How to Make Undetectable Facebook Phishing Site 2017 – Free SSL Domain

how-to-hack-facebook-undetectable-phishing-2017-picateshackz--

Hey guys, I am back with new facebook phishing method for 2017 :), My last post about phishing was a huge hit but unfortunately that is no longer working because the free web hosing provider updated their website and they are suspending the phishing sites. I got many requests from my readers to publish a new method of making phishing site,  so here i am again with the demonstration of How to Make Undetectable Facebook Phishing Site 2017 with Free SSL Domain.

It is a huge challenge to setup a free phishing site on internet because all free hosting providers are suspending the page once you upload phishing code and the browser also detecting the fake pages and warning the phishing attack so in this case here we are using a different method to bypass this detection and we are gonna make it completely secure with own domain with ssl encryption (https secure browsing), don’t worry it’s all completely free of cost :)) .

In normal scenario when you design your phishing page and upload files to your hosting account, your Web Hosting provider attempts to find all phishing attempts from their servers, Maximum time they do this by using automated crawlers. If the crawler find any Forbidden character in your uploaded files. Sometimes they may contact you directly to remove the phishing files. If they receive notification, they will remove the files automatically and notify you that your website contained phishing files and may suspend your account.

The second problem is browser detecting the phishing pages and warning the users, The most popular web browsers detect and block phishing attacks, Detecting Phishing and Malware sites by browsers like Chrome and IE is based on lookups made into databases. These databases are held by the browser owners and DNS servers.

But here you have the real solutions for bypassing this problems. Let’s roll.
Warning & Disclaimer: Making a phishing page is not illegal, but using a phishing page is illegal. This tutorial is just to show you, “How to create phishing page?”. If you use this to hack anyone account, then I AM not responsible for it. Do anything on your own risk.

Features:

  • No suspension ( From free web host )
  • Undetectable ( Bypassing browser detection )
  • Responsive ( Mobile version + Desktop version )
  • Free Domain
  • SSL encryption certificate ( https secure browsing with cloudflare )

 

Steps to follow:

  1. Signup for Free web host
  2. Download phisher files and modify it
  3. Upload the files to web host 
  4. Register a custom domain and set it up
  5. Set up ssl for domain

 

Let’s start,

Step 1: Signup for Free web host

For this method we have to sign up for two free hosting sites, www.55freehost.com and www.000webhost.com .

Page index files we will upload in 000webhost and the phishing php code goes in 55freehost.

First of all go to https://www.000webhost.com/free-website-sign-up .

undetectable-facebook-phishing-2017-picateshackz-1

 

Fill the form with your email address and give a website name, the name of my website is picatesfbdemo.

undetectable-facebook-phishing-2017-picateshackz-2

 

After clicking sign up verify your email by clicking the link in in your mail inbox.

Now click the button (Manage website“your website name” ).

undetectable-facebook-phishing-2017-picateshackz-3

 

Now you have a page with your website domain. please not the name.

My domain: picatesfbdemo.000webhostapp.com

undetectable-facebook-phishing-2017-picateshackz-4

 

okay. Now we have to sign up to 55freehost.com .

(Don’t close the 000webhost page tab because we need it later)

 

Open a new tab and go to this link: http://55freehost.com/free-hosting-signup.php

Fill the form with your email and click register. ( your user name will be your domain)

undetectable-facebook-phishing-2017-picateshackz-5

 

Check your email spam folder to verify your account. After clicking the verification link a page will open up with your account information.

undetectable-facebook-phishing-2017-picateshackz-6

Note your control panel user name and website Url . the website URL we need later in step 2, so please note it.

My url: http://picatesfbdemo.55freehost.com .

 

Now go to control panel by clicking the link: http://cpanel.55freehost.com/

undetectable-facebook-phishing-2017-picateshackz-7

Type your control panel user name you already got and password you set when sign up, then click Log in button.

 

Okay, now we have 2 free hosting account.

Don’t close the both web host control panel tabs because we need it later.. now let’s go to next step.

 

Step 2: Download the phisher files and modify it

Download fb phishing 2017.zip file from here. (Alternative download)

Unzip this file and there you can see 6 files and 1 folder.

