Carding for beginners
Heading:
Encryption part 1
Encryption part 2
Introduction to security based *unix-like systems
The safety and anonymity in the Internet. Configuring the virtual machine
Cards
Mediations
Warming-up shops
Antidetect
Searching for shops, merchant
Europe and Asia
Carding from A to Z
Selfregistered Paypal
Methods of working with Paypal self-regs
Brutus of Paypal
Work with Brut accounts
Brutus Ebay + Paypal
Pickup, Interception
Work on Android
Enroll
Gift and E-Gift
Carding Liquid stuff using Enroll
Hotels
Air
Encryption part 1
Welcome everyone today's lecture will be devoted to encryption, we will analyze all the main aspects, as well as talking about encryption in general.
I would like to discuss and analyze the fundamentals of encryption, we will study symmetric and asymmetric encryption, and also slightly touch some terms, such as: hashes, SSL, TLS, certificates, data interception using the sslstrip utility and other weaknesses associated with encryption. This is the fundamental knowledge required to select the appropriate security tools to reduce risks from being calculated by
"federals".
Many of you, if we dig a bit deeper, don't have the foggiest idea about their safety and privacy. They can only blindly object things, based on the opinions of other people.
But when it comes to your security and privacy, only You can be the guarantor of your safety, and no one else.
But surely, some smart guys will ask the question: "How can I be the guarantor of my safety if I do not know anything about it?"
One of the principles you should learn is- the principle of planning. All your actions should be clearly planned.
But in order to plan something you need to be competent in this area, to answer your questions, such as: what is it and what is it for?!
In General, encryption consists of 2 components - encryption and decryption.
With the help of encryption, the following information security states are provided:
2. Integrity - encryption is used to prevent information from being changing during the transmission or storage.
1. Privacy - encryption is used to hide information from unauthorized users during transmission or storage.
2. Integrity - encryption is used to prevent information from changing during transmission or storage.
3. Identifiability - encryption is used to authenticate the source of information and to prevent the sender from rejecting the fact that the data was sent by him.
in Order to read the encrypted information, the receiving party needs to have a key and a decoder (a device that implements the decryption algorithm).
BY THE WAY: the idea Of encryption is that the attacker, who is intercepting the encrypted data and not
having a key to it, can neither read or change the transmitted information.
Let's imagine a locked door, in order to find out, what is on the other side of the door, we need to open it with the key from this door.
And in the case of data encryption. Only instead of a closed door, we have an algorithm for encrypting data, and instead of a key from this door, a secret key (password) for decrypting data.
Goals of encryption.
the main purpose of encryption is to store important information in encrypted form.
in general, encryption is used to store important information in unreliable sources and to transmit this information through unprotected communication channels. This type of data transfer represents from itself two mutually reversed processes:
1. Data is encrypted before it is sent over the communication channels or before it is stored.
2. The decryption procedure is used to recover the original data from the encrypted data.
Encryption was originally used only for the transmission of confidential information. Subsequently, the information was encrypted with the purpose of its storage in unreliable sources. Encryption of information, with the purpose of its storage is used as for now, it avoids the need for physical storage of it (usb, ssd disks).
BY THE WAY: we will analyze the examples of encryption methods and after that, you will clearly see the whole point of it, so do not worry about it. (tomorrow)
What are the encryption methods:
1. Symmetric encryption - uses the same key for both encryption and decryption.
2. Asymmetric encryption - uses 2 different keys: one for encryption (which is also called open (public)), the other for decryption (called closed (private)) or vice versa.
These methods solve certain problems and have both advantages and disadvantages. The specific method used, depends on the purpose, for which the information is encrypted.
in order to make the right choice in the approach to encryption, which encryption method to use? And to answer other related questions, you will need to understand what encryption is, as I said earlier.
Based on the infographics above (link), we can visually understand the principle of encryption
- the Sender sends an encrypted message: "Hello, Marfa"
- Attackers intercept this message, but since they do not have a key to decrypt it, they only see a set of characters: "%#&$!"
- The recipient, having the decryption key, can easily read the message sent by the sender in encrypted form, he already sees the text of the sender in its original form: "Hello, Marfa" it is no exaggeration, if we say that encryption is the best tool that we have in our arsenal for protection against hackers and surveillance.
By the way, about the terms:
Encryption is a method of converting human-readable data, called plaintext, into a form that a human cannot read, and this is called ciphertext. This allows you to store or transfer data in unreadable form, because of that information remains confidential and private.
Decryption is a method of converting encrypted text back into human readable text. If you perform a simple Google search, you will see HTTPS and a green lock icon, which means that all the content of the web page is not readable by people who may try to intercept data transmission over the network.
Simply put or symmetric encryption (encryption method is meant 1 of 2 that say)
There are two main components of encryption:
1. The encryption algorithm is publicly known and many, many people have studied it carefully attempting to determine whether the algorithm is strong or weak.
2. Secret key - you can imagine that the secret key is a password and it must be kept secret.
The Algorithm can be represented as a closed door, and the secret key is the key to this door (see Infographic link above).
Symmetric cryptosystems use the same key for encryption and decryption.
Based on the infographic above, let's look at an example, I want to send Marfa some file, but I do not want any 3rd party people to see it. For clarity and ease of use, I decided to encrypt this file with the program 7-Zip.
By this analogous structure sectors/discs are encrypted in VeraCrypt, TrueCrypt, we will also take this for example.
Let's look at the screenshot above:
1. An encryption algorithm is a mathematical process of converting information into a string of data that looks like a random set of characters and letters.
2. A hash function is a conversion of input data, in our case, to an output bit string. The purpose of the function is to ensure integrity and to detect unintended modifications.
3. AES-256 - indicates which algorithm is used (AES) and what block size we have (256), as we can see in 7-Zip there is no possibility to customize the configuration, rather than in VeraCrypt.
4. With the help of the entered password, your key will be generated for the selected encryption algorithm (in our case AES-256), for decryption you will need to specify the decryption algorithm if its possible and enter the password, in our case again.
At the output we get an encrypted archive, which is for unpacking and obtaining information that
is inside, you must enter the decryption key, in simple terms the password.
As you can notice the symmetric block encryption algorithm, Advanced Encryption Standard (AES), was used for encryption.
This algorithm uses only the one key, the key is created using our password (see point 4 for clarity of the conversion)
You can also choose which block size 128/256/512/1024 bits, will be used, in our case there were only 256 bit and 512 bit variants.
BY THE WAY: Imagine a door and a lot of locks on it. It will take you a long time to open or close this door. Same as for algorithms, the higher the bitrate, the stronger the algorithm, but the slower it encrypts and decrypts, you can consider this as the strength of the algorithm.
256/512 bits - this is also the volume of the key space, that is, a digit, denoting the total number of possible different keys that you can obtain using this encryption algorithm.
BY THE WAY: To break a symmetric cipher, it is necessary to go through 2 * N combinations, where N is the key length.
To break the symmetric encryption with a key length of 256 bits, you can create the following number of combinations, which are, possible keys: 2^256 = 1.1579209 e+77 or if you decompose 1.1579209 e * 10^77 when calculating, we get the following number of possible variations (this is a 78-bit number).
2^256 = 11579208923731619542357098500868790785326998466564 0
564039457584007913129639936
If anything, you can check this number there http://kalkulyatoronlajn.ru
Thus, for all those who doubt the safety of the chances of collision 2 ^ 256, there is a number: there is a probability that the collision will have 1-n of more than 1.1579209 e*10^7= 78-bit number (the number which is higher)
All this means that it is extremely difficult to pick up the key, even with the help of very powerful computers, assuming that you used a long and random password when you were generating the key. (about the passwords we will analyze in details tomorrow)
BY THE WAY: we will talk about the passwords separately, what to use, and etc. Together with the programs and why. Don't stop up your brain with all this information at this stage, lets now talk about this..
People and governments are constantly trying to crack encryption algorithms. In this article, I'll give you a list of algorithms that are good and which are not, which ones are amenable to hacking and which ones are currently impossible to crack.
Symmetric encryption Algorithms
1. Data Encryption Standard (DES) is an algorithm for symmetric encryption, developed by IBM and approved by the U.S. government in 1977 as the official standard (FIPS 46-3). The block size for DES is 64 bits.
2. Triple-DES (3DES) is a symmetric block cipher, created in 1978 on the basis of the DES algorithm in order to eliminate the main drawback of the last small key length (56 bits), which can be broken brute-forcing key search.
3. Blowfish is a cryptographic algorithm that implements block symmetric encryption with a variable key length
4. RC4 is a stream cipher, which is widely used in various information security systems in computer networks (for example, in SSL and TLS protocols, WEP and WPA wireless security algorithms).
5. RC5 is a block cipher developed by Ron Rivest of RSA Security Inc. with variable number of rounds, block length and key length. This extends the scope of use and simplifies the transition to a stronger version of the algorithm.
6. RC6 is a symmetric block cryptographic algorithm derived from the RC5 algorithm.
7. Advanced Encryption Standard (AES) - symmetric block encryption algorithm (block size 128 bit, key 128/192/256 bit), adopted as the encryption standard by the us government on the results of the AES competition. This algorithm is well analyzed and is now widely used as it was with its predecessor DES.
Symmetric algorithms are used in most encryption systems that You use daily: HTTPS, Full disk encryption (TrueCrypt, VeraCrypt and others), file Encryption (7-Zip, WinZip and others), Tor, VPN. Symmetric encryption is used almost everywhere
BY THE WAY: Advanced Encryption Standard (AES) is a common standard for symmetric encryption. For maximum protection, use AES-256 where possible. AES is fast and today- it is impossible to crack (assuming that you have a strong password, about this will be below).
2nd type or method, to whom as it is more convenient Asymmetric encryption
Very smart people have invented this encryption using public and private keys and algorithms based on the complexity of certain mathematical problems. I will not go into mathematical details because their understanding is not necessary for your protection.
For the right choice of security tools, you only need to have the basic understanding of algorithms and the strength of algorithms, as well as cryptographic systems that you are going to use.
As we know, the symmetric encryption method uses 1 secret key, whereas asymmetric encryption methods (or public key cryptography) use one key (public) to encrypt information and another key (secret) to decrypt information. These keys are different and cannot be obtained from one another.
Let's solidify this material immediately
Symmetric encryption method - one key, uses the same key for both encryption and decryption.
Asymmetric encryption method - two public keys (public from English) and closed (private from persistent)
so, we have a file for Marfa, which if You remember in the section of symmetric encryption (see Screenshot above) was encrypted using the 7-Zip program using the AES-256 encryption algorithm and a strong password, but how do we get the password to Martha so that she can decrypt the file?
BY THE WAY: the Best way to transfer something and to be sure of the delivery of the information to the specified recipient, is to hand over personally.
But this is not a good idea, because we may simply not know where the addressete is, or he may be so far away that to deliver something "in personal" becomes problematic, or maybe we just need anonymity.
Asymmetric algorithms (using public and private key):
1. RSA (Rivest-Shamir-Adleman) is a public key cryptographic algorithm. This algorithm is very popular, 1 of the most common asymmetric algorithms you'll see, and I'll show you where to look for them and how to use them.
Definition: the cryptographic Stability of this algorithm is based on the complexity of factorization or decomposition of large numbers into the product of Prime factors.
2. ECC (Elliptic curve cryptosystem) - a common and gaining popularity algorithm. This cryptographic system based on elliptic curve cryptography, or ECC. The strength of this algorithm relies on the problem of computing discrete logarithms on elliptic curves.
3. DH (Diffie-Hellman) - Its stability is based on the problem of discrete logarithm in a finite field. Diffie-Hellman is becoming more and more popular because it has a property called "direct secrecy," we'll discuss it later.
4. ElGamal - scheme El-Gamal, and the cryptographic strength of this algorithm is also based on complexity of discrete logarithms in a finite field.
DEFINITION: cryptographic Stability (the ability of a cryptographic algorithm to resist cryptanalysis) - this algorithm is based on the complexity of factorization or decomposition of large numbers of the product of Prime factors
Narrowed with determination, sorry
These asymmetric algorithms helps to solve the problem of key exchange or negotiation, as well as to allow the creation of so-called electronic digital signatures. So potentially we can use public and private keys to send Marfa our private key in a secure way, without the possibility of intercepting its content.
BY THE WAY: once Again, in algorithms using public and private keys, two keys are used, not one, as in symmetric encryption.
the Difference is that asymmetric encryption has a public key that is created to be known to any person, that is, it is the public key, and there is a private key, which should always be kept secret and be private. These keys are mathematically linked and both are generated at the same time. They must be generated simultaneously because they are mathematically related to each other.
Any website that uses HTTPS has public and private keys that are used to exchange a symmetric session key to send you encrypted data. It's a bit like the Zip file we saw. They use these public/private keys and then they need to send another key, the type of key that we use for the Zip file, in order to perform encryption (end-to-end will analyze later)
REMEMBER HOW the LORD's PRAYER AND UNDERSTAND:
If You encrypt with a private key, You need a public key to decrypt!
If You encrypt with a public key, You need a private key to decrypt!
In asymmetric encryption, if the message is encrypted with the 1st key, then the 2nd key is needed to decrypt this message. If you encrypt with a private key, you need the public key to decrypt.
If you encrypt with a public key, you need a private key to decrypt. It is impossible to encrypt and decrypt with the same key, and it is extremely important. For encryption or decryption, you always need related keys.
But why would we encrypt with a public or a private key? What's the difference? What's the point of using them? Why don't we use only one of them?
Especially for you, I drew an infographic to simply and easily explain the usefulness of these keys and how they can be used.
BY THE WAY: In this infographic we are looking at two directions of encryption that are considered, first we will analyze the one with green arrows, and then with red ones.
1 way (green arrows)
The method with green arrows shows that the sender encrypts using the public key of the recipient, Marfa, it means that you need anonymity and confidentiality so that no one can read the message except the recipient.
IMPORTANT: let's Say You encrypt a file using the public key of the recipient. The message can only be decrypted by a person who has a suitable private key, that is, the private key of Martha.
So that we know that these keys are interrelated with one another,we will decode with one and encrypted with another and there is no other way.
the Recipient (Marfa) cannot identify the sender of this message. Since the public (public) key is public and that it is laid out and usually shared, so that anyone can use the public (public) Marfa key for encryption.
When the sender encrypts using the public key of the recipient, the message is confidential and it can only be read by the recipient, who has a private key to decrypt the message, but as I said before, there is no possibility of identifying the sender, provided of course if You do not send there any data for subsequent Identification
2 way (red arrows)
All of the above results in the 2nd method of using open (public) and private (private) keys.
If you encrypt with your own private key, it means that you are interested in authentication. In this case, it is important that the recipient knows that you sent the encrypted message. To do this, you encrypt with your private key. This gives the recipient confidence that the only person who could encrypt this data is the person who owns this private key, Your private key.
EXAMPLE: You are the Creator of some software, but the government is indignant and hinders your activities in every way. Let's simulate the following situation:
Let's say I want to download this software, here is the hash amount of this file, however, if the website is compromised, it means that the attackers could substitute this file for downloading and add a Trojan or something to it, to spy on me, and they could also replace the checksum.
So, this hash doesn't mean anything. It will not detect intentional modification of the file. We need something else to verify that this website, is in fact, the official website of the software.
And here we come to certificates, digital signatures and other means. All these documents are obtained as a result of cryptographic transformation of information using the private key signature and allows you to check the absence of distortion of the information in the electronic document since the formation of the signature (integrity), belonging to the owner of the signature key certificate (authorship), and in the case of successful verification to confirm the signing of the electronic document (non-repudiation)
We will talk About this later. I еhink tomorrow.
Encryption of data, using the private key of the sender, is called the format of the public message, because anyone with a copy of the corresponding public key can decrypt the message.
you Can think of it as if you officially put something on the Internet for public access, and since you encrypted it with your private key, anyone can make sure that it was you who left this message. Privacy or anonymity in this case is not provided, but the authentication of the sender, that is you, is provided.
Next. When different encryption technologies are used in combination, such as those that we have already discussed, since they can all be used in combination and cannot be used individually, they are called cryptographic systems, and cryptosystems can provide you with a range of security tools.
Cryptographic system can provide you with a number of security tools. Among these tools:
1. Confidentiality - the need to prevent leakage (disclosure) of any information.
2. Authentication - authentication procedure, that is, we know that Marfa is really Marfa and no one else.
3. Prevention of failure - which means that if you send an encrypted message later you will not be able to deny this fact.
4. Authenticity - the authenticity of the fact that the message has not been modified in any way.
Examples of cryptosystems are any things that use encryption technology, such as: PGP, BitLocker, TrueCrypt, VeraCrypt, TLS, even BitTorrent, and even 7-Zip which we used to encrypt a file in a symmetric encryption method.
for EXAMPLE: So that we can send our file to Marfa, we can use Marfa's public key to encrypt files, or to transfer anything in encrypted form.
But first, of course, we'll need the public key of Martha, it is enough to obtain it once, in some protected way, it is important, and then we will be able to always send an encrypted messages, available for Martha to read.
PGP is a system that we can use for this purpose, it uses the technology of encryption of messages, files and other information presented in electronic form
DEFINITION: PGP (Pretty Good Privacy) - a computer program, also a library of functions that allows you to perform encryption operations and digital signature of messages, files and other information, presented electronically, including transparent encryption of data on storage devices, such as a hard drive.
For these purposes, we can use Jabber + PGP or OTR, I recommend to read this article, pay particular attention to paragraphs 7 and 8.
Write it down for homework.
By the way on the account of IP who uses there will be an article or in General other servers, they use Sdn that is, it turns out that the IP address of the resource is hidden behind the SDN, that is you, who sends a request it goes through a chain like this YOU - SDN - IP servers
that is, the Sdn is intermediary and the site is tied when working with the domain, it will issue SP Sdn and there will be no connection with the jabber.
But let's go back to encryption. When it comes to cryptography with public and private keys or asymmetric encryption, there are both strengths and weaknesses.
Asymmetric encryption - public and private keys:
1. Better key distribution, since Martha can put her public key right into her signature and anybody will be able to send her encrypted messages or data that only she can read.
2. Scalability - if you use symmetric keys and want to send your file to Martha and, say, 10 other people, you will have to pass your password 10 times. It's completely non- scalable. Asymmetric algorithms have better scalability than symmetric systems.
3. Authentication, prevention of failure - this means that if you sent an encrypted message, then later you will not be able to deny this fact. Since it was encrypted with a private key, your private key
4. Slow - if you look at the length of the message in bits (see screenshot below) after asymmetric algorithms work, you will notice that it is much longer than the symmetric key encryption algorithms, and this is the evidence of how much slower they are.
5. Mathematically-intensive - The longer the bits are, the greater the number of mathematical operations, and therefore the greater the load on the system.
Symmetric encryption - private key:
1. Fastness - if you look at the length of the message in bits (see screenshot below) after running symmetric algorithms, you will notice that it is much smaller than the encryption algorithms with asymmetric keys, and this is the evidence of how much faster they are.
2. Reliable - Look above about AES-256 where was the calculation of the number 2^256 and see for yourself, but there are also 384 / 512 /1024 and more..
For a visual demonstration look at this screenshot below
in Order to fix the material, let's return to the analogy with the number of locks on the closed door. With the open and closed keys on the door there are hanging a lot of locks, so encryption and decryption takes much longer. For the CPU, this is a lot of mathematical operations, which is why there are hybrid systems, or hybrid cryptographic systems.
Public and private keys are used to exchange negotiation keys, and we use symmetric algorithms like AES to encrypt data, thereby extracting the maximum benefit. HTTPS, which uses TLS and SSL, is an example of this type of hybrid system, as is PGP.
Encryption part 2
We have passed a brief introductory course, now we should talk in more details about what is encryption in General, let's delve into what is the hash itself, etc.
Hashing
Hashing is the transformation of an array of input data of arbitrary length into a (output) bit string of fixed length, performed by a certain algorithm. The function that implements the algorithm and performs the transformation is called a "hash function" or "convolution function". The source data is called an input array, a "key" or a "message." The result of the conversion (output) is called "hash", "hash code", "hash sum", "message summary".
Let's look at the image, see here:
1. Input
2. Algorithm or hashing function
3. The Resulting output is always a fixed size.
Hash function accepts input data of any size. It can be e-mail, file, word, in our case, the phrase "Hello", and the data is converted using the hash function in the following form
732b01dfbfc088bf6e958b0d2d6f1482a3c35c7437b798fdeb 6e7 7c78d84ccb1
For better assimilation and analysis of this material, let's move away from the dry text and make a visual demonstration
As we can see from the animated GIF above, our input is converted using a hashing algorithm, namely SHA-256, to a fixed-size output.
explanation: As we can see, when changing our input data by adding "=) " our output has a different form, as in the bit equivalent the multiplier has changed. Consequently, the value of the output itself has changed. When returning to the original input data, the value again gets the original form.
You can present this as an example: 1. "Hello" = 5
2. "Hello =)" = 7 3. "Hello" = 5
The hash algorithm itself is the second arbitrary multiplier, let it be 2, then:
1. 2*5=10
2. 2*7=14
3. 2*5=10
And with the hash, only the hashing algorithm has more complex mathematical operations than I gave before, if you need a specific conversion formula used in the algorithm, see Wikipedia.
An important feature of the hash function is that you cannot convert from the hash back to the original input. This is a one-way hash function and does not require keys.
For example, again look at our GIF, which I gave earlier
Hello > SHA-256 > 732b01dfbfc088bf6e958b0d2d6f1482a3c35c7437b798fdeb 6e7 7c78d84ccb1
As we can see, we only used the input data, without any keys, and then we got the resulting output, which always has fixed size depending on the type of function you are using.
This ensures integrity and allows you to detect unintended modifications. It doesn't provide privacy, authentication, it does not allow to determine the presence of intentional modification.
by the WAY: There are many examples of hash functions: MD2, MD4, MD5, HAVAL, SHA, SHA-1, SHA-256, SHA-384, SHA-512, Tiger and so on.
WHAT to USE: NOWADAYS, if you choose a cryptographic system, you should use SHA-256 and above, I mean SHA-384 and SHA-512 and so on.
To make it easier to deal with the material, let's move away from the dry text and simulate the situation
let's Say You were given the task to download the operating system Windows 7 Home Premium x64bit
We know that this operating system comes from the developer Microsoft, then we go to the search and make the following search query: site:microsoft.com Windows 7 Home Premium hash
Site operator: This operator limits the search to a specific domain or site. That is, if we make a request: site:microsoft.com Windows 7 Home Premium hash, the results will be obtained from pages containing the words "Windows", "7", "Home", "Premium" and "hash" on the site "microsoft.com" and not in other parts of the Internet.
This is also the key information to search for the shops using operators in search engines, learn more about how to search using operators in Google use this article - https://habrahabr.ru/sandbox/46956/ .
As we can see from the Gifs above, I easily found the hash amount of the operating system Windows 7 Home Premium 64bit on the official website of Microsoft
Here it is - SHA1 Hash value: 6C9058389C1E2E5122B7C933275F963EDF1C07B9
In General, I would recommend you to find the hash amount and search from 256 and above, but on the official site there was only this amount, so I'll take what we have
Next, we need to find a file that corresponds to the hash amount, for this we also use the Google search engine and operators, how to search using operators and what it is, the link above.
inurl:download "6C9058389C1E2E5122B7C933275F963EDF1C07B9"
After you download this file, you can use our hash amount to make sure that this file has not changed, i.e. it has integrity.
There are tools that you can download to do this. https://en.wikipedia.org/wiki/Compar..._verification_ software
One of these tools is the Quick Ha (https://quickhash- gui.org), and I will show you an example with it, how to verify the hash amount and verify the integrity of the information received.
As we can see, the hash amount of the downloaded file corresponds to the hash amount given to us from the official website of Microsoft.
I will also attach below information on other hash amounts of this file
MD5: DA319B5826162829C436306BEA7F0F
SHALL-1: 6C9058389C1E2E5122B7C933275F963EDF1C07B9
SHALL-256: C10A9DA74A34E3AB57446CDDD7A0F825D526DA78D9796D44 2DB5022C33E3CB7F
SHALL-512: E0CB678BF9577C70F33EDDC0221BC44ACD5ABD4938567B92D C31939B814E72D01FAC882870AB0834395F1A77C2CD5856FD8 8D2B05FBE1D1D9CCE9713C1D8AB73
You may notice, as these numbers increase in the hashing algorithm, the length of the hash becomes longer as it is the length in bits. SHA-1 is short, 256, 512, and MD5, which is weak and should not be used at all. So this is a way to confirm that the file you downloaded has kept its integrity.
Some of you will probably ask, "What if the file I'm going to download is already compromised?"For example, here we have a website (https://www.veracrypt.fr) software VeraCrypt (https://ru.wikipedia.org/wiki/VeraCrypt).
And I want to download VeraCrypt, the site has a hash amount of files encoded SHA-256 and SHA-512
SHA-256: 6cff2cce52eb97321b1696f82e9ccefa7c80328d91c49bf10b 49e3 897677896e VeraCrypt Setup 1.21.exe
SHA-512: 5c68a5a14fa22ee30eb51bc7d3fd35207f58eefb8da492f338 c6d
ac54f68133885c47fa2b172d7836142c75d838dac782b9b9fa ca4 06a2ffb8854cc7d93f8b359 VeraCrypt Setup 1.21.exe
However, there is one "BUT", if the website has been compromised, it means that the attackers could substitute this file for downloading and add something to it, a Trojan or something for surveillance, and they could also substitute the checksum.
So, it appears the hash means nothing, that is, it cannot detect the intentional modification of a file. And we need something else to make sure that this software really comes from the developer. That the site VeraCrypt is the official site of VeraCrypt, etc.
And here we come to the certificates, digital signatures and other tools, that are we going to parse, but for now, let's touch on a not unimportant essence of hashing.
I don't want to copy etc. it's important to see everything in colour and details Now let's talk about Digital signatures
So let's go back again to our VeraCrypt, how to find out that the site is really official and the software comes from the developer.
a very Simple and tricky way to find out if it is an official website is to find the software in Wikipedia, and to follow the link to the official website of the software from there.
However, we can also click on the target lock and there see the certificate that was issued https://puu.sh/xQAFM/e687c816ce.png
A digital signature is a hash value. This is the result of a fixed-size hash function that is encrypted with the sender's private key in the purpose of creating a digital signature or signed message.
From a technical point of view, a digital signature is a mark, confirming the person, who signed the message. This is the issuance of a guarantee for the object that was signed with it.
For clarity, what is a digital signature open screenshot ( https://puu.sh/xQAFM/e687c816ce.png ) and look at the Signing
Signing: What you can see on the infographic above, but based on our file which we parse hash Algorithm > hash Value (6cff2cce52eb97321b1696f82e9ccefa7c80328d91c49bf10 b49e3 897677896e) > Private key (see Asymmetric encryption) =
Digital signature.
If the encryption object is signed with a digital signature, authentication is provided, because the object is encrypted with a private key, which can only be encrypted by the owner of this private key. This is authentication.
It makes it impossible to refuse authorship, because, as I said before, the private key of the sender was used. And it provides integrity as we hash.
Digital signature can be used, for example, in software. It can be used for the drivers inside of your operating system. It can be used for certificates, confirming that the signed objects come from the person specified in the certificate, and that the integrity of the data of these objects has been preserved, and that they haven't undergone any changes.
