I'm invited to a party a few days from now

csploit
f-droid.org/repository/browse/?fdid=org.csploit.android

Stealing is for losers. It's not your stuff. No matter how savvy you are, doesn't excuse any parasitic behaviours, user.

And how many more parties did you want to go to??

Haha user got shot down.
But really, fuck off faggot.

Yeah, that was one thing that did cross my mind.
I'm thinking to redirect social media sites to their respective phishing pages which I'll create and store locally on my phone.
But I'm specifically am looking into hacking Instagram accounts, so if someone could help me with that it'd be great.

>going to ask
So you'll rat yourself out?
You know the first thing they're going to remember after you stole their info is someone asking to connect to their wifi.

Don't ask and name it something witty.

Why do you even care? Why not use these skills to make the world better than than just being a dick, taking advantage of people.

same fagged by op

HTTPS
/thread

Are you full retard? Who the fuck pulls up their browser and goes to instagram or FB website on their phone?

That's a decent contingency plan. I hope it works. I was reading that CSploit thing that another user posted and it looks pretty solid.

I'll obviously not ask them to connect to it straight away. I know how to manipulate the target person, so it'll be easy and she won't understand.

he could forge a false certificate, but mobile apps probably check for that

I'm not really a hacker but I am an app developer. MITM only really works if the traffic between the target and their service provider is unencrypted.

Since last year all iOS apps have had to use encryption by default.

A lot of the info you will find on the web will be out of date. It's note as easy as just firing up wireshark like it used to be.

fuck off.

My target does.
I'm looking into it too. Hope it works.

People that are fucking stupid, like almost everyone, and are told, "Did instagram give you that offers page today? Mine started to process it then failed." "What offer?" "I forget. Pull it up. I'll show you. ... [ ] [ ] .'. /.\ huh, I guess they took it down." Your lack of imagination is why you will never accomplish anything significant.

You obviously do not know what you are talking about

Ohh, any idea about android mate?
She's using a Galaxy S2 running Kitkat 4.2.2 which I rooted a few years ago.

the whole point in this place is that you can come and ask this kind of thing anonymously

You're a fucking idiot, they're gonna know who did it, even if they understand none of the technology.

You'd get farther if if you took the name of the host's own (presumably secured) wi-fi, and named yours after it but with "-guest" appended to the SSID, and made it open, still most people won't bother connecting to it. But if you asked them to they'd still sense something was weird.

There are tons of app that do that but you can't decrypt TLS.

And what you want to do is not a MITM attack

This >What do I do then? You got an idea?

You're obviously a neckbeard and a faggot, but because you got dubs, I'll let it go for now.

What you need to do is wait for one person to inevitably start asking around for the WIFI password, then casually tell them the "house WIFI" that they can let others know. That's it. Nothing more. Say anything else and you'll incriminate yourself from the start.

It also heavily depends on the type of "party" you're attending. If there's a DJ and it's a bumping house party, no one will be sober enough to even remember to spread a password some fat dude told them 20 minutes and 4 PBRs ago.

Sorry couldn't help you there mate.

so from what I gather you're after her photos. It may be sensible to look for them at another place.

This is gonna sound super creepy but my ex gf's netflix password (which she shared with me) was the same as her dropbox password.

Turns out she backed up her phone photos with dropbox. So I logged into dropbox once and made a public link to her photo stream file.

Just to warn you though. I spent the next 6 months watching her photo stream including naked pics she was obviously sending her new bf.

My advice. It really isn't worth it. It'll make you more unhappy than anything

>ask people to connect
haha good luck faggot

Sniffing packets

They're not going to be drunk but I'll handle it on that front. I just need to figure out a solid plan to hack it "after they are connected" to my wifi.

Don't fucking tell people to connect, just name it something stupid or generic and leave it unlocked. Everyone on their phone will connect.

Asking people to connect is literally suspicious as fuck and even drunk people will remember that shit.

I use the FB website on my phone instead of the objectively inferior app.

She destroyed me emotionally and socially man.
I don't want to fuck with her photos, she has some DM's on her instagram account which could help me expose her.

have you thought about getting the mac address of your school and spoofing that?

I don't know if you could do it with a phone but definitely with a raspberry pi or something. If the access point looks like a network their phones already know they will connect automatically

Sounds like a nice idea user.
Will definitely research on it.

place a sign on the "bar" with the wifi infos

Even if the connection is encrypted.
OP will not succeed

>be me at a party w/ some friends
>some sweaty neet walks up to us
>"Hey guys you can connect to my mobile hotspot if you want."
>he walks away leaving a trail of swamp ass funk in the air
>everyone makes fun of him for the next 5 minutes
>already have massive data packages already because we're white you dumb shit

you should at least try to hack your own phone first so you know what to expect and if there's anything that might indicate that the creep at the party who made everyone connect to his hotspot is trying to do something weird

I'm testing cSploit on my devices right now.
Doesn't work properly as expected, i'm still trying to find a way to make it work though.

I've got bad news for you OP.
Instagram app communication has been encrypted since 2014. There is no way you can do a MITM attack.

Realistically your only hope would be some form of phishing

Go buy a blue coat web gateway with transparent TLS interception. It'll MITM without needing to install root certs. But you're probably 1) a broke fag and 2) have no idea what a bluecoat appliance is anyway.

Get out of the deep end of the pool kiddie.

It won't work because the connection is encrypted you cock cheese.

