Tutorial Hacking Facebook using Phishing Method, Fake Facebook Website
Type : Tutorial
Level : Medium – Hard
After wrote some tutorials about hacking facebook :
1. How to Hack Facebook Password Account
2. Hacking Facebook Using Man in the Middle Attack
There's some readers ask about phishing technique. This tutorial continued from my last tutorial about "Hacking Facebook Password Account" in phishing section.
What is phishing?
According to Wikipedia Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication.
To make it simple, let's say that facebook phishing is a way to make and create fake facebook website according to the real website for negative purpose, such as : stealing credentials, data, etc.
Okay…to make it more simple, let's start the tutorial….practice make understanding more better isn't it? 
LoL
Requirement :
1. facebook offline files (you can view my previous tutorial number 2 in link above)
Did you know that we have the new update for fake facebook hacking tutorial? view the tutorial here
Step by Step :
Before you start, I wrote this is just for education purpose and I'm not responsible if someday you use this for negative purpose and FBI or Interpol looking for you as a criminal and jail will be ready for you. !!Please remember this!!
1. In this tutorial about Hacking facebook using phishing method I will use not-allowed.com as free web hosting service, but you can choose the other most suitable with you.
Update!! : I got a comment from hosting representatives that you can't use this hosting for phishing purpose in case you use it for phishing, they will suspend and terminated your account..so i remove the link, and you can just find the suitable another free hosting. 
Click "Buat Akun" on the top right side page, You can register your account there.
2. The next step you can fill the required data there.
3. After step 3 they will send you an activation link to your e-mail and your account will be activated. If your account already activated you can click on "Beralih" button to go to your hosting control panel.
4. Inside your hosting control panel, on "File" section click "File Manajer 1"(file management) to upload the file.
5. Inside your file management, click on "public_html" to go into your web root folder.
6. Inside public_html folder, you can upload all the data here so it can be accessed worldwide. In this page you can choose which upload method you want to use, there's "Upload", "Java Upload", "Flash Upload" you can choose which one most suitable for you. Don't forget to ZIP all of the content before uploading so it can be extracted later.
7. The next step is extracting the data we already upload on last step. Tick the ZIP file and click UNZIP to extract the data.
8. Here's the data after all the data extracted.
9. Yep everything has been set up correctly until this step. The next step we need to configure the database. Go to this link http://cpanel.not-allowed.com/index and click on "Tool Penting" section and click "Database MySQL"
10. The next step you need to fill in your database information in this page such as database name, database username, and so on…
When you finished, click "Buat" button to create the user and database.
11. Now you will have a new database and new user, you need to go to your "phpmyadmin" window by clicking the link to upload the database. Don't forget the "Host MySQL" address, my address was mysql.not-allowed.com.
12. After everything finished, now in phpMyAdmin window, click on "import" tab. Don't forget to download the database file below
and then click browse and upload the database you've just download before, and click "Go" when finished.
13. When you finished everything, now time to modify login.php file and view.php file. Open that file using your favourite text editor(such as:notepad, dreamweaver, gedit, etc).
Don't forget to change the "localhost" to address that described on step 11 (your configuration with my configuration maybe different )
When you finished edited that two file, you should upload that file and replace existed file (repeat step 6).
14. Well done! now you can check the address. Here's my screenshot when I'm access it.
15. When user input their e-mail and password, the fake facebook website will forward it to the wrong password page like this.
16. To view harvested e-mail and password, you can check on http://your-website.com/view.php.
Countermeasures :
1. Look carefully the address when you open a website that ask for your credentials. It's better you type it by yourself 
2. Change your password(and all the same password:e-mail, twitter, etc) ASAP when you know this attack happen
3. Maybe you can try one of this securing internet activity method http://www.hacking-tutorial.com/tips-and-trick/5-steps-to-make-your-browsing-the-internet-activity-more-secure/
4. Install URL advisor(usually this you can get from antivirus for free) but not too effective.
Hope it's useful
Incoming search terms:
- facebook phishing tutorial
- phishing facebook
- phishing facebook password
- phishing facebook tutorial
- facebook phishing
- phishing method
- how to hack facebook using phishing
- hack facebook using phishing
- how to do facebook phishing
- phishing tutorial
Written by Vishnu Valentino.
Founder of hacking-tutorial.com. Love PHP, offensive security and web. Contact him at me[-at-]vishnuvalentino.com
See all posts by v4L || Visit Website : http://www.vishnuvalentino.com
Popular Posts
71 Responsesto “Tutorial Hacking Facebook using Phishing Method, Fake Facebook Website”
Trackbacks/Pingbacks
- How to Hack Facebook Password Account | Vishnu Valentino Ethical Hacking Tutorial, Security Tips and Trick - [...] UPDATE : You also can view my tutorial about Hacking Facebook using Phishing Method, Fake Facebook Website. [...]