And how to make sure that the file really comes from the developer, in our case VeraCrypt, that is, in the case of fraud, etc. you could say with 100% certainty that I used your software, and it was signed by your digital signature.
https://puu.sh/xQB20/5166e3d0c8.gif - usually the certificate is checked automatically.
After we watch the gif, open the screenshot https://puu.sh/xQB5Y/c840f4670d.png
What we see here. Certificate issued: to-IDRIX SARL, to - GlobalSign. So, GlobalSign is the company whose private key was used to digitally sign this program. GlobalSign reports: "This software is legitimate and has not been modified." It says here: "the Certificate is intended to certify that the software comes from a software developer, the software is protected from modification after its release." To find out if it's a valid digital signature or not, we need to reverse the original process.
so we open again our screenshot https://puu.sh/xQAFM/e687c816ce.png
Check: What you can see on the infographic above but based on our file that we are parsing
Signed message > Public key ( this is a file in format .asc usually has the following form - https://www.idrix.fr/VeraCrypt/VeraC...public_key.asc, the private key also looks the same ) =hash Value, that is what you should get 6cff2cce52eb97321b1696f82e9ccefa7c808d91c49bf10b49 e389 7677896e
After that, this hash value will need to be checked with the specified hash, open the file with the program QuickHash, run our file and in the algorithm that it is presented to us, everything must match, if it does not match the file itself is changed, and there may be a Trojan, or something to wiretap us, or something bad
SHA-256: 6cff2cce52eb97321b1696f82e9ccefa7c80328d91c49bf10b 49e3 897677896e VeraCrypt Setup 1.21.exe
I checked the received hash ( https://puu.sh/xQBAz/8905455dd7.png ) and as we can see in the screenshot, they are identical, the files are legitimate and correspond to the digital signature of the developer and this file exactly from him.
And this software will infect your computer with WannaCry or any other bad virus, it will be guilty.
For example, this is how you, as a child, would deny that fact, that you ate all of the but your mother pokes you in the face with evidence, such as video and says, I have it all recorded, look here. And no matter how hard you try, that's what digital signature does.
Read a few times, if you do not understand, and try to understand this point, it is really important
And what we saw directly in this screenshot https://puu.sh/xQAFM/e687c816ce.png
This is what Windows verifies, the certificate of authenticity, that such certificate is really registered with a such number.
Let me draw an analogy to understand what Windows does, when it writes these lines https://puu.sh/xQBLa/604166ab6c.png in the certificate
You come to the Bank with fake money, and they check the money through special devices, and then BAM and the paint washes off, or they do not Shine through the watermarks and you are told that your bills do not match, and they are fake, as well as Windows.
So if someone else rewrote all of the data in the certificate and made a copy of the certificate for signing, with such data it would not correspond,
it is a complex topic, but actually I think it is clear.
And if the verification fails, you usually see a warning ( https://puu.sh/xQC61/ef80678f6b.png )
This means that any file that does not have a digital signature or Windows ( remember the Bank employee ) does not trust this digital signature ( and in the case of an employee of the Bank, he does not trust in your bill ), you can check the way I described above ( and the Bank employee well, there too, can check on your machine or there applying solutions ).
In Linux, this is simple, because you just do not install proprietary SOFTWARE as all SOFTWARE is usually put from official repositories.
You can take as homework to study etc.
Write yourself.
Let's go through this material again, because I am sure that for some of you it may seem quite difficult to understand.
https://puu.sh/xQAFM/e687c816ce.png - watch signing
https://puu.sh/xQAFM/e687c816ce.png - watch signing
So, the value of the hash (the program itself, if the dude himself drove it through QuciHash), which was encrypted using the private key (his private key, his personal fingerprint, so to speak on the network) of the sender or software release. It's a digital signature.
This ensures authentication, non-repudiation and integrity. But if you encrypt anything and in addition you would provide it with a digital signature, you will be able to achieve privacy together with authentication, repudiation and integrity.
Digital signatures certify that a program or anything else is received from a particular person or publisher, and they protect the software or messages from being modified after they have been published or sent.
I think we have now dealt with digital signatures. Let's now move on to End-to-End encryption (E2EE).
End-to-end encryption is that the data is encrypted by the sender and decrypted only by the recipient. If you want to avoid tracking, mass surveillance, hackers and so on, then you need this kind of encryption of transmitted data.
Examples of end-to-end encryption technology are things like PGP, S/MIME, OTR, which stands for "off the record" (Rus. not for writing), ZRTP, which stands for Z in the RTP Protocol, and SSL and TLS implemented correctly, all of which can be used as end-to-end encryption.
Companies that develop software, that uses end-to- end encryption and zero-knowledge systems cannot disclose the details of data exchange to your enemies, even under duress, even if they wanted to. This is the advantage of end-to- end zero-knowledge encryption.
End-to-end encryption provides protection in the process of data transmission, but it is obvious that it can not protect the data after it is received. Next, you need another protection mechanism. Use end-to-end encryption wherever possible.
the Use of secure HTTPS on all websites is becoming increasingly necessary, regardless to the types of data transmitted.
Let me show you what END-TO-END encryption is on the example of websites.
Is a digital certificate, the same as a digital signature, there are a number of differences, there are certification authorities and etc., you usually are not faced with that, not going to talk about this now, anyone interested can surf in Google "Centers of certification of keys and HTTPS and Digital certificates" a Green padlock in the URL or HTTPS means that your Internet provider or, say, the government, they can only track the target domain. What's the meaning of that?
let's Say there is an attacker between us and Google in the same way as in the case of sending a message in the infographic above. He won't be able to know exactly what I was looking for, because it's end-to-end ( or end-to-end ) encryption between my browser and the server.
Let's look at a visual example, and see what the provider can learn about us
First, we will use the example of non-encrypted connection using HTTP connection.
HTTP, HyperText Transfer Protocol - a widespread data transfer Protocol, originally designed for the transfer of hypertext documents ( that is, when you click on a word in the article to go to another web page ).
By default, HTTP uses TCP port 80.
For the screenshots below, I will use the WireShark network traffic analysis program.
For the experiment I took a site based on HTTP Protocol uznayvse.ru after I click on the link, the request from the site will be displayed in the program window WireShark, under the number 1, but let's immediately analyze what is responsible for each window of the program for better assimilation of the material.
1. This area is called Packet List -you can see in it, with which server the data is exchanged, the Protocol that is used and General information about the frames.
2. The next area is called Packet Details - it displays the details of the packages that have been selected in the Packet List.
3. And the last area is called Packet bit - it displays the 16th display of this package, also displays the offset in the form of Asuka, and also if we right-click on this area, we can see how it would look like in bits.
Here's what happens, when you click on a link, all traffic data is immediately filtered.
Let's look at the resulting packages, read more and find out clearly about the surveillance, analysis and etc.
1. Forwarded packets by our filter
2. Target domain, that is, the main page of the site is after slash "/"
3. User agent, browser settings, operating system version and other parameters..
4. Referer - indicates from which page we went to this page since we went from a secure page, there were many packages with redirects in the end, if we came from the same page it referred to ourselves, if I, for example, moved from the main page of the site to this then in the referral would be the main page of the site. ( see the screenshot below with an explanation to fully understand the meaning ).
5. Cookies, or session ) Here is your password sailed ) you Can go under your session logged in and fumble ) from the logged-in user that is you
by the WAY: If you think that this is the maximum of what this software is able to do, I am afraid to upset you, this is only the tip of the iceberg
6. Well, this is the final page where we are by the WAY: If you think that this is the maximum of what this software is able to do, I am afraid to upset you, this is only the tip of the iceberg in Order for you to have no doubts after reading, I decided to analyze these items by going from one page of the website to another and as we can see:
1. Refer - indicates the previous page that we parsed, we came to this page from it
2. What page are we on now?
As we can see, by itself, the HTTP Protocol does not involve the use of encryption, to transfer information.
However, for HTTP, there is a common extension that implements the packaging of transmitted data into the SSL or TLS cryptographic Protocol.
the Name of this extension is HTTPS (HyperText Transfer Protocol Secure). For HTTPS connections, TCP port 443 is typically used. HTTPS is widely used to protect information from eavesdropping, and generally provides protection against man-in-the-middle attacks - in the event that a certificate is validated on the client, and the private key of the certificate has not been compromised, the user has not confirmed the use of an unsigned certificate, and the user's computer has not implemented certificates of the attacker's certificate authority.
1. Google is using the secure HTTPS Protocol 2. Request packet data via a secure Protocol HTTPS
3. As we can see in the details of the package we have only Encrypted Application Data: 0000000000000016eec0818f25b5eb9bd4690883155a74b6.. .
No other information that is contained on the web page or where the person - we don't have
4. Since we have under the number 2-and the IP- address from which packets are exchanged with the server, we can see what kind of IP-address is there, and based on the data, we can conclude that the person is on the landing page of Google.
In fact, the use of HTTPS is secure and as I said earlier that: Companies that develop software that uses end-to-end encryption and zero-knowledge systems cannot disclose the details of data exchange to your enemies, even under duress, even if they wanted to. This is the advantage of end-to-end zero-knowledge encryption.
SSLStrip - https removal.
But also based on this, there are attacks on the removal of SSL, let's quickly analyze what it is?
Any attacker who can be located between the source and destination of traffic, in our case, the COMPUTER and the SERVER, this attacker can make an attack of the form "Man in the middle" ( Rus. "Man in the middle" ). One such attack, which requires very little skill and resources, is called SSL stripping ( Rus. "Removing SSL" ). The attacker acts as a proxy here and substitutes encrypted HTTPS connections for HTTP connections.
Let's open the screenshot and see what it is https://puu.sh/xQFWy/edbaf90d7a.png
1. As we can see we have sent the request with http
2. It passes through the SSLStrip and does not change, just goes on
3. The server sees that you came over in a insecure Protocol, without encryption and changes it to secure using encryption that is, https ( that is, 301 or 302 redirect is performed - this is configured on the server )
4. SSLStrip sees that the server has sent you a request in HTTPS ( see point 3 ) and automatically changes it to insecure that is on HTTP thereby removing TLS encryption
SSLStrip here, pretends to be the proxies and responds from the web server, simulating your browser, and sends you back the HTTP version of the site. The server will never notice the difference.
Because the server thinks that you are communicating over a secure https Protocol, because it does not see that an attacker ( SSLStrip ) has changed your Protocol to an insecure one
And what you will see - it will be almost indistinguishable from the original site. Let me show you what a website should look like.
https://puu.sh/xQHeu/014bf0515b.png
1. We see a secure version, that is, with end-to-end encryption
2. I have now done HTTPS-stripping ( removing SSL - SSLStrip ). And this is how the version of the site looks like after the attack.
As you can see, the difference, is that you no longer have HTTPS and most people will not notice the difference. And like I said, the server will never notice that something is wrong because it communicates with a proxy that behaves exactly like you would.
I advise you to read it with color
https://youtu.be/0wpxrPD90a4 - 1 Part of MITM. How is the MITM attack.
https://youtu.be/quZjKlrmCvQ - Part 2 MITM.
Network attack methods MITM in parts, write down your Homework also view, etc.
You can delve more deeply into this issue What can I say as an EPILOGUE.
I believe that we have a lot of disassembled encryption, the only thing that I did not have time to disassemble, I wrote above ,that we did not say this option with PGP, OTR, ZRTP, OMAXA, such protocols, about them you can read in Google or learn from me, I will give information if you need it.
Well, with PPP and OTR I think everything is clear
ZRTP is voice communication,and Omaha is a new type of encryption from the OTP series, only with their buns from offline messengers, encryption of chats, conferences, etc.
Encryption is a fantastic tool for privacy, security and anonymity, it is a tool that really works and attackers ( hackers ) will try to avoid it.
In simple words.. No fool would make a direct attack on encryption.
Remember the case of Ross Ulbricht the Creator of the "silk road" he got on captcha. That is, a simple little thing, because people forget about the most important thing, namely the simplest things.. The basics so to speak.
That is, no one will ever brute your passwords, it is much easier to install you a Keylogger on your system, or send you a link to a site with an infected JS script and make an attack, or a PDF file, etc.
But as I said encryption, no one will ever want to break. Attackers will simply try to circumvent the encryption. You should keep that in mind.
Security is a so-called the weak link phenomenon . It is as strong as the weakest link in the chain. Strong encryption is often a strong link.
We, human beings are usually the weak link. As they say my Tongue is my enemy
Introduction to security based *unix-like systems
Introduction to safety.
I will try to explain in simple language how you can theoretically get hacked. I will explain this without any complex terms, for ordinary users lecture. Let me give you a colorful idea of hacking the operating system, and more advanced users between the lines will read the technical information.
I Think that the user of any operating system, and especially those who are associated with this work, it is necessary to understand that professional viruses - are not executable files, which were renamed into a document and ask you to run them ( Stiller or warrior ). And the blocking of the macros may not prevent an attacker from executing code on your system.
I use various OSes, from Windows and Linux, and for a long time have been a supporter of such holivarov, I will deal a bit later with Macbookair: Security is the so - called weakest link phenomenon. It is as strong as the weakest link in the chain. Strong encryption is often a strong link.
I work on Linux, but sometimes I use Windows. Next, we can possibly say lot of negative things about Linux, but it is not associated with any fanatical beliefs, I just want to objectively tell and convince you that no matter what operating system you use - you can hack everywhere.
Remember my words, which I completed the article on Encryption, namely in the Epilogue.
Security is a so-called phenomenon of the weak link. It is as strong as the weakest link in the chain. Strong encryption is often a strong link.
We human beings are usually the weak link. As they say my Tongue is my enemy.
Your choice of operating system is important for your security, privacy and anonymity. Different operating systems are suitable for different needs.
For Example, to draw graphics for you, I need to go from Linux to Windows as I need Photoshop and other graphic editors, we will talk about this. But I think the main message of the information is clarified.
The Purpose of this section is to help you understand this difficult situation. Answer the questions: which operating system fits your requirements based on the risks and what you want to use it for, for a specific situation, for specific requirements.
It's like in school, to teach you orienteering, here in the same way, as your paranoia will not bring you to good.
After all, without knowledge, you can only make things worse.. Message and clarity
Let's talk about our choice of operating system and how it affects your security, because the operating system is the real basis of your security.
There are many misconceptions when it comes to operating systems and security. You've probably heard, for example, that MacBooks can't be infected with viruses.
Also, a lot of people are constantly discussing how much a leaky Windows operating system can be reasoned for years, but I wonder how safe Linux is?
And there are people, let's call them Linux camp, who believe that Linux is the best operating system. If you ask Linux fans, and if you have an antivirus, the answer is only laughter.
The Argument is - Linux is created by professionals, and everything is protected by default (standard). Here we put our favorite dog for Ubuntu and you can not worry about its data.
In General, there are two things that are infinite, the universe and fools. The universe is clear, but what about the last? Here's how to explain to various Windows users that you can't work without antivirus protection? And how to explain to the creators of MEGA Information Security systems ( antivirus in the common people ) that you can not protect yourself from hacking the access matrix ( this is when you block the reading or writing of some files, that is, access control ) and that hacking is not always: "a threat is Detected: the autorun Process.exe is trying to write to the system registry branch."
Your security looks good only in theory. Let's say you are the same Ubuntu user, you install on the PC of your favorite dog Bob this OS. Then a lot of people argue about the next - if Bob on - will come message myDocument.docx, even if it turns out to be an executable file, and it will run it according to the instructions, then nothing will happen - because for most actions you need the root password ( administrator password in the sense ). Are you serious? You are protected from the invasion of the representatives of the Junior school ? Or is it against attackers who are members of criminal gangs that control large flows of money and just mowed their brothers loot?
This is a reference to those users who use and blindly believe in the Means of information Security ( ESS ) or those courses that they were taught in textbooks on Information Security ( is ).
A Long time ago, when Linux was in its infancy, most of its users were professionals. But over time, there were many convenient distributions of linux for the average user, and it began to increase the number of users-Housewives. What does any housewife do? That's right, makes Internet payments, and where the money, there flock like bees to honey swarm of various scum that wants to fix their finances free of charge.
90% of Housewives use Windows - and viruses are developed for this operating system, and only at least 20-30% of Housewives will switch to Linux, then there will immediately be a money flow for the development of malware for Linux. And reports from anti-virus companies show a slow but increasing number of such programs.
OK, back to Bob, the only reason not to worry about their safety - the development of a Trojan under his OS is unprofitable. But so is economically disadvantageous, possible intruders income is less than expenses. How long will this continue is a big question.
But still, technically, how possible is it that Bob will be hacked and the data taken away? If Bob's strong point is that nobody needs him and viruses under his OS do not write yet - this is a game of Russian roulette.
Alice, a friend of Bob, knows that on account of Bob is a tidy sum of coins (BEETHOVEN), the key lies on the PC Pinocchio, and they together with Pinocchio decided to figure it out for two. What they need: a small start-up capital, straight hands of Pinocchio and some courage.
Alice knows that Bob uses Ubuntu 14 LTS. How to imagine the process of breaking Bob? He, like most users, believes that Alice will send him an e-mail file with an attachment that he will be asked to run and since he considers himself a specialist in the PC area and the file he will not run, then of course his data is safe!
Some nice actions from Pedro.
Then Alice goes to some unnamed and shadow resource and buys from Pedro vulnerability to Bob's favorite browser for N-th amount of eternally green. Pedro not only supplies Alice with technical information about the vulnerability, but also sends an example of how to run for Pinocchio (Alice's accomplice).
https://imgur.com/a/YMCfx
the Vulnerability that Alice gets is a zero-day vulnerability in the Google Chrome browser. For example, open hole CVE-2015-1233 or CVE-2014-3177, CVE-2014-3176, CVE-2013-6658 ( see Screenshots above ) and how many of them will still open the file and they are known only in limited circles (more details will be discussed later).
see the link above (screenshots where )
As you can see from the description of vulnerabilities ( see screenshots above ) Alice can execute the code in the context of the process and it will work not only in Windows, but
and on Linux and Mac OS. The vulnerabilities are taken as an example and are random. Once again, this is a vulnerability in the BROWSER.
Pinocchio is a script ( JS - Java Script ) and writes there the shell-code ( a set of lines that are written on the command line ), which must be executed on the target system
- BOB's PC. To do this, he needs to somehow pass the link. The first option with the post of Alice and Pinocchio was canceled
- Bob is a careful user and does not open links from email. Then they decided to improvise a bit. They know that Bob is a normal person and does not suffer from paranoia... Well shortly there are, for simplicity, Bob, just passed the link - Alice persuaded there to create a strip, or even some crap does not matter. In General he moved.
After Bob visited the link in the context of his browser process, a small code was executed, which was written by Pinocchio - just a few commands that were later loaded to the body of the virus and moved to its execution. But Yes. Bob is sure that Alice just shows him her photos, no files are downloaded to the disk, there are no warnings, nobody asks for root passwords.
Raise the privileges.
After the development of Pinocchio began to perform their first instructions on the processor of Bob, was the question, and what to do next? In Bob's theory, even if it does get infected, it won't get infected, Bob.
Puts a complex password for root access, and doesn't enter it suddenly at any cost.
Pinocchio and Alice have prevented such matter and solved it in advance. The same as Pedro told them that he had a couple of zero-day vulnerabilities in the Linux kernel, like the recent vulnerabilities in the kernel version 3.17 and 3.14 -
CVE-2014-9322, CVE-2014-3153.
After Reading the description of vulnerabilities Pinocchio realized that they will allow him to execute code in the context of the OS Bob. And all he needs is for his malicious application to take advantage of these fresh holes and execute the code in ring-0.
While unsuspecting Bob is looking at Alice's photos, Pinocchio's code has already seriously invaded the vastness of his system and neither the antivirus ( it simply does not exist ), nor anything else can not even display a message about the invasion. Since Pinocchio decided not to stop there, he went on. Once at the lowest level of OS Bob which is supposed to execute only trusted code, Pinocchio began searching for the file that is responsible for running the OS. As soon as the SOFTWARE from Pinocchio found this file, it modifies it so that when Bob's PC restarts, the Pinocchio code continues to run.
Rootkit - a program or set of programs to hide the presence of an attacker or malware in the system.
And so Buratino and Alice got access to the PC, Buratino under the control of Linux, but how can they hide their presence? Bob is not a fool and every 5 minutes he will check the integrity of the OS system files. For this Pinocchio decided that overwrite the code of the operating system, which is loaded into the memory of BOB's PC, but how? After all, if the same actions are carried out on Windows, then one small system component will detect this and force the PC to restart.
Bob does not worry about his security - even if the attacker's code is executed in the kernel, in fact, in the latest versions of the Linux kernel, the system memory areas are write-protected. Even if Pinocchio will try to overwrite the OS code in RAM, the processor will give an error and reboot the PC.
Then Pinocchio opened the documentation on the processor, which is on BOB's PC and began to study... He knows that the architecture of the processor Bob x86, but what does it give? After all, the necessary pages in the kernel is write- protected. Then Pinocchio drew attention to the register cr0 - a small block of memory which stores the data with which the processor works. And what will happen if I set the 16th bit to zero, quickly overwrite the necessary kernel methods and immediately restore the register - thought Pinocchio. And so he did, as it turned out if you reset this bit to zero, the recording protection can be temporarily disabled.
Thus Pinocchio got full control over BOB's OS, but the vulnerability was then found and fixed, but
the program code that is stuck in this way in BOB's OS can not be found. Every minute integrity monitoring shows that no single file in the system is not modified - the program Pinocchio just substitute it when reading. There are no new processes - the malicious process is simply hidden and if there are solutions on another OS that have been already discovered such techniques, then under BOB's OS there is no such.
In General, the conclusion, Alice and Pinocchio took pity on Bob... and deleted all his files. Ah okay, seriously, never be so fanatically sure of anything. I tried to explain the essence of the problem in an easy way and without technical terms.
Epilogue.
I wanted this simple story to show simple principles. How it all happens is that you need to clearly separate virtualization and use, because virtualization is another large- scale thing in the parameter of your security. We'll get to that later.
Do not try to surf some resources on your PC, open suspicious links and download some unnecessary software, and it is not clear from where, carefully approach your security issues, about JS and include it on trust resources and much more.
But as I promised earlier, I will not nightmare you. Such vulnerabilities usually cost a lot of money, and the fact is what exactly you will get hack is reduced, despite the fact that it will be interested in you, the probability is extremely small.
Risk Assessment.
In this part of the article, I would like to make a visual assessment of the risks and based on these points, so You can also do it yourself. without any special skills, purely its logic. We are not in vain in the previous article, abstracted and analyzed vulnerability, modeling of penetration and other aspects.
But you ask why.. Why I told you now about it, and not only security means matter. We are concerned about what our real risk is in the real world, and to determine it, we also need to take into account the history of bugs and security vulnerabilities. How weak, in fact, was a particular operating system? Perhaps you are interested in the question, which of the operating systems we will consider the weakest? Windows, OS X or various Linux systems, perhaps the Linux kernel, which of them was the most vulnerable in history?
https://www.cvedetails.com - it is a free database / source of information about the CVE vulnerability (It is a common standard for naming vulnerabilities present in commercial and open-source software products). You can view vulnerability information by CVE number, exploits, vulnerability references, Metasploit modules, full list of vulnerabilities products and cvss of assessment reports and the tops of vulnerability over time and many more.
Let's try to work with this site. To begin, we will go to this page of the site - https://www.cvedetails.com/top-50- products.php - here is a list: "Top 50 products by total number of vulnerable vulnerabilities" ( from 1999 to the present ).
And as we can see on the first line we have Linux Kernel - speaking in Russian. This Linux Kernel, as we can see, it occupies the first line in the number.. And you might ask what the fuck? Linux you should be the benchmark.
Okay, let's figure it out! The numbers shown in the right column are the number of vulnerabilities found in a particular operating system or application.
https://i.imgur.com/yz6dmcX.png https://i.imgur.com/LhiTLgC.png
Between the data on the screenshots the difference of 3 months
Let's go down to the bottom of the web page. We see the following "Total number of vulnerabilities of 50 products by manufacturers" (see screenshots above).
And as we can see Linux does not take the first line, but you say that Windows (Microsoft) is constantly updated, and it has a lot of products on the market
Office and other programs, and Apple have different versions of the operating system and also there are nuances..
Yes, that's right. All of you will be right, but Linux has a lot of things... Let's take a closer look at the specifics of this use.
I want to teach you self-analysis. And best of all is to teach you at least just to start thinking with your head, not the head of some school hacker, which is right now divorced and want to sell something not knowing anything about it and a lot of moments that are coming from this.
Well, let's not be too abstracted, let's better analyze everything in practice, and then I think You will understand what I want to tell you.
Go to the page https://www.cvedetails.com/vendor.php?vendor_id=33 - this page shows Linux vulnerability Statistics
https://i.imgur.com/eYcMyc6.png https://i.imgur.com/r8bDjUF.png
Let's get acquainted firsthand what you should pay attention to (see screenshots above).
1. Number of vulnerabilities by year 2. Vulnerabilities by type
Now you need to understand what parameters you should pay attention to:
The First thing that we should pay attention to is the number of vulnerabilities by year ( figure 1 ), as we can see that every year there is a trend to increase vulnerability detection;
The Second thing we should pay attention to is the degree of vulnerability risk ( figure 2 ), as we can see here are serious code execution ( Execute Code ) and buffer overflow.
Red and orange:
• the Red column is the execution of the code on the client side without his knowledge, I think it is not necessary to tell what is fraught.
• the Orange column is a buffer overflow, i.e. a phenomenon that occurs when a computer program writes data outside the buffer allocated in memory. Fraught with the fact that elevation of privileges, and much more.. You can see at wikipedia.org
https://i.imgur.com/ilfcwll.png https://i.imgur.com/Ny4goay.png
And to complete the picture, we can go a little higher, and see a table with vulnerability trends over time (see screenshots above) from structured data, we can easily make an analysis, as we see the ranking of data by time cycles (years) and severity of vulnerabilities (the columns).
As we can see in the first screenshot for October 2017, 166 potentially dangerous code execution vulnerabilities (figure 1) and 37 potentially dangerous overflow vulnerabilities (figure 2);
When 2017 ended, we see the following statistics: 169 vulnerabilities on code execution and 42 on buffer overflow.
A Little remark, I just update the studying materials and this is why I can do such statistics, in fact you do not need to wait 3 months, you can compare by year. I thought it would be good to give you such statistics, and not to delete the old one.
https://i.imgur.com/yYYTnra.png https://i.imgur.com/JjAUSS3.png
Detailed statistics on vulnerabilities: 1st code execution and 2nd buffer overflow
You can also click on these numbers and see detailed statistics about vulnerabilities (see screenshots above).
Analysis of developers.
Now we have a small picture of how everything works, we analyzed it on the basis of Linux, but the analysis requires several candidates. Now I will examine in a short concise way on the example of the 3 main developers, namely:
• Linux
• Microsoft
• Apple
https://i.imgur.com/LhiTLgC.png we took this screenshot in the beginning.
