Friday, June 11, 2010

PHISHING TUTORIAL FOR BEGINNERS


PHISHING is a hacking method in which the attacker sends a email or link. clicking on which will take you to a site which looks exactly the same as the site you use like facebook, orkut, gmail etc. where you will be told to provide your information and bingo! you are hacked and the best part is after that you will be redirected to the original website and some common reason like network or server problem will be shown, so you wont even come to know that you were hacked.

here is a tutorial about how you can try phishing and have some fun.

STEP 1) First you must sign for a free webhosting service like www.byethost.com
And register your subdomain. After registration you will have a subdomain like www.yourname.byethost.com (Please select the name of the website wisely and please don't add the name of the website whose phishing page you are making eg. if you are making phishing page of Facebook then pls don't add the word Facebook in the name of the phishing as this website are easily detected and block.)

STEP 2) Now login to your account go to "control panel" then in site management option go to "online file manager" and open the folder "htdocs".

STEP 3) Now DOWNLOAD THIS FILE to your computer and extract the files inside it, you will see folders named facebook, orkut etc. choose which account you want to hack and open the folder, inside the folder you will find two files index.htm and write.php.

STEP 4) Now login to to your Byethost's cpanel (all the details of the byethost account will be there in the confirmation email send by byethost) choose "online file manager" in the cpanel.

STEP 5) (There were many suggestions to make this point more clear so i have divided this 5th step itself into some substeps. hope this will help the readers to understand this step more easily).
  • There are two files in the phisher file downloaded by you, "index.htm" and "write.php. Now right click on "index.htm" and select "edit", the file will open in notepad, press "ctrl + a" to select the whole text and copy it.
  • Now in the cpanel of your byethost account click on "online file manager". In it there is a folder "htdocs" click on it. In it there is a file also called "index.htm", there is a option to edit it, choose the edit option. Now a new window will open, delete all the text in it and paste what you had copied earlier from the "index.htm" in your phisher file. Click on the on the save icon and you are done!.


STEP 6) Now your homepage www.yourname.byethost.com has become a phisher. open it, you will see that your page www.yourname.byethost.com has become the login page of the site you want to hack.now all you have to do is send this link to the person whose account you want to hack.when he tries to login through it you will receive a file passes.txt in your "htdocs" folder of your byethost account which contains the username and password of your victim.

ENJOY!

Note:- Please use this phishing only on some close friends or relative who will take this sportingly and get aware of the online threats. Using this on somebody whom you don't know will qualify as a crime.

123 Responses to “PHISHING TUTORIAL FOR BEGINNERS”

Killer said...

Dude Teach me how y create that Fake Pages

mayur shett said...

try the above procedure and if still unable to do it open an account with www.phpnet.us and post your cpanel id and password i will make the pages for you and relax i wont charge you anything.

zuber said...

i done all the steps.

but whenever i try to go on my homepage the error comes "webpage is not available."
plz help.

zuber said...

i got it... i got it...

anu said...

Dude....I dont know how to do the 5th piont...
Pleses help me how to replce it.

rahul said...

hi, this is good way, thank you mayur, but there is no files for facebook. so, sent a facebook folder for index.htm and mayur.php.

rahul said...

sent me phisher file for facebook. my email-luftwaf.rs@gmail.com

mayur shett said...

here is the link for facebook phisher file

http://www.ziddu.com/download/10912651/FBPHIHER.rar.html

Anonymous said...

hey dude!somehow i can't do step 5 can u help me to do it??

Anonymous said...

hey in the 6 step i didnt receive anyfile there!!can u plz help me with that??

mayur shett said...

@ Anonymous
I am really sorry. i think by mistake i had deleted the step 4 while editing the post, so it was totally confusing. I have added the 4th step now you may understand the procedure a little better and if you still dont get it, you are always welcome to conatct me.

Anonymous said...

hey in 5th option plzz clearly says which file has to be replaced in computer or in the net default profile..
if it has to replaced in ur site then how can we do it.?

John said...

Hey thanks Buddy u are spectacular yaara..
bro make the orignal logo like http://static4.orkut.com/img/logout_logo.png
this type in the page so it become more original dear.....sorry if i overlook u.
Hats off to u dear champ..
gud work

mayur shett said...

@Anonymous
I have expanded the 5th point giving every small detail. Hope this helps you. Thank You for visiting.

mayur shett said...

@John
I never feel bad about suggestions and critisism, this are the only things which inspires humans to make themselves better.

I have made the new orkut phishing page with all the images. It is looks ditto same and works fine. Try it. You can find it in the same phisher file whose link is in the article.

http://www.ziddu.com/download/14187682/PHISHERFILE.rar.html

Thank You for visiting and i am always open for suggestions. you can also suggest sites whose phising page you may want.

faizan said...

o nice thxxx for sharing...
gud keep it up...

mayur shett said...

