How To Create Phishing Link For Facebook

| 26-03-2021
[RAND-1-100] Comments

How To Create Facebook Phishing Page. hack Facebook account

Today I will tell you how you can create a Facebook Phishing page and how hackers hack anyone’s Facebook Account using the Facebook phishing page. let’s open the original Facebook page by navigating the Facebook page URL.

First of all, we open our browser and then go to Facebook.com page.

How to Put Phishing Page in a URL? To host the Facebook phishing page in a URL, you need to have two things: Domain; Web Hosting; Get a Free Domain. You can create a lifetime free domain at Bluehost if you pay for their hosting plans. Once you create a domain, you need to get hosting and setup name servers for it. Shellphish will do the rest, it will start the server and make a SSH tunnel. At last shellphish give us the phishing link. One url will be direct and long url and other will be short url. We recommend to use the direct link because sometimes url shortener banned shorted phishing urls. Okey now we can send this to victims using some social. Type in browser with no spaces - (then they give you a web address).” According to the BBB, this is a phishing scam that is trying to steal your information. Step 9: That’s it you have successfully created a Phishing page for Facebook, to view the page just click on the index file that you uploaded on the www.my3gb.com and copy the URL from the address bar. Now you can share the URL with your friends to get their passwords. Now my today's topic is how you can make a mobile-friendly facebook phishing page, so whenever your victim will open that page via going to your phishing link, a mobile responsive phishing page will open which looks like the same as the new mobile version of the Facebook login page. Com, make sure you are not logged in to Facebook.

After opening the Facebook page, we need Facebook source code let’s open the source code there is two option reading the source code right-click and click the View page source code and second is shortcut key press Ctrl + U.

Facebook source source code page will open in new window now we copy the entire Facebook source code.

Copy Source Code Facebook Page

After copy the source code we need to create a file open any editor I’m used leafpad and paste the entire source into this file.

After paste, the Facebook Source code looks like this. we need to find the line action= press CTRL+F if you use other editors your shortcut key is different, and search for action=.

Find the action= line in the Source Code.

After we found the action= line here we see another Facebook URL First we remove the login URL remember don’t remove the other line. if you remove something by mistake please copy the entire code again and repeat the process.

Now we need to create another PHP file and copy the PHP code and paste into your new file and then save the file you can choose any name of the file.

and again go to the Facebook source and again search the action= and put your new PHP file name inside the double quote, In my case my file name is post.php.

and saved the as index.html Facebook source file.

Facebook Account – Save the File (Index.html) Name.

After Save the file we need to create a another file passwd.txt, why we need to create passwd.txt In this file we found our target username and password.

Phishing
Facebook Account – Create the Passwd.txt File.

After all this process we need to add permission for all files run the chmod command and all read write executable permission.

Adding Permission all the files

Now we start our local Apache server If you want to access the page on the internet you need web hosting I’m setup the Facebook phishing page on our local machine.

our Apache server is started now open the browser and navigate our local IP address. After open the page you see a Facebook login page where we put our testing username and password please don’t put your original credentials here.

After filling the email/phone and password this page redirects to the original Facebook page and our test username and password are saved on the passwd.txt file.

Let’s check the passwd.txt file.

Note: Remember don’t use the process for illegal activity, if you enter your own original username and password and your account is hacked I’m not responsible.

Android Mobile hack read

Phishing is an art of stealing credential details or password and username of the user by providing him the similar or look-alike page that he uses to enter a password or credential details. Now we are going to tell you how you can create phishing page for Facebook.

There are a lot of ways of creating Phishing page for Facebook but we will be focusing on the method that is simple and does not require any programming knowledge. This method can be used and applied by anyone from freelancer to a programmer.

First of all, let me tell you that this article is only for educating people about how phishing works and how should they prevent phishing scams. Please don’t use these techniques for malicious purposes.

What Is Phishing?

Phishing is a most popular technique that hackers use for hacking passwords and stealing sensitive information like credit cards, banking username & passwords etc.

How To Create Phishing Link For Facebook Post

It is easy for anyone who is having little technical knowledge to get a phishing page done and that is why this method is so popular.

