What is Phishing?
Phishing is a most popular technique used for hacking passwords and stealing sensitive information like credit cards, banking username & passwords etc. Phishing aka fishing attack is a process of creating a duplicate copy or a clone of a reputed website in the intention of stealing user’s password or other sensitive information like credit card details. It is easy for anyone who is having little technical knowledge to get a phishing page done and that is why this method is so popular.
Making a Phishing Page for facebook is very easy ..Don’t know what is phishing than let me first of all tell you in short what phishing is?
Phishing is the attempt to get the personal information such as username, password etc by using a fake page! They send out e-mails that appears to come from the legitimate websites such as e-bay,Paypal etc and when you click those links they ask you to enter your details such as password, e-mail, Credit card number and once you enter your details the phisher will get all your details!
In this tutorial, I am going to tell you how you can make phishing page for Facebook.
NOTE: This tutorial is for Education Purpose only don’t misuse it,We will not hold any responsibility if it is being misused !
Step 6:
Go to File>Save as and save your file with the filename “index.html” without inverted comma. Press O.K if it shows up a warning!
Phishing is a most popular technique used for hacking passwords and stealing sensitive information like credit cards, banking username & passwords etc. Phishing aka fishing attack is a process of creating a duplicate copy or a clone of a reputed website in the intention of stealing user’s password or other sensitive information like credit card details. It is easy for anyone who is having little technical knowledge to get a phishing page done and that is why this method is so popular.
Making a Phishing Page for facebook is very easy ..Don’t know what is phishing than let me first of all tell you in short what phishing is?
Phishing is the attempt to get the personal information such as username, password etc by using a fake page! They send out e-mails that appears to come from the legitimate websites such as e-bay,Paypal etc and when you click those links they ask you to enter your details such as password, e-mail, Credit card number and once you enter your details the phisher will get all your details!
In this tutorial, I am going to tell you how you can make phishing page for Facebook.
NOTE: This tutorial is for Education Purpose only don’t misuse it,We will not hold any responsibility if it is being misused !
We have taken an example of facebook to create a Phishing page but you can make any Social networking site phishing page by following exact steps as listed below!
Step 1:
Download Post.php from the link provided: Click here to download it.
Step 2:
Now go to www.facebook.com (Make sure that you are logged out!).Now Right click anywhere on the facebook home page and click on “view page source” from the menu. Alternatively you can get the source code of any site like gmail, facebook that as login form and create the phishing page by following other steps as it is.
Step 3:
After clicking on “view page source” ,a new window will open with html coding in it.Press CTRL+A your keyboard to select the entire code and then press CTRL+C your keyboard to copy the code.
After clicking on “view page source” ,a new window will open with html coding in it.Press CTRL+A your keyboard to select the entire code and then press CTRL+C your keyboard to copy the code.
Step 4:
Open Notepad and paste the entire code in it, now scroll notepad to the top. Press CTRL+F of your keyboard and find “action=” without inverted comma’s.there will be two “action=” you are interested in the first one.
Step 5:
Now Replace the highlighted text as shown in the picture given below with word “post.php” .
Step 6:
Go to File>Save as and save your file with the filename “index.html” without inverted comma. Press O.K if it shows up a warning!
Step 7:
Now its time to upload the Phishing page that you created for facebook . Go to
www.my3gb.com or any free hosting site(000webhost) and create an account if you don’t
have account (It’s FREE). After creating your account on www.my3gb.com click on File
manager. Or alternatively you can buy hosting plan from Ipage Hosting and never get ban
Step 8
At this point, you should now have two files saved: index.htm and post.php.
Step 9
Next, this code actually needs to be uploaded to a web hosting service. There are free
hosting providers, but I wouldn’t recommend you actually post this code. Instead, it would
be better to try this at home on your own webserver. However, for the rest of the tutorial,
we’ll be using 000Webhost.
Step 10
After you have signed up for an account, browse to the control panel, and then to file
manager.
Step 11
Once the window opens, go to public_html.
Delete default.php, and then upload index.htm and post.php.
Step 12
Next, click on a preview of index.htm. As you’ll notice, it should look nearly identical to the
Facebook login page.
The URL of this page is what needs to be linked to in an attack. Sometimes attackers imbed this false link on other websites, forums, popup ads, and even emails.
Step 13
Now go back to the file manager and public_html. There should be a file labeled username.txt.
Step 14
Open this file and you should be able to see login credentials that have been entered by a test user.
Final Thoughts
It really is a simple matter of copying the code from the Facebook login screen, adding some php code, and then setting up a dummy website. Again, don’t try this in the real world, because the consequences could be terrible. However, in a home environment on your own web server, this tutorial provides great insight into how attackers phish for usernames and passwords.
Comments
Post a Comment