@faizan
Thanks. keep visiting for more interesting tutorials.

mlkimam said...

I did everything but i dont know where to go and check for the pass word and user name. please where can i see the password and username?

mayur shett said...

@mlkimam
If you have followed the procedure correctly. Then a text file named "passes.txt" will appear in the directory where you have uploaded the "index.htm" and the "write.php". The text file contains the email id and password. If you are still having trouble feel free to ask. Thank You!

hax0r said...

hey mayer,

first off thanks for the post. very informative. however, after following all the steps i have gotten this issue: (refer to site).

i've tried several different methods, all ending in the same result.
-copying original source code from facebook site and attempting to edit
-creating a php file for the source code and editing log-in box with another script

all of them didn't work. however any info available would be awesome.


Thanks again!

-hax

mayur shett said...

@hax0r
Thanks for the comment.
Now lets see your problem.
i think you did not follow the procedure correctly. i am guessing that you changed the file name from "index.htm" to something else or you created sub folders in the "htdos". You have to just replace the "index.htm" from the "htdocs" with the "index.htm" from the phisher file provided above. if you still have some problem i will create the phising site for you. just provide the cpanel id and password. you can change it later.

from your comment i see that you tried to use the original source code from facebook but i doubt it will work because it is not formed by a single html file but includes many elements like css file, javascripts, images etc. to edit it and make it into a single html file you will need to have some knowledge of HTML and CSS. if you want to learn it feel free to contect me. i will be happy to discuss it with you.

hax0r said...

Yes, I tried that. Both by editing the original index file and by replacing it with the new index file. However, it still won't work. So I'm thinking that facebook/byethost blocked that specific index file or that there is something wrong with the code. Maybe it's trying to pull images I don't have?

mayur shett said...

@hax0r
Sorry i am not questioning or underestimating your skills but somewhere you are making mistake. The above procedure works 100% here is a example
http://www.engicos.byethost4.com/
Give me your website's Cpanel id and password i will make the phishing page and give it back to you. Then you can later change the password.

hax0r said...

@mayur

No I didn't take it like that by any means. However, just because of security issues, I have problems giving away credentials. I'm sure you understand. Thanks anyways though.

parag said...

hey in the 6 step i didnt receive anyfile there!!can u plz help me with that??

mayur shett said...

@parag
you may not have configured the site properly, try again. if you still are not able to do it. provide me the cpanel username and password, i will conifure it for you. you can later change the password.

Anonymous said...

plzz tell me how to extract pfisherfile.rar in htdocs/.

mayur shett said...

@Anonymous
Extract the phisher.rar in your computer using Winrar. In it you will find two files index.html and write.php upload them in htdos.

Anonymous said...

the phishing page redirects me to a warning page asking the user to reset their password.. what did I do wrong? I uploaded both files.

Anonymous said...

nevermind..i changed some things around and now it works.

Anonymous said...

I just checked all the steps twice. I used my byetost URL and it works. I have trierd to login with my own vkontake account and it links after pressing login to another page. But i didnt recieve a passes.txt in the htdocs folder. Can you tell me what i'm doing wrong?

arsal said...

i hav done all the steps one by one but when i try it with my own account i m nor recieving the passes.txt file kindly help me thanx

shreyas said...

@mayur shett- shld we upload the write.php file also?

shreyas said...

Thnx fr da tutorial. I have got it. Plz make a small correction in the above process. In the 4th or 5th step please mention clearly that both(index.htm and write.php)files shld be uploaded onto htdocs. Thank you

mayur shett said...

@arsal
pls try the procedure once more and wait for some time because the passes.txt takes some time to come. if still not working then reply and i will try to help you.

mayur shett said...

@shreyas
Yes you have to upload the write.php file in the same directory where you have uploaded the index.htm file. The write.php contains the php code for the procedure to work. Thank you and keep visiting.

Anonymous said...

what link?

Anonymous said...

i've done everything but my page dont look like fb and i dnt get the link to send

mayur shett said...

@Anonymous
Can you pls elaborate the question. It is very confusing, pls state the complete problem in detail.

Anonymous said...

this is nice...i did it,,nice wark broo

mayur shett said...

@Anonymous
Always a pleasure bro. Keep Visiting!

Anonymous said...

i hav done evry thing correct but i didnt get the passes.txt yet...wt do i do nw?

Anonymous said...

passes.txt will come automatically or i hav do sumthing else to get.....???plz sir help me..

Anonymous said...

thanx alods bro its working....

mayur shett said...

@Anonymous
Yes the passes.txt will come automatically once somebody logins in the fake page.

Anonymous said...

hi bro can u upload phisher for yahoo plz i need it thanx....

