Thursday 7 July 2011

Hacking Facebook by Phishing


Hey friends!! Today I'll be teaching you the first and the most effective method of facebook password Hacking. This method is called Phishing.
Phishing is basically a technique through which hacker designs a webpage which looks exactly similar to a real page and makes the victim enter his/her login credentials on his fake page. The page sends the username and password to the attacker.

Nearly 6 years back Phishing was so popular on the web that it caused around 73% of all the web forgeries, data and credit theft.
Ok without further ado, lets start Phishing.

Process
  1. You need the facebook phishing page and the phishing script. I have created them and I'm giving them away for free. Download this from here. If this link doesn't work please put a comment below and I'll fix it.
  2. You will get a .rar file. Open this in Winrar or similar program and extract all the contents.
  3. You now need to upload all the extracted files to your website. If you don't have a website, you can create a free website at x10hosting or t35 or ripway or 110mb.
  4. After you upload the files to your website, save the link of fb.html file you have uploaded.
    Example: if your website is www.abc.com, then the address of the fb.html file can be www.abc.com/fb.html(If you haven't put the files inside some other folders.)
  5. You are ready to go now. Send this link to your friends and when someone clicks on this link they will be redirected to our phishing page which looks like facebook(see screenshot above).
  6. Victim enters his/her username and password thinking it to be original facebook.
  7. The username and passwords are stored in facebookpasswords.htm file and the user is redirected to original facebook.
  8. You can view the captured passwords in the facebookpasswords.htm file.
How to protect ourself against Phishing
  1.  Keep your eye on the URL of the webpage, the genuine facebook must be www.facebook.com and not www.trickysite.com 
  2. Install anti Phishing filters, google for them and install it on your system, they warn you if your web browser encounter any Phishing Page.
  3. Use https connection instead of http (more about http vs https in later posts).
NOTE: The entire process is very easy, just a little tricky, if you are stuck somewhere, just drop me a comment below. Please note that this post is only for educational purposes and I'm not willing to train any hackers. Moreover, I'm not responsible for any consequences arising due to use of my phishing page. Use it on your own risk.

Warning: Phishing is Illegal to carry out so your website may get deleted by your website provider and you maybe banned from their website.
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)