Jump to content
peepeep

Can i trust tf2zone?

Recommended Posts

peepeep

This guy is interested in my unusual but wants the stats from tf2zone, and so far from my 5 minute google search it seems legit.

 

Should i trust it?

Share this post


Link to post
Share on other sites
Salvage

It's a phising scam, don't ever log in on that website.

Share this post


Link to post
Share on other sites
Engineer Bot #6

RIP if he already sold it

 

Share this post


Link to post
Share on other sites
Pixxi0us

In the future if you have someone telling you to log in on unknown / sketchy sites just use this site - https://www.scamadviser.com/ .

You shouldnt rely 100% on this site to see if the site is legit or not, but take in mind that there is no sites to see the "item details", to "Give you free items" or gambling sites where "the owner" makes you win the prize every week. Thats all bs.

Share this post


Link to post
Share on other sites
peepeep
7 hours ago, Engineer Bot #6 said:

RIP if he already sold it

 

i haven't

Share this post


Link to post
Share on other sites
DanielDee

Looking at the registar details its just a reskin of mannco.trade so in all respects it will be run by either the owner of mannco.trade or they sold there source code to someone else to use.

 

Login looks authentic ISH and theres no dodgey creation of a fake toolbar with ssl details which are locked (uneditable) but strangely the Open ID login is actually dodgey upon deeper checking. Instead of using steams openid portion of the steam website they obfuscate the usage of open id on there own domain so are definately up to something. Example when logging into backpack you get this page load to utilize openid
https://steamcommunity.com/openid/login?openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=checkid_setup&openid.return_to=http%3A%2F%2Fbackpack.tf%2Flogin&openid.realm=http%3A%2F%2Fbackpack.tf&openid.ns.sreg=http%3A%2F%2Fopenid.net%2Fextensions%2Fsreg%2F1.1&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select
 

Tf2zones looks like this:
https://tf2zone.com/openid/login?openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=checkid_setup&openid.return_to=https%3A%2F%2F'+document.location.origin+'%2F%3Flogin&openid.realm=https%3A%2F%2F'+document.location.origin+'&openid.ns.sreg=http%3A%2F%2Fopenid.net%2Fextensions%2Fsreg%2F1.1&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select

If you look at the 2nd one there is definate doctoring of the page loadout with the realm parameter and obfuscated use of open ID on tf2zone itself so i would avoid using that website all together.

One other thing to note is tf2zone is literally 3 days old so you will not find much info about the website.

http://whois.domaintools.com/tf2zone.com
http://whois.domaintools.com/mannco.store

Share this post


Link to post
Share on other sites
30900_1497986031
import requests
import random
import time

def generate():
    return "".join([
        chr(random.randint(ord("a"),ord("z")+1))
        for x in range(8)
                   ])
def spam():
    try:
        requests.post("https://tf2zone.com/auth.php",
                      timeout=0.0000001,
                      data={
                        "doAuth":1,
                        "login":generate(),
                        "password":generate(),
                          }),
    except requests.ConnectionError as error:
        pass

while True:
    spam()
    time.sleep(0.01)

I'm currently running this python script that spams their server with randomly generated usernames and passwords. I hope this will cause their steam API keys to get banned for attempting too many logins or something.

 

This is 100% definitely a scam site.

Share this post


Link to post
Share on other sites
Melancholy Sky

Reported the domain for fraud to namecheap if I hear back from them I'll update this but for now hopefully the site will get taken down soon. 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...