In this article, you’ll learn how hackers steal passwords using a fake login page. Hackers can steal your password through a variety of methods including password cracking, guessing, physical theft, and phishing.

For this tutorial I will use the phishing method which is a social engineering attack, typically using links to trick people into providing login credentials or other personal information.

So to demonstrate the attack I will create a login page that will steal the username and the password from victims.

HTML Login Page

First, you need a web server to host an HTML page. If you’re using Kali Linux, the Apache web server should be installed by default on the system.

Now change the directory to the Apache web server location.

cd /var/www/html

This is the location where I will put the page files. Next, I will create the login page using nano text editor in the terminal.

nano index.html

Add the following code:

<html>
        <head>
                <meta charset="utf-8">
                <title>Login</title>
                <link rel="stylesheet" href="style.css">
        </head>
        <body>
                <div class="login">
                        <h1>Login Page</h1>
                        <form action="" method="post">
                                <label for="username">
                                </label>
                                <input type="text" name="username" placeholder="Username" id=">
                                <label for="password">
                                </label>
                                <input type="password" name="password" placeholder="Password" >
                                <input type="submit" value="Login">
                        </form>
                </div>
        </body>
</html>

This HTML code creates a login webpage where users can enter their username and password to log in.