Here I will explain you How to Hack any E-Mail or other Website Account, step by step. Today i will disclose you how the hackers really hack any E-Mail or other Website Account Password using fake pages or simply called Phish pages and the technique involved is called Phishing.
Things that we will need:
1. Phish Page.
2. A Free web hosting server to upload these fake pages.
3. An Email account for sending mails. (create one fake email account for this as your account can be banned for doing such things). Or you can use your own account on the same site, that maybe Facebook.
OPTIONAL: 4. HTML format mail that has to be sent to user (you can post your email ID's below if you need the original version of this HTML mail. And please don't put your credentials in reply of this message).
By using this hack i have hacked more than 100+ accounts of gmail, yahoo, facebook, hotmail etc... As Hacking is my passion and i love to do it for fun. But friends i have never misused it and hope that you will also not do that.
Now friends first all you should know what is phishing and how it is done...
What is Phishing?
Phishing is a technique to hack passwords of any user by using phish pages. Now what are phish pages, in general, phish pages are the fake pages that look likes the same web page the only difference lies in the METHOD and ACTION codes. In original webpage you are directed to database to that website but in fake pages you are directed to program that writes the log file that consist of username and password of the user. In fake page method function directs you to a php program that writes the log and simultaneously it redirects to original website and copy the username in the username column of original website and it shows that you have entered a wrong password and when you enter the password again then you are entered into the original website. So the user will never know that his account has been hacked, he will only think that he has entered wrong password. So isn't its a good trick.
STEP BY STEP GUIDE
1. Download your required phish (fake login) page from here:-
2. Now Extract the folder.
3. Now open the folder. In this folder you will see two or three types files.
a) .html
b) .php
c) .txt
.html is the phish page that looks like original login page of that site, when user enters his credentials i.e. username and password, then it will be redirected to write.php file which will write username and password to log file and simultaneously redirect the user to original website, that will show you have entered wrong password.
4. Now Create a fake account for sending mails and creating account on free web hosting server.
OPTIONAL: How to create Gmail account without Phone verification?
Its pity simple to create Gmail account without Phone verification. At the time when you create new account, when you choose email ID (i.e. username), choose it as much as unique or absurd that you can. Now create the account, gmail will not ask you for phone verification.
OPTIONAL: 5. Now when you have created the fake account for testing this hack, you have to configure this email account setting. Login to fake Gmail account and click on settings. Then go to Accounts and Import and then in front of Send Email as you will see edit info as shown in below snapshot.
6. Now You have to create account on free Web Hosting website. The website that i will use to explain is www.t35.com (you can use other sites like http://www.110mb.com too). When you open the website there you will see a button "START UR WEBSITE" click on that. Now you will see new page there enter the credentials and create account. Then go to your fake email address and validate the account.
7. Now login into your account in t35.com and Now click on New Directory as shown below:
Create a new directory with the name of the site on which your victim's account is, (that maybe Facebook, Gmail, PayPal, or any other).
After confirming go back to main directory as shown:
Now double click on folder on t35.com that we have created in previous step. Now you will be inside that Directory. Then click on Upload button as shown is figure:
Now after confirming the files upload go back to main directory which you created. Now there you will see three files and click on the open in front of the .html file as shown below:
Now you will see the something awesome below:
8. Now we have created the fake page but its detectable. Let's make it more undetectable. For that go to www.dot.tk and copy the link of your .html fake login page, paste it in, and Click on Next. As shown below:
Now after that enter a fake domain name her like gmailvalidation.tk or facebookwebmaster.tk or yahooupgradation.tk or anything similar to that as shown...
3. Now open the folder. In this folder you will see two or three types files.
a) .html
b) .php
c) .txt
.html is the phish page that looks like original login page of that site, when user enters his credentials i.e. username and password, then it will be redirected to write.php file which will write username and password to log file and simultaneously redirect the user to original website, that will show you have entered wrong password.
4. Now Create a fake account for sending mails and creating account on free web hosting server.
OPTIONAL: How to create Gmail account without Phone verification?
Its pity simple to create Gmail account without Phone verification. At the time when you create new account, when you choose email ID (i.e. username), choose it as much as unique or absurd that you can. Now create the account, gmail will not ask you for phone verification.
OPTIONAL: 5. Now when you have created the fake account for testing this hack, you have to configure this email account setting. Login to fake Gmail account and click on settings. Then go to Accounts and Import and then in front of Send Email as you will see edit info as shown in below snapshot.
6. Now You have to create account on free Web Hosting website. The website that i will use to explain is www.t35.com (you can use other sites like http://www.110mb.com too). When you open the website there you will see a button "START UR WEBSITE" click on that. Now you will see new page there enter the credentials and create account. Then go to your fake email address and validate the account.
7. Now login into your account in t35.com and Now click on New Directory as shown below:
Create a new directory with the name of the site on which your victim's account is, (that maybe Facebook, Gmail, PayPal, or any other).
After confirming go back to main directory as shown:
Now double click on folder on t35.com that we have created in previous step. Now you will be inside that Directory. Then click on Upload button as shown is figure:
Now after confirming the files upload go back to main directory which you created. Now there you will see three files and click on the open in front of the .html file as shown below:
Now you will see the something awesome below:
8. Now we have created the fake page but its detectable. Let's make it more undetectable. For that go to www.dot.tk and copy the link of your .html fake login page, paste it in, and Click on Next. As shown below:
Now after that enter a fake domain name her like gmailvalidation.tk or facebookwebmaster.tk or yahooupgradation.tk or anything similar to that as shown...
Now click Below to confirm as shown:
9. Now Creation Part is over, now we have our link that we will send to the user. Now How we will send it to user. Open your fake email account that you have created in step 5 and step 6. Click on Compose mail and In Subject Enter "Notice: Please Verify your Gmail Account" (without quotes).
And in body write something like that we have seen illegal activity from your account. please verify your account within three days other we have to lock your email account. For verifying visit here gmailvalidation.tk and send it to user. If you are going to hack his Facebook or Twitter Account, post that link directly on his profile, by insisting him to enter his credentials someway. This technique is called Social Engineering.
10. Now just wait one day or few hours till user enters his credentials. (depends how fast the user reacts to the email). Once the user logs in to his Gmail account using your Phisher, his user ID and password are ours. And these are stored in log.txt What you have to do is just refresh your Web hosting account files.
11. The Log.txt file will contain the passwords and look like this:
Thats all Now you have hacked the password of victim. I hope you all have Liked It.
How to Protect Your Accounts From Phisher???
1. Always check the URL in the address bar before entering username and password.
2. Never follow any link from your email and any website until u have confirmed the Address bar URL.
3. Never Follow spam & scam mails and "Win lottery or Cash" mails.
0 comments:
Post a Comment