Scammer’s Number: N/a
Domains Used: http://ccforums.is/
Extra Info: Please laugh until you cry as this Info be quite “Extra”.
I WANT EVERYONE TO STOP AND THINK FOR A MOMENT, ALL THE PHISHING PAGES THAT GET “HITS” THE DATA ENDS UP SOMEWHERE TO BE SOLD, THIS SHOULD HOPEFULLY INSPIRE PEOPLE TO START GETTING RID OF THESE FRAUD RINGS.
For my 16th Dark Web/Fraud bust of my career let’s have a bit of fun and showcase 100% of everything.
You have the website, but I Have the IP + Data from shodan.
IPv4: 176.123.10.223
Operating System: Red Hat Enterprise Linux 7
PORTS: 21, 22, 53, 80, 110, 143, 443, 993, 1500 ARE OPEN
HOSTNAMES: 176-123-10-223.alexhost.md
Country of the server: REPUBLIC OF MOLDOVA
CITY OF SERVER: Chisinau
ORGANIZATION: ALEXHOST SRL
ISP: ALEXHOST SRL
ASN: AS200019
WEB TECH: JQUERY, MYSQL, PHP, WORDPRESS
REALLY JUICY INFO INCOMING: EXPLOITS AND WEB TECH INFO
CVE-2020-7060
When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.
CVE-2020-7069
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data.
CVE-2020-7059
When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash.
CVE-2019-11048
In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleaning up temporary files created by upload request. This potentially could lead to accumulation of uncleaned temporary files exhausting the disk space on the target server.
CVE-2020-7067
In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.
CVE-2018-15919
Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states ‘We understand that the OpenSSH developers do not want to treat such a username enumeration (or “oracle”) as a vulnerability.’
CVE-2017-15906
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
Web Tech Versions
Open SSH v7.2
nginx v1.16.1
PHP v7.3.11