I wrote some Perl years back to take the fight to phishers. You would provide my... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

chrissnell on June 28, 2015 | parent | context | favorite | on: Show HN: Phishing as a service

I wrote some Perl years back to take the fight to phishers. You would provide my script with the field names and POST URL of the HTML form within the phishing email, along with some generic types for each form field. There were types for firstnames, lastnames, email, addresses, usernames, passwords, social security numbers, and credit card numbers. The script would generate fake but real-looking values for each of these things--the credit card numbers would even pass a checksum test--and then post to the URL. It would do this as fast as the remote end would accept them with the aim of filling out their database (typically a text file on some compromised server) with bullshit data, making it hard to pick out the legit data from victims.

It worked wonderfully. I used it through proxies when I could and watched the phishers try to block me or even attack me back.

badinker on June 29, 2015 | [–]

Do you still have a copy of that script? Would love to look at it.

HaseebR7 on June 28, 2015 | [–]

this would be so much fun when used with fakenamegenerator.com

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact