WELCOME TO THC

HELLO CLAN MEMBER, WELCOME TO THC


WARNING: THIS SITE CONTAINS MIND BLOWING HACKING AND INTERNET SECURITY ARTICLES THAT ARE TOO HOT TO HANDLE................


PRESS ENTER TO JOIN THE CLAN

THC

ENTER
Showing posts with label phishing. Show all posts
Showing posts with label phishing. Show all posts

Saturday, September 24, 2011

Desktop Phishing

                                              


THIS ARTICLE IS ABOUT A NEW FORM OF PHISHING CALLED DESKTOP PHISHING, TO KNOW ABOUT PHISHING- CLICK
TO KNOW HOW TO CREATE A PHISHING PAGE- CLICK



In PHISHING :-
1. Attacker convinces the victim to click on the link of fake login page which resembles a genuine login page.
2.Victim enters his credentials in fake login page that goes to attacker
3.Victim is then redirected to an error page or genuine website depending on attacker.
But main drawback in phishing is that victim can easily differentiate between fake and real login page by looking at the domain name. We can overcome this in desktop phishing by spoofing domain name.

In DESKTOP PHISHING :-


1. Attacker sends an executable/batch file to victim and victim is supposed to double click on it. Attacker's job is done.
2. Victim types the domain name of orignal/genuine website and is taken to our fake login page. But the domain name remains the same as typed by victim and victim doesn't come to know.
3. Rest of the things are same as in normal phishing.



 




DESKTOP PHISHING

1) Modify hosts file

2) Compress and Bind it with an exe such that when he clicks on it the modified hosts file gets replace in the victims "\system32\drivers\etc" directory 

3) Host the phishing page on your computer using server software such as wampserver. 

4) When the victim tries to reach Paypal or a similar site from their computer, they are of course taken 
to the phish page running on the attackers PC which will still say "Paypal.com" in the address bar.
When the victim enters their details, they're actually placing them directly onto the attackers computer


OK Now Lets Start.. 

Step 1: Modify hosts file 

Go to C:\Windows\System32\drivers\etc 
There you will find the hosts file which will look something like this -
Desktop Phishing - PRAKASH JANAWADE Ethical Hacker
Learn more about host files >>here<<
Read more »
Posted by ar7un at 5:24 AM 0 comments
Labels: , , ,

Thursday, September 22, 2011

how to create fake login page? – How Phisher Works?


Phishing is a way of attempting to acquire information such as usernames,passwords, and credit card details by masquerading as a trustworthy entity in anelectronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mailspoofing or instant messaging and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.
A phishing technique was described in detail in 1987, and the first recorded use of the term "phishing" was made in 1996. The term is a variant of fishing, probably influenced by phreaking, and alludes to "baits" used in hopes that the potential victim will "bite" by clicking a malicious link or opening a malicious attachment, in which case their financial information and passwords may then be stolen.

   
Note- this tutorial is just for demonstration Purpose and to make you conscious that how much we have to take care while entering passwords. please do not use it for personal benefits. we do not promote hacking. If you know html or php, you will find it very easy. lets See how simple it is to construct and set up a fake login page and steal the password.


. HERE IS AN EXAMPLE:  www.facebook.com ,  DO NOT ENTER UR OWN FACEBOOK ID AND PASSWORD!!!!


HERE, CHECK OUT WHAT U HAVE TYPED:  VIEW UR TYPED FAKE ID AND PASSWORD 


hack fabook orkut yahoo gmail hotmail fake login page
NOTE: DO NOT USE THIS FOR HACKING...............!!, CREATE UR OWN PAGE....!


Requirements

1) A web hosting account
There are hundreds of websites available that offer free web hosting account, normally 100mb free with a Subdomain. Create a free web hosting account with Subdomain on any of them. The Problem with free hosting is that, as soon as they come to know that you have hosted phisher, they will Ban you. so the Smart choice is to Put some useful articles on the website that you will be getting at PROHOSTS.ORG and side by side you can also host phisher in the separate directory for example: yourname.domain.com/mywork.
Free Webhosting: http://prohosts.org/ (read note below)
Note : Never use any suspicious keywords like gmail, facebook, hotmail, gmail-login, etc in the subdomain or username. if you use, you will get banned for sure. Instead use your own name or any other name.
Read more »
Posted by ar7un at 3:37 AM 0 comments
Labels: , , ,
Subscribe to: Comments (Atom)

ShareThis

ABOUT ME
Hello guys, this is Arjun from madurai, tn , india. In this blog, u will find latest tips and tricks about hacking and security, stay updated, follow us...!!!Widget by Making Different
Twitter Bird Gadget