This is some nevt level phishing. I wrote the guy who was listed in WHOIS an E-Mail, correcting his mistakes.

Wtf...

Haha

In his defense, average user will not detect those mistakes and will still login

@gitpush lol you should have seen the email. the average user wouldn't click on a pixelated screenshot of a paypal email, which was edited with mspaint (badly) and if the average user clicks that, I lost hope in humanity

A huge hint might also be the address

@BambuSource oh in that case then I guess no 😅

I always fill in the credentials with abuse.
Email: fuckupieceofshit@diealone.com
Password: yourmom

Usually I fill those with generated bs.
If I'm able to retrieve some info related to the site, I might go a little more targeted and try to fill in some guesses on their credentials :p

Wow you can't realize it in the first look

@irshu Same 😂

Mostly I type:
Mail: GoFuck@YourSe.lf
Pass: IFeelLikeYouDidn'tEvenTry

Write a script that fills this form automatically with random user names and leave it running for a few hours.
You will fill up their database with so much junk, they'll lose any real logins that may come in

@Gnu-Not-Unix I like your thinking 😂

@Gnu-Not-Unix Do you have a guide that explaind this kind of script's for python-noobs like me?

@Gnu-Not-Unix This is what I do. Months of working with Selenium automation at a job I hated actually kind of paid off.

I also use it (alongside a proxy) on those "Click here to donate a can of dog food / bowl of rice / etc." sites. Not sure they're happy with me, but idrc.

@n0ah probably just need to send post requests to their server. Simple loop around that and your done.

@n0ah it may be as easy as doing it once through the browser, capturing the post and then resending it with curl in a 5 line shell script. No python needed

They probably save the ip to filter spam. Wait a spam filtering spam. Kind of recursion incoming xD