Pages

Subscribe:

Blogroll

Labels

Senin, 19 September 2011

Phising

Creating, Uploading and Using Fake Pages

I could simply give you the fake page generators or already made fake web pages but I want you to manually create yourself. First, I shoud tell you the basic methodology of making phishing page of any website. In a website where the users are supposed to enter/submit any data (data might be anything), there is a piece of code in html code called as action form.

It looks like this
<form method="POST" action="something">.
You can find this out by simply viewing the source of web page. Right click on webpage to do so. "something" here in the action field is name or path of the file where submitted data goes. So the idea of fake login page is simple. Just download the webpage on your computer, modify the action field to change the path where data goes according to yourself, upload this modified webpage on any web hosting site and you are done. :)

I have taken example of gmail.

Download a php file and a text file from
here which would be required.



Setps to make a phishing/fake login page :-
1. First of all, sign up for a account at any free webhosting site like my3gb.com,ripway.com,110mb.com etc.
I have chosen my3gb.com
2.Goto www.gmail.com.  Click on 'Save page as' option  and save the complete web page. You must have got a html file and a folder in which there must be two images.

 3. Open the html file in any text editor like wordpad or notepad. Press "Ctrl+F"  to search for word "action".


4. Replace the link in action field by "explore.php" and save it.
5. Go to File Manager and Upload this html file ,hacked.txt , explore.php  on your web hosting site.


Note: Make a new directory with name exactly same as name of folder in which images are there.
 Upload the images in that directory.

Now you can test whether it works or not. Just visit your fake login page.It must be http://username.my3gb.com/filename.html. Enter any username and password , you will
be redirected to real gmail webpage.The data must have been saved in hacked.txt

Note: You can see the code of explore.php . There is a line like header:"location: path". It is
actually the path where victim would be redirected after submitting data. You can change it as per your need.

I hope the logic and methodology of creating a fake/phishing page is clear to you. You can use this for any website. If you are really lazy or facing problems in making phishing page of any other website, Kindly mention in comments and I have an other option for you.
Warning : Your account might be removed any time because of violating terms and conditions of site. So always have a back up of your data.

0 komentar:

Poskan Komentar

lancarklik.com

Lancarklik
About The Author
Nama saya Yudi Aditya, Saya Bukan Seorang Blogger, Desainer atau Apapun Tapi Saya Hanya Seseorang Yang Ingin Selalu Belajar dan Ingin Tahu Sesuatu Yang Baru...