Scam/Phishing Pages Developer (Simple/Live Panels, etc)

В этой теме можно использовать автоматический гарант!

Новая сделка
Отслеживать
Vouch for MoPharma , legit and kind person.
The page works well and he's available to help fix issues / setting it up.

I also checked the files manually, and can't confirm what popey said.
The page is fully clean and doesn't have any kind of encryption so it's really easy to investigate.
To my eyes it seems like popey shared fake stuff as the coder MoPharma doesn't make use of any of the functions he showed in his screenshot.


Will definitely buy from him again.
 
th3tr0ll сказал(а):
Vouch for MoPharma , legit and kind person.
The page works well and he's available to help fix issues / setting it up.

I also checked the files manually, and can't confirm what popey said.
The page is fully clean and doesn't have any kind of encryption so it's really easy to investigate.
To my eyes it seems like popey shared fake stuff as the coder MoPharma doesn't make use of any of the functions he showed in his screenshot.


Will definitely buy from him again.
Dude, how do you know that? How do you know what I talked to him about and what he put in my files? ? What files did you check? Maybe he just put it in for me. If I posted pictures with all the evidence why are you talking nonsense? I have no interest in spreading nonsense. I just wanted the world to know what kind of man MoPharma is.
Before you talk it would be better to do an analysis about him and see, the man sells ransomware . backdoor and all kind of viruses on other forums.. i bought over 10 pages from him. You can ask him.. i have no reason to lie.
 
popey сказал(а):
Dude, how do you know that? How do you know what I talked to him about and what he put in my files? ? What files did you check? Maybe he just put it in for me. If I posted pictures with all the evidence why are you talking nonsense? I have no interest in spreading nonsense. I just wanted the world to know what kind of man MoPharma is.
Before you talk it would be better to do an analysis about him and see, the man sells ransomware . backdoor and all kind of viruses on other forums.. i bought over 10 pages from him. You can ask him.. i have no reason to lie.
I was just sharing my experience.
In your photos it is possible to notice how the source has been protected through the use of a `gzinflate` function which then proceeds to execute the base64 "protected" content.
When I bought the kit, I took care to check all the files inside it (as you should normally do when buying something from someone) and I haven't noticed any kind of function/mechanism like this being used.
I find it hard to believe that the developer uses these features only on some kits, in my experience generally you copy blocks of code from one part to another to speed up the development of new pages.

If you are convinced of what you say, and you have real evidence, I invite you to open a complaint against MoPharma through the forum administrator.
Sharing a screenshot without showing further evidence has no value, why you didn't publish any correspondence between you guys? That phishing kit could be made by anyone.

Furthermore, as you're stating that the `antibots.php` file was backdoored, here's the one present in the phishing page I bought.
As you can see everything is clear as water and it doesn't contain any kind of strange function which could potentially execute malicious code/exfil your data.

Bash: 
~/*****/*****/*****/*****/*****/*****/anti ❯ cat antibots.php 
<?php
session_start();
require_once 'config.php';
require_once 'functions.php';

#Cloacker Configuration
$ip = getIPFunc();
$geolocation_data = geolocationIp($ip);
@$proxy = $geolocation_data["proxy"];
@$hosting = $geolocation_data["hosting"];
@$country_code = $geolocation_data["countryCode"];
@$isp = $geolocation_data["isp"];
...
 
popey сказал(а):
Dude, how do you know that? How do you know what I talked to him about and what he put in my files? ? What files did you check? Maybe he just put it in for me. If I posted pictures with all the evidence why are you talking nonsense? I have no interest in spreading nonsense. I just wanted the world to know what kind of man MoPharma is.
Before you talk it would be better to do an analysis about him and see, the man sells ransomware . backdoor and all kind of viruses on other forums.. i bought over 10 pages from him. You can ask him.. i have no reason to lie.
Я так же покупал панель у MoPharma, он крутой мужик.
Rat/Shell замечен не был.
 
popey сказал(а):
Dude, how do you know that? How do you know what I talked to him about and what he put in my files? ? What files did you check? Maybe he just put it in for me. If I posted pictures with all the evidence why are you talking nonsense? I have no interest in spreading nonsense. I just wanted the world to know what kind of man MoPharma is.
Before you talk it would be better to do an analysis about him and see, the man sells ransomware . backdoor and all kind of viruses on other forums.. i bought over 10 pages from him. You can ask him.. i have no reason to lie.
Man, your telegram its @spam4elite, I made over 10 pages for you, I refused to make one for you, and you decided to post fake shit about my work. If I had ever put a backdoor in my pages, I would have been banned a long time ago. The conversations and images you upload are fake and edited by you. I already told you on Telegram, you act like a 12-year-old. Enjoy it, really. Just by looking at your account, you only have 5 messages, all 5 of them posting fake shit about me. Enjoy ;)
 
Пожалуйста, обратите внимание, что пользователь заблокирован
can you make me a .js skimmer
 
Пожалуйста, обратите внимание, что пользователь заблокирован
MoPharma сказал(а):
No sorry :/
whats issue bro
Its simply a pop up that sits over the checkout page on my own shops and exfils the filled data to a server
same as any phishing page but must be written in pure .js thats all
i can encrypt it if thats the issue
doesnt need to be massively stealthy as it is going on my own shops
 
Talk via teleg bro
crypt0 сказал(а):
whats issue bro
Its simply a pop up that sits over the checkout page on my own shops and exfils the filled data to a server
same as any phishing page but must be written in pure .js thats all
i can encrypt it if thats the issue
doesnt need to be massively stealthy as it is going on my own shops
 
Пожалуйста, обратите внимание, что пользователь заблокирован
ill hit ya up in next hour when home bro
 
admin


Напишите ответ...
Верх