Fbpwn- A cross-platform Java based Facebook profile dumper

If you are popular than you are at risk, the same thing applies on Facebook one of the most popular social networking website. Social networking websites are good for social engineers because in the first step of hacking (Information gathering) social networking websites like Twitter, facebook linkedin plays an important role. Just like TheHarvester (a tool to gather information from search engine) there are different tools that can be useful to gather information from social networking websites.

So, for gather information from Facebook an attacker can use Fbpwn, now the question is, what is Fbpwn and how it gather information? Below is the answer.

What Is Fbpwn

Fbpwn is a cross-platform Java based Facebook profile dumper, sends friend requests to a list of Facebook profiles, and polls for the acceptance notification. Once the victim accepts the invitation, it dumps all their information,photos and friend list to a local folder.

In simple it can do all the stuffs automatically that you can do manually, it is an open source tool and available for free of cost so you don’t need to worry about it.

Download

Fbpwn is best tool for the new users who don’t know about programming because as discussed Facebook graph API information gathering, Fbpwn do all the stuffs automatically.

FBPwn modules

  • AddVictimFriends: Request to add some or all friends of bob to increase the chance of bob accepting any future requests, after he finds that you have common friends.
  • ProfileCloner: A list of all bob’s friends is displayed, you choose one of them (we’ll call him andy). FBPwn will change mallory’s display picture, and basic info to match andy’s. This will generate more chance that bob accepts requests from mallory as he thinks he is accepting from andy. Eventually bob will realize this is not andy’s account, but probably it would be too late as all his info are already saved for offline checking by mallory.
  • CheckFriendRequest: Check if mallory is already friend of bob, then just end execution. If not, the module tries to add bob as as a friend and poll waiting for him to accept. The module will not stop executing until the friend request is accepted.
  • DumpFriends: Accessable friends of bob is saved for offline viewing. The output of the module depends on other modues, if mallory is not a friend of bob yet, the data might not be accessable and nothing will be dumped.
  • DumpImages: Accessable images (tagged and albums) are saved for offline viewing. Same limitations of dump friends applies.
  • DumpInfo: Accessable basic info are saved for offline viewing. Same limitations of dump friends applies.





Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Top 10 things to Do After Installing Kali Linux

Kali Linux is considered to be one of the best hacking distribution of this era, it is developed by Offensive Security to give an...

Become a spy in your own right with Xnspy Android spying app

Having become widely popular among parents and employers, spying apps have become quite the norm nowadays. Android spying apps have made it a lot...

e-Services Portals Potentially Expose Government Infrastructure to File-based Attacks

More and more users are embracing technology to perform their day-to-day activities. It’s not only private businesses that are forced to establish digital channels...

What is Nmap? How to use Nmap for Information Gathering

Nmap stands for Network Mapper, a powerful network scanning and host detection tool that is being used to perform reconnaissance in a very first...