Return to forum

love · July 9, 2022 at 2:44 PM

I've had some free time on my hands so I decided to create a BTC transaction phishing website.
I got the concept from a similar duping attack on the actual privNote website.

The concept is quite simple, a user enters their BTC address into the "private" note requesting payment and the address displayed upon opening the note is the attacker's instead of the user's.
The project has the name privNote but I suggest you change it to something new and use this as a sort of functioning template.
I'm willing to personalise the website on commission, if you're interested feel free to PM me.

Installation steps:

Download, decompress zip.
Open terminal within decompressed folder.
Rename the .env.example file to .env
Configure your environment file(importantly: DB settings, BTC_ADDRESS values).
Enter the following commands:

$ composer install
$ php artisan key:generate
$ npm install
$ npm run dev (alternatively "npm run build" for publishing)
$ php artisan serve --port 8080 (for development)

Screenshots:

Creators view of the note:

Any other user sees the note as:

Download:

Hidden Content

You must register or login to view this content.

xadmin · July 9, 2022 at 2:48 PM

is this web？

is this website？

2BEE · July 9, 2022 at 2:48 PM

(July 9, 2022, 02:44 PM)love Wrote: I've had some free time on my hands so I decided to create a BTC transaction phishing website.
I got the concept from a similar duping attack on the actual privNote website.

The concept is quite simple, a user enters their BTC address into the "private" note requesting payment and the address displayed upon opening the note is the attacker's instead of the user's.
The project has the name privNote but I suggest you change it to something new and use this as a sort of functioning template.
I'm willing to personalise the website on commission, if you're interested feel free to PM me.

Installation steps:
Download, decompress zip.
Open terminal within decompressed folder.
Rename the .env.example file to .env
Configure your environment file(importantly: DB settings, BTC_ADDRESS values).
Enter the following commands:
$ composer install
$ php artisan key:generate
$ npm install
$ npm run dev (alternatively "npm run build" for publishing)
$ php artisan serve --port 8080 (for development)

Screenshots:
Image unavailable

Creators view of the note:
Image unavailable

Any other user sees the note as:
Image unavailable
Download:

What a coincidence, i just read a warning about some privnote phishing website doing the same thing lol

good work tho!

erickaxo · July 11, 2022 at 9:50 AM

thxx
:)

Blood · July 11, 2022 at 10:41 AM

simple yet very efficient project

spice · July 11, 2022 at 10:49 AM

Very based sir , looking at the source code makes me wanna kill myself, i'm a python / flask guy, I could code this with like 50 lines.

Bronz · July 11, 2022 at 12:57 PM

gonna try this

love · July 11, 2022 at 8:30 PM

(July 11, 2022, 10:49 AM)spice Wrote: Very based sir , looking at the source code makes me wanna kill myself, i'm a python / flask guy, I could code this with like 50 lines.

Yeah, tailwind looks pretty ugly but I prefer it over bootstrap

(July 11, 2022, 12:57 PM)Bronz Wrote: gonna try this

If you find any bugs or need help running it feel free to hmu or comment

love · July 16, 2022 at 2:15 PM

new update - fixed note burning functionality and reduced code size.

Skynet1337 · August 14, 2022 at 10:11 AM

Fake web