[Solved] nnighteen

[nighteen]

please unsuspend my account

[nighteen]

please unsuspend my account

[Flaze]

That account was suspended for phishing.

[nighteen]

i dont get!   

was it reported? by who?

[nighteen]

because i was using it to test run and only i have the could it , so how did i phish???

[wolstech]

The only files on this account are a chase bank phishing site in public_html...

 

If you didn't put that there, someone got into your account and did so. Either way, the uploading of any phishing content to an account, regardless of the reason, results in a permanent ban.

[wolstech]

Krydos pointed out that this guy had another account as well...Metadata associated with the nighteen account finally gave us what we needed to prove it was being used to collect phishing results. That account is now banned as well.

 

For the curious, the nighteen account contains this. The Chase phishing script used is one of the more common ones we see. It's a 4-screen phishing site that collects not just a username/password, but everything needed to steal someone's identity. This one sends the data via email, but I've also seen a version that stores the data in files data1.txt/data2.txt etc. instead.

root@johnny [/home/nighteen/www]# ls -R.:cgi-bin  Chase  Chase.zip./cgi-bin:./Chase:a6e0f69e14fe51f73f84b0e04dd81ace  home  index.php  rezlt.txt./Chase/a6e0f69e14fe51f73f84b0e04dd81ace:antibots.php  bt.php     css        index.php  verification-billing.php  verification-email.phpblocker.php   chase.png  email.php  res        verification-card.php     verification-finished.php./Chase/a6e0f69e14fe51f73f84b0e04dd81ace/css:background.desktop.night.4.jpeg  Capture.PNG                   chase-touch-icon-152x152.png  logon.css              opensans-semibold.woffbackground.mobile.night.4.jpeg   chasefavicon.ico              jquery-3.1.0.min.js           opensans-regular.eotblue-ui.css                      chase-touch-icon-120x120.png  jquery.maskedinput.js         opensans-regular.woff./Chase/a6e0f69e14fe51f73f84b0e04dd81ace/res:error_log  post1.php  post2.php  post3.php  post4.php./Chase/home:antibots.php  bt.php     css        index.php  verification-billing.php  verification-email.phpblocker.php   chase.png  email.php  res        verification-card.php     verification-finished.php./Chase/home/css:background.desktop.night.4.jpeg  Capture.PNG                   chase-touch-icon-152x152.png  logon.css              opensans-semibold.woffbackground.mobile.night.4.jpeg   chasefavicon.ico              jquery-3.1.0.min.js           opensans-regular.eotblue-ui.css                      chase-touch-icon-120x120.png  jquery.maskedinput.js         opensans-regular.woff./Chase/home/res:post1.php  post2.php  post3.php  post4.phproot@johnny [/home/nighteen/www]#