What is phishing?
Phishing is the act of tricking someone into signing onto a fake website, that look real site, such as Facebook. The phishing page will log the credentials that the user enters in the password field, and usually goes unnoticed with the right circumstances.
HOW TO MAKE PHISHING PAGE?
Step 1 Get a Web Host
You need a place to host your phishing page. You have many free hosting.
- Make a free account on some free hosting.
- Confirm account if needed.
Step 2 Create the Phishing Page
Now we need to create the site that will log the victim’s credentials.
- Open up notepad.
- Go to the Facebook login page.
- Right-click somewhere on the page, and click View page source.
- Copy all of the contents of the source code and paste them into your notepad.
- Hit ctrl + f, and search for “action=” and change the method to “GET”, and the text to the right of”action=” to “log.php”.
- Click File > Save as and save it with the name “index.php” (make sure to click the drop-down menu to select “all files” if it’s not selected already).
- Make a new text file, and paste this as the contents (paste the raw text, not the numbered). This is the file written in PHP that logs the victim’s login details.
- Save the file as “log.php”. Again, make sure “all files” is selected in the file type drop-down menu.
- Log in to your T35 account and click Upload. Upload both files to the root of your website (not in a folder).
- When credentials are logged, they will be in a file called “passwords.txt” in the root of your website. Check the box next to the “passwords.txt” file when you get some logs, and click chmod. Change the file to 466 permissions, so other people can’t read the victim’s passwords.
Step 3 Perform the Phish
Go on facebook and post something like “Wow this is so cool i can’t belive it!!!! <link of phishing page>”or send someone message like “Do you want free money? like this post <phishing page link>”