This post demonstrates phishing tutorial for beginners. Although we make a phishing page of Facebook in this tutorial, it can be used to make a phishing page of any website. So now let’s phish. Open your browser, go to the Facebook website, Right click on the webpage and click on “view page source”.
- Facebook Phishing Text
- Create A Phishing Site Facebook Com
- Facebook Phishing Download
- Facebook Phishing Website
- Facebook Phishing Code
Learn How to make Phishing Page for Facebook
- First open the website in a browser for which you want to create a phishing page. Now press the Ctrl+ S to save the page. Example: Now open.
- How To Create Facebook Phishing Page. Hack Facebook account. Today I will tell you how you can create a Facebook Phishing page and how hackers hack anyone’s Facebook Account using the Facebook phishing page. Let’s open the original Facebook page by navigating the Facebook page URL. First of all, we open our browser and then go to Facebook.
How to make phishing page? Everyone wants to hack their friends or girlfriends facebook account but doesn’t know programming or hacking so today I will show How To Make Phishing Page
Why I’m sharing this?
The reason is simple to spread awareness.
Let me tell u one Incident for sharing this trick ‘The Perfect Reason.’
Few days back my crush asked to tell Instagram username. At that time I didn’t have an Instagram account, so I said to her that I won’t tell u I will follow u on Instagram then I created a new account in few minutes and started following her on Instagram.
At that time, I don’t know how to use Instagram, so her account was private.
But somehow I want to fetch her profile, so I started looking for Instagram hacks tried so many things but maximum time I have failed.
Then I tried brute force dictionary attack to find her Instagram account password but then again after 20 hrs of brute force I feel bored so thought that it would be better to go with handshake and lets create a phishing page so that I can quickly fetch her password so at that time I created phishing page but she is so smart she got me
Then I tried a more advanced trick to get her password finally I got her password but till now I haven’t accessed her account before accessing her account I want to tell her so many things so that she won’t feel sorry!
Making a Phishing Page for Facebook is very easy.Don’t know what is phishing then let me, first of all, tell you in short what phishing is?
Phishing is the attempt to get the personal information such as username, password, etc. by using a fake page! They send out e-mails that appear to come from the legitimate websites such as E-bay, Paypal, etc. and when you click those links they ask you to enter your details such as password, e-mail, Credit card number and once you enter your details the phisher will get all your details!
In this tutorial, I am going to tell you how to make phishing page?
NOTE: This tutorial is for Education Purpose only don’t misuse it, We will not hold any responsibility if it is being misused!
And we support only ethical activities if u broke any law then we are not responsible !!!
We have taken an example of Facebook to create a Phishing page, but you can make any Social networking site phishing page by following exact steps as listed below!
I have created Instagram phishing page few months back which was successful but make sure you yourself don’t indulge in criminal activities.
Step 1:
Download Post.php from the link provided: Click here to download it.
Step 2:
Now go to www.facebook.com (Make sure that you are logged out!).Now Right click anywhere on the Facebook home page and click on “view page source” from the menu. Alternatively, you can get the source code of any site like email, Facebook that as the login form and create the phishing page by following other steps as it is.
Step 3:
After clicking on “View page source”, a new window will open with HTML coding in it.Press CTRL+A your keyboard to select the entire code and then press CTRL+C your keyboard to copy the code.
Step 4:
Facebook Phishing Text
Open Notepad and paste the whole code in it, now scroll notepad to the top. Press CTRL+F of your keyboard and find “action=” without inverted comma’s.there will be two “action=” you are interested in the first one.
Step 5:
Now Replace the highlighted text as shown in the picture given below with word “post.php.”
Step 6:
Go to File>Save as and save your file with the filename “index.html” without the inverted comma. Press O.K if it shows up a warning!
Create A Phishing Site Facebook Com
Step 7:
Now its time to upload the Phishing page that you created for Facebook. Go to www.my3gb.com or any free hosting site( 000webhost ) and create an account if you don’t have an account (It’s FREE).After creating your account on
www.my3gb.com click on the File Manager.
Facebook Phishing Download
Step 8:
Facebook Phishing Website
After Clicking File manager now click on Upload file.Now upload index.html and post.php.
Step 9:
That’s it you have successfully created a Phishing page for Facebook, to view the page just click on the index file that you uploaded on the www.my3gb.com and copy the URL from the address bar.
