Langsung ke konten utama

hacking

How To Create Facebook Phishing Android Application (No Coding Needed)

In this tutorial i’m going to explain how to make an android application with facebook phishing method, so you can get the username and password of each person who login to facebook using this app. 


Note: This post is updated with new undetectable phishing files


This app is actually looks like real facebook app with real facebook icon so victim can’t find out whether it’s a fake facebook application or not.


Sending fake page’s url to victim is not possible now a days ,that method is easily detectable in firefox and google chrome browsers that’s why i’m tested this new method to phishing facebook and it works good.


Read my previous tutorial to create latest undetectable facebook phishing page: 
Create Undetectable Facebook Phishing Site – Advanced


Let’s start,


steps

1. Make a phishing facebook login page as android browser and host to web
2. Make an android application using online app creator 


Step 1: Make a phishing facebook login page as android browser and host to web (Undetectable)


First you need to download ‘facebookmobile-app.zip‘ attachment file – Click here to download or Alternate download
It contains 5 phishing page files including a folder.


  • data.php
  • follow.jpg
  • index.php
  • login.jpg
  • users.txt

Features:

>> It is undetectable ,so the page will not be suspended by any free web hosting site.

>> Customized facebook phishing page files for mobile browser
 (It will automatically redirect to real facebook page with notification of  ‘Your password was incorrect’ while log in from fake phishing page so victim will think he entered wrong password and he won’t have any doubt about is it fake or real?). 

Now you have to upload the ZIP file (facebookmobile-app.zip) to web hosting site and get the phishing page’s url.



I prefer 000.webhost.com.

Go to: https://members.000webhost.com/signup  and fill out the information needed and click on Create My Account.



Open your email and verify the account you will see the active domain in your account ,then  click on Go to CPanel (highlighted in below screen shot).



Now open the first file manager icon under File managers section.



Go to “public_html” folder and delete the 2 files inside it. then click on “upload.



Below “Archives” section click on “Choose file“.
Select the zip file Which you have created above (In our case it is ‘facebookmobile-app.zip‘).

Click on the “green tick“.



Done!!!, 

Now what will happen,when your hosting privder will test your content they will get a innocent php file reading another file.and when they try will to access “login.jpg” file they will get an invalid/corrupted image.

Important

Now Access your URL with this id at end (/?id=facebookmobile)

Example: “www.yourdomain.sub.com/?id=facebookmobile/

Congrats! Now you have your Phishing page URL same as above (note the Url we need it in next step).

image: https://i1.wp.com/picateshackz.com/wp-content/uploads/2015/01/DH_Banner_728x90.gif
Dreamhost banner


Step 2: Make an android application using online app creator



Go to www.appsgeyser.comClick on CREATE NOW Button.



Click the option website



Paste the phishing page’s url in the field (that you created in step1)
Example: “www.yourdomain.sub.com/?id=facebookmobile/



Fill the field App name: Facebook or something related with facebook, click next

Description: give description about app, click next

Icon: custom icon > upload file – choose file ‘FacebookICON.png‘ (Click here to download FacebookICON.png) – submit



Click Next

Click Create app

You are done,

Download app to your computer then install it on your android device.


How to see stored email and pass?

When victim enter the email and and password in this app it will be stored in our ‘users.txt‘ file inside 000webhost > your domain > file manager > public_html, to see that click the view button next to users.txt file.


Inside users.txt file you can see the victim’s email and password (highlighted part in below screen shot).


If you have any doubt in this tutorial just type down a comment here.
 

Read more at http://picateshackz.com/2015/01/how-to-make-facebook-phishing-android-app.html#leTObeRIgT6FQzrl.99

Komentar


  1. I am so fortunate to have attempted contacting hack.truth and his team These hackers has successfully hacked my partner's iPhone so that I can have access to every deleted messages on WhatsApp, Facebook and email. I really appreciate you my hackers and thanks to the people that recommended them to me contact them via. hack.truth77@gmail.com

    BalasHapus

Posting Komentar

Postingan populer dari blog ini

Tentang Iptables - Drop all allow some Vs. Allow all drop some

Ketemu lagi di blog Tutorial Linux Ubuntu Berbahasa Indonesia. Kali ini kita berbicara tentang security, berbicara tentang security sudah tentu ini berkaitan dengan firewall. Pada linux atau unix, ada beberapa metode untuk memasang firewall. Sebagian ada yang memakai iptables, sebagian lagi menggunakan ufw. Saya sendiri lebih familiar dengan iptables. Seorang administrator tentunya tidak mau kan server-nya dijebol oleh pihak-pihak yang tidak bertanggung jawab. Jika hal itu terjadi rasanya langit telah runtuh tepat diatas kepala. Dalam hal keamanan linux mempunyai keunggulan jauh lebih baik daripada windows. Seperti kita tau bahwa Linux/Unix selain mempunyai tingkat keamanan yang tinggi, juga mempunyai umur yang lebih panjang daripada windows. Artikel ini akan membahas bagaimana caranya mencegah hal itu terjadi, saya akan menjelaskan beberapa cara menggunakan iptables sebagai firewall kita. Ada beberapa metode yang bisa kita gunakan, " Drop all allow some" atau ...

Kumpulan Perintah -Perintah Dasar di Linux Part 2

bertemu lagi dengan saya di blog Tutorial Linux Untuk Pemula. Pada postingan sebelumnya saya sudah menuliskan banyak perintah-perintah dasar di linux (part 1) . Pada postingan ini saya akan melanjutkan tugas saya berbagi dengan anda, blog ini adalah lanjutan dari postingan saya sebelumnya karena masih banyak perintah-perintah yang harus anda ketahui di linux. Oke langsung saja ya :D [ cat ] Teman kita yang satu ini bernama cat, tapi bukan kucing ya! :D untuk singkatan nya saya juga tidak ta u apa, tapi yan g pasti cat bisa kita gun akan untuk melihat isi file tanpa harus membuka file tersebut. Cara penggunaan : root@apocalypsix:# cat blogging.txt Perintah diatas akan menampilkan isi dari file blogging.txt tanpa harus membukanya. [ tail ] Selanjutnya ada tail , biasanya tail digunakan untuk meng ikuti perkembangan dari sebuah file se cara real t ime. Seperti misalnya pada file access.log milik apache. Jika server anda adalah termasuk server yang sibuk dari transaksi web, log ny...