As we can see (see screenshot above) in General vulnerability statistics for all products:
* Microsoft-8938 vulnerabilities; * Apple-5408 vulnerabilities; * Linux Kernel-2000 vulnerabilities. https://i.imgur.com/Ny4goay.png https://i.imgur.com/oep1hkM.png https://i.imgur.com/6GUuyXq.png Microsoft: Microsoft, Apple, Linux https://i.imgur.com/ESqV1dc.png
So it is more easier for you to understand, you can just open them and read https://i.imgur.com/6uNE2SP.png https://i.imgur.com/6uNE2SP.png https://i.imgur.com/SgrbSMH.png
Here, it will be easier to study by the screenshot.
Let's look at some of these beliefs, based on facts and statistics, and find out what we actually come to when it comes to the security of these operating systems.
so, 1st we're going to Windows, how leaky the Windows operating system, you can talk years. Actually as I said earlier... It is enough to look at the statistics previously described and in your mind should light red light that would signal you.
and indeed PAIN is the guru of Windows and all the Windows stuff =)
But statistics - are statistics, let's understand why It originally had a weak security system.. I gotta hand it to her. In later versions of operating systems, Microsoft began to take security seriously.
And with the latest products, the latest security tools such as BitLocker, EMET, Device Guard, Windows Hello and trusted Windows apps, there is now a very serious set of security tools.
But is it really so? In General, I agree, the security of Windows operating systems is gradually improving, but this is not enough, and even more so for us.
In these operating systems, everything is closely interconnected with Microsoft servers, all your actions in the system as the threads report to the Microsoft server, just fail Windows, especially in the current version of Windows 10, the problems associated with surveillance and privacy, it is not particularly related to security, but it pushes some people, what to say about us..
I would recommend to read this article - so you can look from the outside at the picture as a whole.
Important point: If you read the license agreement from Microsoft which goes with each operating system of the Windows family, you will see that they will give your encryption key from BitLocker on the first call from law enforcement, and this stumbles upon the idea of what the hell Windows?! Why do you keep my encryption passwords on your servers, what the fuck.
The Fact that "putting a tick" in the license agreement with Microsoft, users give the Corporation the right to dispose of their data. "We may access, disclose and retain your personal information, including any content, any files on your devices, in your emails and other types of personal communications, if we have reason to believe it is necessary to protect our customers or to comply with the terms governing the use of our services" - says the license agreement
In other words, anything you say online, write, save, create or download on your computer or any other device with Win 10 can be remotely deleted or copied from you - if someone at Microsoft decides that they need it. That is, under the terms of the Microsoft EULA to interfere in the privacy of customers and control over it is not required even the sanction of the authorities!
you Only need permission to install OC from users who are too lazy to read the full license agreement.
As I said I will not analyze Windows, my goal is to provide you with information so that you can see it and make some comparative analysis.
Most Likely I will write an article about it soon, and then I will refer to it... It will be published in my section. If I can find the time...
Mac OS X
Next we have, Mac OS X, for today, again, like Windows, contains reliable security tools. Things like randomization of address space allocation, sandbox for running apps, FileVault 2, privacy settings, and Apple's trusted apps store ( AppStore ). All strong security features.
But if not for one "BUT" Mac OS X also has privacy issues.
If you have upgraded to Mac OS X Yosemite (10.10) and you use the default settings, every time you start typing Spotlight (to open the app or find a file on your computer), your local search terms and location are directed to Apple and third parties ( including Microsoft ) ( see screenshot https://puu.sh/xTGkj/dbe1f88d3e.png ).
there is a bracket and a point in the address erase
the Washington Post also published a video demonstration of real-time tracking Yosemite.
Let's open it https://www.washingtonpost.com/postt...b18_video.html
By the Way there is also some information nowdays about MAC OS hacking, I did not prepare the text for it, but you can easily Google it.
Let's look at this video, and who is bad with English, I will try to make out all the main points that you have just watched.
1. For example, a simple spotlight search, a tool to search for files on your operating system, now sends your location and the names of the files you are looking for to Apple on a regular basis. You may notice that your location is transferred to Apple even though if you don't see the corresponding notification icon. They decided to
hide this notification under the pretext that users will be overloaded with too many notification messages. This means that if you have agreed to use location services, you have also agreed to share your location information with Apple ( see screenshot https://puu.sh/xTGyC/11d372083a.jpg )
Let's open it .gif animation https://puu.sh/xTGZQ/58a24bfd28.gif and analyze it.
You may notice that the data starts to be sent before you type the text, as well as when you press the keys, that is, I go typing, the data is also sent.
As we see the author of the video says, "I'm looking for a document on my computer called 'secret plans that Obama leaked to me', and Apple gets information about it along with my location and user ID, which is a unique string of
Letters and numbers used to identify me. Apple tells us that this value changes every 15 minutes, but we have to believe that the new value is not tied to the previous one. Again, they get information about our location, and as the author shows, that indeed it is in the Washington Post office, based on the transmitted coordinates.
Well, let's talk quickly, how can we turn off these things with surveillance the corresponding icon with the notification.
To disable these things, first we need to go to System Preferences > Spotlight https://puu.sh/xTJ6F/e59027c2cd.png
We see in the screenshot all the places where Spotlight looks to search for you. It can be very useful. However, this may be a privacy issue, as you may have just seen. I would recommend disabling everything, but if you need something you can certainly leave it.
If you are using Safari, you need to disable the following, click Safari > Preferences > Search and uncheck Include Spotlight Suggestions (see screenshot https://puu.sh/xTJ2m/dcb32d4c13.png)
there is Also a good website https://fix-macosx.com
It presents a large amount of information about privacy issues in Mac OS X. Specifically on this issue, the site certificate has expired and the project seems to be dying.
Well, these are old things.
Next we have Linux similar operating systems actually the basis of our course. Please read this article before reading further.
In your case I gave it yesterday.
But you can also write on the homework, this is for those who have not read in General, would recommend
Linux-like operating systems, Unix-like operating systems. There is a great variety of them, I group them all into one category. If you are looking for the most secure operating systems, you will find them here, or rather will even say ONLY here.
Things like SELinux are a good example of this, is the implementation of a differentiated mandated access control - MAC that meets the requirements of the government and the military.
Definition: Mandatory access control (MAC) - differentiation of subjects access to objects, based on the assignment of a privacy label for the information contained in the objects, and the issuance of official permissions (admission) to the subjects to access information of this level of confidentiality. Also sometimes translated as Forced access control. This is a method that combines protection and restriction of rights applied to computer processes, data and system devices and is designed to prevent their unwanted use.
SELinux ( SELinux ) is a forced access control system implemented at the kernel level. This is not so much of an important point for you to sharpen at this point.
We will look at more standard operating systems: Ubuntu, Debian, Fedora, Arch Linux, Tails, etc. - again, they all have fairly reliable security tools.
When we look at Windows, Mac OS X and Linux, they are all in similar conditions.
But when it comes to their existing security tools and functionality. When we add privacy to the security package, we need to start looking at Linux distributions.
I would recommend using Linux distributions for security, but you will have to sacrifice interoperability and usability. For example, you can not use Photoshop or Microsoft Office, although it is solved with the help of "wine" - what is it you can see on YouTube, and maybe I will analyze it in this course. I don't know, it takes a lot of time to write, catastraphically a lot..
In a nutshell, if you don't know, there are many,many operating systems that have evolved in a certain way since the mid-1960s from an operating system called UNIX ( it was led by a paid system for corporations, etc.). )
I promised to give you a list of operating systems when I said that it is worth choosing a system that has the money to quickly eliminate vulnerabilities, here you can see clearly how many Linux distributions and from whom they came:
open: https://upload.wikimedia.org/wikiped...ns/1/1b/Linux_ Distribution_Timeline.svg - plus this link that is the format
*.SVG therefore you can search on this geneological tree via Ctrl+F directly in the browser;
Just look at how many operating systems are based on Debian, now you can go back to the statistics we did on the analysis earlier, and look at it from a different angle.
All of them are developing in General, look carefully and then go read more by the way, ctrl +F works there too.
I would recommend using distributions based on Debian - Debian, Kali Linux, Parrot OS, as well as Fedora, Arch Linux.
At the end you can find a list with a bunch of distriubtion on Debian and there with a little remark.
Let's talk a little about these operating systems
As you have already noticed with a detailed acquaintance with *.SVG infographics above, the 2 main communities are Debian and RedHat, so there are a bunch of others, but like I said earlier : "if you have a less well-known Linux or Unix-like operating system, you may find that the release for the fixes is slower, because there is no multibillion- dollar corporations behind them, in which they release of all the fixes puted on stream".
it Also applies to the support from the community and so on...
Fedora Linux is a Linux distribution with one of the largest user communities, among other distributions. But it is not as popular as Debian. There is an opinion among users that Fedora is difficult to use and configure.
a Significant advantage of this system is that Fedora is only free software. The Linux operating system is very often regarded as free software. But that's not 100% true. Although most of the programs you use are free, some drivers and hardware firmwares have private code. There are also open source components, but with a limited license, such as media codecs.
At the very beginning of Linux sharing I asked You to read the article which describes the moments of security and proprietary SOFTWARE, just to this reference.
The developers of the distributions determine how often users come into contact with proprietary software. They can include media codecs, video card drivers and network adapters, as well as additional modules, such as Adobe Flash, in the distribution. This will help users listen to music, play games, and browse the web, but it is not free software.
Fedora takes a principled position on this issue. This helps to avoid lawsuits against Red Hat. Proprietary software is simply not allowed in the repository. The distribution will not prevent you from installing such programs, but it will not help either. You will have to use third-party repositories, such as RPM Fusion. This is one of the reasons why Fedora is considered difficult. But it takes a few minutes to add a repository to the system.
But such articles https://habrahabr.ru/post/337290 injected of course slightly misleading. As before, non-commercial products, as far as I remember, did not fall under such bans. Fedora Project, though sponsored by the red Cap for the development of new technologies, but is a non-profit structure and does not derive profit from its activities, as far as I understand. This is weird.
Arch Linux is an independently developed Linux distribution optimized for i686 and x86/64 architectures, targeting experienced Linux users.
in General, you need to be a competent user to use this system, you need to be aware of it in advance. It uses Pacman, a self-developed package Manager from the Creator of Arch Linux. Pacman provides the installation of up-to-date updates with full package dependency control, working on a system of floating releases or rolling releases. Arch can be installed from a disk image or from an FTP server.
let me Explain the package Manager / repository - it's like the App Store or Google Play from where you can download and install the desired application or program in 2 clicks.
the default Installation process provides a solid Foundation that allows users to create a custom installation. In addition, the utility Arch Build System ( ABS ) provided the ability to easily assemble new packages, modify the configuration of stock packages, and share these packages with other users via the Arch User Repository (Repository for Arch users). This is a lightweight Linux distribution. It is supported primarily by free and open source software and SOFTWARE from the community-supported Aur repository.
Ubuntu - To dismiss this issue immediately say that Ubuntu sends your data to 3 persons without your consent.
If you're an Ubuntu user and you use the default settings, every time you start typing Dash (to open the app or find a file on your computer ), your search terms are sent to various three individuals, some of whom advertise you.
by the Way, you can remember the situation about Windows that decided to give WIndows 10 for free, but in the end collects all the data allegedly for advertising, that is, all your personal information, etc. In General, I do not want to repeat for this reason, as the bias is not more in the direction of it, I have already talked enough about it. If you want more information on this system, read at least the Windows License agreement. And your eyes will start to twitch )
At the expense of Ubuntu to prevent it from sending data to 3rd parties, you need to execute a number of instructions on this site https://fixubuntu.com/ listed here follow the instructions here show how to change the settings as desired. Previously, we looked at a similar situation on the example of Mac OS X.
However, I do not recommend Ubuntu in any case, I am only citing this for your interest in case you happen to be using this system. Ubuntu is better for privacy and anonymity than Windows or Mac OS X. I recommend Ubuntu to people who have no experience with Linux and who think that the above distributions are too complex to learn for them.
There are forks Ubuntu Mate there are fixed from what I know
Debian is an operating system based on Linux, it is a Linux distribution. It consists entirely of free and open source software, most of which is under the GNU General public license.
The Debian Distribution contains over 51,000 packages of compiled programs, which are packaged in a great format for easy installation on your machine. All are free. It looks like a tower. At the base is the kernel, above it - the basic tools, followed by all the programs that you run on your computer. At the top of this tower is Debian, carefully organizing and putting it all together so that all the components can work together.
With this approach, your system will not knock on Microsoft home servers.
Tails is a Debian-based Linux distribution created for privacy and anonymity. It is a continuation of Incognito OS development. All outgoing connections are wrapped up in the Tor anonymous network, and all non-anonymous connections are blocked. The system is designed to boot from LiveCD or LiveUSB and leaves no traces on the machine where it was used. The Tor project is the main sponsor of TAILS. The operating system is recommended for use by "the Fund of free press" and was also used by Edward Snowden to expose PRISM.
Use it only for surf for example.
For example, you came somewhere with your harddrive, and used it to open programs using it Kali Linux - GNU/Linux-LiveCD Arising from the merger of WHAX and Auditor Security Collection. The project created Mati Aharoni (Mati Aharoni) and Max Moser (Max Moser). It is intended primarily for safety tests.
The Predecessor of Kali was BackTrack, created on the basis of several linux-distributions. Originally intended to be used on Slackware OS and then smoothly switched to Ubuntu. After is based on Debian.
Parrot OS is a Popular security distribution based on Debian-linux. Quite easy to learn, suitable for beginners and professionals. This distribution is aimed at both penetration testing and anonymous work on the Internet.
a Fairly easy and effective tool, many security experts have found it a replacement for the increasingly "voracious" Kali, especially since Parrot uses Kali repositories for updates.
Use graphics and its surroundings MATE display Manager LightDM.
It is similar to Kali Linux in terms of functionality, here too, along with the system comes a huge amount of special software for security testing.
As you can see all the systems I mentioned above are mostly based on Debian in one way or another. Starting with Ubuntu and below.
How you handle security updates on Linux will depend on the distribution you are using. I'm going to talk about security updates using Debian and Debian-based systems as examples.
Look, here https://wiki.debian.org/Derivatives/Census all distributions derived from Debian are listed. Many of them are operating systems that are important for security, such as Kali, Tails, and so on. The Debian project does an excellent job of providing security updates for Debian.
Here you can read about other distributions.
Security is a priority for this project and this operating system.
If you want to find details of the security issues that patches are being released to fix, take a look at the security information page provided by Debian.
https://www.debian.org/security
If you go down below, you will see all the updates. You can click on any update and get more information about that particular update. You can go to the Mitre CVE directory and learn more about the vulnerability you choose. Here is detailed information about this vulnerability. More details can be seen here. And from here, we can go to various sources for more information, and in principle, we can even find the exploit code for this vulnerability. We had previously used as an example https://www.cvedetails.com .
According to the Debian Project, they handle all security issues brought to their attention and fix them within a reasonable time frame. They also say that many security warnings are coordinated by other free SOFTWARE vendors and published on the same day as the vulnerability is found, and that they have an internal security Audit team that searches the archives for new or uncorrected security errors.
They also believe that security by hiding doesn't work, and that public information makes it possible to find security vulnerabilities, and that's cool.
All this is good, which is why I recommend Debian- based distributions as the main reliable operating system for everyday use when it comes to security, privacy and anonymity.
I have decided not to give you a sample analysis for installation and etc, the only thing that you need to understand that it is necessary to create the installation flash drive in ddimage mode using rufus for example, Linux users can use dd command for this.
https://i.imgur.com/tD3lDok.png that's what DD image
in Order not to clog and not to make porridge in your head, if there are those people/group of people who have decided to tightly master the Linux environment. You can directly contact me or as I said before to contact through correspondence QUESTION / ANSWER.
Where already VSS will advise and help with these or other issues, in fact, the segment of your actions is similar as when working with Windows and what will tell you Payne, so it is perhaps a little bit different installation, and so everything is similar.
A lot of videos are on YouTube which shows an example of the operating system installation, disk partitioning and other points.
Linux is an amazing system with which you need to learn to work with it and it will become your true friend.
The safety and anonymity in the Internet. Configuring the virtual machine
Good day, ladies and gentlemen! Today I will give a lecture on "Security and anonymity on the web. Configuring the virtual machine"
the Lecture will be divided into several parts:
- Security
- Virtual machine and related parameters(parsing the virtual machine for surfing to communicate, parsing the virtual machine for driving),
- Storage and turnover of funds
During the lecture I will explain the basic methods and parameters, as well as give useful links and recommendations.
We will start with the first and the main-the basic part. Safety.
Let's start with the fact that it should be so clear to everyone that everyone should accept as a certain "TABOO" and never do so:
Do Not talk language, not on the Internet, not in life. We are not engaged in freelancing, so no one ever needs to know where you are, what your name is, how many children and any other personal information, NO matter who asks - a friend or acquaintance, anyone may not be who they are positioning as themselves, and even me.
As the saying goes: "the Personal should remain personal, job is work"
Nicknames. Do not use nicknames that you took from your Vkontakte id, steam, email or any other service or site.
The nicknames used in the white life - can bring people out of the gray life to you, there was such things like that it was enough just to Google the nickname of the person to learn everything about him and his relatives.
Don't register e-mails and accounts on your phone number, services providing services mailbox easily display the information on demand. For SMS you can use online services, such as: <http://sms-area.org/>
There are lots services, you can just Google them on request "take SMS for registration".
The Postal service, such as gmail.com & hotmail.com can register e-mail without SMS if IP has not been previously, used in their system. For mail.com SMS is not required.
Do not use personal email when registering on the gray sites and shops, make a separate for this purpose.
You should Never think that, "I'm not so big fish that I was looking for" - often such people then look for money for lawyers, do not forget yourself, never neglect safety, because it is better to sleep peacefully.
Next TABOO: never work on RU/CIS/Ukraine and the entire post-Soviet space. Do not buy in such shops, do not use such cards and services nothing, otherwise you will quickly leave the intelligence services. The news often shows those who worked in their country - a funny observation.
handling is carried out only through intermediaries, shipment services, or drops. Don't Shine your names anywhere.
Jabber and all other means of communication is better to be stored in a virtual machine, if you store on the main one - it is better to disable saving history and passwords.
If you value your own ass, its comfort and inviolability - it is better to observe these taboos.
use Jabber on secure servers that are trusted, for example: servers exploit.im and zloy.im
Never to neglect Garant-Service, even on not a very large amount, it is better to save the nerves and money and lose a little time than the other way around! No matter, tuber, moderator or friend - he's a man like You, Regardless of the number and the colors of the ribbons under the nickname, Regardless of reputation, everyone had a ball and start to throw their/others'.
let's Start analyzing the virtual machine and related parameters.
I recommend using virtualbox or vmware. Do not forget to include virtualization in the BIOS of your PC - otherwise the virtual machine will not be able to work.
it would be Better if you put the virtual machine image in a coded flash drive (or ssd) or container. For flash drives the best options are USB 3.0, 32-128gb.
SSD the more the better, but look at Your needs. For encryption we will use the following software:
(a) truecrypt 7.1 a
b) veracrypt
Both options are interchangeable. Use either a or b.
option a - TrueCrypt version 7.1 a, the rest unsafe and viracept - procreation trucrypt because TrueCrypt was abandoned by the developers. I'm using variant b - veracrypt https://veracrypt.codeplex.com
Crypt the flash drive/ssd, or create a container on the PC, and inside the container put the image of the virtual machine. Now before starting new path, You will need to first open an encrypted container with a password. How to encrypt - you can see in the help of the program or Google, it is not difficult and requires pressing just a few buttons.
There are two alternatives to containers, namely:
- encryption of the entire hard drive on your computer
- create hidden OS
With conventional containers encryption key can be pulled from the hibernation file and removed from RAM, so disable hibernation on your computers. But if you use a hidden OS, you can put all the information and files inside it, and even if you are tortured, you will be able to give out the encryption password from the usual white OS, while the hidden one will peacefully store your files.
Encryption of the entire hard drive - a long time (I have a 1TB disk takes about 6 hours of encryption), but a reliable tool, as with hibernation, even if it is turned on the keys are not pulled out, and to have time to remove from RAM, you have to try very hard, there is only Brut, and then we move on to the next point of security, namely - passwords.
If there is a hidden OS or disk encryption, the system start-up will need to enter a password at boot-loader'e, that is even before the password accounts for Windows, to enable the system.
On any forum, social network page, e-mail or hidden container it is necessary to comply with the MANDATORY items when choosing a password:
1. Length not less than 15 characters, better all 30
2. Upper+lower case, numbers and special characters. Example of a good password: sHO&D=633qwvBB!aC{6} - Brutus will take decades, if not centuries, for this password.
3. On one forum/shop/site - one, unique password.
4. Two-factor authentication - use wherever possible.
5. You can store your password, for example, in keepass or in your head
If you use the same passwords, it is likely to break all that is possible.
No one is immune from the drain or sale of the database on some shop Dedikov, for example.
Attackers just get your password, and then in a circle wise login on all services/forums, and take all that is possible.
But a strong password is not a panacea, because they can intercept directly from your system, picking up a Stiller, malware or other virus. The output is simple - create a separate virtual machine (generally any) specifically for software and dirty, untested files.
And run everything ONLY on this virtual machine, let it suffer better than your computer. It is much easier to follow the basic rules of hygiene than to lose accounts or pay the victims, so do not be lazy and do it, but you will sleep peacefully.
the Purpose of the virtual machine for You will be divided into two points, namely:
- Surfing, socializing, everyday use
- Work
Depending on the purpose, the configuration will be divided into two types, let's start with the first, in this case the most important is anonymity and security than the state of the system ready to drive, but the first subparagraph is the same in both cases.
List of the minimum necessary database of programs for surfing and communication:
- VPN. - At least one, ideally doubleVPN(double). Use VPN third world countries or at least another continent. VPN service should NOT log. When you connect a VPN your ip should change to the country, you included. You can check it here: whoer.net
VPN we put on the main car - TOR Browser https://www.torproject.org
If the site has mirrors in the onion zone(in the Tor), use these features to maintain greater anonymity!
- Jabber / ICQ
According to the fact that at this moment You are reading this in jabber- there is no point of explaining about this programm, but a few recommendations to take note:
1. Don't Shine a toad! Brutus will start, spamming will start and it will add complications, and it is necessary to nobody. If you really want - for public exposure, create a separate jabber account.
2. OTR encryption. In jabber's clent PSI+ it is included in plugins, for Pidgin it is downloaded and installed, there should be no problems. OTR encryption, a widely used for communication. For ICQ it is also there. I do not recommend using Skype, it is unsafe.
Also replace your DNS in the system, for example, Google http://support.li.ru/google-dns/win7/
They can still be registered in the router. For greater effect, you can use dnscrypt software - take a note and familiarize yourself with the functions on the Internet.
- Browser for surfing (I recommend firefox) - disable webrtc. WebRTC allows third-party users to determine the IP address of the network user, bypassing the software barriers VPN, TOR, SOCKS and other network defenders
https://whoer.net/blog/article/kak-otklyuchit-webrtc-v- raznyx-brauzerax
- If you use socks or tunnels, proxifer+plinker. We will not talk about this, a lot of information on these two programs you can find on the forum.
- you Can also close the Internet through the firewall so that when the VPN FALLS on the virtual machine there is no access to the network, and your real ip is not leaked. Some VPN clients have this feature, or you can Tinker with the firewall.
Virtual machine Settings for vbelow:
For carding you can use any virtual machine, it all depends on your needs and shops.
But, the necessary software for the work and the parameters I will still call, let's get started.
0. VPN, we talked about this earlier. we select IP using SSH-tunnel and SOCKS5.
An SSH tunnel is a tunnel created through an SSH connection and used to encrypt tunneled data. It is used to secure data transmission on the Internet
Socks5 allows you to create a chain of multiple servers, thus achieving anonymity on the network.
1. Brasure. Firefox spoofing verts, chrome with disabled verts and several portabl browsers chrome/Firefox.
Substitute for webrtc, you can use this extension:
If you want to use chrome, install the WebRTC leak prevents add to prevent or substitute webrtc other ways (there are on the forum).
2. Software for using tunnels and socks: proxifer and plinker/bitvise
3. Teamviewer (on the dev and on your main machine) (optional)
4. NotePad++ for temporary entries
5. If there is and if needed - antidetect Parameters:
Let's start with the ip address parameters (Dedic/tunnel/SOx) Negative parameters:
- Two-way ping and belonging to the hosting provider
Belonging to the hoster = ip is in the cloud, such as the IP at work is not recommended to use.
Two-Way ping detects tunnels, SOx, VPN ping, I punched large merch and with it, but it is still a negative parameter, the decision - search VPN country or put TOR in front of the tunnel, if this doesn't help - than the replacement of the IP.
- DNS - not the country ip rather adversely affects(but not critical), there is a lot of information on the forum about this.
- Flash, uptime, OS.
Optionally, you can put a flash, but now it is not appropriate for all real users.
Uptime - the uptime of your IP, it is strange if your IP works without interruption for several months, is not it?
The Time (timezone) of the system must match the time of the ip address.
OS - range of use, everyday life and confidence. For example, most ordinary users use Windows. The xp will add more fraud for the reason that the system is outdated, respectively win10 - a set, more confidence. The Golden mean is Win7.
Windows and browsers should be English, it's all that can get checked. But if at the same time some program in the system will be in Russian - it's okay, antifrod is not able to detect through the browser.(Flash must be eng)
ProxyScore + Riskscore ip - this is what anti-fraud systems pay attention to, so try to take with zero or minimum indicators. Some access sales services(socks/tunnel/Dedic) provide this service directly within the service
Open ports (8080, 8081, 3128, 80, 81 and so on): this is not always a negative parameter, since this is really a common misconception, we refer it to the neutral parameter.
Some anonymity checking sites scan IP's and consider that if some port is open, then IP's are proxies and lower its anonymity. But actually this is not so, the majority of such IP, it's just the web admin of the router. If through such admins it was possible to make a proxy so easily, they would be made by millions, it can be checked most.
Since mass port scanning is prohibited in many countries, large merch instead of port scan turn to services such as maxmind, which in turn provides services such as maxmind fraud check & maxmind geo check api, so if some service shows open ports at the ip address (for example whoer or maxmind geo check api). 2ip.ru), this in most cases is not a negative indicator. And even if such services will show good result, not the fact that something will come from carding.
In my practice, large merch repeatedly successfully missed orders from IP addresses, where anonymity verification sites found open ports and thus defined IP as a proxy, based on this, I dare to assume that open ports are not always bad, and do not dwell on it, especially since you do not actually own an ip address, you will not do anything with it. But at will it is possible to select ip addresses and without ports, or with opened 80 port is valid in any situation, as it is natural.
Geolocation of IP addresses is better to select as close as possible to the zip code of the card holder. For example, if the card holder has a zip code of 85012, you need an IP with a zip code of 85012 or 8501* - that is, as close as possible.
Before carding,it is possible to surf at popular websites like youtube/amazon/facebook and other things, some serious antipode can shoot your story browser. It's strange when a man with an empty story of a browser flies off to buy a thousand dollars ' worth of gifts, isn't it?
Antifrod can also see tabname - open tabs in the browser at the moment, and determine from which site the person came. (And on what request).
- Audiofingerprint - audio imprint, a relatively serious protection system. Look various articles on this topic, not all of them are for use.
Serious merch can also check the sites on the list where you are logged in https://browserleaks.com/social - you can check here, for example. In practice, when logged in, for example, Facebook is a plus, but not critical.
