Saturday, November 5, 2022

XtraMailer spam service phishing tool







 https://twitter.com/neonprimetime/status/1589084560675201024?s=46&t=CMAHRgmBZRQ-vkxgYQ9Znw


#XtraMailer spam service for credential #phishing 

urlscan.io/result/9274723…

mailer login: 62.210.81[.]212/XtraMailerLogin

stolen creds posted to: 62.210.81[.].212/next.php


https://twitter.com/prodaft/status/1286580568801640448?s=46&t=CMAHRgmBZRQ-vkxgYQ9Znw


were here in the past

hxxp://conferencias.falcorp[.]net

hxxp://195.154.164[.]184

hxxp://195.154.164[.]25

htxxp://62.210.72[.]29


tool error message that shows some internal information


urlscan.io/dom/8f93bd4e-7…


/var/www/xtramailer/vendor/laravel/framework/src/Illuminate/Routing/


RouteCollection.php

Router.php

Pipeline.php


Foundation/Http/Kernel.php

/fideloper/proxy/src/TrustProxies.php

/Middleware/TransformsRequest

/CheckForMaintenanceMode.php

/var/www/xtramailer/public/index.php


some related variables to #XtraMailer spam service #phishing tool


FACEBOOK_CALLBACK_URL

FACEBOOK_CLIENT_ID

FACEBOOK_CLIENT_SECRET

FCGI_ROLE

GOOGLE_APPLICATION_CREDENTIALS

MAIL_PASSWORD

MAIL_USERNAME

PUSHER_APP_ID

PUSHER_APP_KEY

PUSHER_APP_SECRET

RMQ_PASSWORD

RMQ_USER





Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)