Full Disclosure mailing list archives

Re: phishing sites examples "source code"

From: M.B.Jr. <marcio.barbado () gmail com>
Date: Thu, 22 Feb 2007 10:00:47 -0300

On 2/19/07, Juergen Fiedler <juergen () fiedlerfamily net> wrote:


you can't readily get to the source
code for the form action because it is done in some sort of server
side scripting (CGI, PHP, ASP, whatever...) that can't readily be
viewed from the client side.



Can't readily be viewed BUT that part is sort of not-the-problem.

Those obvious server-side scripts Juergen mentioned would most probably
consist in a MVC-like design with persistence function code storing
collected data the simple way: in clear text... Since those fine illegal
gentlemen ain't gathering someone's Internet banking passwork in order to
encipher them and protect them from this bloodthirsty world...

Thus, concerning traditional phishing sites, the code itself is not really
an issue.
Code starts being problematic by the moment potential damaging load-time
scripts -- say AJAX techniques -- spread.

That said, I have run into one or two phishers who compromise a site

(or create a throwaway site themselves), upload their scripts in a
tarball, install them - and then leave the tarball around for
posterity to analyze. I kid you not.
Unfortunately, the only good way to get to that source code is by
asking the administrator of a compromised site whether they found
anything that they would be willing to share; going in and poking
around yourself may put you into a legal position that you'd rather
not be in.

HTH,
--j

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFF2brEvKOJTPSBKa0RAr72AKC3NUDFCA2AbvCtZxLerx0KMekzagCfdTo6
eNUf9cXUllk9i5eatnCyGM0=
=9wg4
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




--
Marcio Barbado, Jr.
==============
==============

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

phishing sites examples "source code" Andres Riancho (Feb 16)
- Re: phishing sites examples "source code" Ben Bucksch (Feb 16)
- Re: phishing sites examples "source code" Exibar (Feb 16)
- Re: phishing sites examples "source code" Shaun (Feb 16)
- Re: phishing sites examples "source code" M . B . Jr . (Feb 16)
  - Re: phishing sites examples "source code" Simon Smith (Feb 16)
- Re: phishing sites examples "source code" Juergen Fiedler (Feb 19)
  - Re: phishing sites examples "source code" Nick FitzGerald (Feb 19)
  - Re: phishing sites examples "source code" M . B . Jr . (Feb 22)
- Re: phishing sites examples "source code" Fabien Bourdaire (Feb 22)