Query about facebook phishing
2 views
Skip to first unread message
Karthik R
Jan 28, 2011, 12:49:04 AM1/28/11
to null-co-in
Hi all,
I have done a phishing site for demo purposes, but then the when i
redirect it to www.facebook.com , facebook gives a message stating
that the URL that directed didnt originate from facebook, and hence
pls change the password if you have provided the login information. I
dont want this to happen, what a way to do it.. pls help.
You can have a look at my phishing link
enter test case and press login, and the facebook warning comes, I
dont want this warning to come and wanna make this demo more
convincing. Please help me.. :)
Cheers
Karthik
--
Karthik R
B.tech (IT)
National Institute of Technology Karnataka, Surathkal '12
http://kraudiography.wordpress.com/
Beenu Arora
Jan 28, 2011, 7:51:04 AM1/28/11
to null-...@googlegroups.com
This is insane , where people are actually sharing the phishing links and asking how to create them.
--
Regards
Beenu Arora
www.BeenuArora.com
Simply unbelievable. Mods , what are you upto?
--
null - Spreading the right Information
null Mailing list charter: http://null.co.in/section/about/null_list_charter/
--
Regards
Beenu Arora
www.BeenuArora.com
Deepak Mittal
Jan 28, 2011, 8:15:57 AM1/28/11
to null-...@googlegroups.com
Try redirecting it to a bit.ly link which points to facebook. That
shouldn't throw a warning, afaik.
shouldn't throw a warning, afaik.
> --
> null - Spreading the right Information
> null Mailing list charter: http://null.co.in/section/about/null_list_charter/
--
Regards,
Deepak Mittal
Aditya Lad
Jan 28, 2011, 8:48:00 AM1/28/11
to null-...@googlegroups.com
spoof the referer in ur facebook http request.
Karthik R
Jan 29, 2011, 12:07:09 AM1/29/11
to null-...@googlegroups.com
@Beenu: I m sorry, it was wrong from my part, but i cudnt get a way out of that error.. thats all... I posted here.. just for learning purpose
@Deepak and Aditya: I ll try it and let you know, thanks :)
@Deepak and Aditya: I ll try it and let you know, thanks :)
Vimal Kumar G - Proprietor, M/s. Varun Infosys
Jan 29, 2011, 1:01:16 AM1/29/11
to null-...@googlegroups.com
Hai Karthik,
I have checked u r site, when i tried to login in that it says facebook password reset.
some how it may be........ do some thing new man...
------------------------------------------------------
Mr. G. Vimal Kumar, Proprietor
------------------------------------------------------
M/s. VARUN INFOSYS
Shop No: S.F. 8 & 9, Sri Krishna Devaraya Shopping Complex,
Eluru Road, Vijayawada - 520002. Andhra Pradesh, INDIA.
Phone Office : +91 0866 6666631,
Tele Fax : +91 0866 6666632, Ph/Cell/Mobile : +91 9848687816
Mr. G. Vimal Kumar, Proprietor
------------------------------------------------------
M/s. VARUN INFOSYS
Shop No: S.F. 8 & 9, Sri Krishna Devaraya Shopping Complex,
Eluru Road, Vijayawada - 520002. Andhra Pradesh, INDIA.
Phone Office : +91 0866 6666631,
Tele Fax : +91 0866 6666632, Ph/Cell/Mobile : +91 9848687816
Note: If more than 3 -4 rings from same mobile / land line it will be treated in blacklist of continuous ringing for the Mobile Numbers. 9848687816 / 8008887816. no persons will be entertained * (if customers / clients, etc) or any official matters. No Excuses to any one. Please Consider this or its your problem not to me.
Email: vi...@varuninfosys.in
Website : http://www.varuninfosys.com || http://www.varuninfosys.in ||
------------------------------------------------------------------------------------------------
Save a tree. Don't print this e-mail unless it's really necessary
--------------------------------------------------------------------------------------------
This email and any attachments to it contain confidential information and are intended solely for the use of the individual to whom it is addressed.If you are not the intended recipient or receive it accidentally, please immediately notify the sender by e-mail and delete the message and any attachments from your computer system, and destroy all hard copies. If any, please be advised that any unauthorized disclosure, copying, distribution or any action taken or omitted in reliance on this, is illegal and prohibited. Furthermore, any views or opinions expressed are solely those of the author and do not represent those of VARUN INFOSYS. Thank you for your cooperation.
