Showing a Craigslist scammer who's boss using Python [Engineer Man]
18 replies, posted
https://youtu.be/UtNYzv8gLbs
That is someone you don't want to fuck with at all.
Seeing this sort of thing makes me really wish I had picked up on some talents when I was a teenager instead of... whatever I did. Guess it's not too late, though.
Never too late, just more time consuming to learn really.
i'd wager this guy does programming as his job, all he's doing is generating generated values and manually sending it to the scammer's server. Not very complicated but the way he does it shows he has done this type of stuff a lot.
yeah, also, python is pretty easy to pick up on. Very readable, almost pseudocode like. It'd be my first choice to get someone into coding
I hope he doesn't do this type of stuff a lot because this was a bit poor. All the scammer has to do is delete records that have a password length of 8, with an email formatted like [firstname][0-9]@yahoo.com, that were created in the span of the 5 minutes he ran the script for and there's no data loss for him.
Except he managed to cause some damage to the guys system. Considering if you try to access the scammer's website currently you get this wonderful notification.
https://i.imgur.com/GrCSHM6.png
And further so he revealed that the video was viewed by people over at Craigslist and they sent him a shirt for their appreciation.
https://www.youtube.com/watch?v=Anij183Ow9M
I agree with this, the video almost seems as if it was made to be less complicated so it would be easier to explain to a general audience.
Wouldn't take a lot to make more realistic usernames & passwords. Plus throwing in some random timing and having it run over a longer period of time would get you one step closer to really screwing over the scammer's data. Regardless, I liked the video
I didn't learn Python until I was 23 or 24 and it was very easy to pick up. I'm currently reading an extremely good book on how to use it for scientific programming(I'm a math major) and I'm surprised at how simple and versatile it is since in my python course, we used it for media manipulation.
Fuck java though.
This will work on a really bad scammer but someone with a bit of presence of mind will be saving timestamps, IPs and will know regex as well to list all the emails that have this weird format, all of those are tools in the toolbox that could individually clean up the mess on their own.
I wanted to see SQL injection.
I am actually disappointed by this as well. I expected him to at least drop the tables on the corresponding DB, not shove in 1000 easily distinguishable emails.
I don't understand why someone would want to hacks Craigslist account. What kind of valuable information could you get from that except maybe getting the victim's password for their real email.
This presumes that the scammer's system is vulnerable to SQL injection. Which I mean... Knowing these sorts, it might be. He didn't really bother to test it though.
He should've at least made his garbage data more difficult to distinguish from actual data though. Waaay too easy to filter that shit.
and from different addresses, several different mail providers, and with plausible passwords that isn't just random gibberish, would've really fucked the scammer over. With the current application it'll take them liike 10 seconds to filter out the fake data unless they're completely retarded
Everyone's ragging on him for making easily distinguishable spam accounts, but he could easily make them a lot more discrete if he wanted to, like I'm pretty sure he knows how he can mutate it so it's a lot harder to distinguish. I'm pretty sure he just made it as simple and short as possible for the video's sake
That's unrelated, someone just reported it to Google.
It's almost like exposing a scam so it gets classified as one can be something that can happen when making a video about a scam.
Sorry, you need to Log In to post a reply to this thread.