For randomization of fingerprints (system prints) when you are carding in one merch/shop you can do the following:
- Change browsers, change browser versions
- Change fonts in the system, screen resolution - Fill or import cookies.
- Plugins and extensions in the browser.
- Change the system
Speaking of extensions, for example, merch can not see the extensions installed in the browser, but they can send a request to the browser like "is the extension installed with such an id". Thus, merch can detect certain extensions, such as, for example, CanvasDefender.
Option bypass - replacing the extension id (Google) or simply Uninstallation. thereof in the browser.
And of course we do not use the same variables for several cardings, such as emails.
When you are checking the location of ip (geolocation), try not to focus on whoer.net - there is an outdated maxmind geo database, use the sites ip-score and maxmind.
Several sites from themselves to check the system and ip:
whatleaks.com - check everything including timezone
2ip.ru/privacy check ports, bilateral, hosting provider and other
whoer.net - use this website as less as possible, very fucked-up, absolutely all of the merchs medium and above levels are extremely negative attitude to the cookies of this site in some cases that will drive the ip hacky sack / ssh maxmind fraud check database.
https://www.maxmind.com/en/home?rId=iplocation - geolocation of IP directly from maxmind. Of course the accuracy of the paid and free database varies, but in my practice in 75% of cases it is necessary to trust this site.
browserleaks.com ip-score.com noc.to
Copy yourself this list of sites.
Where to store, how to withdraw earned money? Of course Bitcoin!
Recommended wallets: https://blockchain.info/ru/wallet/ Bitcoin Core.
Personally, I use the first. On the forum in the section "Cryptocurrency" you can find lists of wallets and explore, choose what suits You best. It is not necessary to store money in bitcoin constantly, as the rate can both rise and fall. So evaluate your risks and desires of their own.
Qiwi - not all accept for payment, but as one of the options, perhaps.
+ of Qiwi: the Possibility of direct output to the card, if you do not Shine a phone number, it is almost impossible to steal
Cons: your wallet can get blocked by the Russian payment system, and therefore qiwi will give any data of yours by demand, therefore I strongly recommend if you use kiwi, only in the following format:
- Not your SIM card, possibly virtual
- Not your email
- Transfer money if possible with kiwi vouchers (eggs)
- do Not use your phone, buy new one or use a virtual SIM.
- Output only on the card drop.
- Do not use your ip and computer (can be dev)
Options for withdrawal of money from online to real life, if everything is clear with qiwi, then bitcoin is more difficult, namely:
- Exchangers. Through the exchanger, you can exchange money from bitcoin to a card or qiwi, or a Bank.
- Conclusion immediately in CASH. There are exchangers that provide this service.
- https://localbitcoins.net - a kind of exchanger, looking for money changers with good reviews.
The fact that bitcoin is anonymous is a myth and a misconception, all transactions in the blockchain at a glance, they are easy to track, just do not need any personal data to register. Therefore, to preserve the anonymity of funds, I recommend using bitcoin mixers. (see forum section of the Cryptocurrency)
in Addition to online security, there is also offline, I dare to recommend my article on this topic.
Cards
Hello class today at CC, lets go.
Each of you has encountered CC in one way or another in your life,but it was a bit in a different way.
The first thing that a beginner in this business should learn, so it is of course information about credit cards, simply put cardboard / CC
Credit card (CC) is a credit card, cardboard, potatoes, etc
First of all we need to find cardboard. The easiest option is to buy it from the seller
When you buy you will receive cardboard in the following format:4306651004564350 | 10/10 | 826 | Richard Lang | 56 Groveview Cir | Rochester | 14612| NY | USA | 661- 298-0881
(The format of each seller is different)
4306651004564350 - credit card Number. 10/10 ( 10 month / 10 year) - card expiry date.
826 - Cvv/CVV2 card Security code
Richard Lang - First and Last Name (first name, last name) 56 Groveview Cir - Address
Rochester - City 14612 - Zip code (zip) NY (New York) - State USA - Country
661-298-0881 - Phone
BIN - bank Identification Number - the first 6 digits of the credit card number, the Bank that issued the card.
Each banking organization has its own unique number. Information on each map can be found in the services through the search. Make a request in Google, bin check and then go to the links and enter our first 6 digits
Example map 4306651004564350 where 430665 - room of the Bank which issued the card.
10/10 - exp (card validity) 09 month 10 year 826 - cvv (the secret code)
Richard Lang - (name of the cardholder) 56 Groveview Cir - (street) Rochester - (city) NY - (state) 14612 - (zip code) US - (country)
661-298-0881 - PHONE NUMBER (Phone)
You can also add SSN, DL, MMN, DOB to USA CC(you will learn this information at other lectures)
For additional $ you can research for additional information
OB - date of birth SSN - social security number MMN - Mothers Middle Name (middle name of the mother, so to speak)
Let's talk about the types of CC.
Visa, MasterCard, American Express, Discover are most often used visa credit card numbers.
Start with the number 4.
They have a protection called Verified by Visa (VBV)
3 digit CVV code.
Verified by Visa (VBV) - used to protect Visa card numbers from unauthorized use. In other words, the holder has a code that he will have to enter when buying something.
MasterCard credit card Numbers start with the number 5.
they have a protection called MasterCard SecureCode (MCSC) 3 digit CVV code.
MasterCard SecureCode - the principle of operation is the same as that of VBV.
American Express starts with the number 3 already have a 4 digit CVV code.
Discover starts with the number 6 3 digit CVV code.
Next we will talk about the types and levels of CC there are 3 types of cards, credit, debit, prepaid.
Credit - a card that can be bought on credit, not having enough money on it. The size of the loan is determined by the issuing Bank.
Debit card, which can be used only in the limit of the amount available on the account.
Prepaid card with pre-paid amount - smart card, which stores electronic money, pre-paid by the cardholder.
Prepaid card is not personalized, that is, it will not indicate the name and surname of the owner, it is the main stock in trade of prepaid Bank cards
It can be paid both in real and online stores. The card limit is limited only by the amount that is on it.
We will go Through the levels of cards , from classic to black. The higher the category of the card, the more it has the cost of service, and the richer its owners, the more money it can have
There are cards of classical category, gold, platinum and higher cards, such as MasterCard Black Edition or Visa Black. With the increase of the card category credit limits on it grow. For example, the credit limit on the classic card can be 1K$, so on the platinum credit card the credit limit can be 10K$+
I suggest to take credit and debit cards from gold level and above, most widely used - gold, platinum, signature, world, black. The possibility to see the last one I low. In the us they do not give as we have in tinkoff and etc
Each credit card company (American Express, MasterCard, and Visa) names their higher-level credit cards a little differently.
At American Express, this BLACK - card is positioned as a symbol of the holder's belonging to the top of society and can only be issued to a person who has the appropriate social status.
MasterCard has a World Signia - Credit card of the highest category in the line of products from MasterCard with the personal signature of the owner "gold" on the front side.
Visa has a Black Card - this level has an increased level of security that prevents unauthorized access to funds.
The most premium CC that are listed above owns a special caste of people on the planet they are "massons" joke, this level has higher credit limits and there are no any spending limits, such cards are very difficult to find and the cost for them will be very expensive, they are more for the pros only
Then lets talk about about how it takes a payment from CC
The process Of paying by credit card on the Internet is not as easy as it seems at first glance.
While you press the confirm button (confirm) and there happens a bunch of processes. Responsible for these processes, the processing center of the Bank.
Processing center is a high-tech system of processing payments by Bank cards in the field of e-Commerce the main task of the processing center is to provide shops with the opportunity to accept credit card payments.
In Addition, the processing center coordinates payments between the card issuing Bank, the acquiring Bank (which authorizes transactions), the shop and the card holder.
Acquiring Bank - Bank providing card payment processing services to the store
Issuing Bank - the Bank that issued the card, which the buyer is trying to pay for the goods
The Process of payment for goods/services by credit card is as follows: you place an order on the website of the shop and choose to pay by credit card.
Shop redirects the buyer to a secure form of payment processing center, on a secure form of payment you specify the credit card information.
The processing center confirms the status and parameters of the shop in the system.
And also checks the generated request for compliance with the established requirements and system restrictions and sends the generated request for authorization to the acquirer Bank.
Bank acquirer, which carries out the authorization of the payment, having received a request for authorization of the transaction sends it to the appropriate payment system (Visa, MasterCard, etc.)
The payment system determines the issuing Bank, which issued the credit card, and then sends a request for authorization to the processing center of the Bank.
After the issuing Bank has confirmed the authorization of the payment, the processing center sends a positive result of authorization to the store and the store, in its turn, notifies you of the successful payment of the order. Here is a complex process takes place after you click on the pay button
What in its turn does the shop do when accepted?
When all the items described above have been successful and you see that the payment is accepted, the shop takes the order into processing.
Processing consists of manual check of the order, specification of details of the order of the address of a thorn (not always), at specification of details shop makes a call to the specified number in the order for confirmation of the order according to this it is advisable to write the number on which you will be able to take the call
After clarifying all the details, the shop begins to prepare the goods for delivery
If you card egifts, delivery is carried out immediately after the test, if you card stuff, they can send it on the same day and the next to card stuff is not necessary on Friday, as the transfer of stuff in delivery will be carried out only on Monday
After the transfer of stuff in delivery,yop will get, by mail or in your account of the store, the tracking number.
Usually it is a set of letters and numbers on which you can track where your product is.
Then you just follow your product tracking number and rejoice when it is delivered, but it can be when the card holder sees that the money is removed from the card, in which case he calls the Bank.
He in turn makes a call to the store and reports that the purchase was made by criminals.
In the tracking number in this case it will be written that the sender has requested the return of the goods. In this case, do not worry and try to card a new order with a new CC and you will certainly be lucky!
next we will talk about what does the shop when there is a payment with the CC
the store is also a checks the order for fraud.
Antifraud is a system that analyzes your actions on the Internet for fraud over years, it has formed a portrait of fraudgellent actions and the actions of these card holders the system begins to analyze you from the very first moment,as soon as you visit the site
it looks at whether you are logged in with a browser or a mobile application, looks at what you bought when you bought, how often you bought looking at your ip address, cookie information, including the ID of the http session, etc.
combines all this information and analyzes it with the actions of holder.
Your task is to adapt as much as possible to the card holders, you need to warm up the shop, I will tell you about this at the next lecture.
After warming up shop anxious to collect all the data, you spend your monthly salary to buy an expensive laptop.
I don't Expect the shop will believe that you just went and spent a month salary of ordinary American.
As a rule, if you are burned, you will not be allowed to pay for the goods. Don't throw out your CC, in this the case is not necessary because the information may not have reached the Bank and you are blocked at the level of the shop
In this case, write/call the shop and say that I tried to buy you a laptop but something did not work.
do Not forget, you are an American who has wanted for a long time to buy a laptop but you are not given
The shop will tell you why you can not make a warrant. Whether you have not passed the anti-fraud system shop, or the Bank has blocked your transaction
In the first case, you can find out how you still make an order, you will be offered solutions to choose
If you were blocked by the Bank, it is easier to throw out the CC than to make a call to the Bank, as there is a very hard identification that does not pass.
Mediations
Hello Everyone
Today's lecture will consist of 2 parts: resenders and drops.
1 part of the Resenders.
The resender is a logistics company engaged in the delivery of goods from one country to another. Resending is used in 2 cases: when the shop does not have international delivery, and when you just want to do the consolidation of packs.
Resenders are not created for us carders, but for ordinary people who want to order some goods from the United States.
For example, things from GEP and other stores that do not have delivery to other countries except the United States.
there are also resenders in the European Union, but they are not used so often.
Consolidation of packages is the process of combining several parcels into one, to reduce the cost of delivery.
Conditions of consolidation should be clarified by the resenders, read the relevant sections of the site.
At the moment, a lot of resenders are used to much for carding, so you need to look for your resender.
How to find "your middle man"
you can find Your resenders only experimentally, sending packages there, and looking at the reaction of the resender. I will give the main points that need to be addressed.
1. To card step by step. Made 1-2 tries, wait for delivery, look as the resenders react. Sent to yourself.
2. Use different types of carding for different accounts. That is, 1 ACC of resenders try to card with the CC, the second with e-gift, 3rd ACC of resenders try to card a stick and so on. Is done for moreover, to understand that likes in between, and that there is no. Because some resenders safely take packes carded with the CC, others may lock ACCs for this. Someone from the Resenders take packs, carded with e-gift, and some don't. Therefore, it is very important to have at the first stage a few ACCs, and when some of the accounts lock, you will know what for.
3. Avoid Resenders requiring payment by credit cards or money orders. Personally, I prefer the re, receiving payment with BTC or PayPal. It so happens that you have to pay for the resender with "your card", this card needs to be done in stuff - which is impossible. Wire transfers are immediately clear. It's pale. It is better to avoid such intermediaries at once.
4. Pay special attention to the tariffs of the Resender s(acceptance, storage, forwarding). It happens that the adoption of the pack is free, and the cost of storing the pack, begins to accrue the next day. Or on the contrary - the Adoption of paid and expensive, and storage is free. We are best suited to an Resenders where the acceptance of the pack is free and the free shelf life is between 30 and 60 days.
5. Carefully study the rules of Resender for the reception of packs. Usually written with which I agree, and why not, and what documents are required while receiving and when sending packs.
Found suitable under the terms of the Resender, go to registration and get the address.
Resender come with a personal account, and without.
In the resender with a personal account, identification is happening on a personal number, it is usually written in the address and the delivery you need to write this number.
Accordingly, the seller sees that these are large numbers, and the fact that it is an intermediary the Best in this case would be to write it as an office number for example.
The Second type of resenders that do not require registration.
There is simply written the address of the warehouse without any personal numbers.
In this case, the identification is still going on by Name and Surname on the pack.
So, how do we register a resender?
the First thing you need, but not necessarily to buy a set of documents.
I don't normally do this, because my broker never calls for it.
But it is better to do it.
What is included in the set of documents.
Passport, main page and page with registration, snils, documents confirming the address of your residence, usually bills for housing services.
To Find someone who draws it pretty difficult, but when you pack can get lost, you start thinking smarter
Then, again, as a recommendation to have the FPS of the country where the shipping will be, and perform all manipulations with the resender of this Dedik.
Again, I don't, I go to the resender right from the runway FOR the mustache, with different IPS and all is well.
So, after registering in the resender, what do we see in the first place?
As a rule, resenders have several addresses in the United States
Warehouses in new Jersey, warehouses in Delaware, sometimes in California
Better send to Delaware.
This state is tax-free and do not have to pay extra for the goods.
Got the address. Address will be of the form: first name last Name
600 Markley St. Suite 107451 Port Reading, NJ 07064
So, the first line is clear, when ordering online store Name write in First Name
Last Name
In Adress line 1 , we write 600 Markley St.
Address line 2, we write Suite 107451
Actually this is my edited address, Suite is the office, the numbers after it is a personal identifier in the middle.
Port Reading is a city NJ - new Jersey state the last 5 digits are a zip.
Many resenders have a button to add an order.
This means that if you received the track from the seller, you can add the pack to your personal account. This will speed up the processing of the package through.
Further advice on working with resenders.
1. Do not send immediately after registration of an account, a million packs. Lie down for a week, better 2. Send 1- 2 pack per week. And gradually increase the number. Here is where the rule of the buildup, as in many other subjects. No normal person will send 10 iPhones, 25 pieces of playlists, and the same number of hours to your account in a week. Pay special attention to this.
2. Clearly study the rules of work of resenders, it will avoid the loss of packs. Read the FAQ page or the rules for receiving and sending parcels - most of the questions will disappear, and save a lot of time.
3. Do not overload the resender with expensive packs. It is better to have a few ACCs, and send to each a little. No normal person would buy 10 iPhones in 10 days. Remember this. Through this same office, which we bend, so should behave accordingly.
4. Do not use the resender, for driving expensive equipment, it is better to use a drop. So you do not kill the account, in the case of charge. Statistics say that resenders are killed with a ton of expensive stuff than cheap. ACCs, which accept goods of the average price category, live the longest on experience.
5. When driving specify Skype phone number or GV. Do not write the phone number through or holder. That is, in the column shipping address - write or the number of GV (Google voice) or Skype.
Recommendations for the shipment of goods to yourself:
1. Do not exceed the customs limit (for Russia) of 1000 EUR or 1200 USD per month - per pack. That is, if you specify that stuff in the pack for 1200 bucks, this month on the same name you will not be able to send the pack. He will get in the customs, and eventually come with a customs notice, all that over the limit, will have to pay 35% of the cost. Due to the recent events, in 80% of cases for sending packs in RU - resenders ask INN / SNILS of recipient, so I talked about buying a full set of documents. But since We do not know in how many hands they can be - the best thing is to agree with a drinking neighbor that he will take your packs, and take him to all the docks. Believe me for a bottle of good whiskey - he will do everything)
Continue.
2. Always underestimate the cost of goods on clothes. For example, if you send the Nike shoes for 300 bucks, write that sneakers NAIFY and indicate the cost of 30-40 bucks. I always do. The same applies to bags, pants, in General, all. It always does. Because to bother and to establish clear cost , no one will. Just do not write that stuff fake or replica such category of products is very strictly regulated for import into the customs Union by + 90% resender this is not love.
Therefore, it is better to write a non-existent brand, or find on the Internet sneakers for this amount and write that they are.
3. As for the watch - please open the box and send the watch separately, the box separately. But it is best to send the clock along with the rest of the stuff. When there is a pack of 10-15-20 positions, in my experience, such packs are much easier to pass customs than when in a pack of 1-2 positions.
4. As for jewelry - say that it is costume jewelry. And many putting in Pak should not be. It is better to send the chain separately, ring separately. We recommend to send jewelry with a bunch of belongings, less likely to burn customs. Although would still drag metals would be disposed by x-rays. therefore it is better not to be impudent, do not send a 15 kilogram pack, with a gold content of 1 kg - 100% will not pass customs)
5. The technique is to send 2-3 positions in the pack. For example 1 iPhone + 1 PSP + 1 video card. It is not necessary to cram in 1 pack on 10 positions of all goods. Remember that if the same position in the pack of 5 or more, you will fall under the commercial party, and then lose the pack. As they will request invoices, statements of accounts and so on. So I always throw the technique sweaters, jackets, pants. The more stuff , the better. This is my experience, You may not be suitable, but still try.
6. Not to hoard packs in the midst, is particularly valuable. Came iPhone / iPad / rolex in the resender - just send. It's better to pay an extra 60 bucks for shipping than to lose everything. That is, before carding to resenders, look at the date of delivery, and estimate the approximate time. You card in for example an iPhone, shipping 3-5 days, so next Wednesday will be in the middle, respectively, today you carded a couple of things, with the same shipping. Next Wednesday - Thursday stuff came like 5 items all up, clicked the button to send, pack, paid, waiting. No need to pack for months... it won't do any good.
7. To pay for the resender use only your money as the owner of the ACC. NO CARDING. Don't cut the branch you're sitting on. Made ACC stick or VSS kiwi, threw money on CC and so on. From 50-100 bucks, our wallet will not become thinner, and ACC will serve You for a very long time. Personally my ACC in the resender is living for a year and 2 months and is still all fine.
List of resenders and document scans on our carding forum.
Also recommend to use drops for receiving packs.
On the forum there is a person paydrop, takes packs in Rostov-on-don, and the cost of admission is usually 15$.
Much more reliable, but also more expensive drinking neighbor.
So, we finished talking about the resenders. Next are the drops.
Drops are ordinary people who accept Your packs. There are 2 types of drops: deceived (the ones that where lied about their role) and not deceived (the ones that know what they are actually doing).
deceived drops are drops that do not know that they accept packages. There is always the possibility of missing drop with parcels. Such drops are searched on job sites or similar places. Usually on such drops expensive packs are not send. The life of these drops is 10-15 days. The cost of accepting parcels by such drops is usually 50-70 bucks.
Not deceived drops - drops who fully understand what the risks are. The risk of losing the packs is minimum. Such drops receive a good salary and the life of the drops is on average 2-3 months. However, they often have a few other rules of work. More information about the rules can be found in the drop services that provide drop services. The cost of admission is usually $ 70-100 or % of the cost of the pack.
Recently drop-services began to work only in buying your stuff, that is, they take the pack and pay You your %.
Different drop services - different types of goods under the reception and, accordingly, different %. For mainstream technique, like Apple - they can give you up to 55%. By carding stuff on the buyer, it will save you from the problem of delivery of the goods to RU and of selling it, in this way you will earn much faster. However, the amount of earnings will be much lower than if you brought the stuff to yourself and sold it in RU.
As soon as the drops receive the pack, the drop service needs a label to send it to the resender.
the Label is a kind of postal form. Which is a piece of paper where it is written from whom it is sent, from what addresses goes to whom it is addressed and to what address. Such labels can be ordered on the forum from the relevant sellers. Usually, carded labels cost about 5-10 bucks if the label is white (not carded), the price can reach $ 500. Most often white labels are used to send packs directly to RU to ensure safe passage of packs in all instances.
Example label can be found here: http://prntscr.com/iekzf5
1 - name of the sender 2 -the Street of the sender
3 - City / State / sender Index
4 - name of recipient
5 - the Street of the recipient
6 - City / State / recipient Index
7 - date of dispatch
8 - parcel Weight 9 - delivery date
10 - the Track number of the parcel
Warming-up shops
Hello everyone!
I would like to divide my lecture into 3 main parts:
1. I'll tell you about warming up the shops.
2. I'll tell you about calls to the shop for order verification.
3. Will tell you a little about reroute.
Let's Start with the fact that we will give a definition to what is- warming shops. Warming up, this is a call to the shop.
Before ordering, the purpose of which is to win over the sups and, accordingly, increase the chances of sending the pack.
Warm-UPS are carried out mainly in two ways: 1. Through the bell. 2. Live chat. Ah either the most wooden way - through email.
Let's start with live.
In general, I believe that this is not the most effective way, but it is still can be firstly, due to the fact that sups do not communicate with you live, they do not hear you and can not understand who is sitting on the other end, so you do not cause them increased confidence secondly, live chats are usually only in big shops, where your conversation will simply get lost among hundreds of others and you will not attract any attention to yourself live chat is good when you need to check something in the order, but you can not call or do not want to give money for calling, well, or if you really want to know something specific about the product, but not for warming up in addition, if you do not have a very high level of English, it can play a cruel joke with you, as some sups can pay attention to your writing, your literacy and compliance with the rules of grammar, relatively speaking, if you make an order from some John Jones, and write phrases like I am don't know, then you will at least confuse the agent
So I do not recommend to use Google translator to write letters or communicate with sups, if you are not confident in your abilities.
Next, I will talk about a more effective method of warming up.
Warming up by phone.
There are some nuances here too.
For example warming up large stores, where there are dozens/hundreds of Sups, in my opinion it is not that effective. In this case, it is better to request a call after you card, as sup will be able to make notes that the buyer called and was interested in the status of the order if you do it before ordering, sup will have nowhere to take notes and it can help to expedite the processing of your order, however, you will be asked to call again for verification such call for warm up, does not replace the call for verification, if it is required
Next, I'll tell you about the warming up of small shops
the process of warming up these shops, I usually divide it into 2 types
1. I pretend to be a hose and ask a lot of questions to Sup.
This is suitable, for example, for small shops with electronics/clothes, you can ask the characteristics of a product to ask the presence of features etc
Ask questions about the speed of delivery, etc
Roughly speaking, we just pretend to be a typical American consumer.
This will work especially well in shops, where sups with whom you talk will be responsible for sending the goods and processing the order.
2. The second case is something more complicated This case has to do with shops selling something specialized, such as musical instruments, professional equipment, auto parts.
It is important to understand the specifics of the product, its purpose, otherwise it will not make sense to warm up, otherwise you will fail
If you buy spare parts, it is important to understand what it is for and what brand.
I often call up a shop with musical instruments, especially guitars, since I understand this quite well, it plays a good role, because when you communicate with me, sups begin to trust and, accordingly to process your order more quickly and more willingly.
I also want to touch upon the topic of warming up shops for sending to the address which differs from the billing.
Americans are very responsive people and you can play on this responsiveness to come up with a legend to be sent to a different, from the billing, address do not try to push through the legend that you are sending a package to your mom / dad / brother while you are visiting them, this is all nonsense that will not help you.
In states, cataclysms occur very often, mostly in the south this is worth playing therefore, sometimes to compose a legend, I use these events to make more trust for myself for example, there are regular hurricanes in Louisiana, or Florida or Alabama and let's say we just have ss from those places
You need to spike, for example, in Oregon or Washington.
If you explain the sups that you are fleeing from hurricanes and storms to relatives on the other side of the country and did not take something vital and now you are trying to buy it, then your chances of sending goods increase significantly
If we suppose nothing like this happens in the United States at the moment, you can tell a legend about how termites have eaten your home, or how you have cockroaches, which you just poisoned and now can't go back home, because there all this rubbish did not disappear
Americans are very much empathize in such cases
Forget about legends about: went to relatives, to mom and so on. this is ineffective, the more difficult and hopeless your situation, the greater the chance summarizing the warm-up actions.
Warming up is still not a panacea, even for small shops, believe me, in the USA there is not one shop probably who would not suffer from fraud, therefore shops are very, very serious about all orders, so don't be surprised if even after warming up they will refuse to send you, this is a nomral process, not all shops are led to this, but if you correctly approach the warm-up, you will remain in +, the main thing is to find the perfect scheme by which you will work
Next, I would like to tell you about order verification.
Very often, after carding, you will receive messages- call us to confirm your purchase or something like that.
Some shops, not even to send an order, but afraid to run into a real holder, and they say that they could not verify the details of the CC with the Bank.
I am sure that some shops are stupidly afraid to send your order, for some reason (fraud marked, IP away from billing, IP in black), but are afraid to accidentally run into a real CH (cardholder), so they write this nonsense several times I had to get such packs but 98% of such cases do not end in your favor And in some cases really billing does not match here you can try to ring the Bank (previously, at least having the DOB and SSN, without it, do not even try) and try to resolve the situation with billing but again, it is very unlikely that you and the Bank will be able to decide something, if you do not know whenever there is a real billing (you can poke your finger in the sky punching BG and see the last addresses CH, but it is very expensive and unnecessary risk)
but in fact-it is easier to card to another place and see what will be there.
Now let's consider the questions asked by sups for verif basically sups compare the same, email, 4 digits CC, billing/shipping address but you can get asked questions with a trick many shops may ask a question with a trick, for example, the name and phone number of your Bank which is written on the back or the nearest street to your address (by the way I recommend before each call to open the address in Google maps to be able to answer) there can be a lot of questions with a trick, however, as least the search for street address of Ch in Google maps will allow you answer many questions, which you will be asked
1. Name Of The Holder:
2. Em@il holder:
3. CC data:
4. Billing (the address of the holder):
5. Shipping (shipping address): -
6. SSN\DOB\Number of years (if any)
7. The website where you carded or where you need to make the order:
8. The order number:
9. Order date and time:
10. Product name (link to product)
10. (EGIFT) the name of the recipient, email of recipient:
11. Order amount:
12. Number where to call:
13. Number from which to call (if you need substitution):
14. Name of the Bank that issued the card:
15. Phone support Bank (if you need to call the Bank, individually)
16. Letter from the office, where and for what reason we call (link to photo):
17. Reason and purpose of the call, description of Your situation:
Here is the form of the calling service, save her and fill it out for them, don't be lazy, you will be better from this.
