February 20th, 2009

How To Catch Fake Email Sender

I just got an email from admin@yahoo.com which said that i have to reconfirm my yahoo ID by reply to the email with my details ID and password. The email it self is very convincing also the sender was yahoo.com. With yahoo mail, we can easily verify this email for fake or real by this email status. If the email has a note that "This sender is DomainKeys verified" then we can be sure that this email is for real. But if you'r using other email that not support that kinda status, you have to check it manually using it's header. To view header on yahoo email you can just click "full headers" at the left bottom of your browser. For Outlook, just right click at the message and choose properties. For example using outlook, i'll used my adsense confirmation email below. Outlook Email Headr To get this header, every mail client has their own way to view it but it can be sure that every mail client has the ability to get mail header. Now we can analize the header:

Return-path: <3U_6XSQ8KBTMPShTchT-hjeedgiVddVaT.RdbPSbXcbXcThkP.Rdb@adsense.bounces.google.com> Envelope-to: admin@minesva.com Delivery-date: Sun, 15 Feb 2009 18:36:57 +0700 Received: from rv-out-0304.google.com ([209.85.198.220] helo=rv-out-f140.google.com) by server01.anyoneserver.com with esmtp (Exim 4.69) (envelope-from <3U_6XSQ8KBTMPShTchT-hjeedgiVddVaT.RdbPSbXcbXcThkP.Rdb@adsense.bounces.google.com>) id 1LYfIp-0003at-BL for admin@minesva.com; Sun, 15 Feb 2009 18:36:57 +0700 Received: by rv-out-f140.google.com with SMTP id c7so25368rvf.16 for <admin@minesva.com>; Sun, 15 Feb 2009 03:36:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=beta; h=domainkey-signature:received:message-id:date:from:to:subject :mime-version:content-type:content-transfer-encoding; bh=P9WF4SbJa/Gne69Ygoppuc3X08dp1senz0I1AaMcZn4=; b=sWwtn6D/DJh9dBiFeTZ6yuei8Hx2EDVeSVrd/03LtXcUGjXdC+JbeGN6H9fIWFT37D BcoLM8HD0kudFtg3xuKA== DomainKey-Signature: a=rsa-sha1; c=nofws; d=google.com; s=beta; h=message-id:date:from:to:subject:mime-version:content-type :content-transfer-encoding; b=rjO0gNW6aozVtcJVeBg74KhWoH6STbjerQcz7nITW7kBmXeQEJxy539VujdRCD3Jn4 FcqXl+UdLnb6Usdjy+Pw== Received: by 10.115.95.20 with SMTP id x20mr891008wal.4.1234697811235; Sun, 15 Feb 2009 03:36:51 -0800 (PST) Message-ID: <1234697811215.9585de2f-3bc0-4c78-8efb-1696a1e3479d@google.com> Date: Sun, 15 Feb 2009 03:36:51 -0800 (PST) From: Google AdSense <adsense-support@google.com> To: admin@minesva.com Subject: Google AdSense Information Verification MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=0.0 X-Spam-Score: 0 X-Spam-Bar: / X-Spam-Flag: NO From the header, we know that the sender IP was 209.85.198.220, then using my IP Locator, we can get information that the sender was in California, and with further investigation we can get that this sender ip is belong to google and this email can be verify.

By admin in Internet 
Comment: (1,946)
Tags: , , , , ,




February 15th, 2009

Whois Domain Lookup

Have you ever been wonder who is the owner of a website like google for example. Now i've made a tool that can reveal who is the owner of a domain. Depend on the owner configuration, we can get all detail about that domain owner such as registrar name, owner name, owner address, phone number, email, include the expires date of that domain. You can check my whois tool here, enjoy...
By admin in Internet 
Comment: (3,414)
Tags: , , , ,




February 14th, 2009

How To Detect Invisible Yahoo

Have you ever been wonder which of your chat friends in yahoo messenger that really offline or they just invisible from you or everyone. Now you could check your friends real status using my yahoo invisible detector. It also gave you your friends avatar so you can sure that you're not mistype your friends id. Check out the sidebar menu on Yahoo Invisible Detector or you can click here
By admin in Internet 
Comment: (173)
Tags: , , , , , , , , , , , , ,




February 13th, 2009

How To Cheat subvertandprofit(dot)com

For you who familiar with making online money should also familiar with subvertandprofit(dot)com. That site is a place to buy votes on social media sites such as digg, stumbleupon, youtube, etc. You'll get about $0.75 for each task they gave to you, usually they'll gave you 4-5 story for you to votes on every task

But did you know that they have a very bad system to verified every task that they gave to you?

I've notice this weakness since last year and i've made a lot of money with that. I don't even need to do the real task and i still can verify that i've done my job. I've even made about 100 fake users, so for every task they gave, i can made almost $100.

The weakness is when we verified the task, the verify button is upload our social media page that we open after we finished the task. I've noticed that they only check the link that they gave to us for the task. For example if the task asked you to votes the story on http://www.abcde123.com/story.html, then they'll only check for that link on our social media sites.

All i have to do is just made a web page that include that link and post it to the server, and then...you have been verified...haha...

I've made my own application both on php and exe for this one, this application can handle a lot of user at a time. I'm not giving it in here, contact me if you want it...

Edit:

Because alot of messages that want to view the demo, i've added the demo here, you can use one of hundreds of my id for the demo (user=mickie, pass=mickie).

Edit:

The username mickie is banned by subvertandprofitadmin now, i'll provide you my other id for this tool demo (user=jenni, pass=jenni). This id has gave me about $40 now :p



Notice (March-15-2009):
It looks like the subvertandprofit has block verify from minesva.com, but when i tried it in localhost it gave me "you have been verified". If you want some pieces of my source code, just give your comment or just mail me at admin at minesva.com.
By admin in Internet, Security 
Comment: (972)
Tags: , , , ,