Forum Thread: HTTRACK and SET

Am trying to learn HTML and php and i thought is it possible make a fake login page on my server and when you write the username and pass and press submit or whatever it saves the creds on my server (like SET usually do) and it does contact the real website database to make the user login directly instead of redirecting him to the real login page?

Our Best Hacking & Security Guides

New Null Byte posts — delivered straight to your inbox.

2 Responses

Hi there.

See this tutorial for grabbing their credentials and saving them on your server.

If you inspect the data that is sent to facebook when you log in using a proxy such as burpsuite, and check out the source code for the form, you'll be able to find the format it's sent in (POST, GET). You should the be able to manually craft this request on your server (I would use Python for this, personally), send it to the fb servers, and depending on the response, you'll be able to tell whether their credentials are valid.

Hope this helps :)

Aaaalright, i think its pretty normal i didnt understand most of what you said, because i have little to no knowledge in web developping and that kind of stuff, but yeah i will try and google it part by part

Share Your Thoughts

  • Hot
  • Active