How to hack facebook account-Phishing method

 

PHISHING

 

What is phishing?

Phishing is the act of tricking someone into signing onto a fake website, that look real site, such as Facebook. The phishing page will log the credentials that the user enters in the password field, and usually goes unnoticed with the right circumstances.

The phishing page is created by visiting the website you want to copy, copying the source HTML code, and then altering it to use a custom PHP script to log the victim’s credentials. A good phishing page will seamlessly use cookies to bypass redirect filters. So if a cookie for the site exists, the user will be logged in and more than likely won’t realize what happened.

HOW TO MAKE PHISHING PAGE?

Step 1 Get a Web Host

You need a place to host your phishing page. You have many free hosting.

  1. Make a free account on some free hosting.
  2. Confirm account if needed.

Step 2 Create the Phishing Page

Now we need to create the site that will log the victim’s credentials.

  1. Open up notepad.
  2. Go to the Facebook login page.
  3. Right-click somewhere on the page, and click View page source.
  4. Copy all of the contents of the source code and paste them into your notepad.
  5. Hit ctrl + f, and search for “action=” and change the method to “GET”, and the text to the right of”action=” to “log.php”.
  6. Click File > Save as and save it with the name “index.php” (make sure to click the drop-down menu to select “all files” if it’s not selected already).
  7. Make a new text file, and paste this as the contents (paste the raw text, not the numbered). This is the file written in PHP that logs the victim’s login details.
  8. Save the file as “log.php”. Again, make sure “all files” is selected in the file type drop-down menu.
  9. Log in to your T35 account and click Upload. Upload both files to the root of your website (not in a folder).
  10. When credentials are logged, they will be in a file called “passwords.txt” in the root of your website. Check the box next to the “passwords.txt” file when you get some logs, and click chmod. Change the file to 466 permissions, so other people can’t read the victim’s passwords.

Step 3 Perform the Phish

Go on facebook and post something like “Wow this is so cool i can’t belive it!!!! <link of phishing page>”or send someone message like “Do you want free money? like this post <phishing page link>”

Leave a Reply

Your email address will not be published. Required fields are marked *