How to make phishing page of any website code#
Note that you need to do some modifications to this code to suit your requirements. Following this we redirect the website to the original login page.Next we append the variable values to a file called “ logs.txt” ( note that it is created automatically if it’s not present).
How to make phishing page of any website password#
We store the username and password that arrives via the POST request in the $user and $pass variables respectively.Paste the following code in it and save it. The final thing left now to do is create a php file in the same folder as the original login page and call it “ save.php“. Notice that now the action parameter value has been changed to send the credentials to save.php page instead. And in this page we will write a snippet of code which instead of verifying the login will instead save the credentials. It takes username and password from input fields and on pressing login button, sends the credentials to “ login.aspx” page which verifies the login.Īll we need to do now is…….instead of sending the credentials to login.aspx page, send it to another page say “ save.php“. If you understand HTML then it is easy to see that this is a form with method of POST. Skim through the code and go to the login mechanism. Now open up the folder where you saved the webpage and open the login page in a text editor. On the dialog box that appears next, save it to a location you want to but make sure “ Web Page, Complete” is selected. Next, right click on page and click Save Page. To start off, first visit the login page of the website you need to clone. The victim might think that they might have mistyped the credentials. You can customize it as per your need, say for example give an error “Incorrect Username or Password” and redirect to the original login page so it doesn’t look suspicious. Even some of them like SE-Toolkit allow you to clone any site.ĭoing this manually has an advantage. They have pre-defined templates for popular social networking websites such as Facebook, Twitter, Instagram etc. There are many automated scripts which can auto create phishing pages. All they need to do is understand the code and get the login mechanism part. Did it ever cross your mind if you could manually create a phishing page for any website you want? Well, it’s not that difficult after all and even people with no programming background can do it easily as well.
Hello Amigos! Phishing is a very famous and common form of Social Engineering attack.