nighteen Posted May 12, 2021 Share Posted May 12, 2021 please unsuspend my account Quote Link to comment Share on other sites More sharing options...
nighteen Posted May 12, 2021 Author Share Posted May 12, 2021 please unsuspend my account Quote Link to comment Share on other sites More sharing options...
flazepe Posted May 12, 2021 Share Posted May 12, 2021 That account was suspended for phishing. Quote Link to comment Share on other sites More sharing options...
nighteen Posted May 16, 2021 Author Share Posted May 16, 2021 i dont get! was it reported? by who? Quote Link to comment Share on other sites More sharing options...
nighteen Posted May 16, 2021 Author Share Posted May 16, 2021 because i was using it to test run and only i have the could it , so how did i phish??? Quote Link to comment Share on other sites More sharing options...
wolstech Posted May 16, 2021 Share Posted May 16, 2021 The only files on this account are a chase bank phishing site in public_html... If you didn't put that there, someone got into your account and did so. Either way, the uploading of any phishing content to an account, regardless of the reason, results in a permanent ban. Quote Link to comment Share on other sites More sharing options...
wolstech Posted May 16, 2021 Share Posted May 16, 2021 Krydos pointed out that this guy had another account as well...Metadata associated with the nighteen account finally gave us what we needed to prove it was being used to collect phishing results. That account is now banned as well. For the curious, the nighteen account contains this. The Chase phishing script used is one of the more common ones we see. It's a 4-screen phishing site that collects not just a username/password, but everything needed to steal someone's identity. This one sends the data via email, but I've also seen a version that stores the data in files data1.txt/data2.txt etc. instead. root@johnny [/home/nighteen/www]# ls -R.:cgi-bin Chase Chase.zip./cgi-bin:./Chase:a6e0f69e14fe51f73f84b0e04dd81ace home index.php rezlt.txt./Chase/a6e0f69e14fe51f73f84b0e04dd81ace:antibots.php bt.php css index.php verification-billing.php verification-email.phpblocker.php chase.png email.php res verification-card.php verification-finished.php./Chase/a6e0f69e14fe51f73f84b0e04dd81ace/css:background.desktop.night.4.jpeg Capture.PNG chase-touch-icon-152x152.png logon.css opensans-semibold.woffbackground.mobile.night.4.jpeg chasefavicon.ico jquery-3.1.0.min.js opensans-regular.eotblue-ui.css chase-touch-icon-120x120.png jquery.maskedinput.js opensans-regular.woff./Chase/a6e0f69e14fe51f73f84b0e04dd81ace/res:error_log post1.php post2.php post3.php post4.php./Chase/home:antibots.php bt.php css index.php verification-billing.php verification-email.phpblocker.php chase.png email.php res verification-card.php verification-finished.php./Chase/home/css:background.desktop.night.4.jpeg Capture.PNG chase-touch-icon-152x152.png logon.css opensans-semibold.woffbackground.mobile.night.4.jpeg chasefavicon.ico jquery-3.1.0.min.js opensans-regular.eotblue-ui.css chase-touch-icon-120x120.png jquery.maskedinput.js opensans-regular.woff./Chase/home/res:post1.php post2.php post3.php post4.phproot@johnny [/home/nighteen/www]# Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.