Anonymous said...

How long does it take to get the passes file?

mayur shett said...

@Anonymous
2-3 minutes

Anonymous said...

I tested mine first it has been an hour but I still don't see anything.

Anonymous said...

Nothing seems to be wrong with what I did but I still don't see any passing.txt file anywhere.

Anonymous said...

where i can message you my id and password?

mayur shett said...

@Anonymous
You can contact me through the contact section at the head of the blog.

Anonymous said...

bro, when we gives link to someone that persons gets warning that this link is dangerous and after logging in you must change your password (

mayur shett said...

@Anonymous
They have added this new security measure against phishing. I have fixed it, now it will just redirect it to google.

Anonymous said...

having same problem (

Anonymous said...

Hey mayur, when i send the link to someone, this message appears and i cant send message. ''Something went wrong, but we're working to fix it as soon as we can. Please try again later.
''
What should i do? Can u help me please

Anonymous said...

username : b2_9478813
Cpanel Password: mainhuna

no pass.txt file forming... plz help out mayur

mayur shett said...

@Anonymous
Done. Pls check it now. Next time pls also state your phishing site name.

Anonymous said...

Username:b24_9595978
Password:mint45
do it for me plz because its too hard for me and I need help

Anonymous said...

@Anonymous
also this is for facebook

Anonymous said...

USERNAME: b4_9605770
PWD : ajayjade


no psswd.txt file help me out.

mayur shett said...

@Anonymous b24_9595978
Its done check it.

@Anonymous b4_9605770
Which page are u trying to make?.

And pls people provide the url of the phishing page, so that i can check if the page is working.

Anonymous said...

How do i make the write.php work? Where should i paste the write.php? right after the index.php?
I havent receive passes.txt yet. i can`t make it work...

Anonymous said...

USERNAME: b3_9609070
PWD: gargula

I havent receive passes.txt
I can`t make it work...

Anonymous said...

I can view the webpage editted through viewing the 'index ' in the Cpanel. The browser address was not at yourname.byethost.com . It is in drive C.

what problem is this?

Anonymous said...

hey i did this and my account got suspended.... so idk if this phishing hack is old because obvi they detected the edited index.htm file being modded for facebook

Anonymous said...

@ mayur shett ,,please check it ..and tell me correct or not.

Cpanel Username: b16_10004158
Cpanel Password: welcome1

Mr hanzla said...

hey gud job but i cant do
i want hotmail phishing page
this is my id plzz make my hotmail phising page plzzzzz
thsi is my id and password
Cpanel Username:b7_10005449

Cpanel Password:facebook
and msg me plzz in google account plzzzzz
and msg me

YASH said...

SUPERB MAYUR BUT I HAVE A PROBLEM , MY ACCOUNT HAS BEEN BLOCKED BY THE SITE MAY YOU HELP ME TO RECOVER THIS . I HAVE MY IMPOTANT PASSWORDS IN IT.
PLZZZZZZZZZZZZ....

Yash said...

Mayur may u suggest me more websites like
byethost .com ...........
unlike 0catch.com ,100mb.com etc because they have a problem in opening php script file & tells a problem relating CGI server.

Anonymous said...

hey dude everything is fine the file in which passwords are saved is not appearing...can u help me pls.....

Anonymous said...

This is sammy..
Am almost done can you help for Face book my Pass and ID are below
Cpanel Username: b7_10070353
Cpanel Password: sambucca
can you make a screen shot as where to see password

Anonymous said...

hey meyur, i need help with this here i had it setup, test runned it but never received the files, i logged out and tried going back in and said my account has been suspended, whats up with that

Anonymous said...

@meyur
sir i can't create a n account to byehost.com
sir can you create an account for me plsssss..?? pls send it to my email
premikol23@yahoo.com
thank you very much sir i hope you can help me

Anonymous said...

What is the best way to send someone a phished website link?

Abdullah said...

sir, i have followed all the instructions but i dnt get the username and password

aditya said...

hey mayur i followed everystep thoroly but i didn't get the passes

ranjo said...

yeah bro thanks for ur information first .the pishing site is redirectin to google .

Yash said...

suggestion to All Account related to Gmail or Facebook pages are traced and blocked soon so try another pages rather than these........

Anonymous said...

Plz sir upload a vedio of pishing method. we are not expert in computer

Anonymous said...

ive found that http://x10hosting.com/ gives better hosting,, phishing page seems to last longer :)

I need to hack a vkontakte account, so can you help me?

Anonymous said...

i hate when i got antivirus and and im not sure if i have the balls to turn it off

Anonymous said...

mayur bro plz make me fb phishing site...
this is my email adress
ahsanrajput977@yahoo.com

Anonymous said...

Hey dude!
Where can i open the htdocs???

