This article describes the discovery and takedown of a fraudulent DMart giveaway website disguised as a legitimate promotional offer. The site was designed to collect personal user information under false pretenses. The author, a cybersecurity researcher, explores the security vulnerabilities, executes a Server-Side Template Injection (SSTI) exploit for remote code execution, and ultimately removes the scam. Affected: Users, victims of the scam
Keypoints :
- A fraudulent DMart giveaway was circulated through WhatsApp.
- The fake website was designed to steal user data.
- The author used browser inspection and network request interception to analyze the site.
- Multiple vulnerability tests (admin panel, SQL injection, PUT method) were unsuccessful.
- A Server-Side Template Injection (SSTI) vulnerability was confirmed.
- A reverse shell exploit was successfully crafted and executed.
- Stolen user data included names, phone numbers, and email addresses.
- The scam site was ultimately taken down.
- Importance of ethical hacking in protecting users from scams.
- Advice on verifying links and being cautious with forwarded messages.
MITRE Techniques :
- Tactics: Execution, Technique: Server-Side Template Injection (Taint Analysis) – The author confirmed SSTI by injecting a payload and executing arbitrary code on the server.
- Tactics: Execution, Technique: Command and Control (Remote Access) – The author crafted a reverse shell payload to gain remote access to the server.