(desktop_files, d_data.php, desktop.jpg, index.php, m_data.php, mobile.jpg, mobile_detect.php)

undetectable-facebook-phishing-2017-picateshackz-8

 

Now we have to modify 2 files here (desktop.jpg and mobile.jpg)

First right click on the desktop.jpg and choose option open with and select notepad.

undetectable-facebook-phishing-2017-picateshackz-9

 

Press ctrl+f in notepad.

A find box will fire up and there you type picatesfbdemo.55freehost.com (my 55freehost url) and replace it with your 55freehost url we created in step 1.

Keep the /d_data.php at the end of your url. (see the picture below)

undetectable-facebook-phishing-2017-picateshackz-10

 

Now click on file menu and save it.

undetectable-facebook-phishing-2017-picateshackz-11

 

Okay, now repeat the same process with mobile.jpg file.

undetectable-facebook-phishing-2017-picateshackz-12

Click save.

Done, we are successfully modified the two files , now Let’s upload this files.

 

Step 3: Upload the files to web host 

Go to 000webhost page we signed up before. (hope you didn’t close it)

Click on Upload now button.

undetectable-facebook-phishing-2017-picateshackz-13

 

Now the file manager will open up.

(If it showing login error then just log out the account and login again with your email and pass)

Open the public_html folder.

Click the new folder icon on the top right side.

undetectable-facebook-phishing-2017-picateshackz-14

 

Type the folder name as desktop_files and click create button.

undetectable-facebook-phishing-2017-picateshackz-15

 

Now open the desktop_files folder and click the Upload files button on the top right side.

undetectable-facebook-phishing-2017-picateshackz-16

 

Click the Select files and navigate to the downloaded desktop_files folder and select all the files inside it by clicking ctrl+a.

Then click open.

undetectable-facebook-phishing-2017-picateshackz-17

 

click upload button.

undetectable-facebook-phishing-2017-picateshackz-18

 

Now go back to public_html folder by clicking the folder name in the left side bar.

Again click Upload files button and select the 4 files.

(desktop.jpg, index.php, mobile.jpg, mobile_detect.php)

Click upload button.

undetectable-facebook-phishing-2017-picateshackz-19

 

Make sure you have uploaded the 4 files and 1 folder inside public_html folder as same as the below screen shot.

undetectable-facebook-phishing-2017-picateshackz-20

 

Now Let’s go to 55freehost and upload the remaining 2 files there. (d_data.php, m_data.php)

Go to 55freehost control panel page we are logged in before.

Or Log in here: http://cpanel.55freehost.com/

Open the online file manager icon under the files section.

undetectable-facebook-phishing-2017-picateshackz-21

 

open the htdocs folder.

Delete the index2.html file inside it.

undetectable-facebook-phishing-2017-picateshackz-22

 

Click the Upload button on the top left.

Click the choose file button on the left side .

Select the d_data.php and m_data.php files one by one. (this is the files we are modified before)

Click the green tick to upload the files.

undetectable-facebook-phishing-2017-picateshackz-23

 

Click the back button.

Now we have uploaded the 2 files inside the htdocs folder as shown below screen shot.

undetectable-facebook-phishing-2017-picateshackz-24

okay, upload completed.

 

Now let’s check the page .

Go to your 000webhost url,

In my case it is http://picatesfbdemo.000webhostapp.com/

It is working , type something in the email and password filed and click login.

 

To see the email and pass you entered go to your 55freehost url and add users.html at the end of it.

My url is: http://picatesfbdemo.55freehost.com/users.html

undetectable-facebook-phishing-2017-picateshackz-25

 

Step 4: Register a custom domain and set it up

Go to freenom: http://www.freenom.com/

Type your desired domain and click on check availability.

undetectable-facebook-phishing-2017-picateshackz-26

 

I choose .tk domain .

click the get it now next to your domain.

undetectable-facebook-phishing-2017-picateshackz-27

 

Click checkout.

Click continue.

undetectable-facebook-phishing-2017-picateshackz-28

 

Now the checkout page will come up.  Enter your email id and click on verify my email address button.

undetectable-facebook-phishing-2017-picateshackz-29

 

Open your email inbox and click on the verification link.

In the next page enter your personal details and click on complete order button. (Don’t forget to tick terms and conditions)

Click on Click here to go to your client area button.

Sign in with your email and pass.

 

Click tab services on the top right and select my domains.

There you can see your registered domain , click the manage domain.

undetectable-facebook-phishing-2017-picateshackz-30

 

Click on Management tools tab and select Nameservers.

undetectable-facebook-phishing-2017-picateshackz-31

 

Tick Use custom nameservers .

