My OperaHacking email accounts with phishing or fake login pages password stlealing
Monday, October 13, 2008 7:22:48 AM
This tutorial is just to make you aware of such threats , we do not promote hacking or spying,
this article is only to make you conscious that how much we have to care while entering passwords.
These days Hacking or better termed as password stealing or theft is on extreme.
so here is an article that how its done by Bad guys.
{.} Open www.jotform.com and Sign Up.
{.} then Login there with your newly registered account.
{.} now click on ‘ Create your first form’.
{.} Now delete all the pre-defined entries, just leave ‘First Name:’ (To delete entries, select the particular entry and then click on the cross sign.)
{.} Now Click on ‘First Name:’ (Exactly on First Name). Now the option to Edit the First Name is activated, type there “username:” (for Gmail) or YahooId: (for Yahoo)
{.} Now Click on ‘Power Tool’ Option (In right hand side…)
{.} Double click on ‘Password Box’. Now Click the newly form password entry to edit it. Rename it as ‘Password:’
{.} Now Click on ‘Properties’ Option (In right hand side…). These are the form properties.
{.} You can give any title to your form. This title is used to distinguish your forms. This Title cannot be seen by the victim.
{.} Now in Thank You URL you must put some link, like http://www.google.com or anything. Actually after entering username & password, user will get redirect to this url.(Don’t leave it blank…)
{.} Now Click on ‘Save’. After saving, click on ‘Source’ Option.
{.} Now you can see two Options, namely ‘Option1′ & ‘Option2′. Copy the full code of ‘Option2′.
{.} Now open Notepad text editor and write the following code their.
Paste the Option2 code here
{.} And now save this as index.html. And then host it, mean you will have to put it on the internet so that everyone can view it.
Now you can view it by typing the url in the address bar.
NOTE: If u want to send it to the internet, then first you will have to create a hosting account which you can create on www.110mb.com and there are many other sites which you can find on the internet very easily.
Name the login screen name like yahoo.com_mail_login.php?action=login&email=yes etc etc so that even if they look at the url, they don’t get suspicious, shorten your url with any short url provider
and give it some name that is similar to actual url.
lets suppose that you created your account at 110mb.com
now login to your account then click on “File Manager”, then click on “upload files” or just “upload”. Then select the file which you want to send to the internet and click on upload. And you are done.
Now you can access you file on the net by just typing the url of the file.
And you will receive password of the users that login to your site through email-id which you’ve entered while creating the form.
Now Place this website as home page at the victim’s computer, send him the link through email, trick them by saying that by using this site you can login fastly or without any problem etc and simply wait. If the user is not that much tech savvy for sure he is gonna end up prey to the login screen hacking.
See how simple is it constructing and set up a fake login screen and steal the password. Beware of such scam and be cautious while entering the password. Always look for the correct domain name while entering the password. Internet explorer 8 onwards will highlight the correct URL in a different color compared to other strings in URL.
If you are on a shared computer beware, the attacker can write in the windows host file and even make the URL as mail.yahoo.com. (How? In another post)
source -from diff. diff blogs
regrds:
Gourav sharma [[ gstek.info ]]
(90%)
