FB_CONTROLLER BUAT HACK PASSWORD

Seorang yang pintar dengan keamanan komputer asal India telah melakukannya. Azim Poonawa alias QuakerDoomer, merupakan penulis dari FBController. Tool FBController tersebut didesain untuk memudahkan user untuk mengambil alih control account Facebook, dan untuk itu, user yang menggunakan tool ini akan dapat mencuri session cookies. Tool FBController ini juga dapat mengatur jumlah besar account yang telah dibajak. Software FBController ini dapat menganalisa komunikasi Facebook di komputer, ketika user berinteraksi dengan situs jejaring social tersebut, dan menggunakan informasi, bersama dengan data cookie. Menurut Poonawala, dengan begitu, tool tersebut dapat membantu mencuri data account user Facebook.

Sementara cookies, dapat digunakan oleh software FBController ini untuk memata-matai jaringan, mengeksploitasi XSS (cross-site scripting), berbuat social engineering, dan via proxy yang terbuka ketika cookies masuk. Sedangkan menurut Jeremiah Grossman, kepala teknologi WhiteHat Security, mengatakan bahwa tujuan diciptakannya tool FBController tersebut lebih kepada untuk mengontrol account dalam jumlah besar, bukan untuk membajak accouny di Facebook dalam satu waktu.

�Tool FBController ini lebih mudah digunakan daripada menggunakan log in ke browser dan memodifikasi account satu per satu. Namun, eksistensi tool ini juga membuat saya sadar bahwa sejumlah besar account Facebook akan memiliki kemungkinan untuk hacker menyusup dan memperluas aksesnya di account mereka.� ungkap Grossman.
Sementara menurut Barry Schnitt, juru bicara Facebook mengatakan bahwa Facebook sama sekali tidak takut dengan tool tersebut.� Kami memiliki system pendeteksi phishing atau account palsu di banyak point, seperti point gangguan point login, point pengiriman spam, dan sebagainya. Multi account yang dilakukan dalam satu aksi, waktu yang sama seperti yang dilakukan tool ini, akan membuat deteksi semakin mudah.� tambah Schnitt.

A computer security enthusiast in India has released a tool designed to allow people to take complete control of strangers' Facebook accounts if they can get hold of the targets' session cookies. It also could be used to manage large quantities of hijacked accounts.
FBController analyzes the communications that Facebook has with computers when they interact with the site and uses that information, along with the cookie data, to allow for accounts to be hijacked, said 26-year-old Azim Poonawala, who wrote the tool and provides details on his blog.
Cookies, meanwhile, can be obtained using network sniffing, cross-site scripting exploits, social engineering, and via open proxies where cookies are logged, he said in a recent interview over chat.
Poonawala, who goes by the alias "Quaker Doomer", said he wrote the tool as a proof of concept and because "writing network-related gray hat tools has always been an adrenalin rush".
Jeremiah Grossman, chief technology officer of WhiteHat Security, said he believed the purpose of the tool is to manage control over large numbers of accounts rather than merely hijack accounts one at a time.
"This is much easier than using a browser to log in and modify accounts individually," Grossman said in an e-mail. "The mere existence of such a tool leads me to believe that huge numbers of FB accounts are and continue to be compromised and the bad guys need to scale their access."
Facebook spokesman Barry Schnitt said the company is aware of the tool and that it does not impact the firm's ability to detect potentially malicious behavior.
"We have systems to detect phished or fake accounts on many different points, including at point of compromise, point of creation, point of login, and point of a spam send, among others," Schnitt said. "Multiple accounts taking the same action, at the same time, as this tool enables, can actually make this detection easier."
Poonawala said his intention in creating FBController was not to allow control of multiple accounts, although "it can definitely be misused by bad guys to achieve that sin


Download Here?