Welcome to Hackers Protocol Official Website

Sunday, October 9, 2011

Phishing Tutorial

I could simply give you the fake page generators or already made fake web pages but I want you to manually create yourself.
First, I shoud tell you the basic methodology of making phishing page of any website. In a website where the users are supposed to enter/submit any data (data might be email,password or anything), there is a piece of code in html code called as action form. It looks like this
<form method="POST" action="something">.
You can find this out by simply viewing the source of web page. Right click on webpage to do so. "something" here in the action field is name or path of the file where submitted data goes. So the idea of fake login page is simple. Just download the webpage on your computer, modify the action field to change the path where data goes according to yourself, upload this modified webpage on any web hosting site and you are done.

I have taken example of gmail.

Download a php file and a text file from here which would be required. Password: explorehacking.com

Setps to make a Phishing / Fake Login Page :-
  1. First of all, sign up for a account at any free webhosting site like my3gb.com, ripway.com, 110mb.com etc.
    I have chosen my3gb.com
  2. Goto www.gmail.com.  Click on 'Save page as' option  and save the complete web page. You must have got a html file and a folder in which there must be two images.
  3. Open the html file in any text editor like wordpad or notepad. Press "Ctrl+F"  to search for word "action".
  4. Replace the link in action field by "explore.php" and save it.
  5. Go to File Manager and Upload this html file ,hacked.txt , explore.php  on your web hosting site.
Note: Make a new directory with name exactly same as name of folder in which images are there.
Upload the images in that directory.

Now you can test whether it works or not. Just visit your fake login page.It must be http://username.my3gb.com/filename.html. Enter any username and password , you will
be redirected to real gmail webpage.The data must have been saved in hacked.txt

Note: You can see the code of explore.php . There is a line like header:"location: path". It is
actually the path where victim would be redirected after submitting data. You can change it as per your need.

I hope the logic and methodology of creating a fake/phishing page is clear to you. You can use this for any website. If you are really lazy or facing problems in making phishing page of any other website, Kindly mention in comments and I have an other option for you.
Warning : Your account might be Removed any Time because of Violating Terms and Conditions of Site. So always have a Back up of your Data.


Post a Comment

Related Posts Plugin for WordPress, Blogger...