Re: Hack-Mail.net or similar site

[Augusto Pereyra <aepereyra () gmail com>]

I think this service is fake.

To make some portal like this only you need a php form with the
following fields: Account to Hack, Account to send password

Some client fill this form and three days later the server send a
spoofed mail acting like they have the password of the account
requested in previous form. When the client put his fait in this kind
of cheat pay the cash and maybe some kind of trash is sended to his
account.

When the client in cheated is too late. Now the owners of the site
have his 20 buck.

I was tested it and the mail doesn't become from yahoo server. The
mail become from bebobox.com

My english sucks! Sorry






On Mon, Sep 14, 2009 at 7:43 PM, maxigas <maxigas () anargeek net> wrote:
> From: mamo <mamo74 () gmail com>
> Subject: Re: [Full-disclosure] Hack-Mail.net or similar site
> Date: Mon, 14 Sep 2009 23:20:24 +0200
>
> > On Sat, Sep 12, 2009 at 7:08 PM, Andrew Farmer <andfarm () gmail com> wrote:
> > > So, in other words, they're spoofing From addresses for profit. Clever.
> >
> > I never tried them. I will just for fun (with my email address).
> > Perhaps they are doing something more smart (like brute forcing with
> > dictionary, use some virus or web attack or something else).
> >
> > Mamo
>
> tell us how it went, my guess was also that they are just setting that from= address and that's
> it, so you don't get a working password after all.  but i have no 20$ to test it.  :f
>
> maxigas
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/