Jump to content


wolstech

Member Since 25 Oct 2009
Offline Last Active Today, 12:32 AM
*****

Posts I've Made

In Topic: [Solved] nnighteen

Yesterday, 08:53 PM

Krydos pointed out that this guy had another account as well...Metadata associated with the nighteen account finally gave us what we needed to prove it was being used to collect phishing results. That account is now banned as well.

For the curious, the nighteen account contains this. The Chase phishing script used is one of the more common ones we see. It's a 4-screen phishing site that collects not just a username/password, but everything needed to steal someone's identity. This one sends the data via email, but I've also seen a version that stores the data in files data1.txt/data2.txt etc. instead.
root@johnny [/home/nighteen/www]# ls -R.:cgi-bin  Chase  Chase.zip./cgi-bin:./Chase:a6e0f69e14fe51f73f84b0e04dd81ace  home  index.php  rezlt.txt./Chase/a6e0f69e14fe51f73f84b0e04dd81ace:antibots.php  bt.php     css        index.php  verification-billing.php  verification-email.phpblocker.php   chase.png  email.php  res        verification-card.php     verification-finished.php./Chase/a6e0f69e14fe51f73f84b0e04dd81ace/css:background.desktop.night.4.jpeg  Capture.PNG                   chase-touch-icon-152x152.png  logon.css              opensans-semibold.woffbackground.mobile.night.4.jpeg   chasefavicon.ico              jquery-3.1.0.min.js           opensans-regular.eotblue-ui.css                      chase-touch-icon-120x120.png  jquery.maskedinput.js         opensans-regular.woff./Chase/a6e0f69e14fe51f73f84b0e04dd81ace/res:error_log  post1.php  post2.php  post3.php  post4.php./Chase/home:antibots.php  bt.php     css        index.php  verification-billing.php  verification-email.phpblocker.php   chase.png  email.php  res        verification-card.php     verification-finished.php./Chase/home/css:background.desktop.night.4.jpeg  Capture.PNG                   chase-touch-icon-152x152.png  logon.css              opensans-semibold.woffbackground.mobile.night.4.jpeg   chasefavicon.ico              jquery-3.1.0.min.js           opensans-regular.eotblue-ui.css                      chase-touch-icon-120x120.png  jquery.maskedinput.js         opensans-regular.woff./Chase/home/res:post1.php  post2.php  post3.php  post4.phproot@johnny [/home/nighteen/www]#

In Topic: Java/ HTML site not working

Yesterday, 09:55 AM

Java is available by request only and has a limited number of slots available. You have to request Java and wait in line for access before you can run Java code. There is a button in cpanel to request access.

Once you request it, it can take time to be enabled, though with current demand, the wait right now is only about 24 hours.

In Topic: [Solved] nnighteen

Yesterday, 09:50 AM

The only files on this account are a chase bank phishing site in public_html...

If you didn't put that there, someone got into your account and did so. Either way, the uploading of any phishing content to an account, regardless of the reason, results in a permanent ban.

In Topic: Question About Tommy & SSL Certificates

Yesterday, 09:46 AM

I just manually forced it for you to speed it up. It was scheduled to check at 5:37PM, so if I hadn't, you would've gotten it in another 12 hours.

Now that I did that, you'll probably get it within 2 hours or so.

In Topic: Question About Tommy & SSL Certificates

Yesterday, 02:38 AM

It can take up to 24 hours for it to get a certificate. Also, make sure you do not have a forced SSL redirect on your domain (or that the .well-known folder has an exception). That folder must be accessible over plain HTTP or it will fail.