Here Basic Concept of Phishing:-
Recently i posted a Tutorial on how to do Tab napping (learn here) and discussed there the use of phishing pages. So, i am demonstrating that how phishing is done to aware you all. I will show you a facebook phishing page and the method on how to make such page.
Note : All this is for awareness and educational purpose. Don't be crazy enough to fool innocents.
So, the hacker makes an exact copy of the facebook, orkut, yahoo, msn or any other bank sites login page and then he uses a script to get the password and username and embeds that script in the forum of the login field. First of all download the facebook phishing page here :
Download ( Skip the add on clicking this link from top right corner )
Update: Password for archive is 123
So! the basic scheme of phishing is demonstrated by pictures in case of facebook orignal login page. See the pic below :
Thats the orignal source code of facebook login page and when we login our action is sent to the url written next to the highlighted portion.
What hackers do they copy all he source code of facebook phishing page and replace this Url with their own exploit. I have given this exploit with the name of write.php in the download package. So, it will become as below :
And thats it Login forum is now attached with exploit. Thats the basic concept.
Here is screen shot of "write.php":
How to make this process possible-(Step by Step guide for phishing):-
1.First of all you will need a free hosting. Go to t35 or 110mb (You are breaking there rules).
2.Now, You will upload the Index.php and write.php to your website. Both are in download package.
For uploading use Filezilla I too like this open source software for handling ftp servers.
4.Now! both files are uploaded and you have to send your hosting or fake website link to the victim [ (Use social engineering to fool him/her, Shorten the url (Use .tk) ]
5.Victim opens the page and thinks that its a real facebook page and logins there. So his keystrokes will be recorded in you hosting in a .txt file. In my script i specified its name is password.txt . You may change it.
6.Another trick for sending the Url is by email spoofing. ( Read Detailed article on Email Spoofing here.) In email spoofing you can hyperlink you phishing page link with facebook.com and then by using social engineering you will excite victim that login below to earn instant dollars or else your acount be deleted Blah Blah!
How to remain safe from phishing attacks:-
Main help is your eye. Keep an eye at browser Address bar. and check isn't there any url like:
www.facebook.t35.com or www.facebook.110mb.com or www.fakefb.110.mb etc...
Recently i posted a Tutorial on how to do Tab napping (learn here) and discussed there the use of phishing pages. So, i am demonstrating that how phishing is done to aware you all. I will show you a facebook phishing page and the method on how to make such page.
Note : All this is for awareness and educational purpose. Don't be crazy enough to fool innocents.
So, the hacker makes an exact copy of the facebook, orkut, yahoo, msn or any other bank sites login page and then he uses a script to get the password and username and embeds that script in the forum of the login field. First of all download the facebook phishing page here :
Download ( Skip the add on clicking this link from top right corner )
Update: Password for archive is 123
So! the basic scheme of phishing is demonstrated by pictures in case of facebook orignal login page. See the pic below :
Thats the orignal source code of facebook login page and when we login our action is sent to the url written next to the highlighted portion.
What hackers do they copy all he source code of facebook phishing page and replace this Url with their own exploit. I have given this exploit with the name of write.php in the download package. So, it will become as below :
And thats it Login forum is now attached with exploit. Thats the basic concept.
Here is screen shot of "write.php":
How to make this process possible-(Step by Step guide for phishing):-
1.First of all you will need a free hosting. Go to t35 or 110mb (You are breaking there rules).
2.Now, You will upload the Index.php and write.php to your website. Both are in download package.
For uploading use Filezilla I too like this open source software for handling ftp servers.
4.Now! both files are uploaded and you have to send your hosting or fake website link to the victim [ (Use social engineering to fool him/her, Shorten the url (Use .tk) ]
5.Victim opens the page and thinks that its a real facebook page and logins there. So his keystrokes will be recorded in you hosting in a .txt file. In my script i specified its name is password.txt . You may change it.
6.Another trick for sending the Url is by email spoofing. ( Read Detailed article on Email Spoofing here.) In email spoofing you can hyperlink you phishing page link with facebook.com and then by using social engineering you will excite victim that login below to earn instant dollars or else your acount be deleted Blah Blah!
How to remain safe from phishing attacks:-
Main help is your eye. Keep an eye at browser Address bar. and check isn't there any url like:
www.facebook.t35.com or www.facebook.110mb.com or www.fakefb.110.mb etc...
Do you need to increase your credit score?
ReplyDeleteDo you intend to upgrade your school grade?
Do you want to hack your cheating spouse Email, whatsapp, Facebook, instagram or any social network?
Do you need any information concerning any database.
Do you need to retrieve deleted files?
Do you need to clear your criminal records or DMV?
Do you want to remove any site or link from any blog?
you should contact this hacker, he is reliable and good at the hack jobs..
contact : cybergoldenhacker at gmail dot com