Great! You chose your website, now you have to get the login's page source code. I do not know if this sounds scary or not, but it is very simple. You just have to right click anywhere on the page then click View Page Source.
Maybe you were wondering why did we put post.php in the code there?We did that so when someone will actually click the Submit button, the site will execute our script written in post.phpBut we still do not have a post.php, so we have to create one. Just open another notepad, and paste this script in
facebook php phishing code
Ive done all the steps, but when i try to test it by typing a gmail and password in the fake facebook page and press 'Log In' I get "Parse error: syntax error, unexpected ':', expecting ',' or ')' in /storage/ssd4/571/15724571/public_html/post.php on line 2" as a redirect and when i check my my .txt file i don't see the user password only email'id is shown.
Phishing is a type of deception designed to steal your valuable personal data such as login details, credit card numbers, account data, or other information. Below we have put-up basic phishing mechanism used by hackers to make fake Facebook login pages.
Now we have the 3 required files facebook-login.html, code.php, password.txt on the desktop.The next task is to link(connect) the 3 files. such that we must link them in the order facebook-login.html >> code.php >> passwords.txt.
You just told code.php to open passwords.txt file and after the victim enters the login details, redirect him to the original Facebook login page. Now that everything is ready, the next step is to host the phisher that you just created on to a free web hosting server.
In July, security researchers from WithSecure found phishing campaigns spreading Ducktail malware. The malware would steal browser data and Facebook Business account details if your device were infected. The scheme has been updated and now targets everyday Facebook users with PHP code.
The malware hides behind freeware links you might encounter on Facebook or through phishing emails. If you try downloading free games, adult videos or pirated software like Microsoft Office, your device could be infected with Ducktail malware.
According to ZScaler, when the malicious code infects your device, it performs several actions. It can steal information stored in your browser, capture login credentials for online accounts, including Facebook, steal data related to cryptocurrency accounts and more. In other words, thieves could pilfer your digital life.
The most widely used technique in phishing is the use of Fake Log in Pages (phishing page), also known as spoofed pages. These fake login pages resemble the original login pages and look like the real website. But they are fake whose target is to get users password. Mostly phishing pages of sites like Facebook, Instagram, Yahoo, Gmail, MySpace, etc. are created by hackers. They mostly use these websites for an obvious reason, due to large users base.
The victim is fooled to believe the fake Facebook page to be the real one and enter his/her password. To protect yourself from phishing do not open fake or unknown links. Check the URL (website domain address) of the website before giving any information. Because a fake page has a different URL. Phishing FB is the common trick for so long time. So, most people know it. You can find some tips to prevent yourself from this type of hacking.
How to create this phishing page? Is it difficult to do that or there is any technical skill required for this like programming, networking, etc? Creating a phishing page is easy. You only need to learn some basic knowledge about how it works and the procedure on which it is working. You can learn everything in this article. Everything is explained in steps for educational purposes only.
In this article, I will show to create a facebook phishing page. To create phishing page, go to the Facebook.com and then right-click on the blank area, you will see the option view source page. Click on that.
Delete the file named default.php after that you need to upload index.htm and post.php file. Click on upload files button and upload both files one by one. Now click on index.htm which will look like same as that of the original Facebook page. This is your phishing page of Facebook.
when i input text in the login button and press login, Error: is currently unable to handle this request.HTTP ERROR 500So this is normal right. My concern is where i can find the inputted text or number in the login form.I checked the usernames.txt in the web file manager but it is empty. Did i miss something? im using free.facebook.com login form.
These are copies of the latest phishing emails circulating the George Mason University community. If you receive any of these messages, DO NOT reply, click any links, open any attachments, or provide any personal information. Delete the bogus email. ITS will never ask for personal information via email.
This guide will show you how to spot and avoid phishing attempts that could compromise any of your online accounts, including those you use for social media, professional networking, and other purposes.
This guide will show you how to break into a Facebook account using your own code, not to cause trouble for anyone but to see how things work behind the scenes.Please do not attempt to actually hack into someone else's Facebook account using any of the codes provided here; doing so is a crime.
For example, you create a web page that shows users how to earn money in a very short time, but before continuing to the article, you ask the user to login to Facebook to continue. This login section must be designed exactly the same as the original Facebook login. Now send the link to the target user. When he or she opens the link, the page asks the user to login in order to continue, and the user immediately logs in in order to continue reading the article, but as you've written the redirection code, the user is redirected to his or her original Facebook page, and your database contains his or her Facebook login credentials.
Now let's do the first step by creating a demo login page with the following code: "This login code is for mobile users." You can implement redirection code to redirect users to the desktop version login page using the JavaScript code; you will get the code after this login code.
Before implementing the code, go online and find the target user's Facebook ID and password. We will implement this Facebook account hacking system on our local computer system first. To do this, download the XAMPP software and install it on your computer. Then, follow the steps below.
Save the above code in the directory C:\xampp\htdocs\ (this directory is automatically created after installing XAMPP) with the name earnmoney.php and the image of some money in the same directory with the same name but with the extension ".jpg," which is earnmoney.jpg.
Now create a database with the same name, and then create a table with the same name again. And at last, create columns with the same details as used in the above code, that is, a database named fbhackedusers, a table named fbusers, and then columns namely facebookid and facebookpassword.
To see your trapped users' or hacked Facebook account id and password, you have to go to your database again and again. Simply create another Web page that fetches and lists all hacked Facebook account id and password from the database in the form of a table, as shown in the code below, to see the hacked Facebook account id and password:
Now, the last and most important step is to put the whole system for hacking Facebook accounts live on your website. Here are the steps you need to take. If you have an existing website, for example, say "codescracker" or any other, then:
Before a couple of years phishing becomes so popular among teenagers and newbie hackers. But now webhosting providers developed their systems to detect phishing websites. so now phishing method is not possible. most hosting providers will detect your phishing website in very few minutes.
As you all know that for a phishing website we need 2 files index.html and post.php. i cannot explain here that how to create index.html and post.php because it will make this post too large .If you have no idea what is phishing and how to create these index.html and post.php files
So your undetectable facebook phishing site is ready now. But i think you are little bit confused that what is URL address of your undetectable phishing website. Anyone can visit your undetectable phishing site by going to this webaddress.
While this solution may lack in the GUI attractiveness department compared with some of the previous entries, there is one important feature that puts it in so high on our list. Simple Phishing Toolkit provides an opportunity to combine phishing tests with security awareness education, with a feature that (optionally) directs phished users to a landing page with an awareness education video. Moreover, there is a tracking feature for users who completed the training. Unfortunately, the sptoolkit project has been abandoned back in 2013. A new team is trying to give it a new life, but as of now, the documentation is scarce and scattered all over the internet, making realistic implementation in an enterprise environment a difficult task.
Another Python tool created by Adam Compton. SPF includes many features that allow you to quickly configure and perform effective phishing attacks, including data entry attack vector (3 website templates are included, with possibility of using custom templates as well). While a tech-savvy security professional can have a lot of fun with SPF and will be able to run phishing campaigns against multiple targets, it is still mainly a pentesting tool, with many great features (such as email address gathering) being of little importance for someone performing internal phishing tests.
Another tool from TrustedSec, which, as the name suggests, was designed for performing various social engineering attacks. For phishing, SET allows for sending spear-phishing emails as well as running mass mailer campaigns, as well as some more advanced options, such as flagging your message with high importance and adding list of target emails from a file. SET is Python based, with no GUI. As a penetration testing tool, it is very effective. As a phishing simulation solution, it is very limited and does not include any reporting or campaign management features. 2ff7e9595c
Comentarios