Also they often ask the question, regarding the substitution of the callers id number (that appears on the other side).
I think that it is better to call with a substitution, it causes more confidence in you for some shops this is a mandatory requirement-a call from the billing number CH.
Well, in conclusion, I would like to tell you a little about the reroute.
Reroute/redirect is a change of address on the parcel to the address of the drop/resender.
I will not tell you how to do it, but I will tell you a little bit of the technical component.
I'll start with reroute UPS. when we rerute UPS, the request for the change is visible immediately, within 5-10 minutes the track is repainted in yellow and you see the phrase: Request to change the delivery address, but it is too early to rejoice, the shop can quickly deploy the parcel back and you can not do anything with it (the request for a refund is always higher than others and you can not cancel it).
Reroute of fedex is more complicated.
Fedex request for reroute is displayed only when the pack is in the city of CH and there are different types-1. caption: change delivery request sometimes the track is red and gives you-requires action, at most it features Fedex and this inscription will disappear in a few hours.
You will be given a new track the new track can be displayed as a track on the return of goods and hang directly on the site, if you see it, poke at it and look at the destination, if it coincides with the location of the drop(sometimes there may be another city but the same state, then check in Google maps the location of cities is likely to be the same city we know the other part) or a new track will have to drag a call, if the pack is not moving for some time, refer to the bell or call them and you will be given a new track
Antidetect
New generation anti-browser browser
We are pleased to present to your attention the most convenient and secure.
tool for professional work on the Internet Lifetime 5% -10% discount on all licenses https://ls.tenebris.cc
Greetings to all who decided to attend a lecture on Antidetection. Today we will talk about the various antidetect who are well established in our field of work, types of antidetection, we will understand some of the intricacies and specifics of antidetection when carding and not only.
First, let's deal with you, what is the "Antidetect"in General? Anti-detect is a solution (program, browser, browser plug-in, etc.) that allows you to bypass various anti-Fraud systems on the Internet, whether it is online banking, or an online store or a client installed on a computer to play poker. The antidetect allows you to use the same machine to work without changing it, by bypassing various detectors. Thanks to this, the anti-Fraud system every time thinks that in front of her new user, or, conversely, the same user, in the event that we
Need someone to "belikeuser". The task of modern antidetection is not just to unicilize users, and to give him the ability to blend in with the crowd.
I will Explain very simply and easily: in the first case, if we imagine that Touch ID on the Iphone is an anti-fraud system, and to unlock it you need to apply a NEW finger every time, then thanks to the anti-detect, we can make very, very many fingerprints, and each time calmly and successfully we will pass this protection. We can say that the antidetect is like a glove that allows one finger to leave a huge variety of prints. In the second case ,if we imagine that the Touch ID on the Iphone is an anti-fraud system, and to unlock it you need to apply the same finger every time, which is the principle and corresponds to reality on the Iphone, then we can "copy" the finger of the owner and successfully bypass the protection(of course knowing about how this fingerprint should look).
you Should understand that the modern anti-fraud systems don't stand on one place and are improving every day - if you previously used to identify yourself, the most simple methods, then now, they evaluated a number of factors.
In this context, the antidetect plays a very important role, and if used correctly, it will undoubtedly allow you to get the result, but success is not ensured by only one fact of its use
- you need to correctly and consciously approach the work in a particular direction, which will come only through knowledge and experience.
You can look at the huge number of factors takes into account by the modern antifrod on the example of a very common system Threatmetrix. As you can see, the browser plays only one role, although at the front of events: (See the video after the lecture).
https://www.youtube.com/watch?v=2PQxoQQOPpY
Another great example for the analysis of AF systems can be specified: https://developers.seon.io/?shell#request
I advise you to see this example at your leisure, especially on how many numbers of parameters refers to E-mail, the use of e-mail addresses in other services (Screenshot: http://prntscr.com/isj1yg), phone number, etc.
Antidetect are of two types: Iron Antidetect and Browser Antidetect. Let's analyze each of them in more detail.
Iron antidetect allows you to replace the parameters of the iron computer or virtual machine. As an example, you can give: substitution of information about the processor, video card, BIOS, network card and various other devices.
Iron antidetect may be necessary when you are working in the field of poker, casino and other areas that are associated with the installation of client programs for Windows.
An Example of iron antidetects can be:
1) CCTools 7 (many have heard about this software).
2) VirtualBox Hardened Loader - patch for iron antidetect Virtual Box. Vector T13 tells more about this in its webinars "virtual machine Antidetect" (These webinars can be found on YouTube) . It was well relevant at the end of 2016, although this decision now takes place.
4) Antidetect 2018 Pro OpenSource by Vektor T13 - New free solution in the field of iron antidetect from Vector for Virtual Box. This decision is relevant and supported by the author. I would like to highlight the full support of the graphics card on VirtualBox. The disadvantage of this solution is at the same time its advantage: the solution is free, therefore, full support (free) for this solution you will not get.
5) Aff combine - in fact the first iron antidetect VmWare, fully relevant and ready solution in 2018. Also includes browser-based antidetect based on Mozilla Firefox browser. It is sold here on the forum. Price $ 1000. 20% discount on tubers.
The only actual IRON antidetect on the forum is -
Browser antidetect is a program that allows you to emulate the browser, based on the specified parameters.
Simply, by emulating various parameters, we can simulate any system (Windows, Linux, Android, IOS, MAC OS, Blackberry) and browser (FireFox, Safari, Chrome, IE, Opera, etc.) and even game consoles (Playstation, Xbox).
Browser antidetect are of two types:
1 type: Antidetect based on a conventional browser with the "sewn" extension (Chrome) or addon (Mozilla Firefox).
Basically all antidetects of this type (Antidetect 7.1, Antidetect from Sert (Cert), Antidetect from Good Job, Fraudfox, Antidetect from Vector T_13)
Here Antidetect can be divided into two categories:
A) Antidetect using physical browser Firefox. This category includes: Antidetect 7.1, Antidetect from Good Job, FraudFox, Antidetect from Vector T_13)
B) Antidetect using physical browser Chromuim. This category includes: Antidetect from Sert( Cert), Bitovski antidetect 8.
The antidetect based on the physical chromium browser is much more complicated, more expensive for attachments and knowledge and
it takes more, so usually the price of such browsers is higher.
2 type: Antidetect, written on the source engine. From the examples that I know, this can be attributed to Linken Sphere.
Antidetect written directly using the source engine allows for a more deep approach to the implementation of substitution.
Read more about existing browser antidetect that are worth our attention:
Antidetect from Sert( Cert) - antidetect based on Chromuim. It is attached to iron, i.e. it can be used only on 1 system. Well-established, the author, Cert - one of the first developers of the antidetect in General, and even more it is developed on the basis of the browser Chromuim. Updates are not very frequent, but stable. Sold at the Shipyard, worth $ 5,000. There was a time when I used this antidetect. Now I do not have it and I do not use it. As for me, the price of the product is unreasonably high. Even if I did loose the$ 5,000 - would not have taken it. As for me, its price is many times lower. Each update is also paid and costs from $ 50 to $ 300 .
Even if you missed some update and did not take them, you will have to pay for all previous updates to get the latest version. In my opinion, it is not worth buying for newbies.
Byte antidetect 8 - antidetect based on Chromuim. The author of the product Byte, author Antidecet 5, 6, 7 who have proven themselves well in their time. Antidetect 8 - unknown product, total 4 clients. In his topic there is no reviews. Sold at the Shipyard, price: $ 3000 + $ 100 per month subscription fee. In my opinion it is not worth buying for newbies. Seems like nothing extraordinary compared to other antidetection on Chromuim there, and evolving the product as it is slow.
FraudFox, Antidetect from Vector T_13 - allocated them into one category as essentially irrelevant FraudFox antidetect and antidetect Vector T_13 are not really fit for the job, they are too "raw" and the author forgot about them. The product Vector T_13 is positioned as a means of increased anonymity and is not suitable for work (vector T_13 itself positions it). The product is free, everyone can download and read it on the author's website.
Antidetect from Good Job - antidetect based on Firefox. It is attached to iron, i.e. it can be used only on 1 system.Not frequent updates, judging by the reviews, the author puts the "male device" on customers and reach out to him is not so easy, and even more so to get support for the program. Sold at the shipyard, the full license costs $ 2250 + subscription fee $ 200 per month. Not even used. You should not take.
Now we come to antidetection that great in terms of price-quality, suitable for beginners, and which you should have in your "Arsenal":
Linken Sphere is an antidetect written on the source code of the Chromuim engine. It is sold here on the forum. The advantages include: Excellent support, frequent updates, there is no binding to the system, the substitution of all the main prints, built-in functionality for working with ssh, socks and tor, its own unique socks service integrated into the anti-Detect, the ability to work from several tabs, because 1 tab as a virtual machine, and such tabs can be opened a lot
minuses, as for a beginner, will be: monthly subscription fee of $ 95 (5% lifetime discount), the shop with the configurations is not available, ie configs; if there is no PRO subscription (price $ 475), there is no possibility of full settings windows.navigator . the combination of the parameter allows you to recommend it, i also use it.
I will explain at once what is a config. A config is a javascript code that contains information about the browser and the system (javascript browser settings, WebGL settings, font set, etc.). In fact, the config is a snapshot of the system and the browser. The use of configs further reduces the time, because you do not need to prescribe and come up with all the parameters, but simply loaded the config, edited, if necessary, and work from it.
Configs are real and generated. Real - these are those configs that are "copied" from real computers, by collecting parameters, and the generated configs are made with the help of programs (generator). The disadvantage of the generated configs is that the parameters may not always be correct and correspond to the OC or browser, or even have values that are not peculiar to the real system.
Antidetect 7.1 - antidetect based on Firefox. Seller on our carding forum. The price of the it for our students $ 50. Sometimes I use an antidetect to the present day. The product is completely worth the money. A good option for a beginner.
Antidetect takes forever; there are no subscription fees and binding the browser to the system, i.e. it is possible to card with the main machine, and with the new path, and with a system friend, neighbor, etc.
Configs can also be purchased immediately, without the need to fulfill any conditions. Antidetect 7.1 - allows you to fine-tune some settings, for example in windows.navigator. The
disadvantages include that the author ( Byte)forgot about the software and updates will not be, antidetect is not a substitute for some prints, for example audiofingerprint, webGL, some configs require manual adjustments.
Any antidetect reduces the time spent on typing, because you do not need to worry about cleaning cookies in the system settings WebRTC in the system, the installation of plugins in the browser, the fonts in the system, etc.
Also, thanks to anti-detections, it is possible to approach the shop "from different sides", i.e. card it with OC Windows, Mac, mobile device and various browsers
Sometimes in certain shops or merch patency of any OS or browser is higher.
If we look at this from the money side, antidetects save us money, compared to VNC, Dedik, antidetect saves more money. Config costs 1-3$+ sock (0.2-1$) or tunnel (1-2$). Good dedicated server will cost 10$( and not the fact that it's NOT hammered into your shop, especially if it is popular, and Dedik often "die" if they are produced with the help of Brutus); VNC price starts from$20.
BUT! Regarding to carding, antidetect is not a panacea and not a button "money". It is not necessary to use only antidetection. There are situations when carding is better with real devices (mobile phone for carding, laptop/computer for carding without virtualok) . Therefore suggest "to have in your Arsenal," the new path configured to carding, the mobile device
Emulator (Genymotion, Nox), the actual mobile device for carding several antidetection, etc.
Tips for ensuring your safety by using antidetection:
First, use on different forums, sites, different configs (different OC and different browsers).
Secondly, periodically (for example every 3 weeks) change the OS or Browser on each forum and website.
Third, store the software itself and browsers that have built-in add-ons, extensions, on a encrypted flash drive or hard disk or container.
For antidementia Linken sphere (Sphere) can be added:
A) Do not tick the box to remember the password, and keep it in your head. This is to avoid getting access to your cookies, sessions, configs to third parties.
B) Use tor or TOR+SSH TUNNEL in the connection chain. Do NOT uncheck the "Save and encrypt cookies before exit "option".
For Antidetect 7.1, you can add that after the generated browser itself will not be needed for work or typing, it should be immediately removed, and do not accumulate a huge amount , because each browser deals with about 100 mb, and with a large number of browsers it all takes a considerable amount of GB, plus each browser contains history, cookies.
Which will not be a plus when accessing browsers by third parties.
Now consider, in practice, work with 2 antidetection: Antidetect 7.1 and Linken sphere (Sphere).
Antidetect 7.1
After buying Antidetect 7.1 and configs for it (ideally for a beginner to take about 20 configs; enough to start with and if you need more - you can always buy), after installing and running the antidetect (about buying, installing, running and configuring contact @Billy Bones) you will see the following window: Screenshot with explanations - https://prnt.sc/h2wovg
let's Run through each of the items and settings:
Item "1" - This button creates a browser, or rather its Portable version, which is sewn Addon antidetect. The browser is not able to bind to iron and it is possible to work on any machine and pass on to anyone, even partner, even though the neighbor. In order to check the box lit up and was active, you need to select any PHYSICAL browser from the container (Number 5 in the screenshot).
Item "X" - This check mark determines whether the addon of the antidetect will be sewn into the Portable browser or not. If there is no check mark, it will create a normal portable Firefox version that you choose from the container (number 5)
Item "2" - This tick is responsible for the presence of Flash in the browser. In my experience, it is better to create a browser without Flash, use Flash when it is really necessary and can affect driving.
Item "3"- is Responsible for the physical version of Flash in the browser. You can select different versions from the list. The physical version is that which will be used for substitution, merch and shops don't see neither the physical version of the browser or Flash, they see that version or that browser that is set in a config.
Item "4" - Copies the path to the folder of the created browser.
Item "5" - Select the physical version of the browser. You can choose the Firefox version from 41 to 49. Specifies the version of Firefox which is "sewn" Addon Antidetect. If you do not put a tick in the item "X", it will be a normal Firefox Portable browser.
Item "6" - Select config from the drop-down list. Configs need to be downloaded to the folder "configs", previously unpacked from the archives.
Item "7" - Shows a brief information about the selected config.
Item "8" - Responsible for WebRTC. When the item is included, here you need to enter the IP of the sock, the tunnel from which you are going to make driving.
Item "9" - Allows you to change the config language to the desired from the list.
Item "10"- Allows you to add advanced eng. language. When is it? For example, if you are trying to "zakosit" under the holder from Germany, whose main language is German, you can add more and English, because many on the computer several languages, such as English and Russian residents of the Russian Federation.
Item "11" - Allows you to open the folder of the last created browser.
Item "12" - Allows you to select the time zone and set it in the system with 1 click.
About the use of configs and generation. There is no generation of configs in version 7.1, you can use it if you have version 6.5, but it makes no sense. Configs are better to use everything except Internet Explorer, because they are buggy and non-working. It is best to use configs with Firefox browser, i.e. Win XP, 7, 8, 10, MAC, Android + Firefox Browser.
Now on the setup window, before you create a browser: required items, where are the checkboxes: "X" and "8".
"9", "10", "2" - optional, if necessary only.
Let's Say you selected a config, created a browser, opened a folder with a browser. Let's talk about some manual settings that you can make in the created browser.
Opened the folder with the browser, then opened:\ ff_????.Browser version\App\Firefox\browser.
Example: ff_46.0.1\App\Firefox\browser
There will be two files that we need, open Notepad++, then the first file:"jsoverrider.json." What can be changed there?
First, languages can be edited manually as needed, for this you need to change the value of the parameter "Language" and "Languages" (if any)
Second, it is possible to enable or disable JAVA (NOT to be CONFUSED with JAVASCRIPT!).
To do this, find the "javaEnabled" parameter and change its value from True to False (or Vice versa). Example: "function javaEnabled() {return true;}" on "function javaEnabled() {return false;}"
Third, you can edit the parameter "Useragent" and "appVersion", I would even say that it is necessary, because the configs that you will have, whether Firefox, Chrome, Opera, Safari, etc., will be old by the browser version.
Take, for example, the Firefox config. There will be, for example, Useragent: "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1" and appVersion: "5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"
Firefox version for these parameters is now 40.1, it is outdated, we need to change it to a more modern, change for example to a stable version 48.0. This replaceable piece in the two parameters "Firefox/40.1" to "Firefox/48.0". Save changes, open whoer or another checker and enjoy the changes.
So you can change any parameter, knowing roughly what does it and mean. This can be easily learned by yourself, giving it a little time. Applies to any HELL, not only to 7.1.
Go to the second file: "jsoverrider.js." There you can correct WebRTC and Canvas print. Open this file.
Canvas in the file: you can change it, you can disable the substitution of Canvas, thereby making the stock (standard) canvas browser Firefox.
In order to change the Canvas print, you need to change the value of the variable "var CanvasWebglRandomParameter", i.e. put other digits in it, for example. (Screenshot: https://prnt.sc/h2y65s)
In order to return the stock (standard) canvas of your browser, you need to remove the line "return context.b_fillText (CanvasWebglRandomParameter, 2, 17);"
Carding can go better with stock canvas, can better with the substitution of canvas, there may not be any difference at all, especially if the shop is small or simply does not request the canvas parameter of your browser.
Next WebRTC. In this file you can edit all 3 WebRTC(1 external, 2 internal).
The variable "ipAddressRemote" contains an external WebRTC. The variable "ipAddressLocal" contains the internal Market.
Another value of the internal WebRTC I noted in the screenshot below the number "2" Screen: https://prnt.sc/dny2q9
Also in this picture, I showed the Blue areas, the boundaries of the code of each of the 3 WebRTC. This may be necessary, for example, to remove one unnecessary internal WebRTC. The red area shows what needs to be removed for WebRTC to be completely disabled.
Also external and 1 internal WebRTC can be changed on the fly in the browser. Screenshot: https://prnt.sc/h2yyko
I want to add that in the screenshot I indicated that what other columns are needed for.
to configure 7.1 antidetect all. Some chips, tips, answers to the questions I posted in my topic - FAQ Antidetect.
It will be useful to read after the lecture to those who are going to take the Antidetect 7.1
And we move on to the next Antidetect, called "Linken Sphere" (Sphere).
the After purchasing, installing, and launching the browser (on the issues associated with buying, installing and running the program, refer to @nevertheless or to customer support) the first thing to configure General browser settings. They are in the tab "Edit", then from the drop-down list find "Preferences". Screenshot: http://prntscr.com/itjman
In the screenshot I highlighted, there are the most necessary settings for a beginner. About all the other you can see and read the documentation on the website.
So, 1 point - the default search engine, ie, this parameter sets what the search engine will open if you type a query in the address bar of the browser. For carding easier to put the PS Google, for anonymity and security DuckDuckGo.
2 point - this option allows you to specify the site that will be opened after the session is created. For Viva is useful to indicate any checker, whoer, detect.cc, browserleaks etc., whichever is more convenient.
3 point - allows you to set the physical size of the screen, a very important parameter, I advise you to put it every time under the session (config). To check these settings (device- width, device-height) here: https://browserleaks.com/css
4 point - defines how the system time will be replaced. Important parameter. There are two options: 1) Via Javascript.
2) System time will change. It is best to choose the second option, system override, as for me it is 100% not pale-yellow, because in fact we do not replace time through Javascript, but as if we change it manually in the system.
5, 6 - settings I would have carried to safety. Ideally, if you are very worried about your safety: put a tick on point 5, on point 6 - no.
In fact, the 5 point - allows you to use TOR when logging in antidetection.
6 point - allows you to choose whether or not to save the password from your account when you log in.
7 point - this item allows you to close ports in Web Sockets. Web sockets is a Protocol used to exchange messages between a browser and a web server. Speaking a simple language, through Javascript the site can check your open/closed ports Web Sockets.
Checker: http://www.andlabs.org/tools/jsrecon.html
The settings of the checker: IP Adress - "127.0.0.1", Start Port, End Port - here specify the range of ports (minimum 2), for example Start Port: 5939; End Port: 5940. Protocol: WebSockets. After scanning, you will be shown whether these ports are open or closed. In the example I used the port "5939"
- it belongs to TeamViewer. These ports are related to VNC technology (5900, 5901, 5902, 5903) 3389 - RDP technology, etc.
To configure this item: better not to change anything.
Ports 80 and 8080 to close thus will not work, just saying so you keep that in mind)
Other parameters are aimed more at usability (font design, size, backups, proxy for updates, etc.)
Next, go to setting up browser sessions. Each session in fact is a separate system, like a virtual reality, which has its own config.
Learn more about free and paid configs and differences in configuration at work, we'll talk later; first you need to understand the important settings of browser sessions for beginners.
let's Start with the analysis of the first section. Screenshot: http://prntscr.com/itjucp
1 item - Select the session (config) from the list.
2 item - This item is needed to create a new session. To do this, enter the session name in this field.
3 item - session notes window. Very useful feature. In order not to get confused in the sessions and simplify your life on the analysis of drives, I advise you to specify all the useful information in this field( Proxy Score, Risk Score, In which shops were driven, by what method, the card used, the result of driving, etc.).)
4 item - allows you to set the color of the session, the color of the session will be displayed in the browser (screen: http://prntscr.com/h3njn3)
5 item - allows you to copy the entire session, including canvas, audio, fonts, rects prints (if necessary).
6 item - allows you to change the session name( rename session).
7 point - this point allows you to change the algorithm of substitution of canvas, in other words, this is the second version of its substitution (about the first will be below). Which option is better to use? Answer: Both, in different shops can be
different outcome, so you better try 2 options empirically by analyzing what better suits in your case.
8,9,10 item - allows you to enable/disable HTML 5 Storage, item 9 - allows you to save data and use them even after restarting the browser, item 10 - allows you to save and use the data through the standard storage of large structured data "IndexedDB" . In short - without delving into the theory. For carding there should be included both of these items (exception: carding from a blackberry phone, for the rest, the security IDPs, items 8,9,10 better off.
let's Move on to a very interesting section for many "Prints and other settings" (Screenshot: http://prntscr.com/itkiz7)
1 item - enables/disables the substitution of Canvas. Everyone has already heard about this parameter. Actually, making this substitution in the field - she makes it unique, the canvas, without changing much "his image", so it looks less natural. Check the canvas here: https://browserleaks.com/canvas
If you strongly change the image of the canvas, to use popular add-ons for browsers
firefox and chrome change the canvas is 100% that the shop will be able to see that. Here is the checker for browserleaks that defines it: https://browserleaks.com/proxy (Option: HTML5 Canvas Protection). Also with fonts, "CSS Fonts Protection"option). At the moment, minus of the technology of
the unique Canvas is that the output is 100% unique, and this applies to all antidetection. But, nevertheless, some AF systems are very hostile to react to too high uniqueness, so try to periodically disable this feature if you suspect that the shop does not give you because of this parameter.
2 item - enables/disables the substitution of the Audio fingerprint. Audio imprint, of course, is not as popular as in canvas, but over time, more and more banks, shops introduce it into their anti-fraud system. Checker: https://audiofingerprint.openwpm.com/
The antidetect successfully replaces 4 parameters for each session: Fingerprint using DynamicsCompressor (sum of buffer values), Fingerprint using DynamicsCompressor (hash of full buffer), Fingerprint using OscillatorNode,Fingerprint using hybrid of OscillatorNode/DynamicsCompressor method
3 point - enables/disables font substitution. Very popular detection, replace easily and without antidetect, but in addition to replacing the print, the scope allows you to customize the list of fonts, which is a definite plus. Checker: https://browserleaks.com/fonts (two parameters "Fingerprint")
4 point - enables/disables substitution of rects . In shortly, it is a substitution of the browser coordinate system. Element "getClientRects" allows you to get the exact position and pixel size of the desired element, and depending on the system, but rather the screen resolution of the system, fonts and many other parameters, the results will be different. The sphere
allows you to replace it without too much altering them, which in practice is not seen by the Anti-fraud systems. Checker: https://browserleaks.com/rects (Parameter: "Full Hash")
5 point - Enables/ disables the use of random plugins. This option allows you to add a random set of plugins to your session to avoid detection by plugins. The function is needed for those who have free configs, and who are too lazy to manually register plugins. Of course in the paid config the set of plugins included.
6 item - enables/disables saving and encryption of cookies after logging out of the session. Should be necessarily included. An additional advantage for security is encryption.
7 item - enables/disables Flash. Here as with antidetection 7.1 - without much need to enable flash. The technology at the moment is outdated, all its features have long been HTML5, so due to its absence, few people will not look at you askance.
8 item - when you include this item, each time after opening, the session will have new prints that I described to you above. For carding in this there is no need, for safety - possible to use.
9 point - allows you to choose which prints to make new, random (Canvas, Audio, Plugins, Rects, WebGL, Fonts, Media Devices) . Refers to paragraph 8.
10 point - this parameter blocks the output of the canvas hash. It should be used in the event that you are sure that your shop or merch does not respond well to 100% uniqueness of the canvas. Screenshot: http://prntscr.com/h3pk3m
Turn to section "setup and choose a connection type". Screenshot: http://prntscr.com/itCHrv
1 item - allows you to select from the drop-down list the type of connection. Now I will analyze the most necessary for the work of a beginner.
No proxy - this mode allows you to use a direct connection, i.e. the Internet is taken from your system. It is necessary if you really want to work with Proxyfier, Bitvise SSH and other software to use tunnels and socks. As for me, this mode is not necessary, because it does not allow you to use the advantage of the sphere in the use of different sessions at the same time, each of which is configured with a separate connection of the sock or tunnel, depending on what you like to use. An exception to this situation is the use of a router in which it has the ability to connect a sock or tunnel in the router, not on your system. On the forum you can find such configured router.
Tor - this mode of connection I advise you to use for your security chain, when surfing shadow forums and to go to the forums through the tor, for example verified forum.
Socks, SSH Tunnel - connected these modes. The first relates to the use of Socks (Socks 5) and the second to the use of Tunnels (SSH). These modes can and should be used for carding. For each session you can configure different connections and use them simultaneously, i.e., essentially like carding from several systems (virtuallock). Card with socks or tunnels - it is only at your discretion, who likes to work with. I personally use for carding socks, LuxSocks. But the problem is that recently they have problems with socks, the number of socks fell sharply down. So now I additionally use the SOx service "Faceless".
Sphere socks - Socks raised on mobile devices. These mobile socks are exclusively for customers of the sphere, they are integrated directly into the antidetect. This solution allows you to save even more time and increases the usability and uniqueness of the anti-detect, because IP data socks - from a common pool of mobile operators, therefore, the anti-Fraud system can treat you more loyal. For better performance I advise you to use these socks configs Android devices (Mobile phones + Tablets). Today, socks are at the stage of implementation.
2 item - Field to enter the IP sock/tunnel and port. For example, enter SOCKS 5: 173.244.217.119:1081
3 item - this checkbox allows you to disable the internal IP. That is, when using this item, only the external IP webRTC will be displayed.
4 item - sock/tunnel authorization. Actually all tunnels are with authorization, so enter here login and password is required, but socks (Socks) are not so often with authorization, so if you do not have a login or password, leave the fields empty.
5 item - enable/disable the substitution of WebRTC. If you turn off the switch, then WebRTC WebRTC will fit your system where you installed antidetect.
