Kasus Situs KlikBCA Palsu Onno W. Purbo Onno@indo.net.id

Situs KlikBCA Palsu http://wwwklikbca.com http://www.kilkbca.com http://www.clikbca.com http://www.klickbca.com http://www.klikbac.com

http://www.klikbca.com

www.klikbca.com [root@yc1dav onno]# nmap -vv -sS -O www.klikbca.com Starting nmap V. 2.53 by fyodor@insecure.org ( www.insecure.org/nmap/ ) Host (202.158.15.51) appears to be down, skipping it. Note: Host seems down. If it is really up, but blocking our ping probes, try -P0 Nmap run completed -- 1 IP address (0 hosts up) scanned in 60 seconds

https://ibank.klikbca.com

https://ibank.

ibank.klikbca.com [root@yc1dav onno]# nmap -vv -sS -O ibank.klikbca.com Starting nmap V. 2.53 by fyodor@insecure.org ( www.insecure.org/nmap/ ) Host (202.158.15.52) appears to be down, skipping it. Note: Host seems down. If it is really up, but blocking our ping probes, try -P0 Nmap run completed -- 1 IP address (0 hosts up) scanned in 43 seconds

Keamanan https://ibank. ..

Keamanan https://ibank. .. $ openssl s_client -host ibank.klikbca.com -port 443 CONNECTED(00000003) depth=1 /O=VeriSign Trust Network /OU=VeriSign, Inc. /OU=VeriSign International Server CA - Class 3 /OU=www.verisign.com /CPS Incorp.by Ref. LIABILITY LTD.©97 VeriSign verify error:num=20:unable to get local issuer certificate verify return:0 ---

Keamanan https://ibank. .. Certificate chain 0 s:/C=ID/ST=Jakarta/L=Jakarta /O=PT. Bank Central Asia /OU=Divisi Sistem Informasi /OU=Terms of use at www.verisign.com/rpa ©00 /CN=ibank.klikbca.com i:/O=VeriSign Trust Network/OU=VeriSign, Inc. /OU=VeriSign International Server CA – Class 3 /OU=www.verisign.com /CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign 1 s:/O=VeriSign Trust Network/OU=VeriSign, Inc. /OU=VeriSign International Server CA - Class 3 i:/C=US/O=VeriSign, Inc. /OU=Class 3 Public Primary Certification Authority ---

Keamanan https://ibank. .. Server certificate -----BEGIN CERTIFICATE----- MIIFiTCCBPKgAwIBAgIQNJxhVugbaLL091k1nDHipzANBgkqhkiG9w0BAQQFAD ujEfMB0GA1UEChMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVm aVNpZ24sIEluYy4xMzAxBgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2 8m/rIsc6SA19ranlBFx0zT9AURZDDcVy12ZM9T0ZvWY5xF2frWRibYnw3zyQVC a6cK5U0JK0T/ddqrgRggeqH8ushwef68etrEqgw= -----END CERTIFICATE----- subject=/C=ID/ST=Jakarta/L=Jakarta/O=PT. Bank Central Asia /OU=Divisi Sistem Informasi /OU=Terms of use at www.verisign.com/rpa ©00 /CN=ibank.klikbca.com issuer=/O=VeriSign Trust Network/OU=VeriSign, Inc. /OU=VeriSign International Server CA - Class 3 /OU=www.verisign.com /CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign ---

Keamanan https://ibank. .. No client certificate CA names sent --- SSL handshake has read 2637 bytes and written 312 bytes New, TLSv1/SSLv3, Cipher is RC4-MD5 Server public key is 1024 bit SSL-Session: Protocol : TLSv1 Cipher : RC4-MD5 Session-ID: 850000001702595756FADE4AFEE7F652BC790CC606376 Session-ID-ctx: Master-Key: 3CD841954D698035E5C82941F608D200929A3636CA07D Key-Arg : None Start Time: 991984495 Timeout : 300 (sec) Verify return code: 0 (ok) QUIT DONE $