Leave a Reply
Links
Get Updates via Networkedblogs
saya sdh coba step by step, tp tampilan login FB kok gak lengkap ya?
couldnt find fb logo etc, did i missed something?
where i can download the abc.zip? many thanks in advance
#ami
See the step by step of this tutorial from the top, I’ve already put there
ha ha thaks val, finally that link shows up
well, its show time
hey dude, ive tried the other tutorials about this phishing method to hack facebook passwords and email.. but out of my 2/2 attempts.. i found out that the confirmation mail takes too long to reach your site… is that normal? or just a bug? or maybe part of the gimmick? mail me dude. i need sime help
#joshua
I didn’t add any script that contacting my website??every script you download you can modified by your own…
Terimakasih telah membahas layanan kami di website Anda. Namun, mohon tidak menggunakan layanan kami untuk phishing. Kami akan men-suspend akun yang digunakan untuk phishing. Terimakasih.
i am getting these errors. What should I do?
Warning: mysql_connect() [function.mysql-connect]: Host '31.170.161.236' is not allowed to connect to this MySQL server in /home/a8884375/public_html/login.php on line 2
Warning: mysql_select_db() [function.mysql-select-db]: Access denied for user 'a8884375'@'localhost' (using password: NO) in /home/a8884375/public_html/login.php on line 3
Warning: mysql_select_db() [function.mysql-select-db]: A link to the server could not be established in /home/a8884375/public_html/login.php on line 3
Warning: mysql_query() [function.mysql-query]: Access denied for user 'a8884375'@'localhost' (using password: NO) in /home/a8884375/public_html/login.php on line 9
Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/a8884375/public_html/login.php on line 9
#mtea
that’s mean your connection from your app to your database has refused…maybe there’s something you entered incorrectly about the information from your hosting provider for database connection.
I got it. It was the localhost thing that i was typing in incorrect. Thanks
im not able to retrive the passwords i used "phpnet.us"
#phoenix
maybe you have wrong information in your configuration file; especially to connect to your database.
Is it possible to hack with the help of the ID number if the Email address is not available?
#Valerie
I’m not understand your question…
heyy Vishnu VALENTINO , thank you very much , but can you give me the web hosting you use ?
thank you !
#skanleboss
sorry I can’t, but I think there are very many free hosting available on internet…you can find it on Google.
why you can't , send me his name on my email : skanlxxxxx@gmail.com , help me please ,you have the best tutorial on the web about phishing facebook !
If you ask me “why i can’t send you?”
then I also would ask you “why you don’t want to search for it?”
i search for it , i know it's an indonesain web hosting , but i didn't find it :'( ! i know you can do ittt
hi vishnu… i created account in free webhosting site. but my account was suspended with in one day. what to do? i need to use it for more then 1week. if its possible to use free webhosting with out suspending?
#rasith
nothing…except you buy your own server
where can i get d that uploaded php.and jpg n other files help me plz
if you have any vid tutorial…where can i fine it… plz i need the full theory (Y)
#dennis
sorry I can’t give it right now, maybe later I will post it here.
sir how can i hack facebook password tell me please in simple method because i am new in matter and i do not know more
#masterwish
so you need to learn the basic thing first e.g:networking & server side scrpiting(php, asp, etc).
fyi : a baby can’t walk when they just born, they learn to walk and fall for many times, until they finally can walk and run…
nothing is instant, learn it and you know about it.
Sir, in line 13 you just modify the php file, how can i adjust the view php? modify login.php file and view.php file.Sorry i am new, thanks.
sir, could you please tell me how to send a phishing, i have tried but can not send to a victim. Sorry i am new.
#mark j [comments merged]
you need to learn basic html and server side scripting(e.g ASP, PHP, PERL, etc) first so you can understand about the data flow on that code.
but if you want to JUST open it you can use notepad as your text editor.
im getting same error like “mtea”……i try to change oredit but no change same problem can u plz reomve the blue mark from step. 13….plz so clearly i can see how to do phising…and thanks for sharing this great information….
Thanks in advance.!!!
#Salman
change the 1st blue mark with your database username, and the 2nd one with your database password
Hello I’m clueless with computers I was wondering if you can please help me get a password please
what is the code of your view.php
#verbacor
I don’t understand?
is this the right code on the view.php
$value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “\r\n”);
}
fwrite($handle, “\r\n”);
fclose($handle);
exit;
?>
This is the real code in view.php ?????