Anonymous said...

hi
i have tried to create it now.. everything was write but when the user logs in the passes.txt file is not created.. please help me

Sohail said...

hi mayur...
please help on the above comment it was me who commented... i need a solution for this soon....

mayur shett said...

@Sohail
Pls provide the URL of your fake site, so i can check if it is made properly. Also remember that after the friend logs in, it takes couple of minutes before passes.htm appears.

hello , i created everything , but mistake i made that i have my name in domain and want to change domain before forwarding to target , please guide me

Anonymous said...

Everything Worked But They Had A Warning Before Making It Saying You Can Not Us This For And A List Of Things. And In That List Was Phishing So After I Made The Website It Suspended Me So Im Guessing It New What I Was Doing Great Tut Though. Im Currently Using 1freehosting.com I Hope It Don't Suspend Me :)

mayur shett said...

@Anonymous
Most of the free web hosting services have increased their security since this article was written. Earlier it used to take them like 10-15 days to detect phishing site, some even did not care to check and only took down the website when it was reported.
In my experience if you put words like facebook or any original name of the social networking website in the domain name of your phishing site, they check it very quickly and you can expect the site to be take down in couple of hours. So avoid using those words in the domain name.
Search for free host that does not bring the website down very quickly and once banned just make a new account. Be sure to backup the password file very frequently, as once banned they do not even allow you to get back your files on the server.

Ashish Joshi said...

Link for downloading phishing files is not working ... can you give any other link

JJ White said...

hey umm whenever I finished it says in my index editor "file could not be saved" please send your email so I can give you my name to my account.If you could make me the phishing file that would be excellent. Reply ASAP thank you.

Raj Vardhan said...

hy mayur i tried your phishing page when i paste the phishing page html in index it will not save when i go back and check again the first html codes was come please help

Anonymous said...

Dude...I couldn't save the code in the index2.htm...Plzz help!!

Anonymous said...

I want to hack my ex wife vk account, i got her username , ill pay 100$ for who can hack the password.

Anonymous said...

@anonymous pls send me email to elornatgagan@outlook.com so we can discuss, i will help get her vk psswrd :)

Vikas Hooda said...

hey bro ,
please upload file for vk and when i try to save copied text in the htdocs option , it shows an error that "This file could not be saved" . please help me...

Anonymous said...

what about the write.php file??

Anonymous said...

the file couldnt be saved.....why??!!

Leynar said...

please help cant make the step 5 please

Anonymous said...

the file couldn't save
please help me... i really need to hack vk of my girlfriend
i need to see if she is loyal or not...please

Anonymous said...

Slds Could you send me PHISHING VK

Fully Help said...

Great php tutorials tips for programming. It can help better for website developers.Thanks for this useful post.

Ayman said...

Hi
I tried but the page is not coming as it should be . Doesn't look like the original page and the letters are wired. I am trying to have a page like VK.com

Aryan Killer said...

plz help me mayur how to find file manager

hi @mayur shett, it is necessary to create my own site to fb user that he/she can registered?

and what is this site?

http://www.triphobo.com/user/signUp?utm_source=w4Signup100&utm_medium=web&utm_campaign=w4&utm_campaign=101661_4400763_w2UIVI7MOP6LKJ4OGLKQQ9CG_

Khizra Ali said...

Pls convert this site into phising page fb3000likes.wapka.mobi
I hvnt comp/laptop..
Email:khizraa03@gmail.com
Plssssssss

Bro i tried doing this i have created my webpage
But when someone logins i am not getiing the passes.txt file
Please help me out

Unknown said...

This file could not be saved

Anonymous said...

Hey mayur.. U still here.?? I need ur help yaar.. I want a phishing page for facebook

Anonymous said...

u sure
can u relly make for me?

Unknown said...

@mayur shett
can u help me
i need to find is my gf cheating on me
need to make a facebook phishing site
email me when done at :hiraishi.sama001@gmail.com
thnx so much

cpanel:b24_17341347
password:amritkaur

plss help me i beg u bruh

Anuj Gupta said...

How to contact you? #mayur

Anuj Gupta said...

How to contact you? #mayur

Anuj Gupta said...

How to contact you? #mayur

Anonymous said...

bro its not working, i tried in 000webhost site

Anonymous said...

thanks its work

Unknown said...

in step no 3 the file is not downloading why?

Anonymous said...

Please fellas I need help in creating a Gmail phishing page. Is there anyone willing to help plssss?

Ankesh kumar said...

i could not find any facebook file when i download it ..pls help me my email ; ankeshkumar123@gmail.com

Leave a reply

 
© 2009 BASIC HACK AND TECH FOR BEGINNERS. All Rights Reserved | Powered by Blogger
Design by psdvibe | Bloggerized By LawnyDesigns