>be at party
>sending data packets with reputable software packages over a secure connection
>neet asks me to connect to his hotspot because hotspots seem cool and he wants to try them out or something
>politely inform him that doing so would increase the chance for a man in the middle attack, possibly triggering security implementations in certain apps preventing them from working correctly and make him liable should any loss of or interception or damage to data occur
>he says thanks and walks away
>go about my day

yeah... A blue coat gateway doesn't do what you think it does

I'm thinking of redirecting Facebook to my local phishing page and get her to login her facebook, then reset her instagram with facebook.

Right, I got no idea what blue coat is.

Stop messing around with this hacker shit OP. You cant beat the nerds in silicon valley.

Just do this.
1. watch her while she unlocks her phone.
2. remember code
3. make sure she drinks
4. when she's drunk steal phone
5. fucking profit nigger

the only real way to hack is to understand how these systems work well enough to know their security exploits, the problem with being someone who wants to hack is that you're probably a low life whose not a decent enough human being to actually learn anything about how computers work and without this knowledge you're not going to even understand what anything on the software means, they're tools not not droids made to serve

Sounds doable. She doesn't drink though, but I can get someone to keep her engaged while I mess with her phone.
Thanks

Slip her some roofees / Rohypnol

this is pretty much the reason sites like facebook have an app that handles the connection and logs you in automatically so you don't have to enter your password when you use it, you could intercept that but it'd be encrypted, which would be fine because you could then use a lookup table to convert it back into the password, but if you knew how to do that you wouldn't be here because you have to not be retarded to pick this sort of thing up

I have no problems telling you this because I love talking about it because computers are my thing and am completely confident you're not gonna pull this off and will hopefully get caught trying

get a pineapple wifi

Cut him some slack. The kid knows what a man in the middle attack is. 10 years ago that would of been a way into almost any online system. That's precisely why encryption is so important.

When I started my job ALL PASSWORDS were sent in plain text.

Fuck outta here summer fag

Your point is valid.
I've only been a script kiddie.
I'm taking up computer science engineering in college so I hope that'll give me a closer look at how things work..

Rainbow tables haven't worked for a few years now. We all learned our lesson after MD5

Can you link me to some working guides or something?

the thing is when I actually started making software is when I realized hacking is just a dickmove where you break someone else's stuff and that you should really have more respect for people

and while you are there, use a rubberducky to install some shit on their computers

Don't help this fag.
Reported to FBI for intentions

you can literally google it for md5

Might learn that later.
I'm just beginning with the technical stuff here.

Go and rape some drunk girl. Its better than you fucking faggot idea.

Take video or timestamp

It won't be hard to figure out what you did when ppl realize they've been hacked.

You're going to get your ass kicked.

eastside
grab session key
thank fuck nobody has published how to do this on the application layer.

Eat a cock OP

this is why we don't use md5 anymore. We switched to salted hashes then to algos that auto generate salt.

Get the fuck out summer fag

Fuck off newfag.

Butthurt losers will be butthurt

really? you want him to go to the victims computer, check the cookies, create the same cookie on his machine and then hope that the session does not check for os, installed fonts, browser, whatever?

>plottwist

literally nobody did

I did some freelance work for a client about 6 months ago who's whole database of 40k users were all stored as md5 hashes. It's a 10 year old system and when I asked they said they have no immediate plans to update.

Sounds crazy but they're out there

you faggots who are knocking on OP are the kind of pussies who made this website gay as fuck in the first place

No, I don't. You been smoking meth?

>Ask people to connect to it
You're setting yourself up for failure. You've just incriminated yourself. Stupid ass.

>isn't he that weird kid who sits alone at lunch?
>Yeah idk who invited him
>milady.jpg
>care to connect to my hotspot?
>wtf whatever
>"your account has been logged in on another device"
>Fkin neckbeard

then, how would you manage to get and successfully use a session key?

That's actually not a bad idea. However to do that you'd need to
1. Install your own app on her phone
2. some how access the instagram app's local data store (considering it's a rooted phone that might be possible)

That's prob beyond OP's and my abilities

Its a rooted phone.
I thought of another idea.
How about I pickpocket her phone, install titanium backup, transfer backup files and restore the app data on my device.

Just tried it with my devices and it worked.
Looks like i found the right way.

The samefagging is real

Did you ever include the fact that the FB account may weell be secured via sms ???

Everytime i login with the correct password im presented with a screen asking for a 4 digit code wich they sent via sms.

2016 trying to access a FB/Insta thats not yours. Good luck op

Top plan OP. Of all the plans this one seems the most doable!

Story?

You faggots need to chill.

Yes op use zanti

Only nerds have this set up.

source:
> I have this set up for google & dropbox
> I am a nerd
> therefore only nerds do this

Normals would never in a million years set this shit up

Her account is not connected to a phone and I'm sure about it.

I'll greentext it gimme a sec.

:^)

>ask people to connect to it
Smart move, not suspicious at all.

Not true. My GF set it up for me. She is computer illiterate. Give her a phone and app and its a diff story

This. Earn what you have OP, stealing is for niggers.

Could be connected via email.

>be me
>Have a gf of 2 years
>everything's going good
>Chad the thundercock enters the equation.
>Starts getting really close to her.
>She calls her brother.
>You don't have to worry about him user he's like a brother to me.
>itrustyou.jpeg

Cont?

facecrap, instashit is going to send the same shit during an idle connection. You would use a combination of your account and the actual website for the delta. The only difference during the two sessions are the key and account details, but you probably could get the account name too.

You wouldn't need phone access at all.