Support Forums

Full Version: How to decrypt phishers
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3 4 5 6 7 8
(10-10-2009, 08:05 PM)Dingo_Dog Wrote: [ -> ]Thanks for the tut man. Looks great, hopefully I can give people their accounts back.

How? The emails would only contain information that the original owner already knows.

The best thing to do is to just delete the email account.
(10-10-2009, 08:06 PM)MreGSX Wrote: [ -> ]How? The emails would only contain information that the original owner already knows.

The best thing to do is to just delete the email account.

I was sort of thinking if it was an offline Facebook Phisher or Hotmail Phisher, just advise the victims to change their passwords. Because if this way of reverting is quite popular then everyone would do it, and then start taking off passwords. But yeah, just deleting would be better Tongue
yea but, that involves running it unless sandboxie, if u run it without it im pretty sure its binded with malware
(10-10-2009, 08:06 PM)MreGSX Wrote: [ -> ]How? The emails would only contain information that the original owner already knows.

The best thing to do is to just delete the email account.

Actually you can try see if the pass word is the same as youtube, so in the description you could say to stop downloading this for their own good or whatever you want to say.


(10-10-2009, 08:32 PM)HuNt3R Wrote: [ -> ]yea but, that involves running it unless sandboxie, if u run it without it im pretty sure its binded with malware

You don't actually run it with sandboxie all the time if you know what it is just open it with String Stealer, but don't open the program at all. If is a keylogger I'm sure your AV will detect it as soon you extract it.
Seen something simular before, not a bad tutorial. Wireshark is good to use aswell.
Whats a good deassembler for Linux?
[PM me one]
Check it out there are some good disassemblers for Linux
http://en.wikibooks.org/wiki/X86_Disasse...ecompilers
I tried it out on a keylogger, and I couldn't find the email even after i read EVERYTHING. But if I open in wordpad and shazam right there at the bottom lmfao
(10-11-2009, 06:54 PM)BlizzStaff Wrote: [ -> ]I tried it out on a keylogger, and I couldn't find the email even after i read EVERYTHING. But if I open in wordpad and shazam right there at the bottom lmfao

I've had that happen before.
Another way of doing this is by uploading the program to novirusthanks, then clicking "View ASCII strings".
(10-11-2009, 07:54 PM)Elektrisk Wrote: [ -> ]Another way of doing this is by uploading the program to novirusthanks, then clicking "View ASCII strings".

Yea is true, but I prefer doing it this way :p. Thanks for the tip Elektrisk
Pages: 1 2 3 4 5 6 7 8