password phisher

Posted by: tiger

password phisher - 01/29/06 01:42 PM

I am looking for links to read up on password phishing. Fake log in screens etc. I am not asking for anyone to tell how to do it but just a point in a direction.

Is this as easy as it seems? Can I take screen shots of a login screen and use it?
Posted by: Gremelin

Re: password phisher - 01/29/06 05:35 PM

Quote:
Originally posted by tiger:
Is this as easy as it seems? Can I take screen shots of a login screen and use it?
No, most web password forms have *'s replacing the password, additionally some use random ammounts of *'s for each character...
Posted by: sinetific

Re: password phisher - 01/30/06 06:00 PM

learn perl and cgi.
What you can do is create a 'gateway' type of site. What the site would do is be an exact replica of the sites log in page except it would take the username and password and save it to a file then use those credentials to pass it through the cgi post to the login script and redirect them logged in to the site your stealing thier password for. I guess there are some parameters as a coder that you could check to verify that any login attempts are valid but im not sure how many people actually do those.
Posted by: §intå×

Re: password phisher - 02/08/06 03:06 PM

You can do that with ASP, PHP, JSP, Python and many other languages too.