1. This website uses cookies to improve service and provide a tailored user experience. By using this site, you agree to this use. See our Cookie Policy.
    Dismiss Notice

Anyone using Firefox ? check this domain hijacking

Discussion in 'Black Hat SEO' started by meannn, Apr 6, 2019.

  1. meannn

    meannn Elite Member

    Joined:
    Apr 22, 2009
    Messages:
    1,585
    Likes Received:
    2,137
    Occupation:
    Flawless Victory
    Location:
    Virtual World
    • Thanks Thanks x 9
  2. brazi

    brazi Newbie

    Joined:
    Mar 19, 2016
    Messages:
    42
    Likes Received:
    8
    Nice find! Tried it in my firefox and got apple.com
     
  3. Ecodor

    Ecodor Regular Member

    Joined:
    Nov 5, 2017
    Messages:
    459
    Likes Received:
    116
    Gender:
    Male
    Location:
    localhost
    Holy shit this bug its not fixed 2 years??
     
  4. Boriss

    Boriss Elite Member

    Joined:
    Nov 7, 2009
    Messages:
    1,780
    Likes Received:
    712
    Gender:
    Male
    Location:
    Inside a Monitor
    Home Page:
    I don't think it's a bug...
     
  5. Gogol

    Gogol Jr. VIP Jr. VIP

    Joined:
    Sep 10, 2010
    Messages:
    5,007
    Likes Received:
    4,572
    Gender:
    Male
    Occupation:
    Programmer
    Location:
    Pale Blue Dot
    Home Page:
    Woah, interesting!! :D
    What's even more surprising is the green lock. I will do some digging on this. ;)
     
  6. longhigy

    longhigy Newbie

    Joined:
    Mar 20, 2013
    Messages:
    26
    Likes Received:
    5
    damn thats actually crazy
     
  7. Gogol

    Gogol Jr. VIP Jr. VIP

    Joined:
    Sep 10, 2010
    Messages:
    5,007
    Likes Received:
    4,572
    Gender:
    Male
    Occupation:
    Programmer
    Location:
    Pale Blue Dot
    Home Page:
    Okay, so it's the weird characters (раураӏ) that exactly looks like "paypal". No special script or anything. Pretty convincing to be frank. Glad that chrome fixed this bug already.
     
  8. Ecodor

    Ecodor Regular Member

    Joined:
    Nov 5, 2017
    Messages:
    459
    Likes Received:
    116
    Gender:
    Male
    Location:
    localhost
    lol i got around 12 ideas for this, but its freaking illegal if you get caught for this you are in trouble...

    EDIT: Also It remembers the characters if you copy directly from the URL bar on the browser
    EXAMPLE: https://www.аррӏе.com/
    https://раураӏ.com/
     
    Last edited: Apr 6, 2019
  9. BuildMoreLinks

    BuildMoreLinks Jr. VIP Jr. VIP

    Joined:
    Jun 7, 2012
    Messages:
    2,437
    Likes Received:
    784
    • Thanks Thanks x 1
  10. meannn

    meannn Elite Member

    Joined:
    Apr 22, 2009
    Messages:
    1,585
    Likes Received:
    2,137
    Occupation:
    Flawless Victory
    Location:
    Virtual World
    I am not sure why firefox doesnt fix this :) as you can scam many people.
     
  11. moonshine7000

    moonshine7000 Elite Member

    Joined:
    Mar 4, 2013
    Messages:
    1,632
    Likes Received:
    679
    Occupation:
    A+ IT technician,Clickbank and Amazon Marketer
    That is very cool you can disguise an affiliate link very easily
     
  12. spazzumes

    spazzumes Jr. VIP Jr. VIP

    Joined:
    Aug 10, 2018
    Messages:
    104
    Likes Received:
    27
    Gender:
    Male
    Annnd that's how you get in big trouble haha. Pretty wild though
     
  13. yellowdot

    yellowdot Newbie

    Joined:
    May 18, 2018
    Messages:
    47
    Likes Received:
    14
    It's dope great for phasing but strange how this is not fixed in firefox yet.

    Although you can see via SSL certificate that something is not right, as big companies have their name for PP is is PayPal, inc (US) written in the green area. And these websites have SSL from comodo.

    Anyway ordinary user would not mind looking further to notice something is not right tbh
     
  14. LSP24

    LSP24 BANNED BANNED

    Joined:
    Jun 8, 2018
    Messages:
    30
    Likes Received:
    4
    Gender:
    Male
    When I connect to real PayPal site - there "PayPal, Inc.(US) before lock. Same with Apple.
    There 2 sites only shows green lock.
     
  15. sheryna

    sheryna Newbie

    Joined:
    Mar 29, 2019
    Messages:
    40
    Likes Received:
    0
    Gender:
    Female
    is this whats called by "phising" ? is there any guide to do it ?
     
  16. moonshine7000

    moonshine7000 Elite Member

    Joined:
    Mar 4, 2013
    Messages:
    1,632
    Likes Received:
    679
    Occupation:
    A+ IT technician,Clickbank and Amazon Marketer
    This is not a hacking forum and its against the rules.
     
    • Thanks Thanks x 2
  17. sheryna

    sheryna Newbie

    Joined:
    Mar 29, 2019
    Messages:
    40
    Likes Received:
    0
    Gender:
    Female
    ah i c ... sorry for noob question before , thx for the heads up
     
  18. yellowdot

    yellowdot Newbie

    Joined:
    May 18, 2018
    Messages:
    47
    Likes Received:
    14
    I don't think this is the right thing to do but phising is basically a fraudulent thing where you trick the users into thinking something is right but in fact you are obtaining an info about them. In the example provided here OP and article showed how others can trick you and me into believing we are at paypal or apple website but in fact we are taken to another website - the website of the attacker.

    Anyways I would not recommend you to go further, because if you do you will have to keep your tracks clean because when cough, you can end up in jail etc. because you are stealing the info from people. Better find other way to make money, do you want somebody to use physing on you and to obtain your data? I guess you don't, so don't do that.
     
  19. Windmm

    Windmm Jr. VIP Jr. VIP

    Joined:
    Jun 10, 2013
    Messages:
    2,618
    Likes Received:
    1,160
    Dang this is so huge.
     
  20. Ecodor

    Ecodor Regular Member

    Joined:
    Nov 5, 2017
    Messages:
    459
    Likes Received:
    116
    Gender:
    Male
    Location:
    localhost
    Dont do this unless you are sure you wont get caught
     
    • Thanks Thanks x 1