PHP script for credential collection via a backdoored HTML form.

For educational purposes only. Unauthorized use is illegal. Ensure proper authorization.

Collects credentials from manipulated HTML forms. Features include logging, redirection, and handling of multiple password retries.

1. Open Phishing Post.php.
2. Modify variables:
   • $harvest_filename: Data filename.
   • $post_url: Target post URL.
   • $resend_post_data: Resend data to redirect address?
   • $redirect: Redirection after data collection.
   • $redirect_type: Redirection type.
   • $wrong_password_url: "Wrong password" redirection URL.
   • $password_retry: Login attempts before redirection.
   • $log_everyone: Log all visitors?
   • $log_format: Logging format.
   • $csv_separator: CSV log separator.
   • $show_meta_data: Include metadata in logs?
   • $exclude_visitors: Exclude based on VISITOR_ID.

1. Configure as per above.
2. Upload Phishing Post.php to web server.
3. Create backdoored HTML form pointing to script.
4. Deploy or send form for phishing.

Malicious or unauthorized use is prohibited. Author & OpenAI not liable for misuse. Adhere to all applicable laws & regulations.

For questions, contact the script author or refer to the OpenAI community.

MIT