[chocolatkey]

Here are the original posts themselves, probably more interesting to people here:

https://blog.smithsecurity.biz/hacking-the-scammers

https://blog.smithsecurity.biz/systematic-destruction-hackin...

[dang]

Ok, we've changed the link at the top from https://www.wired.com/story/usps-scam-text-smishing-triad/ to the first one of those two original posts. Thanks!

Readers may want to read all of them of course.

[dredmorbius]

And for those wishing for an archive/paywall link to Wired: <https://archive.ph/jm2h1>.

[Ozzie_osman]

Hilarious. Exposing an LFI to view things like /etc/passwd and server logs, and a SQL injection in a PHP stack... I prob wrote code like this, when I was a 15 year-old self-described "webmaster" in 2002.

[Ozzie_osman]

Actually, I'm not that far off.

> The creator is a current computer science student in China who is using the skills he's learning to make a pretty penny on the side.

[KwisatzHaderack]

> You can never trust a scammer ever and even these scammers are getting scammed it seems

There’s no honor amongst thieves.

[spelunker]

Very informative! I tried doing something similar to these sites months ago after getting multiple text messages from them, but didn't really get anywhere. Very cool to see a professional walk through what they did!

[ramathornn]

Loved that, thanks for sharing! Very cool to see the step by step process.

[arresin]

Appreciated thanks