FBController – The Ultimate Utility to Control Facebook Accounts

The New Acunetix V12 Engine


Just to put a downer on all the script kiddies, this utility WILL NOT hack/crack Facebook passwords or accounts.

You need to feed it biscuits (cookies) before you can do anything.

You can get the target’s cookie by sniffing, XSS, social engineering, ARP Poison-Sniffing, Scroogle search or however you like.

Once you have the cookies you can use FBController to have Full control over the target’s Facebook account.

Login to your Facebook account and sniff your own cookie OR collect a few live Facebook Biscuit/s of your Target/s.

Till now FBController version 1.0 uses your Target’s provided cookie and only :

A > Downloads the HomePage.
B > Allows you to Update the Target’s Wall and
C > Retrieve your Target’s Friend’s List


There are many APIs available to write apps and 3rd party Tools for FB in Java, Perl, .NET, etc.

FBConTroller was entirely written without knowing any of Facebook’s Dev API’s. Considering the above along with Facebook’s complexity, the next version might take some time to get released

You can download FBController here:

FBConTroller.RAR

Or read more here.

Posted in: Exploits/Vulnerabilities, Hacking Tools, Web Hacking

, , , ,


Latest Posts:


SCADA Hacking - Industrial Systems Woefully Insecure SCADA Hacking – Industrial Systems Woefully Insecure
airgeddon - Wireless Security Auditing Script airgeddon – Wireless Security Auditing Script
Airgeddon is a Bash powered multi-use Wireless Security Auditing Script for Linux systems with an extremely extensive feature list.
Acunetix v12 - Pause & Resume Acunetix v12 – More Comprehensive More Accurate & 2x Faster
Acunetix, the pioneer in automated web application security software, has announced the release of Acunetix v12 - more comprehensive, accurate & 2x faster.
CloudFrunt - Identify Misconfigured CloudFront Domains CloudFrunt – Identify Misconfigured CloudFront Domains
CloudFrunt is a Python-based tool for identifying misconfigured CloudFront domains, it uses DNS and looks for CNAMEs which may be allowed to be associated with CloudFront distributions.
Airbash - Fully Automated WPA PSK Handshake Capture Script Airbash – Fully Automated WPA PSK Handshake Capture Script
Airbash is a POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing, it is compatible with Bash and Android Shell.
XXEinjector - Automatic XXE Injection Tool For Exploitation XXEinjector – Automatic XXE Injection Tool For Exploitation
XXEinjector is an XXE Injection Tool that automates retrieving files using direct and out of band methods. Directory listing only works in Java applications.


5 Responses to FBController – The Ultimate Utility to Control Facebook Accounts

  1. anacron May 7, 2009 at 9:37 pm #

    pure crap

  2. stephen d May 7, 2009 at 10:25 pm #

    This is obviously stealing cookie data adn scoring in private banking locations in Sweden. Indeed it does seem to correctly parse the cookie data however it gets stuck at “Attempting to Retrieve Target’s Intentpage” which I’m assuming is the secure transaction of my private data to Sweden for party time.

    Application relatively user friendly. Just follow directions VERY slowly. Very confusing to get cookie data but entirely possible.

    Good luck! Change your FB password afterwords if you think it is of any value.

  3. Capt.Wheeto May 8, 2009 at 5:59 pm #

    Haha, I don’t want to sound stupid or anything, but how exactly would you go about social engineering for cookies? Nice idea otherwise. Could it be used with Wifizoo?

  4. Amaro June 2, 2009 at 3:54 pm #

    this is totally a waste of time…

  5. dwan June 30, 2009 at 3:37 am #

    hahahaha
    just ask them,can you share your cookies?? im hungry..