Spam Hunter

Viagra, penis enhancements, porn, mortgage rates, and much more are shoved into my inbox everyday. I'm not trying to win the spam war. I just like to vent by choosing one email a day, tracing down the jerk who sent it and publishing any antics that ensue.

Tuesday, May 17, 2005

QuarkXPress 6.0 $60

I've begun to setup up spam catching accounts and recently this little gem came my way. The idea is generally they scam you for money by offering really cheap software. If you're lucky (sort of) you will get a pirated version of the software. More then likely you will get nothing. This spammer employs and ID system to figure out which emails are live. A 33 character key is used like this

http://5bbegging.bubxsx.info/?xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
After you visit that url you are automatically redirected back to '/' and shown the selection of software. WARNING: JUST LOOKING AT THE IMAGES IN THE EMAIL WILL LIKELY TAG YOU!
So this is why I am using catcher accounts :) I abandon them all the time so I don't care if they are tagged. To further annoy this person I have refined my earlier false positive generator. I used a random password generator script found here coupled with psudeo random number generation to make a nice fake ID which will hit the website. The output isn't very pretty, just a look at the hash to make sure it is somewhat random and the HTTP code to let me know it's working.


MTE0MjI1NDYzMjg3Ljc5ODp4MzVqOGU 200 OK
OTMyMzg1ODg5MDcuNDA5ODpob190cXA 200 OK
MjkxMzU1Nzg2MzkuNTEzNTp2d3g0dCU 200 OK
Nzc4NDE4ODU2NjYuNTcwNzp3cHJfYjk 200 OK
NDM1NDM1NzczNjcuMDE4OTptX3I1MXg 200 OK
NzQxNjA5NDQwMjAuNjYyNTo0anpxa2N 200 OK
MTQ0ODU5MDUzODkwLjc3MTp5ZjFsfHN 200 OK
MTAwOTkzMjE0NTEwLjU1ODpqcGYtcCV 200 OK
MTM5NjM3MTk0ODk5LjQwNjppdmhmdW1 200 OK
MTY5NzA4MTQyNDM4LjU3NjpyZWYtJXI 200 OK


Here is the code which is free to use in the pursuit of spammer hunting.

#!/usr/bin/perl -w
use strict;
use LWP::UserAgent;
use MIME::Base64;


# Create a user agent object
my $ua = LWP::UserAgent->new;
$ua->agent("Mozilla/8.0"); # pretend we are very capable browser :)


my $baseURL='http://5bbegging.bubxsx.info/?';

sub randomPassword {
my $password;
my $_rand;

my $password_length = $_[0];
if (!$password_length) {
$password_length = 10;
}

my @chars = split(" ",
"a b c d e f g h i j k l m n o p q r s t u v w x y z
- _ % # |
0 1 2 3 4 5 6 7 8 9");

srand;

for (my $i=0; $i <= $password_length ;$i++) {
$_rand = int(rand 41);
$password .= $chars[$_rand];
}
return $password;
}

sub getPage
{
my $key = localtime();
#removing anything that is not a digit
$key=~s/\D//g;
$key=rand($key);
my $text=randomPassword();
my $encoded = encode_base64("$key:$text");

#original email had a 16 char hash so just making sure mine is similar
my $hash=substr($encoded,0,31);

my $req = HTTP::Request->new(GET => $baseURL.$hash);
$req->header('Accept' => 'text/html');

# Pass request to the user agent and get a response back
my $res = $ua->request($req);

# Check the outcome of the response
if ($res->is_success) {
print $hash . " " .$res->status_line . "\n";
}
else {
print "Error: " . $res->as_string . "\n" if ($res->status_line!~/404/);
}
}

#######################################################
# modified so non perl users won't hurt themselves :)
# mine is set to 500 and I just run it a few times
# a day. feel free to set yours to 9999999999999
#######################################################
foreach my $try (1..2)
{
getPage();
}

1 Comments:

At 8:56 AM, Anonymous Anonymous said...

This'll do the trick nicely ;)
pwgen -s 33 1

 

Post a Comment

<< Home