6 item - This checkbox is responsible for the External IP WebRTC. You need to disable the checkbox when the IP to connect is different from the IP which is obtained at the output (to check on any checker can, for example, whoer.net). Here is an example with Luxsocks, after the purchase of the sock I receive here the ip
ort to connect to "212.83.165.56:29007" I check whoer.net and there is the IP "97.113.91.76", therefore, this option is the one that I should disable, and in the "EXTERNAL IP WEBRTC" for a competent substitution, I need to write this IP "97.113.91.76"
7 item - this item allows you to enable IPv6 substitution. You need to use it only if your system is "leaked" for this information. To check out the leak here: https://browserleaks.com/ip "IPv6 Leak Test".
8 item - substitution disables WebRTC, ie when you enable this feature, WebRTC will be showing that it is off (disabled). Checker: whoer.net
9 item - allows you to set your DNS. It should be used if your sock or tunnel does not have DNS or it is from another country, or you need to replace DNS, not for carding, but for your safety . Button "check DNS" -checks the health of your specified DNS server. Note that working with this parameter is
Very important - DNS has the same value as the IP itself. In addition, it often happens that when buying socks without your own DNS, you show the DNS of the system (this is what happens by default, if this field is not filled, and the juice does not have its own parameter), and you catch the declines due to suspicious activity.
10 item - this button "Check Proxy/ Geo" allows you to automatically when you press it to check the Sock to connect to the operation, and automatically set based on its GEODATA ( based on MaxMind) and Ip: Time Zone, External WebRTC, GPS)
Go to section 3 of the program: https://prnt.sc/itkq52
1 area - responsible for UserAgent. By clicking on the "manage"button,you can edit, add, remove Useragents. After the drop-down list, you can quickly select the desired Useragent in 2 clicks. Buttons on the top ("Chrome", "Safari", "MSIE","Other") allow you to quickly select the type of browser.
I want to clarify that on the website, in the personal Cabinet there is a section "UserAgent" - there for free, you can choose a ready UserAgent by OS, Browser and device type.
2 area - responsible for the language (language) session. You can select a country from the drop-down list, and the language will be written automatically, you can register yourself manually in the input field, which is to the right.
3 point - Pop - up blocker. This feature prevents pop- UPS from being created. Use only when necessary, sometimes shop or merch have "necessary" pop-UPS.
4 point - All you need to know about it for a beginner is if the site is loaded with errors, or something does not work on the site, which does not allow to make the end of carding, it is necessary to enable this function. No need to turn on. The Following section - https://prnt.sc/itklmh
1) Config manager - simply put, free configs. Jabbed the button, chose the type of browser, chose the OC, clicked generate, and a free configuration is loaded.
2) Setting Up WebGL. This section allows you to configure all possible options WebGL 1, WebGL 2, disable WebGL, if necessary, as well as to generate it if you are too lazy to configure.
3) Advanced settings. (Screenshot: https://prnt.sc/h3q2d0) This section allows you to manually register plugins, add http headers manually, edit manually more than 27 Javascript parameters.
4) Fonts. This section allows you to edit a set of fonts,
i.e. you can create your own list of fonts that will see the anti- fraud system in addition to the substitution of the print fonts.
5) window resolution Emulation. This feature allows you to hide your real screen resolution, and it will match the data of the user. Useful when working with mobile configurations.
6) Emulation of touch screen - just a MUST HAVE when working with mobile configs. Full touch screen emulation on mobile devices. None of the existing antidetection in addition, there is no such function.
7, 8) These two values set the screen resolution. 7 - the width of the screen 8 - the height of the screen. Example 1920x1080
Go ahead, the next small section. Screenshot: http://prntscr.com/itkmis
1 area - is responsible for the substitution of geoposition. Latitude - latitude, longitude - longitude.
It is not necessary to put a geoposition directly under the ZIP of your tunnel, it is normal and natural to look if you put a geoposition up to 10 km from your sock. Example in the screenshot: http://prntscr.com/h3pyv1
The label in Google maps marked the coordinates of the sock, around the circle - so that's the area of the circle is quite a natural geoposition for this sock/tunnel.
2 area - is responsible for the substitution of the timezone, and simply put - setting the time zone and time. Time can be set either by selecting a state from the drop-down list or by selecting a time zone from the drop-down list.
Again, I want to clarify that when you click "check proxy/geo" geoposition and time is set automatically, which saves us valuable time.
We have dealt with all kinds of settings of the sphere that may be needed, now let's finally get to work with this product.
Option 1 - you have a PRO account and access configscope. Scheme of work - buy the right config in configscope, add it to the field, set the type of connection, WebRTC, DNS if necessary, press the Check proxy/geo (machine configures the time zone and location,) then choose off those prints that you want to replace
and go ahead and card. In fact, what I described takes about a minute.
Option 2 - you have no access configscope, then you can complete the configuration in two ways. The first is the installation of the desired User (choosing from ready or loading your own, which is preferable), after which the parameter is generated using the built-in generator .
After generation, you will need to see, tweak, adjust the parameters of WebGL, Advanced settings, Fonts, etc. the Second option - the use of built-in free configs (about 50 000) - create a session, click Config manager, select the desired browser and OS, get the configuration of the real device from the built-in database. With nothing further to do - then no different from the first option: configure the type of connection, WebRTC, DNS, if necessary, click the Check proxy/geo (automatic time zone and geoposition is configured,) then select the checkboxes those prints that you want to replace and forward to drive.
However, the built-in configs tend to turn around, because they are used by a fairly large number of people, and their quality is objectively worse than those in the shop, and this can negatively affect the result, although they are quite suitable for testing the forces of a beginner.
It is also possible not to download a free config, but to actually write it in the field from scratch, but for the first option and for the second, you need to have experience, knowledge of all parameters. You can read about all the parameters in detail in the product documentation + Google help.
More useful chips in this Antidetect:
1) The Antidetect has its own Web Emulator - this tool allows you to simulate the behavior of a real user, visiting sites automatically. In practice, this is necessary in order to reduce the routine work on the set of cookies's site files, site history, in other words, "warm up" the system before carding shops. You can also configure the emulator to simulate the user's behavior in the shop before carding.
2) Data Entry when carding is simplified - the antidetect built own Vbivotron (an example of software for the system on our forum). The function is convenient, but note that some sites are very hostile to copying, and even specially configured intervals of human-like input can fall under antifraud. Use the function if you are sure from your own experience that the shop does not react to such input in any way.
Searching for shops, merchant
The Lecture will be divided into 2 parts, with a short break, as the amount of material will be large.
Part 1 - Searching for shops. Part 2 - analysis of the merch.
And so, let's go. Part 1. Searching for shops.
I'll Start with a warning: look for shops, requests such as: buy apple iphone X, or buy macbook pro, or buy Gucci jeans - it makes no sense. Since the first pages of search engines - will always shop giants like BestBuy, Amazon, Seers, etc. You can work with them, but they need a completely different approach and experience. Take the first available CC and card 10K dollars- this will not work, do not try.
So how to find the right shops? Here are just a few options:
1. You can search for shops using SEO-optimization resources, one of the sites of the desired theme. SEO optimization is a set of measures for internal and external optimization of the site to promote it in search engines.
Accordingly, the higher the position of the site in the search engine - the more traffic, and accordingly for its promotion used more high-frequency queries.
For Example: at the request of Gucci jeans Google gives the following picture http://prntscr.com/gpqxsz, for example, take the 5th site: http://prntscr.com/gpqxig ahhh! Go to the website, find any necessary category (in this case, jeans) and click the right mouse button on the free field in the browser field.
We need a line View Page Source http://prntscr.com/gpqy48 - click on it, get it: http://prntscr.com/gpqyez - we see in the line meta name - spelled out the requests for which this page is moving. We can only compile queries with their own and go to look for more points, for example: if you make a query "clothes shop+inurl:super slim jeans" then Google will give http://prntscr.com/gpqzqh I http://prntscr.com/gpqzu9 ahhh!
2. Shops can also be searched through the "query operators", which you can read more about here https://sites.google.com/site/tilrom...-zapros-google, and even better poizuchat their on SEO forums, many interesting things there to find. As an example, the following query operator: clothes shop+ inurl:e-gift - will give us a list of shops that have the phrase e-gift in the link, or "clothes totes egift" - Double quotes allow you to find only the expression that they contain.
3. Shops can also be searched through eBay, but not everyone has their own sites, you need to search. Simply go to the product we are interested in, and see the information about the seller, if it is a shop - we will see, usually the page is colorfully decorated, and the name of the seller is like: freeshippngshoes, bestshoes, goodwatches, etc. Study carefully. Next, we will put into Google all these data and go to the site of the shop, if such exists. However, it is not always possible to immediately bypass the anti-fraud systems of shops, sometimes it's easier to card in eBay ( but more about that in the lectures on Brutus).
4. Shops can also be searched through the Amazon. Go on amazon.com, enter a query in the search bar, such as SSD. We are interested in the left column http://prntscr.com/dusrr7 , go down below, we need the line "Seller" and click "See More" http://prntscr.com/dussij, we'll be taken to the next page http://prntscr.com/dust0d ahhh! On this page you will find sellers of products of this category. We need to copy their names and paste into Google, and then by analogue with the previous one.
5. Shops can also be searched for parsers, such as butterfly. Disadvantage of parsers is that we will find a lot of junk, so you'll have to sort through manually. Although of course they are sometimes very much helpful.
6. Shops can also be searched through SQL Dumper, with proper preparation of dorok - you can find very sweet shops, but the dumper eats a lot of proxies, so you have to constantly load new ones into it. In General, it is necessary to search for vulnerabilities on the sites, but also under the search for shops simply adapts
7. The same shops you can look at the discussion forums, for example: forum of young mom, or a fishing forum. With the right approach, and SI - you will merge a bunch of shops, which will be a very long time to search the Internet. Thank you young mother Michelle - suggested an excellent shop with expensive baby strollers and lame anti-fraud system. The shop unfortunately closed, and the stroller arrived in RU.
8. Shops you can look at the website http://www.resellerratings.com
Top drop-down menu store ratings. There, select the browse all stores by category and to the left will be a menu with categories. Select for example apparel and jewelry. See "sort by" and click
So we will be displayed on the first page of the sites with the lowest rating. But these sites are in the clothing and Bijou section of 468 pages. About 70% of them have a zero rating and about three-quarters of those 70% of shops are small, well-giving. Sometimes there are shops, like on this site, there is no rating at all, but in fact the shop is large and it will not send anything to you.
In fact, there are many ways to find the right shops, with the right product, but I often use these methods of work. I recommend You to experiment with query operators, as this is the fastest and most convenient way to search for shops.
In my experience, sometimes large stores send much better than small ones, but it is rather an exception and straight hands than just luck). You need to try to break through all the shops you like.
Sometimes it happens that we face scamer shops, for example, met one where Canada Goose cost 200$, so in such shops it is better not to card the Mat , they are created by our colleagues to collect the Mat. Carefully study the shop before carding.
Part 2. Analysis of merch and their features.
Merch is an electronic aggregator for processing incoming payments, in other words - it is a program that directly accepts payments through the site. There is a lot of kinds of Merchs, large and self-written.
To determine the merchandise I often use the site http://builtwith.com for - who have the opportunity, can buy the subscription for their money too, is $ 500 a month, do not try to card it - you will fail. Put down the address of the shop in the line, and we will get all of the information on the shop, in the e-commerce section, we will need merch. Sometimes merch is not shown, then you have to look out for redirects in the browser or card randomly, this also happens.
As for the Euro merch, most often they can be seen during the checkout, that is, when already carding a card, as most Euro shops - do not place information about merch on the pages.
Below is a list of most common merchs:
1. Shopify - it is considered that every month it is harder and harder to card it, but no. Everything is much easier, you need to adjust the system for this merch. Merch loves real iron, and he practically doesn't care for socks and tunnels, the main iron and unique fingerprint of the system. Very important
- fine and competent system setup. In general, merchandise sees deds, and the replacement of ip. He doesn't even bother himself with letters about order cancellation and letters about possible fraud on your part. Exit - to perfectly customize your system for carding.
Under each merch, I have a separately set up virtual machine, and accordingly I simply change my socks and card.
To find shops on this engine, use the following search query: Ecommerce + Software + by + Shopify + dildo
2. WooCommerce is quite an interesting merch. I met it not so often, it all depends on the shop. That is, what level of security is configured by the merch. Some shops are shipped in tons, some of which don't even let us pull out a dollar.
BigCommerce - in principle, everything is the same as above.
Shops look like this: dildo + giftcertificates.php - will find all shops with gilds dildo.
4. Magento and its derivatives. My favorite merch. Easy to work and not particularly capricious.
Shops look for dildo + .com / checkout / cart / - the actual basket, dildo + .com / customer / account / - the account.
5. Shoprunner - merch / engine of many mono-brand shops. Easy enough to work with. You can also punch him with the brutus.
6. Zen Cart - is also quite common. It cards a little more difficult than the previous ones, but it does not cause much trouble.
7. PrestaShop - basically all the same. Clean sock + well tuned system and you will be happy.
8. OpenCart - my most unloved merch. Even with the perfect carding - can tell you fuck off.
9. X-Cart - it's not so easy to find, but if the shop has started to let you card, then prepare wagons.
Europe and Asia
Today we are talking about EU and Asia, I would say in general about the work on the world. Stop Flood.
Working with cards of other regions (other than us) carries a number of features, it is logical, because from region to region, different banking systems.
I would advise you to look at this direction when you have either a baggage of knowledge (and I'm talking in general about the mechanics of work and setting up the machine), or you have money for tests, but of course the best option is when you have this and that.
The direction is interesting, but requires injections, start working on it, keep statistics, and you will see patterns.
The lecture will be of a more general nature; I'll tell you the important parameters below.
So let's start, but first I will highlight one of the main advantages of Asia and Asia - the AVS system is not connected, who forgot the link below.
And let's see right away what 3ds is (it's vbv / mcsc)
Bin is the first 6 digits of the card, well, I hope you already know this.
Remember that the AVS system is in England (uk), and countries that are near (Ireland, Scotland) because they are serviced by English banks. Also, there are no avs systems on the corners of England. There are also Autovbvs, that is, when you the fraud system likes you, the 3DS code is not requested, it can be configured on the shop or bank side.
For example, a shop may simply not request a vbv up to a certain amount, let's say it just has a few merchs, or dynamic 3dc is cut off from a merch.
Remember that entering a card in the country of a cardholder can have consequences in the form of a quick charge.
We warm up the shops, we are ready to communicate. SI is our main tool. Communication with shops, receiving feedback, all this is important. At a minimum, it saves you money when you learn important information before carding, such as for example - of what countries does the material pass through.
Just imagine, you can communicate with shops (tell them your stories, be like a holder), you can ring up banks and find out the reason for the declines, etc.
If you're having difficulties with english, then use google translit, or browser plugin grammarly.com
As a rule, the world (that is, outside of us) communicates with shops / offices by mail, less often by phone.
With international carding-ins, get ready for the fact that they can request docks, this is normal, it will be more convenient if you immediately draw the docks so that when you request a shop, do not take them too long. Unless, according to us, they can request docks by specialists, in order to take time and charge.
CC with 3D code and CC without 3D, everything is simple.
That is, somewhere you know the 3ds code, somewhere there is no, somewhere it is simply not installed on the card or not needed at all for work, or it can be changed as a password in the mail (either easier or unrealistic).
With regard to resetting the 3D code (like resetting the password) - it can be changed if you know the additional.
Info on the card, like dob or ssn or other data depending on the country and bin. https://prnt.sc/fyheyl
Further, the material and methods of work are divided depending on the countries, and the methods of receiving vbv (static, in SMS code, 2fa to the bank application).
For example, what you can work with:
Usa / UK card with resetting of the 3DS code - it is relatively painlessly dropped on the USB, uk is reset on dob, zip, but more and more often over phone, reception of a code in SMS.
Carding - crawls around the world, in Asia, Europe and other regions.
We also should remember the customs limits, naturally all info is in Google.
A web page has its own anti-fraud which needs to be passed, as a rule, it is not difficult except for the already tired Germany.
Yes, cards with 3ds usually have a long charge (except uk and usa), and if payment occurred, the fault lies on the holder, the shop itself is not responsible for it, so even if the shop sees a request from the bank, it can send it.
Amex has an analogue of the vbv, this is efk (but shops with the support of this protection are not very common).
In conclusion, I want to say that the trend is that everywhere they are trying to make the 3DS code via SMS, or 2fa through the application, card-in with a reset code either it dies quickly or the code simply does not reset. Considering that a mat with a well-known code is difficult to find, then it is worthwhile either to card into shops where there is no 3D protection, or it is not on the card (or avtovbv).
Carding from A to Z
Hello again to everyone.
What is carding in and what does it consist of? In general, carding is as follows:
1. Found a shop
2. Picked up materials for carding (card, socks / tunnel / dedik, address / intermediary)
3. carded in
4. PROFIT
But ... when instead of Order Success you start receiving an order canceled / decline, you get an understanding that in actual fact there are much more details / underwater rooms / devils in the still waters - call it what you want - much more than 3.
Perhaps you have never thought about this, but this could / may be the cause of your cancels. Right now, I propose to disassemble what is carded and what it is eaten with.
Let us base on the naming of each part "variable". We call a group of variables that fit under one category - a block;
Each block consists of several subparagraphs and variables within it; let's proceed to a detailed examination of the blocks and variables inside them:
CREDIT CARD Block:
- bin (first 6 digits of the card, determines the issuing bank, country of issue, card level, presence / absence of vbv)
There can be a restriction on payments, limits on spending / limits on payments on the Internet on a particular bin, or it can simply be "cashless", different types of VBV / MCSC and its reset (reset varies depending on the bin);
Autovbv bins - when the card is on the card, but does NOT require a password and is automatically processed.
We read about VBV on our carding forum.
You should not dwell on this subparagraph, but at least you need to take note. For this, write down every bin you encounter in your work, as well as the result of working with it.
- Card Level, Card Type
Card level, Classic / Platinum / Premier / Gold, etc., as well as Debit / Credit. Based on the level of the card, it can make an assumptions about the presence of a balance on it. It is logical that on platinum credit cards there will be more than on debit classics - purely statistically.
- card validity
Nothing matters: neither ip quality, nor system setup, if the card is dead. One hundred percent can be convinced of this only by ringing the bank (or if there is an enroll to the card). Checkers often kill cards, so blindly they can not believe, and the United States before carding is better not to check at all.
- billing info / address - credit card address (billing address, billing - cardholder residence address), unfortunately, curves periodically jump on cards billing, and in the case of carding a bad card in merch, which is checked by AVS (for example, almost all USA shops), such card will not be included.
The reasons contributing to this are the methods of extracting cards, almost always the information about the card gets to us, in the form that the holder entered it somewhere.
He can order something for work, house-in-law, and so on.
There are various methods of dealing with this, I will tell you about a few that I used personally:
A) Find out the billing of the holder before carding the card
B) Search for information about the holder in publicly available sources, for example, by searching Google for Name + zip (John Woods 18462) and checking the correspondence of the address and the name on various sites and social services. networks.
C) Beating certain bins and types of cards. Types of cards include Business Cards (cards for business). These are work cards that are often registered with a company / organization (so don't be surprised if you see something like "Mike Stewart Washington Water Restoration" instead of a name on such a card)
Plus, carding such cards is that in billing they are even in 99% of cases than other types of cards cannot boast, due to the fact that the company orders goods or pays services relative to its business address, that is, billing. Minus - not all bins will have positive outcome.
- check cards. There are several types of card checkers:
A) Authorization and cancellation. A random amount of money is authorized on the card (from $ 0.01 to infinity, but usually not more than $ 1), according to the same principle, a check is made somewhere when debiting the amount.
B) Pre-authorization and / or cancellation of authorization. With pre-authorization, the amount is not debited due to the quick cancellation thereof; when canceling the authorization, the zeroing (cancellation) occurs after the immediate authorization of the amount
C) Call to the bank
Each bank and bin differently refers to different kinds of card checks, but this is mainly a negative impact (especially when working in the USA) and sometimes it kills the cards (even pre-authorization)
The next block is a masking unit:
The first item will be called "human factor". At the moment, many banks automatically analyze the amount of monthly expenses and the type of cardholder transactions, and because of absurd behavior (this is when a 65-year-old lady buys a snowboard) is possible (I stress, possible) transaction failures on the part of the bank.
This is not critical, but it is impossible not to mention it. The shop sends information about the transaction to the bank, so you need to collect the minimum fraud-speed to bypass the antifraud systems - be guided by this.
To this item there is a sub-item "Pattern of conduct".
By this I mean the motivation and purpose of a person
buying something at this particular moment in a particular shop.
Create your own image, become a holder, you card in your card, not someone else's, believe it! Are you a 65 year old and you decided to give your son a laptop? Talk about this with the support of the shop and ask for advice, read the description of the product, make a mistake when entering the text, your eyes are not the same as in your youth!)
Socks and the tunnel as a whole can be grouped and called the ip-address block, then the variables in this block are as follows:
- clean ip on blacklists
- open ports
I talked about this in my lecture on security, in short, this is not a negative, not a positive parameter in most cases.
- geolocation of ip address on maxmind base (or other is important)
Whoer.net and a number of other sites have an outdated max- mind geo base, so the flow of geolocation information from the site being driven in compared to whoer and some similar sites can be very coordinated and critical, up to another state.
Some sites have their own geo-bases, often on these sites you are offered to automatically fill in a zip-code, city and state, therefore when carding in such shops are better guided by the information provided by them and select the material based on it.
- proxy & risk score
- provider, host name, DNS, ip hosting provider
Internet provider ip, hostname can tell about ip affiliation to cloud hoster (see lecture Security and configuration of Wirth machine)
- distance of the zip code ip from zip code cc
On an example: we own a card with a zip code in billing 97401, which means zip ip should be as close as possible to zip, that is, 97401/9740 * / 974 **, etc. - however, it directly depends on your theme and the place where you carded in, for e-gifts it is necessary to select as close as possible, for clothing cases depending on the situation: under the drop / middle or the holder.
Dedik, virtual and physical machines are included in the second group of masking, respectively, are a separate unit and have their own groups of variables, namely:
- OS
Windows / Linux version, etc.
- browser (Browser, version, WebRTC settings, coockies)
Serious merchandise can also request the browser information about installed plugins (can only check by requesting the id of the specific plug-in (s)), check sites on the list where you are
Logged in https://browserleaks.com/social - you can check here, for example). In practice, when logged in, for example, Facebook is a plus, but not critical.
What is a packing coockies?
- Stuffing cookies, surfing on various sites - imitation of a real user BEFORE carding.
It looks strange when a person with a "bare and empty" browser goes to buy GIFTs for a thousand bucks, isn't it? Therefore, we create the image of an ordinary hamster user, having previously previewed on the sites of all local clinics / restaurants, Amazons, ebay, facebook, etc., in general, I told about this in my lecture on setting up the system and security, now I recall because it takes place here.
- all kinds of prints (fonts, fingerprint, audiofingerprint and many others)
The totality of prints generates your unique user impression remaining in the system, is solved by changing the system (changing the screen, etc.), replacing a number of point prints (such as fonts, screen resolution, video card frequency, etc.) and / or using antidetekta.
Block-process of carding. In my opinion, the card-in process itself consists of several things, which, like all variables, can vary and / or modify themselves:
- method of getting into the shop (for example, from Google, or from Facebook / Twitter, other places)
Yes, this is also important. Yes, shops see it too! To one degree or another it also matters. There are several types of transition, talk about them ranging from less trusting to more trusting, respectively:
A) Directly by the link from the browser's homepage, for example, browser > amazon.com
B) From search engines, for example, google.com > amazon
C) Social networks, affiliate programs, various coupon / cashback services
The shop keeps track of where you came from, at least the arrogant methods = the most trusted!
- manual input of the text or copy-paste - antifraud sees it, do you copy your name from the clipboard when shopping from your card? I do not think.
- warming up the shop
Surfing the shop, AUDIORED product selection, reading reviews, delivery methods. Deletion / addition of goods to the basket [from], registration of an account in a shop (and possible temporary revelation of it), preliminary ringing or communication with a support.
- carding by call / no
Some shops have the option of order by phone - order by phone. It happens that the holder does not load the site and then the support operator comes to help, who personally enters your card details and so on. Plus the fact that the antifraud does not actually see your system / ip address, respectively, does not assess the risks based on these factors.
- billing = / shipping
Matching the input billing address, shipping address, it happens that orders are canceled due to differences. You can fight in the following ways: pass antifraud on all other indicators / warm up the shop (for example, chat live in live chat and say you want to buy a gift for a friend, etc.) / search for shops / dropping billing
= shipping = drop / middle (when checking AVS system does not roll in most cases) by carding in an illiquid, which is not "tightened antifraud".
- shipping
A number of addresses of well-known resenders may be in the black list of many shops and merchs, duplicates are also monitored (were they bought at this address earlier in the same shop)
- email under the holder and under the recipient (in the case of Gift)
Mail also has a certain risk-speed. Most trusted - corporate mail like [email protected]. The most fraud ones are those who have simplified the registration process (for example, mail.com, in other words, those where you do not need to receive SMS during registration)
Among other things, some merchis pay attention to the name in the mail address ([email protected]) - can check the presence of the name / surname of the holder is also not critical, but also an important thing.
As you can observe, there are a considerable number of variables. Therefore, when there will be a cancel, think twice about the number of other variables that directly affect the result of the work. The analogy of creating this list can be done in any job, be it with a stick, poker, banks or affiliate programs.
Block of the effects of card-in. There are many different options for the effects of your carding work, consider the main ones:
- Decline. Decline The shop did not even allow you to hang up an order, which often means that you have problems with the card, so first of all you should pay attention to it and see the CC Block. In other cases, the site or technical problems and nuts are tightened (rarely), or you do not pass antifraud (or shop or bank) from the word at all and burn somewhere, in this case, see Blocks "Masking", "ip-address" and "Process drive"
- Cancel. The order hanged itself, but after a while (or immediately) the order was canceled on the email, reasons: the anti-fraud / shop did not pass, the holder rang / something was wrong with the card and the shop could not write off the money.
The antifraud did not pass and he did not like: something - 2 options for the development of further events:
1 - cancellation directly from the antifraud system of the shop (or the bank was not allowed to conduct a tranz)
2 - according to the sum of points scored, the indicators fraud order was manually processed (this is when the manager manually approves / cancels the orders) and the manager canceled it, or rang the holder.
Otherwise, if everything is clear with the first case, the rest should be disassembled in somewhat more details.
A shop rang to the holder - yes, there are shops that always call, there are also shops that can only call on specific orders (for example, E-gift) and / or on a specific specified order amount (for example, all orders $ 500 +)
The methods of dealing with this are as follows: indicating your / your telephone number ringing, in order to receive a call / left number indication (for example, some neighboring cafe with a holder) or a non-existing number, if necessary.
However, due to the AVS system in some countries, such orders can also suffer, I personally never shaman with the holder number as in my work the coincidence of AVS should be 99.99%, so look at your needs and desires.
The third and last option is the cancell due to card problems. It means that the holder either managed to see the actions on his card, or your shop process orders are not immediately
- requests by the shop, for additional verification in the form of a photo of an identifying document (passport / driver's license) or photo card. It means that you have missed the antifraud somewhere, or your order seemed suspicious. It also arises in cases when the shop is already quite jolted and requests verification at the slightest suspicion.
