Phishing Attack: Step by Step Tutorial

 

 

Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail spoofing or instant messaging.

This step by step guide will show you how you can make your own Facebook Phishing (Fake) page easily...have fun!

 

Files we will be creating:

 

1. Haktuts.php 
2. Index.html

 

Download here

 

Step 1: 


Creating Haktuts.php file. First of all we need a PHP script which will collect all the form of data. 

 

Step 2 : 


Creating index.html page Goto Facebook. com (without logging in) , Right click anywhere in the browser and choose view page source. Open the source code in a text editor (notepad).

 

Step 3: 


Now a new window will pop-up where you can see all the HTML code. We need to look for word action. Press CRTL+F and search for action. you will find link like this

 

action="https://www. facebook. com/ login.php? login_attempt=1"

 

Replace the link after action between the "..... " with Haktuts.php like action="Haktuts.php" and save this page as index.html (not index.html.txt).

 

Step 4: 


Create account on free hosting website like

 

http://www. t35. com 
http://www. freehostia. Com

http://www.000webhost.com

 

Step 5:

 

Now upload "Haktuts.php" & "index.html" to the "facebook" folder you created inside "your name. t35. com". So when you're done with the uploading part, the link to your gmail phisher is

 

"www. your name. t35. com/facebook/index.htm".

 

Step 6: 


Send this link to the victim with any message like change your facebook password etc. If any body login on your fake page then his/her username and password stores on you free hosting website account in log.txt file. 


So Enjoy Phishing.....

 

Note: Free hosting account may be deactivate after running this page for first time.