This is one of the most searched topics in the category of Ethical Hacking. Most beginners like to go with the brute force method because they think it is not that hard. That is okay.
Bruteforcing a social media account of common people is not that hard, but creating a targeted password list is the real thing!
We need to focus on collecting information about their online behavior, the common patterns of passwords they use, etc. On the basis of this information, we can create a targeted password list.
But here, we are not talking about creating a targeted password list, we are going to talk about a new tool that can do your Bruteforce job. The tool is SocialBox.
Why you should use SocialBox?
Well, there are 100s of tools we can use for brute-forcing but only a few tools provide us good anonymity during the time of brute-forcing. Some tools provide their own proxy but sometimes they don't work or they are not that good.
But, SocialBox can be configured in such a way that the traffic can go through a TOR circuit.
Let's see how we can do that.
Configuring Facebash on Kali LinuxFire up your Kali Linux machine and download the tool from Github. Now navigate to the directory where you've downloaded the tool and expand the directory. To clone the tool instead of downloading the zip file, follow the commands given below.
git clone https://github.com/Cyb0r9/SocialBox.git
before launching the tool, you have to satisfy its requirements. In order to do that simply run the script named 'install-sb.sh' by using the commands given below.
chmod +x install-sb.sh
It'll install all the requirements the tool needs and now we are free to launch the tool. In order to launch the tool, we have to run the 'SocialBox.sh' script but before that, we have to give root permission to it. No need to worry, just follow the commands given below.
chmod +x SocialBox.sh
Great! we have launched SocialBox successfully. Now its time to test it. It has so many features such as brute-forcing Instagram account, twitter account, Gmail account, etc. but we are going to stick with the 'Bruteforce Facebook' option as we are here to crack facebook account.
We tested it on one of our own Facebook accounts legally. And you can see the result. The process takes from a few seconds to a very long time depending on the CPU/GPU and the length of the password list.
Visit this youtube video to watch the tutorial.
Warning: If more than 20 wrong passwords are attempted from the same IP address, Facebook blocks that IP address for 1-4 hours. You can take the TOR circuit in use to bypass that.
ConclusionSocialBox is really a great tool if you use it at the right time on the right target using a very targeted password list. Getting success in brute-forcing never depends on the tool you are using, it always depends on the password list you've made. Always try focusing on making a targeted password list instead of tools.
What's your opinion? Let us know in the comment box and also if you are facing any problem regarding installing the tool, describe your problem with a screenshot in the comment box. we are always here to help you.