This project is for EDUCATIONAL PURPOSES ONLY. Creating phishing pages or impersonating legitimate services is ILLEGAL and UNETHICAL. This demo is intended to help you learn web development concepts.
├── index.html # Frontend login page
├── server.js # Backend server
├── package.json # Node.js dependencies
└── README.md # This file
- Modern, responsive login page design
- Backend server to store credentials
- RESTful API endpoints
- CORS enabled for cross-origin requests
- File-based storage (can be upgraded to database)
- Node.js (v14 or higher)
- npm
- Install dependencies:
npm install- Start the server:
npm start-
Server will run on
http://localhost:3000 -
Open
index.htmlin a browser (or serve it separately)
- Create a new GitHub repository
- Push all files to the repository:
git init
git add .
git commit -m "Initial commit"
git remote add origin YOUR_GITHUB_REPO_URL
git push -u origin main- Go to Render.com and sign up/login
- Click "New +" → "Web Service"
- Connect your GitHub repository
- Configure the service:
- Name:
login-demo-backend(or any name) - Environment:
Node - Build Command:
npm install - Start Command:
npm start - Instance Type: Free
- Name:
- Click "Create Web Service"
- Wait for deployment to complete
- Copy your service URL (e.g.,
https://login-demo-backend.onrender.com)
- Click "New +" → "Static Site"
- Connect your GitHub repository
- Configure:
- Name:
login-demo-frontend - Build Command: (leave empty)
- Publish Directory:
.(current directory)
- Name:
- Click "Create Static Site"
- Edit
index.html - Find this line:
const BACKEND_URL = 'YOUR_RENDER_BACKEND_URL/api/login';- Replace with your actual Render backend URL:
const BACKEND_URL = 'https://your-backend-name.onrender.com/api/login';- Commit and push the changes:
git add index.html
git commit -m "Update backend URL"
git pushStore login credentials
Request:
{
"userId": "user@example.com",
"password": "password123",
"timestamp": "2024-01-01T00:00:00.000Z"
}Response:
{
"success": true,
"message": "Login credentials stored successfully",
"id": 1
}View all stored credentials (admin)
Response:
{
"success": true,
"count": 2,
"credentials": [
{
"id": 1,
"userId": "user@example.com",
"password": "password123",
"timestamp": "2024-01-01T00:00:00.000Z",
"ip": "127.0.0.1"
}
]
}Clear all stored credentials
Response:
{
"success": true,
"message": "All credentials cleared"
}- Open your frontend URL
- Enter test credentials
- Check backend URL +
/api/credentialsto see stored data
Example:
https://your-backend-name.onrender.com/api/credentials
For a real application, you should:
- Use HTTPS only
- Hash passwords with bcrypt
- Use a proper database (PostgreSQL, MongoDB)
- Implement authentication tokens (JWT)
- Add rate limiting
- Validate and sanitize all inputs
- Use environment variables for sensitive data
- Implement CSRF protection
- Add logging and monitoring
To use PostgreSQL instead of file storage:
- Add dependency:
npm install pg-
Create database on Render:
- Go to Render Dashboard
- Click "New +" → "PostgreSQL"
- Copy the connection string
-
Update
server.jsto use PostgreSQL instead of file storage
IMPORTANT: This project is for educational purposes only. Using this to:
- Impersonate legitimate websites
- Steal credentials
- Phish users
- Any malicious activity
is ILLEGAL and can result in serious criminal charges. Always use your programming skills ethically and responsibly.
MIT License - For Educational Use Only
This is a demo project. Use at your own risk.