Now you can share the URL with your friends to get their passwords.
Step 10:
You will get the password in the section file manager>upload file of my3gb.com under a file name usernames.txt.
To view the password just click on the file!
If you want to change the URL of Phishing page created, you can visit Google URL Shorter and change your URL name!
I know more advanced trick in which URL Identification Is so hard that u can’t even distinguish between Phishing page and original site.
And Yes this is only for educational purpose if u ask anything related to this don’t expect reply from our side
Your suggestions are always welcomed
Before u ask anything please, use Google and then feel free to ask as it will raise my knowledge level too!
Pro Tip:-
Always go through Handshake then use your mind do some social engineering then try brute force as it takes lots of time and chances of getting success is high in Brute force but handshake is quite fast
In this tutorial, we’re going to take a close look at how to setup a phishing page to harvest usernames and passwords that can be used to hack other users’ Facebook accounts. However, and I can’t stress this enough, this knowledge should never be used to attack others in the real world. It simply isn’t legal, and it isn’t moral, either. If you’ve ever had your username or password stolen, you know how bad it feels when others have violated your privacy.
If you’re reading this with the hopes of learning how to gain access to countless users’ Facebook credentials, I should instead refer you to philosophical ideas on morality. Keeping that in mind, there is a lot of value, especially for aspiring hackers, in understanding how phishing works. Not only will it help you avoid mistakes that threaten your security and privacy, but it will also help you spot fishy phishing sites.
What is Phishing?
Phishing is the process of setting up a fake website or webpage that basically imitates another website. Attackers frequently employ this method to steal usernames and passwords. Most frequently, the process works as follows:
A user clicks on a bad link to a phishing site. Believing they are viewing the intended web page, they enter their login credentials to access the web service. There’s just one problem. The user, who is really the attacker’s victim, actually entered their private information into a hacker’s website. And now the hacker has their login credentials! In Facebook, this may not be as consequential as another website, like online banking.
However, the hacker can now wreak ungodly amounts of havoc on a person’s social life. If it happens to be a business’s Facebook profile, they can damage their business. Today, however, we are going to setup an imitation Facebook login page to show you just how easy it is to start phishing. Let’s take a closer look at the steps required.
- Pull up Facebook.com in your browser. Then, right click on the website’s login page. You should see an option along the lines of “view source page.” Click on this option and you should be able to view the code behind this page.
- Go ahead and dump all of the page’s source code into Notepad (or your operating system’s best simple text editor).
- If using Notepad, hit ctrl f (which is the find hotkey) and search for action.
- You should see a line that looks like this: action=”https://www.facebook.com/login.php?login_attempt=1″
- Delete everything contained in the quotations, and instead fill the quotes with post.php. Now it should read action=”post.php”
- Save this file somewhere on your computer with the file name of index.htm. Omit the final period from the filename. This is going to become your phishing page.
- Next, create a new notepad document with the name of post.php. Omit the final period from the filename. Copy and paste the following code into this document, and remember to save it:
<?php
header (‘Location:http://www.facebook.com/’);
$handle = fopen(“usernames.txt”, “a”);
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “rn”);
}
fwrite($handle, “rn”);
fclose($handle);
exit;
?>
- At this point, you should now have two files saved: index.htm and post.php.
- Next, this code actually needs to be uploaded to a web hosting service. There are free hosting providers, but I wouldn’t recommend you actually post this code. Instead, it would be better to try this at home on your own webserver. However, for the rest of the tutorial, we’ll be using Bluehost.
- After you have signed up for an account, browse to the control panel, and then to file manager.
- Once the window opens, go to publick_html.
- Delete default.php, and then upload index.htm and post.php.
- Next, click on a preview of index.htm. As you’ll notice, it should look nearly identical to the Facebook login page.
- The URL of this page is what needs to be linked to in an attack. Sometimes attackers imbed this false link on other websites, forums, popup ads, and even emails.
- Now go back to the file manager and public_html. There should be a file labeled username.txt.
- Open this file and you should be able to see login credentials that have been entered by a test user.
Final Thoughts
Facebook Phishing Code
It really is a simple matter of copying the code from the Facebook login screen, adding some php code, and then setting up a dummy website. Again, don’t try this in the real world, because the consequences could be terrible. However, in a home environment on your own web server, this tutorial provides great insight into how attackers phish for usernames and passwords.