The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

MySpace Phishing Sites

Discussion in 'General Discussion' started by Echelon17, Aug 7, 2006.

  1. Echelon17

    Echelon17 Well-Known Member

    Joined:
    May 21, 2006
    Messages:
    72
    Likes Received:
    0
    Trophy Points:
    6
    Hi guys/gals,

    I've noticed a dramatic increase in sites being setup on our servers in order to phish for MySpace details. I've seen at least 5 accounts in the last 12 hours, which is quite worrying.

    To combat the problem, I created the following perl script to identify these phishing sites and alert you accordingly:

    Code:
    #!/usr/bin/perl
    # Detect MySpace phishing sites
    # Written by Echelon17 <rflack@gmail.com>
    # Written for dd.am
    
    $dir = "/usr/local/apache/domlogs/";
    opendir(DIR, "$dir");
    @files = readdir(DIR);
    closedir(DIR);
    
    foreach $file (@files) {
    if (-f "/usr/local/apache/domlogs/$file") {
    if (`grep 'fuseaction=splash' /usr/local/apache/domlogs/$file`) {
    print "$file is bad - please terminate this domain\n";
    }
    }
    else {
    # Can't open file - no point doing anything
    }
    }
    It's simple and basic, and will just print the bad domain to the screen for you. I would've made it automatically terminate and mail me, but then that's just laziness and bad administration ;)

    Hope someone can find this useful.
     

Share This Page