Hello there, lately i stumbled upon a fake bank webapp.
Scammer sent me a link to the webpage. He gave me login and password to that fake BNK bank.
Little did he know i know quite alot about computers, i checked his website’s security.
It was horrible. The website was just crazy bad. There were some restrictions on uploading .php files. Instead of using a reverse .php shell (since it did not work because scammer set up some basic security), i used popen() function in PHP. I wrote a custom non-interactive shell and from there using /bin/bash i got myself a command execution. I found alot of software for Mass Email sending and else, like someone’s private documents etc.
After checking few things i archived his WWW root folder.
Day later this dude literally catches on what was happening and fixes the issue with popen().
I was not able to run binaries now, but i found out that i can write stuff to files with php.
Today (a second ago) i managed to delete all of the victims’ file off the server.
I overwrited the main page of the website to something else, so people would actually realize that this is not an actual bank.
Here is the website: Fake Bank’s Main Page