--------------------------------------------------------------------------------------------
Email: vi...@varuninfosys.in
Website : http://www.varuninfosys.com || http://www.varuninfosys.in ||
------------------------------------------------------------------------------------------------
Save a tree. Don't print this e-mail unless it's really necessary
--------------------------------------------------------------------------------------------
This email and any attachments to it contain confidential information and are intended solely for the use of the individual to whom it is addressed.If you are not the intended recipient or receive it accidentally, please immediately notify the sender by e-mail and delete the message and any attachments from your computer system, and destroy all hard copies. If any, please be advised that any unauthorized disclosure, copying, distribution or any action taken or omitted in reliance on this, is illegal and prohibited. Furthermore, any views or opinions expressed are solely those of the author and do not represent those of VARUN INFOSYS. Thank you for your cooperation.
--------------------------------------------------------------------------------------------
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
dangerous content by MailScanner, and is
believed to be clean.
On Sat, Jan 29, 2011 at 10:37 AM, Karthik R <karthi...@gmail.com> wrote:
@Beenu: I m sorry, it was wrong from my part, but i cudnt get a way out of that error.. thats all... I posted here.. just for learning purpose
@Deepak and Aditya: I ll try it and let you know, thanks :)
--
aditya
Jan 29, 2011, 12:41:39 AM1/29/11
to null-...@googlegroups.com
Man this is really cool. :D
utsav mittal
Jan 29, 2011, 12:40:15 AM1/29/11
to null-...@googlegroups.com
@Karthik its good that you are trying to learn, but please make sure that whatever you do is for harmless fun and research and is within the legal framework.
@Beenu , I think people should not be discouraged to research like this, (although a whole phishing page doesn't qualify for this :P), but still this is a free forum and members should be sane enough to use the knowledge for ethical purpose.
@karthik if you are successful in carrying out this attack, then you would have discovered a vulnerability that is known as "Unvalidated redirects and forwards", It is one of the OWASP TOP 10.
I think any person who is interested a part of should be sane enough to learn about the Indian IT act 2000 (amended in 2008).
So that he/she is aware of the legal ramifications of the actions that can be termed against law.
The mere act of phishing is is punishable upto 3 yrs in prison and fine upto 3 lakhs.
I am also sending some recent cyber law cases, of which some also pertain to phishing.
There is only a thin line between right and wrong, and we as infosec professional are always working on that line.
Even a small error, indiscipline or a little greed can be really devastating for the whole life.
Happy Hacking !
r3dm0n
On Sat, Jan 29, 2011 at 10:37 AM, Karthik R <karthi...@gmail.com> wrote:
@Beenu: I m sorry, it was wrong from my part, but i cudnt get a way out of that error.. thats all... I posted here.. just for learning purpose
@Deepak and Aditya: I ll try it and let you know, thanks :)
--
Karthik R
Jan 29, 2011, 12:27:29 AM1/29/11
to null-...@googlegroups.com
Deepak: I tried shortening facebook to a bit.ly link and then, putting that shortened link in the php code, still its giving the same error!
@Aditya: what do you mean by spoofing the http?? :O
@Aditya: what do you mean by spoofing the http?? :O
Rohit Srivastwa
Jan 29, 2011, 1:35:40 AM1/29/11
to null-...@googlegroups.com
Hey Vimal
./Rohit
Liked the <title> tag of your websites :D
./Rohit
Aditya Lad
Jan 29, 2011, 1:47:04 AM1/29/11
to null-...@googlegroups.com
Please make sure you dont use it for any unethical purpose, it would an insult to the knowledge you gained :(
After the successful auth, the server sets the auth cookies and redirects you to the home. The home, performs a cookie validation and also checks if the request came from a trusted source by checking the referer header of ur http request. if it is not from a trusted source (like facebook in this case), it knows there is something 'phishy'. So you may need to check the referer value that you are sending, to the home.
After the successful auth, the server sets the auth cookies and redirects you to the home. The home, performs a cookie validation and also checks if the request came from a trusted source by checking the referer header of ur http request. if it is not from a trusted source (like facebook in this case), it knows there is something 'phishy'. So you may need to check the referer value that you are sending, to the home.
On Sat, Jan 29, 2011 at 10:57 AM, Karthik R <karthi...@gmail.com> wrote:
Deepak: I tried shortening facebook to a bit.ly link and then, putting that shortened link in the php code, still its giving the same error!
@Aditya: what do you mean by spoofing the http?? :O
Reply all
Reply to author
Forward
0 new messages