In this Facebook Phishing Attack, we’ll create a fake Facebook Login page which we’ll host it either on our local server or in the web server. To perform this phishing attack, we’ll manipulate the HOST FILE in the victim’s computer to redirect the victim to OUR PHISHING PAGE whenever he or she tries to visit Facebook’s Login Page. At the bottom of this post, you can find a video tutorial.
Keep in mind that to perform this type of phishing attack you need to have access to the victim’s computer.
To understand this attack, we’ll first need to understand Domain Name Server (DNS). Every website is hosted on a server which has an specific IP address (Think of it as your home address and you yourself being the Facebook site. Whenever someone needs to visit you(facebook page) he/she should know your address(Ip Address) ). So whenever a user types in www.facebook.com on the browser, the DNS server relates the url www.facebook.com to Facebook’s IP address and that’s how you connect to Facebook.
Now, there’s a file named “HOSTS” located at C:\Windows\System32\drivers\etc. Host file is a system file used by the operating system to map the host names with their respective IP address. Say for instance, when a user types in www.facebook.com on a browser, the host file is checked for it’s respective IP address. When it is not found, only then the request is handled by the DNS server which translates the hosts name in the IP address and redirects the request to the corresponding server.
Our objective is to change the HOSTS file on the victim’s computer so that whenever the victim tries to visit facebook he or she will be redirected to our Phishing Page.
Let’s Get Started
1. Creating a Facebook Login Phishing Page
a. Browse to Facebook’s login page and right click anywhere on the site and save it as index.html in a folder on your computer.
b. Now open the index.html file with a text editor (notepad, wordpad, etc) and search for action=”https://. Change the url to mail.php and save the file.
Make sure you change the "action" attribute of the login form !
c. Download the code from here and save it as mail.php on the same folder.
We now have our Facebook Phishing page ready !
2. Hosting the Phishing Page
Now you can either host the facebook phishing page on your local server or on the web server.
Learn to host the phishing page on your local server.
Learn to host the phishing page on a web server
3. Changing the HOSTS File
On the victim’s computer, browse to c:\Windows\System32\drivers\etc. Right click on the Hosts file and open it with notepad or any text editor.
At the bottom, place the IP address of your server in which you’re hosting your phishing page and beside that write www.facebook.com.
Now whenever the victim visits Facebook, he/she will be redirected to your phishing page. Once they enter their username and password and click log in, their login credentials stored on a new file asdf on your server.
To check the login details simply visit the server and check the file.