How To Create Phishing Link For Facebook

Phishing scams prompt users to enter sensitive details at a fake webpage (phishing page) whose look and feel are very identical to legitimate web pages. In most cases, the only difference is URL.

URL can also be spoofed in some cases if the legitimate website is vulnerable. It is difficult for a commoner to identify the phishing scams page because of its trustworthy layout.

How Does Phishing Work?

Hackers / Attackers target general public and send them phishing links through email or personal message where the victim is prompted to click on a link in the email. The user/victim will open the Phishing page that pretends to be legit.

Common people who don’t find that phishing page suspicious are induced to enter their sensitive information and all the information would get sent to the hacker/attacker.

How to Create Phishing Page for Facebook?

We are going to tell you how to create phishing page for Facebook. Again keep in your mind not to use these techniques for malicious purpose.

  • Go to Facebook.com. Make sure you are not logged in to Facebook.
  • Press “Ctrl U” to view the source code.
  • Copy the source code and paste it in a notepad.
  • Find the action attribute of the login form in the code. Search for keyword “action” without quotes by pressing “Ctrl F” in notepad. In Facebook login page, action attribute was filled with Facebook login process URL. You should replace it with process.php.
  • You have to find name of input fields using inspect element (Ctrl Shift I in Chrome), in our case, it is email and pass.
  • Save this file as index.html.
  • Now you have to get username and password stored in a text file named phishing.txt.
  • Create a file named process.php using the following code.

Process.php

<?if(isset($_POST[’email’]) && isset($_POST[‘pass’])){$password=file_get_contents(‘phishing.txt’);$phishing = fopen(“phishing.txt”,”w”);fwrite($phishing,$password.”Email : “.$_POST[’email’].” , Password”.$_POST[‘pass’].”n”);fclose($file);echo ‘<script>window.location.href=”https://wwww.facebook.com/”</script>’;}elseecho ‘<script>window.location.href=”index.html”</script>’;?>

How To Create Phishing Link For Facebook Page

How to Put Phishing Page in a URL?

To host the Facebook phishing page in a URL, you need to have two things:

  1. Domain
  2. Web Hosting

Get a Free Domain

You can create a lifetime free domain at Bluehost if you pay for their hosting plans. Once you create a domain, you need to get hosting and setup name servers for it. If you select Bluehost you don’t need to setup nameservers since it will already be set.

Get Web Hosting

Almost all free hosting panels would block phishing pages. So you need to get any paid shared hosting package, it would cost around $4 USD per month. I prefer Bluehost for their excellent service and performance.

How could you protect yourself from phishing scams?

Hackers can reach you in many ways like email, personal messages, Facebook messages, Website ads etc. Clicking any links from these messages would lead you to a login page. Whenever you find an email that navigates you to a webpage, you should note only one thing which is URL. Because nobody can spoof URL except when there is any XSS zero-day vulnerability.

What is the URL you see in browser address bar? Is that really https://www.LEGITWEBSITE.com? Is there any Green color secure symbol (HTTPS) provided in the address bar? You can prevent hacking by remembering these questions.

Perfect Phishing Pages

Check the URL here>> It is https://www.facebook.com.infoknown.com so www.facebook.com is a subdomain of infoknown.com. Therefore it is a phishing page.

Google Chrome doesn’t differentiate the sub-domain and domain, unlike Firefox does. SSL Certificates (HTTPS) can be obtained from many vendors, few vendors give SSL Certificate for Free for 1 year. It’s not a big deal for a novice to create a perfect phishing page like this. So beware of it.

Phishing scams

Phishing scams are attempts by scammers/hackers/cybercriminals to trick you to enter your sensitive information. Such as internet banking username & passwords, credit card details etc. As described above, phishing scams focus on retrieving monetary details indirectly.

How to create phishing link

Phishing Email

Most of the time phishing scams happens through email. Hackers spoof the email address of any legitimate website or authority to send phishing scam email. So the users are convinced to believe that the email is sent from a legit website.

Create A Phishing Site

By using email headers, hackers can easily spoof an email address. Server scripting languages like PHP helps a commoner to spoof from email address easily. Popular email services like Gmail are smart enough to identify phishing email and route it to the spam folder. But still, there are some ways for a hacker to send phishing emails.