Then clear all fields.

undetectable-facebook-phishing-2017-picateshackz-32

 

Now go to members area of your 000webhost account.

Click on Set web address .

undetectable-facebook-phishing-2017-picateshackz-33

 

Click on Own domain.

In the pop up box type your freenom registered .tk domain.

Then click on Park domain.

(Note the nameservers : ns01.000webhost.com, ns02.000webhost.com)

undetectable-facebook-phishing-2017-picateshackz-34

 

Now go back to freenom page.

fill the 1 and 2 nameserver field with 000webhost nameservers.

  • ns01.000webhost.com
  • ns02.000webhost.com

Click on Change nameservers button.

undetectable-facebook-phishing-2017-picateshackz-35

 

Now wait for sometimes .

After 10 to 30 minutes check your new domain with www.

My domain is: http://www.picatesfbdemo.tk/

holaaa… it’s working.

undetectable-facebook-phishing-2017-picateshackz-36

 

Step 5: Set up ssl for domain

Why need to make ssl certified domain?

When victim open the url our domain stay with a https protocol , so victim will trust it as a legit page and he will enter his username and pass. 🙂

So let’s do this,

Go to Cloudflare signup page: https://www.cloudflare.com/a/sign-up

Type your email and pass then signup.

In the next page type your freenom domain under Add a website section.

Click on Scan DNS records.

undetectable-facebook-phishing-2017-picateshackz-37

 

Wait for sometime.

After completed scanning click on continue .

Again click continue.

Now choose the free plan and click continue.

undetectable-facebook-phishing-2017-picateshackz-38

 

Now next page will tell you to change the namesrver of your domain.

(note the nameservers)

undetectable-facebook-phishing-2017-picateshackz-39

 

Go to your freenom namesrver page we opened before.

Replace the 000webhost nameservers with the cloudeflare nameservers.

undetectable-facebook-phishing-2017-picateshackz-40

 

click on change nameservers button.

Now come back to Cloudflare page and click on continue.

undetectable-facebook-phishing-2017-picateshackz-41

 

Now the Dashboard will come up , click on Recheck nameservers button.

okay,

Click on the Crypto button on the top.

undetectable-facebook-phishing-2017-picateshackz-42

 

Under the SSL section make it Flexible.

undetectable-facebook-phishing-2017-picateshackz-43

Okay , Done.

It may take 24 hrs to authorize ssl on your domain, after few hrs try to open your domain with https protocol.

My https domain is : https://www.picatesfbdemo.tk/

Congratulation. you are done 🙂

 

When you browse the url from desktop it will show the desktop version of facebook and in mobile phone it will show the mobile version of facebook.

You may also like...

82 Responses

  1. Aditya says:

    Your Posts Are Awesome… Going To Try This…

    Can You Please Make An Undetectable Gmail Phishing Page…

  2. Pazzo says:

    This is so complicated. Can I make phishing site using my mobile phone??

  3. Mick says:

    cool..I hope it works for me

  4. anonymopuse says:

    i cant proceed to the registraion of domain its not workuing for me 🙁

  5. faisal wachid says:

    my name is faisal i am so very interest at this blog i am very like it this is look like i am being a hacker i have get my victim is username and password i do not know that my girl friend haveanother boyfriend but i have suspect it actually i have another interesing story ,,, hahahaha, thank u very much for you blog ,,,, nice to see this blog i am from indonesian assalamualaikum wr wb

  6. i opened your website but i cant ( https://www.picatesfbdemo.tk/ ) but that not going open why?

  7. sulthan says:

    it is 1000000000% working!!
    thnk u so much

  8. Mary Garrick says:

    Contact Godeyeviewhacker@hotmail.com if you have any hacking issues

  9. hena says:

    omg….thanks so much

    its working for me

  10. hena says:

    wow wow…boom boom boom…….i cant control my self……its really working for me…..wow……just thankyou so much admin

  11. caseyyyy says:

    when i use the website, it shows what i put in through the user.html. but when other people do it i dont see it, problem?

  12. CB says:

    The user.HTML doesn’t update on anything other than myself. Help!

  13. Misa says:

    I created a website, it is working fine with pc.. but coming to mobile, the website works with opera. But in mobile chrome app, the password is not saving in 55freehost.
    Im saying that, my website is working fine with all browsers except mobil chrome app. How can i solve this?

