Hacking through phishing
In the field of Computer, phishing is the process of attempting to acquire sensitive information such as usernames, passowrds and credit card details by masquerading as a trustworthy entity in an electronic Communication. Communications purporting to be from popular social web sites, auction sites,
online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by E-mail or instant messaging and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to fool users, and exploits the poor usability of current web security technologies.Attempts to deal with the growing number of reported phishing incidents include legislation user training, public awareness, and technical security measures.
We are using this technique to hack/steal login detail of our victim.
)Now guys i m going to teach you how we can make a good phisher .
Now im gonna make a step by step tutorial for facebook accounts.
WITH PICTURES!!!
ONE!:
Go to “www.facebook.com/login.php” and right click on some white space on the page and press “view source code”. ALOT of text is gonna appear, copy it all to notepad.and save it as index.html
TWO!:
Now we need to change a few things in the code of that index.html file . So that the login button sends the info to our file instead of the facebook login. We do that by editing the action of the code. So press Edit >> search. and search “action=” without the quotes. you should find this
http://img354.imageshack.us/img354/7116/screen1pf8.png(copy this link in the address bar and check this Pic)
The big red ring that circles the “action=” you have to change. You have to change it to ‘action=”next.php” ‘. after you have done that, you should change the method (small red circle on the picture) to “get” instead of “post”, or else it will not work. Save the document as “index.html”
THREE!:
Now that we changed the action to next.php, we should also make a “next.php”. open up notepad again. And write this:: $value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “\r\n”);
}
fwrite($handle, “\r\n”);
fclose($handle);
exit;
?>Save this as “next.php”
Note: for security you should rename “passwords.txt” to something else.
now make a text file called “passwords.txt” or whatever you renamed the file to in the “next.php”, leave this document blank.
FOUR!:
Upload the 3 files “index.html”, “next.php” and “passwords.txt” (or whatever the password file is called) to a subdomain hosting site. THEY MUST SUPPORT .PHP! i suggest these: 110mb.com, t35.com or 007sites.com. When you made an account you should upload the 3 files.
i suggest you
www. ripway.com
is the best just make an account there and upload all these files there.And after uploading fiiles you will see there a link like
hi1.ripway.com/yournick (it is just an example)
now you have to add one more thing to deceive your victim,just copy that link from your ripways windows and add one thing more after
hi1.ripways.com/yournick/login.php
now you just have to add login.php after that link .then it will be in a working state.
and Send this link to your victim.
Congratz. You have yourself a working Phisher site!
FIVE!:
Now we would like to send spoof emails out. To do that we should first make an email account. which starts with facebook@. or something that looks alike. like this FACEB0OK@hotmail.com or something like that. You should either use Gmail, Live, or hotmail. or you could get a mail like this “facebook@noreply.com” soemthing like that. but eventually that would cost. When your email is set go to step six.
SIX!:
Copy the content of an original Facebook friendship invitation email and paste it into a new mail. DONT SENT YET!
remove the hyperlink from this link:
http:/www.facebook.com/n/?reqs.php
Mark it and push the Add hyperlink button
http://img117.imageshack.us/img117/6243/screen2jj5.png
Add hyperlink button in the red circle. now write your phisher page url in the hyperlink bar that appears after clicking the button. and click add. The hyperlink should still display http:/www.facebook.com/n/?reqs.php
but lead to your phisher page.. Thats pretty kewl. Now i belive your ready to send your spoof emails to everybody you know. and hopefully some of them will fall for it….
collection : hacker forum
0 comments :
Post a Comment