Sunday, 1 May 2011

Phishing– Creating, uploading and using fake login pages

Hii friends I think you already read my previous article on “What is Phishing? Know The Basics” & today I am going to post next lesson on Phishing means “How to create and fake login pages”.

Before reading this tutorial, I highly recommend you to read my post on phishing here.

So, Let’s Start

I could simply give you the fake page generators or already made fake web pages but I want you to manually create yourself.

First, I should tell you the basic methodology of making phishing page of any website. In a website where the users are supposed to enter & submit any data (data might be email, password or anything), there is a piece of code in html code called as action form. It looks like this
<form method="POST" action="something">.


You can find this out by simply viewing the source of web page. Right click on webpage to do so. "something" here in the action field is name or path of the file where submitted data goes. So the idea of fake login page is simple. Just download the webpage on your computer, modify the action field to change the path where data goes according to yourself, upload this modified webpage on any web hosting site and you are done.

I have taken example of facebook.

Download a php file and a text file from 
here which would be required. Password :- TRICKS4INDYA

Setps to make a phishing/fake login page :-


·       First of all, sign up for a account at any free webhosting site like my3gb.com, ripway.com, 110mb.com etc.
I have chosen my3gb.com


·        Goto www.facebook.com.  Click on 'Save page as' option and save the complete web page. You must have got a html file and a folder contain some files.


·        Open the html file in any text editor like wordpad or notepad. Press "Ctrl+F"  to search for word "action".


·        Replace the link in action field by "explore.php" and save it.



·        Go to File Manager and Upload this html file, hacked.txt , explore.php  on your web hosting site.


Note: Make a new directory with name exactly same as name of folder in which many facebook page files are there. Upload all all files in that directory.

Now you can test whether it works or not. Just visit your fake login page. It must be http://username.my3gb.com/filename.html. Enter any username and password , you will be redirected to real facebook password recover website. The data must have been saved in hacked.txt

Lets see example: -

1.   I have created a fack page of facebook only for educational purpose. See the below image: -


2.   Then, I enter username – ravi & password – 123456 then click on login as you see in above image.
3.   When I click the login then I redirected to original fackbook password recoverd page. See the below image: -


4.   When I click on login at that time user name & password is automatically save in hacked.txt file. See the below image: -


5.   Victims get hacked.

Note: You can see the code of explore.php . There is a line like header:"location: path". It is actually the path where victim would be redirected after submitting data. You can change it as per your need. 

I hope the logic and methodology of creating a fake/phishing page is clear to you. You can use this for any website. If you are really lazy or facing problems in making phishing page of any other website, Kindly mention in comments and I have another option for you.


Warning: - Your account might be removed any time because of violating terms and conditions of site. So always have a back up of your data.


Note: This was just a theoretical basic guide to phishing. Read my detailed step by step tutorial onadvance way of phishing that is Desktok Phishing” on my next coming article. So, Keeping reading / visiting TRICKS4INDYA.


Note: This is illegal and is for educational purpose only. Any loss/damage happening will not be in any way our responsibility.

If u like then ple follow my blog & also help to promote. Don’t forget to leave comment.

1 comments:

BlueHost is one of the best hosting company for any hosting plans you might require.

Post a Comment

Related Posts Plugin for WordPress, Blogger...
Twitter Delicious Facebook Digg Stumbleupon Favorites More