  14. khool says:

    help me through this isssue !
    thanks.

  15. shahzeb says:

    when i check victims typed email and password my website users.html is not working…any other option to check that id and password?

  16. Sulthan says:

    But …when we use our phishing page in mobile there we can see an ad of 000webhost.
    Can remove it??

  17. bini says:

    how will i unzip the file?? please help im stuck..

  18. Me says:

    PicaTesHackZ thank you for the help bro. Recently the hosting site I used didnt work anymore thats why Im looking for a new proper hosting site. The thing is this is awesome but how do you apply this to other sites you want to make a phishing page off?

  19. Me says:

    Thank you bro! but how do you apply this to other sites you want to make a phishing page off.

  20. arun says:

    on chrome it says
    Deceptive site ahead

    Attackers on http://www.picatesfbdemo.tk may trick you into doing something dangerous like installing software or revealing your personal information (for example, passwords, phone numbers, or credit cards).

    is there a way around this ???

  21. mudi says:

    Well done bro…
    Good job

  22. Drey says:

    Can u do this using a mobile phone?

  23. Drey says:

    I need a serous help.
    If any one succeded email at dreymaxwell@gmail.com

  24. anon says:

    How can i make an undetectAble for login page for other website like alibaba, paypal etc.

  25. jonah hex says:

    desktop-notepad cant find “picatesfbdemo.55freehost.com” this .
    i need a help

    • MOHAMMAD ISHAQ says:

      Great respect and honour for u dear bro.
      i also found the same prblm but after try yr best till u find this action=”http://

  26. MOHAMMAD ISHAQ says:

    SIR I CANNOT GET EVEN THE LINKING EMAIL FRM 000WEBHOST TO VERIFY MY THIS EMAIL WID 000WEWBHOT SITE.
    I WAITED MUCH FOR EMAIL IN MY GMAIL INBOX BUT STILL I CANNOT GET an email confirmation link. plz what shall i do?????

  27. toxdope says:

    Yo, I am only getting my entries in the fields, when someone else clicks my link and enters the info I cant see their info. why’s that?

  28. toxdope says:

    I can only see my entries, but when someone tries to do it from a different PC I get no info on them, how to fix that?

  29. Will Herrick says:

    I wrote in the facebook login but it says dns server cant be reached. what did i didnt do??
    Please Help

  30. Anonymous says:

    Phishing page created is not working in mobile chrome app.

  31. heny says:

    i just send the 000webhostapp.com address to friend on Facebook but when he logs in, it doesn’t come up in my users.html page but on the second try it worked. if anyone know what the problem is pls let me know

  32. Pomoc says:

    I can’t view log in emails and password i type users.html at end of link but it redict me to 404 error page. Help???

  33. mykad says:

    please help me

  34. Abraxian says:

    Everything is working but the script posting and generating the users.html file ?

    Have i missed something obvious ?

  35. ansh singh rajput says:

    my uploading percent is stop s at 99
    i think its an error in dekstop file(WNUScQAJqzC)
    help me plzz

  36. Dagi says:

    after I enter my freenom domain to 000webhost.com in the park domain page I click on park domain tap but it shows me
    “Entered domain contains words that are blacklisted”
    and still my freenom domain is not active
    please help. !!!

  37. mudi says:

    Hay,it only shows usr id and passwrd which i insert from my own cell if i open it at other cell and typ passwrd and id .it is not showing in users ..why ???

  38. Rash says:

    Whoa….NIce one man…you really tried. I will visit your site daily from today.

  39. Aditya says:

    Hey …Picates …I Got A Facebook Phising Page… It Is WorkingPerfectly….. Can You Please Make A Google Phising Page…..

    THANKS

  40. gpsnotfound says:

    Hey bro, when I visited my URL it says There’s nothing here, yet. what do I do?

  41. gps says:

    Still working. but I can’t see my own users so I just use Mr.picateshacks’s storage.

  42. Thanks for some other great post. Where else may just anybody
    get that kind of information in such an ideal approach of writing?
    I’ve a presentation next week, and I am on the search for such information.

  43. john cutter says:

    bro i create a freenom domain, after 12 hour passed, i cant find that domain when i enter the domain address in the address bar. whats the problem i dont understand, i follow ur rule. is it necessary that a freenom domain addres and webhost domain address be same????