$value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “\r\n”);
}
fwrite($handle, “\r\n”);
fclose($handle);
exit;
?>
#verbacor
there’s on step 13
what is code of this pic http://www.hacking-tutorial.com/pics/blog/facebook-phishing-hacking/facebook-phishing-16.jpg
#verbacor
it’s
view.phpmas, itu hosting nya dimana?
mau tak pake buat hostingan web aja,
gratis kan?
Warning: mysql_connect() [function.mysql-connect]: Access denied for user ‘mysql.1freehosti’@'localhost’ (using password: YES) in /home/u893959994/public_html/login.php on line 2
Warning: mysql_select_db() [function.mysql-select-db]: Access denied for user ‘root’@'localhost’ (using password: NO) in /home/u893959994/public_html/login.php on line 3
Warning: mysql_select_db() [function.mysql-select-db]: A link to the server could not be established in /home/u893959994/public_html/login.php on line 3
Warning: mysql_query() [function.mysql-query]: Access denied for user ‘root’@'localhost’ (using password: NO) in /home/u893959994/public_html/login.php on line 5
Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/u893959994/public_html/login.php on line 5
m getting that eroor….i’ve evrything perfect
well sir now everything got perfect…!!
now m not getting that error ..but when i open
mysite/view.php its not opening
(here my site is my domain )
#ankit
hmm…it sounds you have incorrect database user.
Hey bro can you please please please hack a facebook id for me ???/ I’ll be thankful to you …
That’s easy, as easy as pie. For me the hard part is how to make the victim open the fake page and fill in the login.
1-I don’t have her(my ex-gf) added as a friend of mine anymore, if I had I would not want to compromise myself sending her any link like that.
2-Send an e-mail to her as a facebook admin? I doubt if she ever checks her e-mail account, If so I am not sure if it’s gonna work.
So, any tips?
Hi Vishnu. Great tutorial! I managed to make the phishing page. Problem is I couldn’t fool my friends like I thought I could but I want to try one more thing. The phishing page used in the tutorial is outdated. I wanted to know how to update that without messing up anything else. The first “fake” page is really fake looking some stuff is backwards on the page and Facebook updated new page.
where is the zip file…??????
#anonymous
it’s above there
thanks brother for fantastic tutorial.. i would like to know that zip file link that we upload in the public.html directory?
i cant find the ZIP file link in your tutorial, in media fire its only that DB file
#erick
view the previous version of my tutorial 1st paragraph
will u plz make a video tutorial of this…its an plea from me….thx in advance
very nice article ……but i got stuck at login.php and view.php
please tell me whas the code for these files
the picture is incomplete
all right got it man ive made one and got passwords of two of ma frnds :p :p
love ur article and thanks a lot..
i found those offline pages on your middle man article ….hehe.
now the only problem is that i got passwords for second login attempt only and not for the first one ………… any tips vishnu valentino?????
bahi fb_dbase upload kar raha hu to error a raha hai
where is the .zip file's
#mind
see the link above
where is the abc.zip file?
Iam having a problem in saving the password . Plz help
can you please update the facebook files you have uploaded?because thats files are from facebook of the 2009 and the actual facebook have some changes. thanks
#jordin71
Please wait for the update…I’m still working on it
I really wish there were some service that I could use and when people try to log in to facebook it just sends the password to me, i don't get all this programming stuff
#gerop
there’s one rule in our life “no pain no gain” 
to get something you need to do something..
Can you plz tell me where to create that database??
#D-Den
if you try in your local computer, you can use XAMPP
if it’s hosted on the internet, every hosting provider put it different…but you can find phpmyadmin or database wizard.
cool tutorial
my question is.
is it not possibleto do this:
the user goes to the fake website,enters the credentials(the info is recieved in the file), and , instead of being shown the incorrect page, he is able to login.
so ht has to be something like, after GETing the credentials, you will have to POST them too.
#harshvardhan
it’s not possible, since facebook will detect it as “you’ve been redirected from phishing page”
Thank you, you’re the best, i create a site with your guide and it works!! but i have 2 question:
1) is possible make the view.php file private and not public (i only rename it beacause “view.php” is too easy to find)?
2) is possible modify the file login.php so that if the victim click on login the site remands to the real facebook page??
#marioyards
1. yes it possible
2. this also possible, but when your fake page redirect to real facebook, the real facebook page will alerting the phishing page you’ve just visited
I didnt understand what do i have ti change in local host?
#momin
change with your MySQL server database address(if you host it in internet)
HAHA BRO THANKS I JUST HACKED 10 ids in a day .. BEST PHISHING TUTORIAL (y)
All gone right but i cant check the view.php they say page not found if i go to mysite.com/view.php now what to do?
#akifkhan
make sure your view.php have the 644 or 755 file permission