PhishTank pwns Phishing Phools

Posted by hardwarehank, Sat Oct 07 12:31:00 UTC 2006

PhishTank is an awesome website that keeps a database of phishing websites that are user submitted and verified. It integrates with OpenDNS, so when a site is verified by the community as a phishing site, OpenDNS users will see a phishing warning instead of the original website. There are also other perks like spelling correction and faster DNS resolves, but the phishing this is revolutionary. I joined PhishTank today, and I’m currently in second place on number of phishing sites submitted. I submitted 167 of them from Google’s blacklist after filtering it with a short perl script.

#!/usr/bin/perl
use strict;
use LWP;
die("Specify a link file.") unless $ARGV[0];
open IN, "<", $ARGV[0];
open OUT, ">>", "results.".$ARGV[0];
while(<IN>) {
  if(/<a href="(.*?)"/) {
    my $browser = LWP::UserAgent->new;
    $browser->timeout(3);
    my $response = $browser->get($1);
    if($response->is_success) {
      print OUT "$_\n";
      print "Success: $1\n";
    } else { print "Failed: $1\n"; }
  }
}

:) I’m so happy when I find sites that are already marked as phishers. If only the process of submission could be automated completely…I’ll play with the API on PhishNet and maybe it will become reality.

Tags: perl phishing spam