FBController – The Ultimate Utility to Control Facebook Accounts


Just to put a downer on all the script kiddies, this utility WILL NOT hack/crack Facebook passwords or accounts.

You need to feed it biscuits (cookies) before you can do anything.

You can get the target’s cookie by sniffing, XSS, social engineering, ARP Poison-Sniffing, Scroogle search or however you like.

Once you have the cookies you can use FBController to have Full control over the target’s Facebook account.

Login to your Facebook account and sniff your own cookie OR collect a few live Facebook Biscuit/s of your Target/s.

Till now FBController version 1.0 uses your Target’s provided cookie and only :

A > Downloads the HomePage.
B > Allows you to Update the Target’s Wall and
C > Retrieve your Target’s Friend’s List


There are many APIs available to write apps and 3rd party Tools for FB in Java, Perl, .NET, etc.

FBConTroller was entirely written without knowing any of Facebook’s Dev API’s. Considering the above along with Facebook’s complexity, the next version might take some time to get released

You can download FBController here:

FBConTroller.RAR

Or read more here.

Posted in: Exploits/Vulnerabilities, Hacking Tools, Web Hacking

, , , ,


Latest Posts:


HELK - Open Source Threat Hunting Platform HELK – Open Source Threat Hunting Platform
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing etc
trape - OSINT Analysis Tool For People Tracking Trape – OSINT Analysis Tool For People Tracking
Trape is an OSINT analysis tool, which allows people to track and execute intelligent social engineering attacks in real-time.
Fuzzilli - JavaScript Engine Fuzzing Library Fuzzilli – JavaScript Engine Fuzzing Library
Fuzzilii is a JavaScript engine fuzzing library, it's a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language.
OWASP APICheck - HTTP API DevSecOps Toolset OWASP APICheck – HTTP API DevSecOps Toolset
APICheck is an HTTP API DevSecOps toolset, it integrates existing tools, creates execution chains easily and is designed for integration with 3rd parties.
trident - Automated Password Spraying Tool trident – Automated Password Spraying Tool
The Trident project is an automated password spraying tool developed to be deployed on multiple cloud providers and provides advanced options around scheduling
tko-subs - Detect & Takeover Subdomains With Dead DNS Records tko-subs – Detect & Takeover Subdomains With Dead DNS Records
tko-subs is a tool that helps you to detect & takeover subdomains with dead DNS records, this could be dangling CNAMEs point to hosting services and more.


5 Responses to FBController – The Ultimate Utility to Control Facebook Accounts

  1. anacron May 7, 2009 at 9:37 pm #

    pure crap

  2. stephen d May 7, 2009 at 10:25 pm #

    This is obviously stealing cookie data adn scoring in private banking locations in Sweden. Indeed it does seem to correctly parse the cookie data however it gets stuck at “Attempting to Retrieve Target’s Intentpage” which I’m assuming is the secure transaction of my private data to Sweden for party time.

    Application relatively user friendly. Just follow directions VERY slowly. Very confusing to get cookie data but entirely possible.

    Good luck! Change your FB password afterwords if you think it is of any value.

  3. Capt.Wheeto May 8, 2009 at 5:59 pm #

    Haha, I don’t want to sound stupid or anything, but how exactly would you go about social engineering for cookies? Nice idea otherwise. Could it be used with Wifizoo?

  4. Amaro June 2, 2009 at 3:54 pm #

    this is totally a waste of time…

  5. dwan June 30, 2009 at 3:37 am #

    hahahaha
    just ask them,can you share your cookies?? im hungry..