NOTE : All demonstrations are for educational purposes only. Author takes noresponsibility of any misuse of script/tuts mentioned in this site.
DIFFICULTY LEVEL : Medium/ Hard
DEPLOYMENT: Medium
INFORMATION YIELD: Strong
As I promised in previous post What is phishing . I am gonna guide you through whole process of creating a simple phishing page of Facebook where you will create a clone Facebook page, then will store this page on a web hosting service and then try to capture the POST message containing victim’s login and password.
How this system works ?
In real world, this information containing packets (POST messages) are sent to Facebook server by our web browser for the verification process of user. But in this very phishing case, this POST message will straight come to our hosting area.
(In real life, browsers and Facebook servers use https protocol which is the secure version of http and uses 128-bit encryption methods for information exchange. So technically speaking if we ever appear successful in capturing the packets during their way to Facebook. It would be almost impossible to decrypt that information…)
Since http is not a secure protocol and we ll be using this protocol for information exchange from our victim, we won’t have any need to decrypt data as it would come to us in plain text.
No comments:
Post a Comment