On Thu, Feb 15, 2007 at 11:13:39PM -0300, Andres Riancho wrote: > Hi, > > For a research i'm doing I need a somehow "big"(around 100 would be > nice...) amount of phishing sites html code . I have googled for them but > I only get a lot of screenshots of those sites, not the actual code. > Anyone has an idea of where I could get those sites html ? Keep in mind that the HTML is most likely directly lifted from the site that the phishers are spoofing - the only thing that changes is the action for the login form; you can't readily get to the source code for the form action because it is done in some sort of server side scripting (CGI, PHP, ASP, whatever...) that can't readily be viewed from the client side. That said, I have run into one or two phishers who compromise a site (or create a throwaway site themselves), upload their scripts in a tarball, install them - and then leave the tarball around for posterity to analyze. I kid you not. Unfortunately, the only good way to get to that source code is by asking the administrator of a compromised site whether they found anything that they would be willing to share; going in and poking around yourself may put you into a legal position that you'd rather not be in. HTH, --j
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/