domain name. Note down the password that you have provided. Now again go to the home page and click on ‘members area’. Login with your email and password, it will take you to the C-panel of your website. Click on file manager, your home directory will come up. Now just upload the file that you have downloaded (index.html and login.php) to the “public_html” directory.


Step 5

Open new tab on your browser and enter your url (i.e url of the website that you have just hosted). If a facebook look alike page appears then get ready for the hunt. You have just made an evil twin of real facebook login. Now just give that link to your victim and wait for him to login. Just say this is you FB page, just check out.


Step 6

Wait for our prey.. If our target has opened the link and logged in with his credentials our php script should have captured the password and saved to a text file – password.txt. to retreive this go to the cpanel and login again open the text file. Enjoy !

BONUS: You can also change the dns of a target systems like internet cafes or offices and redirect the facebook.com to your rouge dns (i.e your phishing sites’s DNS). so when a user type in facebook.com it will be redirected to your phishing page. Through this way you can get tremendous number of login credentials a day.


change dns of windows

Since most of the system in internet cafes run on windows this will workout. open cmd as administrator and open host file by the command
# notepad.exe %SystemRoot%System32driversetchosts

now you can find the entries is localhost. Add the following line at the bottom and save it. (find your own IP by ping command: # ping yoursite.com)

<your site’s IP>        facebook.com
<your site’s IP>        www.facebook.com
<your site’s IP>        fb.com
<your site’s IP>        www.fb.com

Now when a user types facebook.com on any browser in that system he will be redirected to yous phishing site
you can check it out yourself.


Susmith Krishnan

I’m a computer enthusiast basically and i love to write blogs on tech issues and cyber security. I started penetration testing at the age of 16 and i would like to explore security vulnerabilities and latest tech news and wanna share with you


สมุนไพรรักษาโรคมะเร็ง · July 8, 2016 at 2:29 am

I am regular visitor, how are you everybody?
This post posted at this website is really pleasant.

    admin · July 8, 2016 at 10:02 am

    Goin very well. 😀 thanks for asking

ผลิตภัณฑ์ bim100 · July 8, 2016 at 9:45 am

Hi there, I discovered your blog by means of Google at the same time as looking for a comparable matter, your website got here up, it seems good.
I’ve bookmarked it in my google bookmarks.
Hello there, simply was aware of your weblog via Google, and found that it
is truly informative. I’m gonna be careful for brussels.

I will be grateful in case you proceed this in future.

A lot of other people can be benefited out of
your writing. Cheers!

    admin · July 8, 2016 at 10:04 am

    Thank you very much, Please keep sharing so that others can catch my new blogs. 🙂

khalid · September 19, 2016 at 1:14 pm

hello bro can i get the phishing script to do the test
It has been removed from the link

jhoana mariella · August 13, 2017 at 7:15 pm

wrong password

Mar · September 3, 2017 at 4:21 pm

I need the html code for hacking on facebook . Do tou have?

Manish Bhardwaj · September 7, 2017 at 5:25 am

Great PromoChannels.com

djkhaled14 · November 7, 2017 at 7:26 pm

how to get html code for hacking on facebook . Do tou have?

HackGodJC · November 19, 2017 at 1:39 pm

Umm, the last step where we can change the dns. That would need physicall access to the victim machine. Wouldn’t it be better if we just metasploit it ?

Iram · December 14, 2017 at 4:22 pm

can i change the path means when some put fb user and pass in this link i want web let him on another facebook group page ..

Asad · January 5, 2018 at 4:05 am

I can’t hack

Asad · January 5, 2018 at 4:10 am

I can’t hack
Plz help me

joshua · March 2, 2018 at 11:00 am

how to hack fb

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.