Phishing attack:- phishing is an example of social engineering techniques being used to deceive users. Users are often lured by communications purporting to be from trusted parties such as social web sites, auction sites, banks, online payment processors or IT administrators. Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords details by disguising oneself as a trustworthy entity in an electronic communication. Typically carried out by email spoofing or instant messaging, it often directs users to enter personal information at a fake website which matches the look and feel of the legitimate site.
How to Create Facebook Phishing attack Page step by step:-
Step 1:- first of all you need to download hidden eye software from GitHub website. Open this link (https://github.com/DarkSecDevelopers/HiddenEye)
Step 2:- Now click on clone or download option. Then select download zip option.
Step 3:- Then select the location then choose save file radio button then click on OK.
Step 4:- This file will show in zip format.
Step 5:- Right click on it then select extract here option or extract to option if you will select extract to option then you need to select the location where you want to extract.
Step 6:- You can see the folder of Hidden Eye folder. Now open this folder then again a folder will show you again open that folder.
Step 7:- You will see these file and folder.
Step 8:- Right click here then click on open terminal.
Step 9:- Now type here “ls” command to see all the file and folder in kali linux terminal.
Step 10:- Now type here “python3 HiddenEye.py“
Step 11:- First time when you run “python3 HiddenEye.py” command then it will not work properly and this type of message will show on terminal.
Step 12:- Again run “python3 HiddenEye.py” .
Step 13:- It will automatically download Nagrok. (Nagrok is a server it will create link of phishing page).
Step 14:- After that you can see the message will show Hidden Eye is Opening please wait.
Step 15:- Now it will ask you do you agree to use this tools for education purpose only ? (Y/N). don’t press anything we need some setting in kali linux.
Step 16:- Now minimize the terminal and open Hidden eye folder and then open server folder you will see nagrok file it will not exist that time when you extract the hidden eye zip file after the downloading nagrok you will see nagrok in server folder.
Step 17:- Right click on nagrok and select copy option.
Step 18:- Now open “bin” folder in kali linux.
Step 19:- Now paste the nagrok here.
Step 20:- This is necessary to paste nagrok here.
Step 21:- Now maximize terminal and you have to press y otherwise it will close hidden eye.
Step 22:- Now you will see this type of option there are 34 site name. select the number of site to create phishing page of that particular website
Step 23:- Press 1 to create Facebook phishing page.
Step 24:- Now choose 1 to create standard page phishing.
Step 25:- It will ask to add key logger in phishing page. if you want to show the keystroke then press Y When victim will press anything on that phishing page which is created by then every key stroke will show you in text form otherwise press N.
Step 26:- You will see key logger added option.
Step 27:- Now type original site name of facebook.com because when you will send a phishing page link then victim will press username and password on that phishing page then it will open the original website of facebook.
Step 28:- Type 1 to select nagrok. i will define serveo server in next content.
Step 29:- Now it will show some message read it then press enter to launch nagrok.
Step 30:- you can see the two type of link https and http you can you one of them.
Step 31:- Now select the link then copy it. Now send it to victim browser.
Step 32:- Now you can see the phishing page of facebook .
Step 33:- when victim will type user name and password and then click on login.
Step 34:- Then it will open original facebook page.
Step 35:- when victim will press anything on that phishing page then terminal will show like this.
Step 36:- Now open hidden eye folder then open server folder.
Step 37:- then open www folder.
Step 38:- You will see these text file.
Step 39:- You can the password and username.
Step 40:- Key logger data typed by victim on that phishing page.
I hope that you understand my post. if you like this post then share my post, and comment on my post if you have any suggestion or Queries related to phishing attack. hacking is illegal. This content is only for education purpose. Thank you!