Ads 468x60px

Tuesday, 13 November 2012

Tabnabbing: Phishing Attack

We were discussing about facebook hacking there is a lots of ways through which your victim can be trapped. You may have heard about phishing. Phishing is the most common and easy way to hack facebook or any other accounts (like gmail, yahoo etc.)  Tabnabbing is also the same. It is just a step ahead from phishing, you can spice up your phishing attack so that the chances of the victim to be trapped increases. So, now I will teach you how can we perform a Tabnabbing Phishing Attack.

First of all you need some files, just go through the link given below and download it.


Having Trouble in Downloading

Now once you have downloaded the zip file named Tabnabbing. Extracting it and go through the following steps. 

Step 1: As you know for phishing you need a webhosting service so here also you need a webhosting service. I recommend you to use 5gbfree, this is free and giving you about all the functionality. If you have an account then sign in and if you don't have, then sign up and create a free account. 

Step 2: Now once you have created the account and logged in, you'll see the admin control panel. Look for the files menu and then click on file manager and click on go. 
Now on the left hand side, from the options click on public_html and then upload the files which you have downloaded before. You have to upload all the four files. 
I recommend you to create a folder and then upload the files on that particular folder. Now once you have uploaded the files and you are done. You have settled up a Tabnabbing Phishing Attack

How to Trap Your Victim? 
Remember the username which you have given while creating your account in 5gbfree. 
Following you have to type in the URL bar of your browser

www.<your user name><folder name>/google.html

In my case it will be

If you did not upload the file in a particular folder then just simply remove the folder name part from the URL. 

You have to give this URL to your victim and when the victim clicks on URL and works on some others tab, the Google page will automatically coverts in Facebook Phishing Page and if the victim logs in with that page then his details of logging will be saved into a file named log.txt and the victim will be redirected to an another page called facebook career. 

Now if the victim has trapped, then for the details you have to go the the control panel of your 5gbfree account and then in the same folder in which you have uploaded the files you will see a new file called log.txt, in this text file you'll see the log in data of the victim. 

Now at last I recommend you to use or or any other URL shortening site. Just shorten your URL with these sites and send the shortened URL to your victim so that the chances of suspecsion decreases. 

Disclaimer: This tool and information is only for educational purpose. Don't misuse it. Do not use it to harm anyone, if you do that then we are not responsible for it in any case. 
Share if you liked this Post using your favorite sharing service:

Subscribe Updates, Its FREE!


Related Posts Plugin for WordPress, Blogger...