1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WTF Go to PayPal Right Now....

Discussion in 'BlackHat Lounge' started by carryout, Jan 20, 2009.

  1. carryout

    carryout Junior Member

    Joined:
    Nov 7, 2008
    Messages:
    137
    Likes Received:
    34
    Occupation:
    Student @ UND
    Location:
    Midwest
    Wtf is going on its all in asian writing....Its not a phish script, its https://paypal.com
     
  2. The Giant Midget

    The Giant Midget Junior Member

    Joined:
    Jan 17, 2009
    Messages:
    195
    Likes Received:
    40
    Location:
    In your car
    looks fine to me.
     
  3. vegasvillan

    vegasvillan Regular Member

    Joined:
    Jan 15, 2009
    Messages:
    406
    Likes Received:
    511
    Location:
    NYC
    wtf was that?
     
  4. carryout

    carryout Junior Member

    Joined:
    Nov 7, 2008
    Messages:
    137
    Likes Received:
    34
    Occupation:
    Student @ UND
    Location:
    Midwest
    Well I live in the US and it cant be only me...
     
  5. cheap2art

    cheap2art BANNED BANNED

    Joined:
    Oct 21, 2008
    Messages:
    159
    Likes Received:
    13
    i thought the right domain of paypal is http://www.paypal.com ???? :D
     
  6. carryout

    carryout Junior Member

    Joined:
    Nov 7, 2008
    Messages:
    137
    Likes Received:
    34
    Occupation:
    Student @ UND
    Location:
    Midwest
    php says action="https://www.paypal.com/cgi-bin/searchscr?cmd=_sitewide-search


    doesnt look phisshy to me at all i dont get it

    https just means its a secure server, information is encrypted
     
  7. Donnie Darko

    Donnie Darko Regular Member

    Joined:
    Aug 22, 2007
    Messages:
    229
    Likes Received:
    356
    Location:
    USA
  8. crashed

    crashed Jr. VIP Jr. VIP Premium Member

    Joined:
    Aug 13, 2008
    Messages:
    958
    Likes Received:
    1,198
    Occupation:
    Guru-slayer
    Location:
    Behind the VPN...
    Home Page:
    Maybe your accessing it through a proxy ?
     
  9. Rein1418

    Rein1418 BANNED BANNED

    Joined:
    Apr 11, 2008
    Messages:
    312
    Likes Received:
    52
    looks fine on my end
     
  10. doseph

    doseph Registered Member

    Joined:
    Feb 23, 2008
    Messages:
    86
    Likes Received:
    24
    Home Page:
    you can change the language on your end... just delete your cookies and try again, if you can't find the language selector.
     
  11. xbox360gurl70s

    xbox360gurl70s Elite Member

    Joined:
    Sep 28, 2008
    Messages:
    1,532
    Likes Received:
    349
    Location:
    In your wet dreams
    looks phisshhy LOL. reads phisshy, something is wrong with the cookies and with your browser. I suggest to check for bugs
     
  12. cocoholo

    cocoholo Regular Member

    Joined:
    May 4, 2008
    Messages:
    334
    Likes Received:
    212
    Occupation:
    seeker
    Location:
    Earth
    Everything seems find. Try typing it manually :)
     
  13. S&W40MPc

    S&W40MPc Newbie

    Joined:
    Nov 13, 2007
    Messages:
    22
    Likes Received:
    112
    I believe it IS a phishing attempt. When I use your link, I get this:

    Secure Connection Failed
    paypal.com uses an invalid security certificate.
    The certificate is only valid for www.paypal.com
    (Error code: ssl_error_bad_cert_domain)
    * This could be a problem with the server's configuration, or it could be someone trying to impersonate the server.
    * If you have connected to this server successfully in the past, the error may be temporary, and you can try again later.


    But when I use my bookmarked link or my RoboForm login link, I get the real PayPal login page, in English, and can get into my account just fine.

    sw40
     
  14. carryout

    carryout Junior Member

    Joined:
    Nov 7, 2008
    Messages:
    137
    Likes Received:
    34
    Occupation:
    Student @ UND
    Location:
    Midwest
    No im saying i went to http://paypal.com and that when u go there https pops up like it should...but its all in some asian language and It shouldnt be like that

    I deleted the Certificate, Deleted Cookies, Not using Proxies atm, Dunno....To much PHP and for the most part the code seems legit put im no expert so who knows....


    Edit: Dunno what i did but it works now...
     
    Last edited: Jan 20, 2009
  15. justone

    justone Elite Member

    Joined:
    Oct 12, 2008
    Messages:
    1,516
    Likes Received:
    1,036
    Occupation:
    -
    Location:
    Europe
    To clear this mess a bit ;)

    first the wrong phising alarm: paypal.com is a domain, www.paypal.com is a subdomain.
    paypals SSL certificate is set to www.paypal.com, if you open paypal.com it is the same server but the certificate is not right. (paypal is not professional enough to fix this)

    Next the problem of carryout:
    There are a few possibilities that went wrong:
    a) a transparent proxy between you and the internet, fucking with the data
    b) a hijacked DNS server providing you a wrong IP which relays to paypal (and sniffs you)
    c) adware/malware on your computer
    d) as you said, cookies might be a reason. maybe you had a "paypal asia" cookie active because of some reason
    e) finally paypal often has website issues, maybe you connected in the wrong second

    You should also know that paypal uses not only normal cookies, they also track you through LSO cookies (flash cookies)
    You can read more here:
    http://www.blackhatworld.com/blackh...red-objects.html?highlight=ebay+flash+cookies