  44. john cutter says:

    bro, i create a freenom domain, i follow ur rule, but i cant find that domain when i enter the domain addres in addres bar, i dont understand whats wrong. help plz. is it necessary that freenom domain and webhost domain name be same????

  45. anonymous says:

    http://55freehost.com/free-hosting-signup.php is problematic to reload…..??????????/

  46. Krad says:

    Not Found more.. 55freehost. Why?

  47. secret akun says:

    your code is very amazing bro, but not all code is your code, right???
    some code is from github, and you have combined it very well, good job man, i appreciate you .
    send me your project if you want some “help” by me.
    because i love code. 😀
    ~ New Bie Programmer ~

  48. hena says:

    what happen to this link?

    http://www.55freehost.com

  49. henok says:

    this trick is now stoping….it can not work

  50. Yes its working but site is opening very slow and showing not secure in chrome. Sometime when I open my site, it shows 502 Bad Gateway…..Its very erroneous….Tell me what I do….Please

  51. rulertimon says:

    plz tell us an alternate website for 55freehost @admin

  52. rulertimon says:

    plz tell us an alternate website for 55freehost

  53. Tachapong says:

    I used 000webhost and ProFreeHost why i got “404 page not found” after add users.html please advise

  54. veek says:

    please recommend a freehost for us , since 55freehost is down

  55. veek says:

    please recommend a free host for us,

  56. ghwiggwo says:

    Thank you for this tutorial 🙂 . Question to step 4 and 5.

    When I change the nameservers from ns01.000webhost.com and ns02.000webhost.com at Freenom to the new ones I get from Cloudflare, I can’t view the page anymore. It works when I add the nameservers from 000webhost but when I change them to the ones from Cloudflare it won’t work anymore. What am I doing wrong?

  57. RIWANA AFRIDI says:

    Great respect and honour for u dear sir, wt is happening to your above whole procedure.
    your own url also dont get open and now the essential 55freehost.com also dont get open, wt we shall do insread of goingb to 55freehost.com???
    please help me i m follwing yr above procedure since 28 JAN 2017, butmany problems occurto me.

  58. sir i just used HOTSPOT SHEILD VPN to get access to the 55freehost.com websit but it still not work and i cannot get access to 55freehost.com in any condition.
    now its yr own skill showing time to show us how to have access to 55freehost.com. i think it is easier than the above pishing method.
    please sir help meeeee.

  59. Abdul Rehman says:

    I’m having trouble in setting website address.There is no Set Website Address tab in my case.
    Also layout of 000webhost.com is different from yours

  60. Raj says:

    since 55free host is not working and we are using mzz host website how can we access the user html of our mzz hosted website?? sir can u please tell..I am stuck on this.

  61. Hey! I know this is somewhat off-topic but I had to
    ask. Does operating a well-established website such as yours require a large amount of
    work? I am completely new to writing a blog but I do write
    in my diary every day. I’d like to start a blog so I can share my own experience and thoughts online.
    Please let me know if you have any recommendations or tips for new aspiring bloggers.
    Thankyou!

  62. Kelle Huger says:

    As being a Forex Robot Maker, I know and understand the basic principles, and applie them to make Perfect Forex Trading Robots. Although knowledge in manual trading is essential on making earnings in Foreign Exchange Market but if you do all your trading manually, then you will be in a state of crisis. MBF Robot is a Perfect Trading EA that analysis every second activity in the currency market. Giving you indicators of best point to sell or buy.

  63. Mazz says:

    Can u tell one thing …I want to sent the victim to another page after login …So how I can do plzzz help…

  64. Raju says:

    This tutorial is very nice… up to date and workable model. But the author left out certain things as how to send a link to the target… and if he/she is not friends on FB . There is no clarity any where in your blog… pls help that out

  65. dagi says:

    after i enter my freenom domain to 000webhost.com i clicked on park domain button but it is showing me error like this “enterd domain contains words that are blacklisted”
    my domain is loginsite.ml
    and i need help
    place help

  66. As being a Developper IT, my goal is to to give people help to get a ton of benefits. As Forex Trader, you should minimize your losses and maximize your gains. Why are there so many so called Good Trading EAs out there, but so few people actually making money from them? MBF Robot can be considered as one of the top Forex Trading Expert Advisors. My Robot is easy to use.

Close