- request for additional verification by calling, ask you to call to "clarify" some details. Usually they drive along the back-edge (see the lecture on breaking through), depending on the shop you can also mean that the card has a billing issue.
How to fight? Punch, call, draw. If the warrant or tests are worth it. Recorded results in the record and draw conclusions.
The last point of the lecture is Checklist. Cheklisty, my method of work on point shops by developing and refining the approach applied to them.
It is a list of points (usually 10-20), telling how you can break through a specific shop based on the tests driven by this shop, various useful notes derived from experience again (for example, how quickly orders / stationary arrive) - to me helps in work, a kind of creation of a template that you need to focus on for success.
An example of my checklist for one large shop: "SHOP *****. Com
- Should be smooth billing
- carding should occur with one attempt at 1 ip. Exception: 2 attempts
- Only manual input and previously non-repeating variables (a la mail)
- Consider the version of cardings from dediks
- If the anti-fraud did not pass, but the card is good, the cancel will come to email within 25 minutes
- When the order does not miss the anti-fraud system, merch gives a decline with the text: Unable to process credit card at this time, processor reported (Authorization Failed)
- If the card has insufficient balance or billing curve, merch gives a decline with the text: Please double-check your billing address and credit card information.
- The following bins came in: 517805 464018 for such and such sums ... *
And so on.
As you can see, the blocks are divided into points and group order, in order of the order to classify the groups as follows:
Blocks Credit Card, Disguise (system) - consolidated - preparation for carding.
Blocks: The process of carding, the consequences and checklists are the result of the preparation for carding and, in fact, the consequences. It is important to trace the causal relationship between the preparation and the result in order to learn how to understand where and when you are guilty, and where the shop or suppliers of the materials are to blame.
"Those who give practice without knowledge are like a sailor going on a journey without a rudder and compass ... the practice must always be based on a good knowledge of the theory."
Selfregistered Paypal
Okay, comrades, hello everyone again.
Today we are considering self-pp (selfregistered paypal account) subgroups.
First we will analyze the theoretical part, then we will register a self-reg and further answers to questions.
I think this is understandable the most important advantage of a self-reg is a long (as a rule) charge and if the trance has passed, then most likely the goods will be sent and he will reach without problems.
There are no problems with cc, cancellation of transfers, reversal of the pack with self-regs there is no but naturally there are also disadvantages to the self-regs namely the buildup of as to make a self-reg and to card-in 1k$ immediately- will not work
it is possible, but it is rather an exception to the rule therefore, self-regs must be pumped up by small purchases / transfers
in order to create a self-reg is necessary:
1 - Full info (fulls, fullz)
2 - Phone
3 - BA (bank account)
4 - CC / VCC
FULLz is data on real american here is an example of full info "Dale S Murray":
7955 Colee Cove Road Saint Augustine
FL us 32092
SSN - 593-12-7088
MOB - 904-237-3757 DOB - 09/16/1966
Dale S Murray - full name 7955 Colee Cove Road - address Saint Augustine,
FL us 32092 - city / state / zip
SSN - 593-12-7088 - social security number MOB - 904-237-3757 - telephone
DOB - 09/16/1966 - date of birth
Fullz is the easiest to buy. Normal Full info costs $ 0.5 Full Info with high COP (loan soon) 2-3 $
Much better if you buy an CC and then search for a fullz for it and the ideal option is to fill up this card and tie it to pp such an option is good and you can pay / send $ 200- 300 at the new self-reg
2 - TELEPHONE
We will need to take sms from pp.
Therefore the phone number in the stick we indicate the one to which we have access namely, gv (google voice) or textnow.
3 - BA
BA can be tied to a stick in two ways 1 instant through a log pass.
- binding instantlly means that pp we choose the bank that we need, enter the login and password from it, then select the desired account and link to the pp.
- mini deposits and each bank account has an account and routing number. So for linking this account to pp, we write down these numbers and send mini-deposits to them mini-deposits are two charges from pp on this account to $ 1 which are charged off then in one amount
In a stack it looks like this:
verifing PP john smith +0.10
verifing PP john smith +0.20
verifing PP john smith -0.30
Account and routing numbers for are sold immediately with the ba or you can search through the appropriate services on the forum it is best to take ba immediately with numbers this may be useful in the future when drawing states or, if necessary, confirming the ba again the cost of the ba is 1-30 $ depending on the bank and the balance of the ba
When buying, be sure to pay attention to the conditions for replacing the BA.
I recommend at the initial stages to take ba 5+ to 4- CC / VCC
4. CC said above, with regard to all of us use visa vanilla card.
We enter these cards, we confirm it with mini deposit and the card is attached.
On the theory we finished.
Methods of working with Paypal self-regs
The topic is actually quite extensive and there is always a place to show your creativity
We will consider the most common options.
So the first rule, behave like a real american so here.
if the self-reg did not give a purchase, send, donat-helps with unloading, reducing the amount of the transaction, changing the product / seller / mail / shop
I repeat, before working with self-regs, it is highly recommended to read the archives on paypal.
We will understand slang:
"send" - sending money from one aka pp to another mini deposits
"state" - statement - bank statement
On the organization of work, as I said, takes paypal with a number, and when you accumulate a decent number of samoregov, then the issue of statistics and reporting becomes especially acute therefore I advise you to immediately start a statute in Excel or a similar prog, to whom it is convenient
I usually write in the article: date of registration binding date ba date of last action which ba is tied (mini deposits if there is) mail and space for notes.
I write down trances there, when such an info is cleared in addition to this, as I said above, I advise you to install thunderbird, a mail collector for the convenience of monitoring your self-regs some options for non-standard account registration 1) through payment with CC we are looking for a donat who accepts payment for a pp, we try to pay with CC for 1-2 $. enter data, put a tick "Register an account for PayPal" pay and get a self-reg with one transit then we go to the acc, add dob and ssn through add money.
If everything is cool, then link a ba and put it away for 3-7 days.
I will explain it right away, if I lie down, this is when we don't go into ak pp after successful transes.
2) Set up an invoice for an empty email "empty mail" is the mail on which the account has not yet been registered from a self-registration software pp we set up an invoice for an empty mail, a letter with an invoice comes to this mail, we follow the link from it and pay the invoice with vanilla (up to $ 100 comes in norms) at the same time we upgrade our two others accs.
3) Send on an empty mail from a trusted acc of pp acc can be a good swagger as well as a ppc account of a real american with many successful transits in the second case, you will have to be creative, for example, buy game keys and sell to americans on the forum with payment through pp to empty mail
The salt of this method is that to such a self-reg paypall will initially have higher confidence and it will be much easier to merge it next types of payment in self-reg pp:
1 - with CC / VCC
2 - with ba (e-check and instant)
3 - with balance PP
4 - bl
I will explain about the payment from the ba it is of two kinds:
1) e-check
2) instant
Payment by echek takes 3-5 banking days.
In simple terms, this is a bank transaction for debiting funds from a bank to a pp ba and transferring them to another pp account payment by the ISTANT is the same but with one difference.
In the case of instant, paypal trusts our acc nn and sends the money right away, sort of crediting us, and then waits for it to be cleaned the day when the transfer of media from the ba to the pt is completed and is called the day of purification (clear jeka).
Let's look at refs (refunds)
Ref is cancellation of purchase and refund as a rule, paypalers use refs to get the money out from the ba to the paypal balance.
What features and pitfalls are there.
If the payment occurred with the CC, then with the ref, the funds are returned to the CC.
If with a BA that has been cleared by a BA, it falls on the balance of PP.
If with a bank, the funds were deducted from the bank but the tranza itself in pending will fall into balance in 3-5 business days.
If from a ba instantly, after 3-5 business days falls on the balance with bf ref will fall back to bml options for cashing out the balance of PP.
Cashing into stuff available options:
1) Send from the balance to the another self reged acc (that is for cashing out) and withdrawal from it to the visa (about 3 business days)
2) output a ba on the same self-report the easiest and most effective method in my opinion paid, refed, cashing out into stuff sometimes it is easier to merge into stuff than to cash out a ba but there is less a percentage of your profit when you card to people who buy stuff and the wait is longer profit if you send it yourself
For this reg ACC of eBay, do not link pp to ebay swing it a small transfer to the balance we register the ebay acc on the resenders data fill in 5 feedbacks with small stuff and then you can start to card on to the resenders iPhones, MacBooks with the balance of our screws next
It happens that the acc with Balance went to the limit of 180 days.
It's okay, this acc should get postpone, after 180 days knit your withdrawal account and merge Balance.
It is better of you have an ebay business acc so it will be a little easier to cashout with it if the selfreg doesn't give anything.
It helps if you give it a rest for 3-7 days or reduction of the amount of carding, change of seller, shop do not make many attempts of the same type of action you will get "unusual activity" in the worst case a limitation it's called jerked off acc make 3 attempts, no longer desirable bundles for working with screws PP
1) 1 Virtual mahcine = 1 selfreg + tunnel/socks
2) basis + antique + tunnel/socks
3) virtual machine + portabl under everyone + tunnel/socks
4) basis + sphere + socks limits:
easy - to receive SMS, password change, secret, questions/confirmation BA.
medium - need a drawing of the passport, iD, state / BA, proof of address. Two business days review if this time is not removed then you need to call the paypal.
heavy - all of the above plus clarification on transfers the percentage that you will remove this limit is extremely small easier to drive 180 that's about it.
Brutus of Paypal
Good evening everyone! Today I am your lecturer and the topic of our conversation is carding
bruted accounts of Paypal or shortly - Brutus of PP.
I will give you basic information on working with this area of carding and answer questions that you may have during the lecture. Go!
Let's Start with a short introduction.
I Work with a paypal from the moment of registration on the forum and training.
Lured this direction in the first place for its simplicity and accessibility for me then.
because for the work we just need to have the dedicated server, the account and address where to send. Everything else is a matter of technique.
During this time, the paypal may many times tightened its antifrod and became more and more difficult and expensive. But we did not stand still each time, we learned something new.
So you understand how the antifrod has changed for these 2 years in the work with Brutus of PP, here is an example.
Earlier, when I was just starting, I could do this.
You Go to any shop with the liquidation (iPhones, etc). Trying to card with paypal there, and when we putted in the log pass I just added the resender, paypay late this address and what the realties of the phone was coming to me to the warehouse. Perhaps you don't understand what's wrong. But if you start working in this direction and then re-read this lecture, you will realize that now it is almost impossible to do, or it would be great luck.
Now directly about the work with Brutus of PP let's Start with the purchase of accounts for work.
due to the fact that the sellers have different checkers, the type of account that you buy can change from time to time, but in General the information there is written the same.
For example:
==========================
[email protected]:Sklo5151 Holder name - shellie kotovich
Address - shellie klotovich|Po box 160||CROCKETT|CA|94525 Primary e-mail: [email protected]
Limited: - False Country - US
Phone - 19253815811
Balance - USD|0
Card - CC 5805/11/17
8134 Bank|J. P. MORGAN CHASE BANK, N. A.
Transactions:
85.05 USD-Bank account 30.06.2017
85.05 USD-Jennifer Nicolini 10.06.2017 233,00 USD-Bank account 29.05.2017 210,00 USD-Jennifer Nicolini 29.05.2017
===========================
Here in General everything should be clear and without knowledge of English
but I will briefly explain
In the beginning there is a login and password from the stick. Further name (Holder name), address (Address), mail, phone, limit\nolimit, account country, phone, balance,
credit card, Bank (BA) and Transfers committed by the owner from this account.
Before buying, it is desirable to determine which country You will be working on.
These are mainly such areas - usa, EU (Europe) and exotic (in fact, all other countries).
to Say which country to work with is the best I can not. Personally, I started my journey with US accounts, but You would be advised to start with EU accounts, because according to my observations there orders go better.
Guys, all clear from the above written? any questions? Go ahead, just started.
At the moment, all sold accounts can be divided into 2 categories - with transactions (1) and without transactions (2).
The second type of accounts is also called zeroes
The good accounts type 1, so it is the fact that CH there is active, there are purchases in various shops or services, and the percentage that your carding will be of course much higher my best most often use to hijack your account, and the subsequent attachment of BA to cash out it in the shops\services.
you can find sellers of brut pp in the appropriate section on the forum.
Now let's move on to the topic "how to card".
1. Dedicated servers (Dedik), from sellers you can meet such types: Homework (Home) \ Servers \ Amazon
2. SSH (tunnels) \ socks \ proxy
I can Not say where to card that it gives 100%, I think you know.
But, focusing on the fact that you are just starting your journey, and you like no one else is important at least some positive result, I would advise you to start with Dediks.
But do not take the homework from $ 10 although the sellers say that they are the best and clean, we do not need this yet.
You have more material to spend and splurge Take homework servers up to 5$
Loved and love to drive with Amazon Dedikov, they are an average of 1$
For those who are more confideint, I advise to use the scheme "virtu+tunnels".
Sellers of all these goods can be found in the relevant sections of the forum.
For Dedik use - mRemoteNG.
Now imagine that you have bought accounts of Brut pp and decided on the device from which you will card.
Now it remains to understand: where to card and for what purpose? According to the old scheme, I will divide where we can card into 2 categories:
1. Physical goods
2. Electronic goods
The first category of goods you can card either on the resender, followed by transportation to yourself, or on the drop, with the delivery of goods for a percentage.
About the second category probably guessed, it includes various gifts stores that you can also pass in a crowd\sell\yourself to card it to the resender.
Very carefully consider the choice of the resender, because there are very unpleasant companies that consider parcels under a microscope, and any discrepancy leads to a ban account.
A few more important points. After new yaer 2018 paypal got noticeably tightened the anti-fraud and now even just to log in is problematic.
How do we do this? Takes any shop with some illiquids and through the instant checkout buy something cheap.
Then write in the address bar paypal.com and look at the outcome. If you are in the account, that's fine. If not, take another AK and repeat the operations.
Even if the security check appears it does not mean that you can not get into your personal account. If sc has popped up, try to write paypal.com you will not lose much time, but there is a chance that you will get thrown into to the personal account
Most of the shops can be divided by the method of carding into 2 categories. The first is so to say "classic". When you found the shop - put the goods in the cart - click checkout - entered billing\shipping address - chose the method of payment PayPal - you threw on the site of the paypal where you entered the log pass - shop entered the address in the paypal - you paid for the order.
The second category makes its way through a quick checkout, through which we just try to get into the online acces of the Paypal acc at the beginning. What does it look like? You found a shop, put any product in the basket, and there you will immediately see a button - Check out with PayPal. This is the quick checkout button. When you click on it and enter the log fell, you will see when reviewing the address of the CC. Here is an example of a shop for you to understand, with such a checkout - shop.lego.com.
Shops only with such a checkout make their way so.
In the beginning you would take the 1st category shop, reached the review, when the shop entered the address you need, you DO NOT pay for the purchase, you leave the account to rest for a day or two.
Be sure to save cookies at sendspace.com if it is a dead dedik and he can die.
Then go to the shop with a quick checkout (category 2), and already there when you click buttons Check out with PayPal you will see your address at which you can easily make an order.
be sure to learn how to save cookies.
This is very important in working with paypal. Dedik can die, and all your efforts with the rest will be
vain. Could get into the account - this is the reason to save cookies.
If this is a Dedik, then download the portable Mozzila (up to version 55) directly to it and install the extension to work with cookies, I personally use advanced cookie manager, but you can search for something of your own.
I would also like to point out the big mistake of newbies. When you try to card paypal, take small amounts, about $ 50-100
you are now the main thing to get at least some result. Do not card ebay.
Although right if you really want, you can try, but the main thing is not for large sums!
Any material as if it were a Dedik or a socks, you always pick it up under the state if it is US, and under the country if it is EU (Europe).
Save any results. I always worked with excel. If you card , go through - write down everything that can be useful - shop, mail where you drove in, log of the paypal itself, from where it was carded(Dedic, socks), if the order is there then write down its number, etc.
I would also like to note such a very important point. Paypal works with a floating antifraud, and if you are working today, and using your method of doing a couple of orders in an hour, this does not mean that tomorrow you will have the same thing.
In order to know when the stick "twirled" the antifraud and other nuances a little, I advise you to always monitor the discussion section on the work of brute nn on the forum.
Work with Brut accounts
Well, let's start probably. If someone is late, he will catch up with the logs.
Today we will talk about brut. This is the most profitable direction in carding in terms of financial expenses. Of the minuses in it, it is just the opposite of costs - time consuming. Recall what brute is
Brut - the process of searching the lines login: password from the database, using software for validity to the service you need...
What do we need for this:
1. Bases
2. Proxy
3. Server
4. Soft
Now about everything in order.
1. Base. What is it and where is it taken? Base - merged dump hacked site where user credentials are stored in the form of login: password. In the form of login: the password is not always, there may be hashes, but mostly they are sold in a pure form
The bases have several characteristics.
This is privacy - the ratio of the number of unique combinations login: password to the ratio of those combinations that have long been gathering dust in public
This is valid - the ratio of the number of lines login: password, with which we can get to the mail to the holder
Well, the subject with geography.
2. Proxy. You choose the proxy individually, and if you find your ideal, do not tell anyone about it. This is the same "bread" as the medium and giving themes. If you need to reset the accounts of some poorly protected service, such as a small shop with gear, you can take the first ones. If you need to brutal Amazon, Ebey, PP, then you have to look for
3. Server. It is needed only in order to provide the software with normal working conditions, increase your security and for your brute to work without interruption. You should approach the choice of service based on your financial condition, offers for such requests are enough to exploit, the price tag ranges from 10 bucks and higher, ten times higher
I will immediately answer the possible question of whether it is possible to rotate on your computer / virtual machine. It is possible, only in the case of Wirth, the efficiency will be low (system requirements), but on its basis I recommend not to run ANYTHING bought on our forums.
Today, the software is normal, and tomorrow with an update your cue ball will leave to the software developer.
4. Software. Most importantly, without that, it will not work out brut. It is purchased for the site you need at Exploit and BHF (oh for good reason). Look closely at reviews and how long this coder came out in public. Often happens, coders saw goodness, and then they fuck up on updates.
Updates will be made only by people who are firmly motivated by their turnip and finances.
Software is also written under the order, on the same forums.
There is still such a thing as "combines", these are software, where brute is assembled at once under many different sites. I don't recommend taking them to you, because at the beginning of sales it works fine, but then everything starts to fall off and the coders often merge. At the beginning of the way 2 times so stumbled
You can find a site for working with brute accounts on your own even though you already have a niche in all the gaps, there are still unoccupied holes. First of all, you need to evaluate how often people use this site, of course, that on Ebey and Amazon the number of "buzzes" will be several times higher than on an unpopular site with a gear, only the work on these services will be very different. The virgin store, which has not yet been raked out, will give easily and naturally, and to work with giants you will have to pay a lot of money for tests.
You should also check if the site saves a credit card. To do this, we take 2 grandfathers (2 Wirths + proxies, or antiques), take one CC, mail to mail.com and go to card in with the first dedik. Save payment information when paying. Then, having only a username with a password, go to the same shop from the second dedik, try to log into the account and make a second order If you have succes, you are not asked for a CVV or any other data that you don't have, then you can work with a brute using a shop
Evaluate whether it will be brutally liquid, order software and go into battle. Pure shop is always fun.
There is another chip, which I used to mention often. Feel free to use Google, he knows everything. If you think that the shop is virgin, it does not mean that it is. Try to drive in the request www.nameshop.com carding, carding, it is quite possible that it will pop up somewhere in our nigaz brothers in black
Now let's go through how we can card.
We have several options. We either charge it all on the resender, in a barbaric way, or charge a drop in the same barbaric way, we can hit the address of CH, if the shop sends mail that can be redirected, pickup, etc.
A little bit more.
1. Direct on the resender or drop. We just log into the account, change the shipping address to your own, without affecting the billing (relevant for usa) and card. Rolling - shaking and waiting for the confirmation, not rolling - shoveling accounts further
It's better to beat it all the same. In all of the shops people, managers, they know the addresses of the resenders, they know how to use Google
By the way, about Google. Research your drops from admins panels.
They can be "ignited", to such an address the arrival of goods as a holiday, usually if there is a black list, the account will immediately block the account
Also, try not to touch the name of the holder. If John Vick changed the address, this is acceptable, but if he suddenly changed his name, especially Vasya Pupkin, then the chances of you fall into zeros. If you use intermediaries, then go to these non-Slavic ones, some Dzhamshuts and we have enough there too
As for the pickup, I can only say that the chances of carding are about the same, because the amounts should be large, but getting the pickup goods is still a buzz. Here, they can take a drop, and he can hide it himself, and DS wants to eat, may lose your pack.
I can also advise you to carefully study the shop in which you are going to work, read thoroughly. They often have any promotions, chips that, given fantasy and the proper level of skill, give freedom for action.
As an example, in one shop it was possible to card from a brutus, to make a refund to the balance until the moment of sending the stuff, and to balance the gifts there. Another example - the balance was also returned, but it could be transferred to the partners of the store, the goods that were bluffed from such a baance were "clean" for all antifrodies and the work was excellent. There are a lot of examples of this, so do not be lazy to read for 15 minutes. Carding and, in particular, brut is not a stupid brute force of accounts, but the work of the head
Now, by the brut accounts, they are not only with cards. There are also with Paypal's linked accounts, and with other payments, there is enough. The easiest way to learn and work is the account + CC, everything is the same; only the antifraud of a shop bothers you, and the antifraud of a bank usually does not affect the work. But with PP you and the whole smut of the paypal with her ICP get. In addition to the
fact that the shop itself can be shaded, paypal will also be strewed with MF, SM, etc.
PP is good for "see" how it works, there are penny accounts.
But for work I do not advise, if you are not friendly with paypal tightly.
You carded your product, the order is in pending. What can we do in order to increase the likelihood that the order will be sent to you.
We can only influence how information about this purchase will be available to the account holder.
To begin with, we understand the account. We change there the email, password and phone to our.
Post your mail already after the successful carding under the name of the holder, you can go to mail.com, this is done quickly, you do not need to receive SMS there.
If the order is small, put the number out of the head, if large, put your Skype number or a ringing number.
This will help only if the holder already forgot about this shop and did not receive SMS from the bank.
Unfortunately, in the sphere of international payments the development has gone far and often holders have push notifications to the phone and sms and the shops themselves call.
But if CH is broken, he may not notice the first few days, and then he will not be able to do anything.
For prevention, if the order is large, we can load him with spam by mail. But this is such an option and is needed only as a safety net, if the order is very important. Rather, the holder will know about spending on SMS or on the phone
Also, look at the contact details of CCs not only in shipping info, but also in billing, there is often a duplicate phone number and it is quite possible that the data on the PP account, where the mail may be different
Brutus Ebay + Paypal
Hello everyone. Today we talk about brute ebay + nn (PayPal), analyze what it is and what it is eaten with.
I have been working in this direction for about a year, I found both good times and not so much, for example, as now.
I note right away that I did not make millions, but if we consider that it took a minimum of time and money, I consider this a good and affordable way to earn money.
Today we will learn to card accounts from ebay and during the whole lecture we will try to get to know this giant in more detail - Ebay.
Let's start first with the advantages that await us:
This is an easily accessible material, I think if you've browsed through the shops a bit, almost everyone saw ebay + pp, ebay + cc, completely different countries
Actually, now with ebay accounts it's not very good, because they die within a few hours, because the way of authorization with which the akka was checked broke.
The main countries of eBay are USA and UK accounts, which stand out, but there are also IT, DE, CA as far as I know, but now most sellers sell it as a mix or under a different name from different countries. All of these accounts have a variation either with pp or with ss, respectively, with the associated account paper or card.
Actually, this is how the account log looks like:
[email protected]: neil1976 / Access Email: NoCheck / UserID: neil132011 / FeedbackScore: 17 / Orders in the last 60 days: No / CC: No / PP: Yes / Country - GB / State - Scotland / City - Aberdeen / Street - 1 lossie place / Zip - ab166tj / Phone - 07927 938797 / Seller: No
Let's look at the order of Hodler's emai / access to email (this is not the case in all shops it costs a couple of times more) / user ID on ebay, he is a login (most often you go through user ID rather than email) / Number of reviews (the more the better, the better, but in fact, if there are a lot of reviews, the account owner will notice our purchase from his account) / purchases in the last 60 days (most often he tells us about account activity, most often it's not bought from these, by the way, but the holder can even forget about his account) / tied map / attached payal / country / state / city / address / zip / phone / seller or not, but I think that here you yourself will figure it out a.
Actually the price of the same accounts. Ebay accounts are cheap, if memory serves me, then for 1 account we pay from 0.3$ for USA, UK accounts, the mix of the country will be cheaper, probably you know why
The work environment, for example, your dedik, socks, vns, tunnel and everything, everything that you can think of for work. Personally, I used to work on Dedik and processed more than 100 accounts from a single server. At least I think that it should also work with the same VNS, but I personally didn't test it, because it was quite expensive to take VNS and sometimes VNS lives much less than Dedik, but recently I changed the direction, but more on that later.
As far as I know, the best thing is carding from a real phone, but I personally don't use it, because I just don't know how to set up the phone and preferably we can use a patched router to get it if we decide to work well from the phone.
Holidays. As in all shops fraud is weakened, we can enthusiastically try amounts that we could not try before.
Now let's go to the minuses, there are about the same. Actually cons:
Easily accessible does not mean good, but I often hear questions like something like "tell the seller account, store, topic, forum and everything" there is no perfect shop, just test everything, if you need I will give a list of shops with I use some accounts that I know, but time is ticking and I cannot say or, more accurately, call one of the shops good.
Now this problem is particularly relevant, because the accounts die quickly.
Like this, for example, it looks like a bad account https://imgur.com/PEXanW6, that is, it is already locked and you will not be able to enter it.
Each seller has his own rules, that is, one has a replacement within 3 hours, and the other has 6, and one has 12, but if the seller is decent, he must make a replacement.
Immediately advice, if you bought accounts, then immediately go for them work them out. I honestly do not know how ebey scorched that the account is lost, but after a while it can be blocked. We quickly worked, got what we wanted or didn't get, but the account worked for you and the seller has no problems. Do not postpone accounts ever!
It now seems that there is no guarantee for many accounts at all (for the above reason).
It will be difficult for us to find undelayed socks, dead coaches, tunnels (they are especially), unless they are usually clean. This brut, it is publicly available, so get used to the fact that the socks are offensive, the dead man is killed. Finding crystal clear materials is very difficult now, but it is possible.
Personally, according to Dedik, I can say that there are no good Dedikov on the forum. There are normal ones, but they are not good at all, so get used to the fact that you will still need to wear socks, but I have not tried all the services that we have, so maybe I am not right in the dirt. Private shops with Dedik are not bad. We cannot check the risk collector and the proxy monitor, and when the seller sells to us, they personally assure me that the best they have, and in private ones will most likely be built in, but by itself, the lower the numbers, the better.
For example, here is a screenshot of one of the private services with Dedik https://imgur.com/a/u4eTx96
I'll warn you right away that for those who are planning to work with Dedics. We buy only homework, server skip. We don't have the server from which we are shopping at home, right?
The very zadrochennost ebeya. With this we can do nothing at all. In ebeya there are peculiar periods, like paypal. Most often this happens at the end of the month. Basically, from the 25th to the end of the month + - it is better not to go for a couple of days at this time.
We turn directly to the process of carding. I will divide the directions into 3 parts.
Carding on ch followed by a rerout. It gives you quite a lot of money and basically it's USA, because there are drops, rerouting, stingy, in general, everything is good there, but I personally do not work in this area, since it's getting worse and worse, but nobody forbids you to work on UK, but as far as I know, there is a tightrope with a recap. There may be difficulties with the mail.
There are 3 main mails in fedex, usps, ups.
Fedex with a ban - rerouting, usps with a ban also rerouting, ups with a ban - consider it gone.
But if you buy from some private trader on ebee, then the probability that he has a ban on rerooting is small although there are some sold out who follow the track right and will deploy it back if you rerout it. I met a couple of them like that, but there's no way to escape from it, but if you still got to this one, then just write down his username so you don't fall for the same rake later.
Carding with the change of address. The amounts here are not large. On average, up to 150 pounds (200$), but this is a trifle, but nice. The country of work is UK (different countries will also go), because in my experience the address changes much better here, but as a plus, we can spike straight into the CIS, or any other country on our drop, among other things, Uncle Vasya. I strongly advise not to spike on myself !!! Many say that the amount is small, so that you will not be afraid, but do not burn your name. The drop services are quite expensive for us, but if we work in duffel, as I wrote above, up to 150 pounds, so Uncle Peter from the next door will not refuse to go for a package for Magarych, again the chance that you will get the minimum, but Some % risk is always in any business.
Digital direction, they are also digital goods, if in our business, then gift cards. All these Gift cards, vouchers, games, game currency. The list is simply huge, but it's better to look at the topics of miserly, there you will find % $, as well as a complete list of what they are buying, but if you didn't find your gift in the mean list, then do not be discouraged, it may be taken away too, but it's better to clarify whether it is necessary for the GIFT to be stingy or not, so as not to suffer losses in case of unprofitability
Ebay is probably the easiest way to get a gift card, which is, and yes the country of this direction is USA. There are also some in the UK, but basically all of them are USA. Amers with Gifta just a disease.
The maximum that I bought here is a Victoria Victory Secret for $ 500, I have never seen a greater value. Here the goods are divided into two types. There are E-gifts, and there are paper ones, if you can call them that, but we don't look at it.
We need the seller to send the card number and the pincode looks more often like this card number: 006493300605817195 Pin: 4234
Or a game card / key, a certain number of characters, for example AAAA-AAAA-AAAA-AAAA, everyone has a different number
With the help of this data we can check the balance of the card, and then we will transfer them to the mean. So, we are only satisfied with sending ebay with a message, or with email attached to our paper account, but for the latter we need to buy an ebay account with access to mail. This is quite rare, but you can find it, though the price will be different. I saw about 2$ per account in one shop. But remember that the gift cards and games are not the only thing that you can find in the digital direction. It all depends on your imagination, because the search for ebay is not very clever, so some things are generally better to search through Google, for example "buy dildo on ebay".
And so driving in, it's up to you to decide what to card in, some use mobile devices, but it is rather difficult to tune and, as a rule, working with them is slower than with anything, but also more profitable.
Dedik is quite expensive to start, so let's start or advise you to start with virtual + socks. There are a lot of resources where to buy socks, but I personally take on VIPs, but if you want to make serious amounts, namely, the ones voiced above, I recommend abandoning them, and if you want to work across America, then it is better to forget about VIPs, and Europe still will go. After we pulled on the sock, we go to the entrance and the scale of anonymity should reach 90 at least, but better than 100.
The most frequent problem that I constantly encounter is that sox dns of another country. Here we are powerless, but once we took it, then we will try. I personally always try to do it all the same, it's brut, after all, it's brut, which is taken by quantity, not quality. The browser is either mozilla or chrome. We will also need to download the extension so that after each account we clean our browser. Then google it, there are a lot of them for every taste and color, but I personally use portable, that after restart everything is deleted.
Vip72 socks are more likely to just try. They are cheap, but the quality is so-so. There are many good resources with socks, such as suites, feysssess, sokslab (there seems to be even mobile socks there). But everything except the last one went away in private, and for the account of the same suites you need to throw in greenery, the facess in this plan is cheaper. I do not know if regga is open there now, but a month ago the registration was $ 50, which will fall on your balance.
Moving to ebay.com is better to do it from Google, but if we do USA with rerout or digital products, use the domain .com, small products with the change of address we use ebay.co.uk.
Clicking on Sign in go to this page Https://imgur.com/h0y80OH, here we enter under our userid and password, I recommend to try to enter with the userid right away, because I often don't want to get from the mail.
The first one is always warming up or as it is called warming up, namely it is an inexpensive product, I usually buy some kind of ball up to 10 bucks or some other garbage. For example, one of these three products https://imgur.com/a/rycIL then choose what your heart desires, it's just warming up, but if we work in the UK and we need to change the address, then we should pay attention to the delivery, that is is there a delivery to our country and how much does it cost.
In the last month I often stumbled upon the fact that I wanted to buy crooks, which cost 50 pounds, but delivery to my country cost the same, so do not be lazy, look for a seller who sends cheap mail, whatever mail you send from England, it will come to you at the Ukrposhta, if in Yua and to the Russian post office, if in Ru, therefore I do not recommend carding goods, so as not to spoil your mood) you know what kind of mail we have
We see this beauty somewhere in the middle of the page - https://imgur.com/vwh8Qvm, and behind it we find the one we need country - https://imgur.com/vwh8Qvm 16 pounds is the normal fo delivery. Again, if we are on the USA for a redirect, then we skip all these points, just see what kind of mail the seller sends, because some cannot be redirected, and a redirect may be banned on some goods, but this is often the most expensive, it's still too early
Digital do not touch anything, just buy our warm-up goods.
In uk, before buying, we change the address, as an example here we see one delivery address https://imgur.com/Yoijj6E, but often there are many, if the address is one, then we change it to the one you need right there in it, there are a lot of them, for example, from 3 and more, then we are trying to add our own, just do not forget to tick off make this adress primary.
This is what a full changed address looks like, a phone number we indicate is not real, just the country you need - https://imgur.com/a/HVV57.
If it gave me a change, then the blue payment button lights up again https://imgur.com/a/o320F, if not, then you will see an error, you can score on this account after we didn't let us change the address, but go ahead and delete the address that you wrote before in the account settings.
Next, the sweetest is again a search for goods. We turn to the search, I advise you to buy something illiquid
Listings, I always put up buy it now to weed out unnecessary auctions, which only make my eyes hurt.
Sort I always change from Best Match to Newly listed to show the goods that have recently been posted.
It is also worth paying attention to the seller who sells. Do not choose a seller with a reputation of 0-50 is the most optimal 100-200, but as well as giants, they often hiss quickly, they are easy to buy.
It is better to skip the first search page in general and start with 2-3, by the way, some sellers need to be bombed, so it's better to write them down, as in general it's better to record all the actions, but honestly, I gave some regularity to the ebay- stoped watching Recently, but the list of sellers on ebee will really help you, you do not need to paint a lot just a login or a link to it and a few words for example:
PR0 $ 3LL3R228 - sent a brick instead of an iPhone. PussyEater99 - quickly spit, quickly added track.
This is of course in a comic form, but I hope that you understand me.
We are transferred to the stage that the order has already been made, now we need to cover our tracks and wait for our track / gift card, if you are not rerouting, but spike somewhere in a certain place, such as in my case in the CIS, then just every 2 weeks send your person to the post office to check, if the track still did not come
But in the case of a reroot, the track is obligatory for us, as well as the name k, and the address where the pack goes to us.
We can change absolutely all the data in the ebay account without any confirmations, so you can do it, but as I noticed, this doesn't really help, because everything is very quickly restored.
As an option, there is always a flood of mail, but it often doesn't save when the CH simply has an application called a paper and shows that the money has gone, but do not be upset if the account is restored, the goods can still be sent, entrepreneurial in orders, click the button More actions > Hide order, now there may be a chance that CH will simply not notice our order, and how to pull out the track from a dead account I will tell further.
There are many services that offer this feature for free, oddly enough, there is always a chance that the big hand of the big brother will get to your pack, but neither I nor my acquaintances have ever encountered this.
https://imgur.com/a/exkmJ click as in the screenshot and we will see a link in the address bar. Next, we see a pair of parameters in the link - itemid and transid. It is in my link that itemid is 173009293376, and transid is 1801961736007, which is what we need to save.
In the case of digital goods, we simply monitor either personal messages on the account while it is available to us, or mail, if decided to fork out. That's all for it.
Pickup, Interception
Hello again
Today, the topic is the pickup / interception lecture.
I will ask right away if someone has questions in the course of the lecture, ask them when I inform you that you can ask questions. If, according to the information that has now passed the question, we write it in a notebook and then quickly copy it, I reply and continue.
Let us examine what it is and how to work in this area.
By pickup, I advise you to work hard people who do not mind the dough for the tests.
For example, people beat ebay, stick, etc.
They have $ 300-400 from one successful operation, and it can take much more time to add to everything.
In a pickup, everything is different. if you find a giving store, then from one order the profit will be 1k +
It is desirable to know English for work, or to have a caller on the salary, you will have to make a lot of calls, there are not so many queries about drawing.
As I said, you need a decent amount of money for tests. Now, not like before, I took a cc, carded it into the first store and waited for the goods, this is not only in the pickup, but in all other topics. Right now everything is very difficult and finding something giving is difficult. Need a lot of work.
I think the tests will be enough for 1-1.5k $
This money includes expenses for CC, and preferably it should be a roll. Only the essence of rollers does not change the address of the phone, etc., that is, we don't jerk the bank don't score fraud points, and the rollers just to know the balance, take the miniks in rare shops.
The second item is the cost Dedik. The price of a good Dedik reaches $ 25 And one Dedik can be used in one shop. So consider. 1k bucks on roughly 30 samples.
But there is a bright side
They invested, and paid for a couple of orders. Mine is not bad.
Now to the specifics.
We take a homemade Dedik clean (with socks and tunnels that would give a need to sweat), you can antique (the linken sphere browser will work too), go buy CC for the pickup area, go to the store, select the staff and beat.
In principle, everything is simple.
But like in other directions there are many pitfalls. I will tell you about all the pitfalls during the lecture. There are 2 types of pickup.
This is a pickup for fake cardholder documents (CH) And a pickup in the name of the drop.
I do not think that it is necessary to contact a pick-up truck in the name of a drop, because it has not been practiced for a long time.
In 95% of cases, pickup for fake documents prevails.
The term Fake ID is fake documents.
Services for pickup is not stable. At the moment there are a couple of workers on the forum, it happens that there are no services at all, sometimes you can not choose from their abundance.
Here are a couple of services for example.
There you will see the conditions, the coverage map, the goods being bought.
You can write a support and talk, they are usually sociable.
Now let's talk about the types of work.
Previously, there were 3 types of work in services.
Work 50 to 50, work under the mean, work under the forward.
At the moment, in the services for the most part there is only work for the mean
But you can try to agree, and I think it will be possible to improve relations and work on other types.
Now about each species in order.
Work 50 to 50 it means.
For example, you have carded a macbook with a touchbar and suddenly you wanted this for yourself, write to the service, I want this laptop, he says let's 50 50
in this case you make another such macbook (pick-up service can offer something else similar in sum).
And in the end, one MacBook is sent to you, another service takes it, thereby covering expenses work under the mean everything is simple, you have a macbook with a touchbar for 2k.
He has reached, and the service pays you a percentage. all services have different percentages. Let it be 35% for Apple.
The goods are taken by drop, the miser pays you $ 700 Everyone is happy.
The last type of work, work under the shipment. This species is very rare, and not very good.
You made a macbook with a touchbar, say you switched but you refuse from 50 to 50 in this case, the service tells you, cut the costs and send. As a rule, cost coverage is 35%.
You pay the service $ 700 + shipping dollars 30-40 and he sends the macbook to you on the medium, nobody sends to RU.
+ from an intermediary to the ros delivery of bucks 50- 100 depending on the intermediary.
By type of work all.
After driving you have 2 options
1 you see the red letters that you are a scumbag and go work in the factory
2 thanks for your order, order number, send information to the mail.
We will analyze the first option
no need to give up, real Americans also suffer from all this.
What are we doing? We take and call the manager of the shop.
We swear on them.
We say that we spent 40 minutes here to choose and design and we were sent please understand the manager can tell you that let's try the phone operation or they send you to fraud department.
If you are told that we are on the phone, report all the data. and there is a possibility that the order will still pass (this means that the order in the system setup was messed up and the shop antifraud did not allow the transaction)
If it fails, this is already a bank error and you are also sent to the fraud department, there your evil uncle says, let's have a conference with the bank and then they ask you for all possible information that you don't know, it could be anything, questions about loans, cars, houses and so on.
So here we just hang up and throw out CC, she died.
It will not work; you can try to use it in the instantcheck mate for the future)
Now the second option after placing the order.
There are some shops that do not immediately debit money from the card, but after a while they write to you and thank you for the order, etc.
And after 2-3 hours you notice in the mail that the order is cancelled or frozen.
If it is frozen, it is usually asked to call to clarify the information, everything is according to the old scenario. You call, and the manager can either just specify the address, or redirects you to the fraud department, to which you can not say anything.
If everything turned out well with you, and after clarifying the address you receive information with a track number- everything is fine.
But even now you should not rejoice) All these stones are stones.
Now we need the pack not to go home to the cardholder but stayed in the mail popularly called hold.
When all is well in the status of the track is written Hold for pickup.
What we do, we take the track and call the transport company (UPS, Fedex).
And there we say that they would not deliver the parcel to the address of the owner, and what would be left and we will take everything there are also 2 outcomes of events
The first one says that everything is fine and after 5 minutes checking the track you see the inscription Requested leaving the pack in the mail.
We are waiting here and the next day, as a rule, the request is approved and the parcel is waiting for it to be taken.
The package is 5 days, if it is not taken within 5 days, then it is returned back to the store, the money on the card.
Now the second outcome of events You are told that the hold cannot be done. We go to the trick.
Where the goods were bought, we are looking for the name of the manager and already in the transport company we call on behalf of the store manager.
We say that the client has addressed and asks to leave the pack in the mail usually do not refuse.
But about a year ago they introduced such a thing as a program hold for actions it means that you called on behalf of the manager, an employee of the company wants to make a hold, but a program in which he makes it gives an error that the hold is impossible
in this case, we forget the shop because the hold cannot be made at all.
Go look for a new one.
After a successful hold when you've done everything transfer information to the drop service and sit and wait while they pick up the package check the track, it happens that it is deployed, and the parcel goes back
When we see the word Delivered we start to rejoice, it means that the drop service took the pack but not always.
Sometimes for some reason no hold and the delivery man picks up and carries a pack to the delivery address maybe this is a deliveryman most likely it is duck here if you checked the track and it says Out for delivery
it is necessary to sound the alarm and call the transport company to swear for the deliveryman to bring the pack back to the post office.
You don't always have time and then the pack is dirty such cases happen but rarely.
If your pack is delivered and the drop service says it was taken just waiting for payment.
Now about reporting.
I advise you to get a sign where we will enter information for convenience and not to card in one not giving the store 10 times table view - gonna sent It to you now:
Date / Shop ss / Shop of goods / Country ss / card type / bin CC / bank CC / warm shop / device / alex / tel CH or skype / order amount / delivery method / primary result / track / full explanation
I also do not advise working alone, too many costs and time and money gathered in a team of 2-3 people and we test different shops throwing off statistics in a hostel much easier.
It is very important to pick up the phone when the store calls back.
There was a case that I drove a laptop for 3k shop calls back just to clarify the address and manager's joy was not redistributed when I picked up the phone
he accelerated my delivery with joy.
Very often people underestimate calls from shops this is their important mistake.
Work on Android
So guys, we start the lecture on Android (bucket).
Set up an android for carding isn't that complicated and everyone is able to do it.
I would single out 2 types of work with android
1) a simple option, without deep settings - this is carding from the browser
2) deep tuning, carding in from the application
But in any case, it is necessary to get a root of the right on the device (not to be confused with admin rights, this is completely different, you need to perform a number of other functions, this is so for common development some people think that root = admin rights)
I always do it through kingo root (google), download the apk file to the phone and install it. The easiest way to get root rights now I'll take off the list of programs and go over them kingo rooT
xposed installer (framework)
device id changer Pro
Proxy droid xprivacy
ccleaner
root cloak
location cheater
and so, what are they for.
The basis for carding with applications on a pc is the xposed framework. This is a system program for changing the firmware settings (OS versions). We will touch on it in parsing carding from the application.
device id changer pro changes the data on the hardware of your phone (imei) and other parameters. This is the xposed framework module.
Proxy droid - we put socks through it. I do not work with tunnels and I do not advise you.
DNS Forwarder - in a proxy droid sometimes it does not work correctly to connect dns from socks (just the internet does not work on the phone) for substitution we use this application.
ccleaner I think he knows everything, it is convenient to clean the garbage on the phone.
location cheater serves to spoof location data.
root cloak (framework module) serves to hide from other applications that the phone has root rights.
xprivacy this is a program that replaces a sim card and not only, it either allows or forbids seeing certain information to all applications. In addition to it, I have a sim card application, it can hone what to prohibit, and what to allow applications to see so that they display the correct information about devices
All applications above (except the cliner) do not work without root rights.
Let's start parsing the settings for working with applications we put xposed installer after we got the root rights, and through it we install the framework. I will say right away, here we will face the difficulty of installing the framework, we need an android on version 4.4.4 (it's easiest to install this program) on the versions above, this is extremely problematic, but if you can install custom recovery and flash archives, you can try. Otherwise, I advise anyone to upgrade the firmware above by the bucket itself to 4.4.4 or take it to a service center and they will fix it there, it doesn't cost much. Plus 4.4.4 is much more convenient to work than on the versions above.
And here is a link to w3bsit3-dns.com there you will find an installer for 4.4.4. (and versions above) https://w3bsit3-dns.com/forum/index....owtopic=425052
After I installed the xposed framework, we install the following programs device id changer Pro, namely Pro Proxy droid DNS forwarder ccleaner Location cheater
All these programs are downloaded in the play market xprivacy
root cloak
These programs are downloaded xposed installer. go to the download section and look for them there in the search and install.
Well, an important note. apkpure.com immediately bookmarked the site, and download sim card applications (green sim card on the label)
When you have installed all the above programs you need to go to the xposed installer, the modules section and tick all the modules (device id ch / root cloak / xprivacy)
Then go to the framework section and wait for a quick reboot so that the modules are installed if the modules do not work correctly
At this stage, our device is almost ready for carding.
Now I'll tell you a little about the xprivacy module, a very useful thing when you work with shops, banks, etc., I personally use it to replace a SIM card, in fact, we have more options and go to the parameters section, touch only those values what are associated with sim and this phone number MCC
MNC country code operator ICC ID
Subscription ID.
Let's take as a basis the number 4356681778, if someone adjusts to the holder and he needs to break through the operator, go here http://www.whitepages.com
What is the MCC can see here https://m.wikipedia.org/wiki/Mobile_Country_Code, from the same page you can take a value for our parameter in the program
MNC is an operator code, you can also see the code of the desired operator (desired country) here https://en.wikipedia.org/wiki/Mobile_country_code
Country and operator everything is clear.
Now what is icc id and subscription id, and how to register it icc id is the serial number of the sim card, which always consists of 19 digits https://i.imgur.com/HzmKDk7.png
the first 2 digits of 89 are always put in defuta, this refers to the industry, its indicator.
Then what is highlighted is the code of the country, from 1 to 3 digits long https://i.imgur.com/5uIizLl.png in yusse it is 01. in other countries the value differs (more precisely, it is most common in yusi 01)
Since we adjust to usa, the first 4 digits will always be 8901 in the ICC ID value, and the remaining 15 digits can be written randomly.
https://i.imgur.com/1xoxBvF.png in the middle, by the way, this is just a SIM card number, and the last digit is calculated by the moon method https://en.wikipedia.org/wiki/Luhn_algorithm
It is used as an example for calculating the number of a bank card, etc., if you work in carding, I think you will hear it again subscription ID (in xprivacy) In general, this is called sim imsi. how to register it. We look at the picture https://i.imgur.com/uAfNjDl.png, it always consists of 15 digits, We first set the value of MCC, then MNC, then write the other numbers randomly, so that there will be 15 characters in this field
How to make the data replaced when you install a new application, xprivacy throws a notification, and the data that needs to be changed, click on the button to disable (deny).
And here the simcard application comes in handy, which will help you to tame what values to replace.
Now I will describe how to card.
Put the socks in the proxy droid, prescribe ip, port, do not forget to specify the type of proxy, just try to tick the dns from the socks, but if the Internet does not work, cut down this option and everything will work (if the socks are not dead) and turn on.
We go to whoer.net we look at what time zone, go to the settings, set the time zone and language under the holder.
If dns does not work through a proxy droid, then go to the dns forwarder, select ip and cut it in then in the location cheater we set the coordinates, I usually put in a couple of meters from the desired address (under ip or spike address).
Go back to the whoer and see if all the norms have been put.
If the sox fell off, turn off the proxy droid, dns forwarder, and cheater, and re-enable them, this does not happen on all devices, but personally I've got everything to work fine, turn these programs on and off, annoying, but what can you do.
To check if the location cheater is working or not, download Google Map, and look there (press my location button).
If everything works, then download the necessary application and open root cloak.
Go to the root of the cesspool go to the first section (add / remove the application), click on the plus sign, and look for our application, then to save the settings go to the xposed installer, the framework section, and click the fast reboot. After that even if you delete this application, it will be remembered by the root of the cloac and you don't need to do it every time.
After carding, to start go for the next try, you need to go into the device id changer, in the first section of the device id, click random all and apply, then go to the xposed installer section of the framework, and click the fast reboot to change the hardware and so, in fact, we have learned how to substitute data on iron, etc.
Now we re-install the application and card in, do not forget to change the data in xprivacy.
If you need to conditionally beat the stick with an exhaustive search and not to download the application each time, not to google the Google account, which is very tiring, use the website apkpure.com to download the application and add it to your phone that is, how we completed the acc, deleted the application, changed the data, rebooted the device, simply reinstall the application
Now let's move on to the carding from the browser.
Everything is much simpler here, in general, any version of android is suitable for work we need to work with the browser:
1) the browser itself (chrome, ff, native phone browser)
2) ccleaner (or application manager, is in the settings on each phone)
3) proxy droid
4) dns forwarder
5) location cheater
In case of working with the browser, it is not necessary to change the iron, but it is desirable to reinstall the browser and clean it carding is almost the same as with the application, just skip the points, with the device id changer / root cloak / xprivacy
mostly beat with Mozilla (since there webrtc is turned off just like on a computer), or from a native browser (on new versions, buckets are rare). We clean the cache (and history) via ccleaner or application manager after each drive
on apkpure, you can download previous versions of the application (if for example you need different versions of the browser there).
I forgot to add, yes, I usually work from under the left sim, but for those who work with wi-f1, for example, the VPN is needed, Tunnel Bear is generally convenient (download Google Play), everything is intuitive, we turn it on before the proxy!
Enroll
Let's start.
My nickname is Fox. Today I will be your Enroll lecturer.
I'll tell you what it is, where to get it, and how to use it. In my opinion - this is the easiest way to work on clothing.
What is Enroll?
This is the most common CC (credit card), or a debit card (but for all the work on the Enroll I found only one bank that allows you to charge a debit card) and a personal account to this card.
Change Billing address
Most banks allow you to change the billing address to the one we need (drop / client / medium) in the online account mode.
Why do we need it? In the USA, there is a system for checking billing addresses and shipping addresses, called AVS. You should have already learned about this from the first lectures. And in the US, most shops are very fundamental in this regard.
If the billing does not coincide with shipping, then the shop will either refuse to place an order, or else they will shower you with a bunch of different checks and verifications.
So, to get around this, rollkits will help us. They have the opportunity to change the billing address of the CC to your own. This is all done very simply in your account. Just fill in the form of the address you need. After that we go to the shop, and beat billing = shipping.
As a rule, the change takes 2-5 business days (depends on the bank, most often - 3). Weekends do not count.
I also note that not all banks have such an opportunity. There are banks where the change of billing occurs by ringing, or there is no possibility at all.
Mini-deposits / Minics
Also, access to your personal account does not allow you to see mini-deposits (minics).
This is a micro-transaction that the shop charges you. As a rule, the amount of the minics will be around 1-2 dollars. This transaction serves as verification of your card in the shop.
Shop withdraws a small amount of money from you and asks you to say exactly what amount they took from your card, or the transaction code that came with this minic.
If you called him, then everything is Ok. The level of trust of the shop to you is greatly increased and from the side of the shop there will be no 99% problems with this order, but this applies only to those shops for which the minics are everything.
There are shops that don't care about the bill = spike, the main thing for them is to verify the minics. If they minded them, then with a 99% order, there will be no problems.
I will give you a couple of examples so that you understand what I mean.
I have a roll of a bank that allows me to see an instant (without waiting) minicar. I go to Steam, and card it into a hundred bucks. Steam immediately blocks for a week my account for manual verification of this operation, or offers to accept minics for verification.
I send these minics, Steam sends 2 mini-transactions. I roll it in, see which two transactions came from Steam, and confirm them on Steam. Everything, the hold is removed, Steam is used to the map, and then I undress this card in the same Steam without any delays or hold.
Second example
Skrill without a minik allows you to get 140 bucks akk in the akk, but if I confirmed the minics, I can already drop it to 5k.
But I want to note in advance. Most offices a la Steam, Skrill and so on. Already overused rolls, and skip certain bins / banks / cards. How to find out what will let? Check with the "Trial and error" method, or find out from those who already know (but such information is unlikely to be told for "Thank you")
VBV / MCSC
This can be said internet pin code. If he comes to SMS in SMS, then he is static in the JEC, that is, he is one and does not change. KH it installs itself.
VBV (Verified by Visa) - if the card is VISA. MCSC (MasterCard Secure Code) - if MasterCard.
Amex and Discover do not have this type of protection at all.
Usually you can install it while carding. At the time of payment, a window will pop up from you and ask for this code, there you can either immediately put your own, or just reset the old one and also put your own, or set it in advance.
Here is the site for Visa: https://verified.visa.com/aam/activa...andingPage.aam
Similar is for MasterCard. I did not save it, but you can find it on our forum, it was mentioned more than once.
According to the results, if the VBV code request is set in the shop and you entered it, then this is another good plus in the shop trust to your purchase.
There are shops and services that without a commission will not miss a warrant at all.
Phone change
The last point that we consider from the advantages of enroll is the change of the phone holder in the map.
It's no secret that we can call with the substitution of the number that was specified when buying the card / or we found it in the office, but the shop can always call back the number from which we called.
If the shop does it, then they will get on the holder, we don't need it. Even a call from our number, which we could buy on Skype, will not save us, because from the shop they often call the bank to verify the address, the name of the holder, as well as his phone.
And if the bank says that the information does not converge, then immediately the shop cancels the tranz, and the bank blocks the card. The end, we have no warrant, and the card is dead.
In this case, the enroll will save us. Together with the billing address, we can change the phone. As a result, when you call the shop to the bank, all the information provided is the same and the pack will safely go to your drop.
But there is another side to the coin. Recently, many banks, with any suspicious activity on the roll, can ring the CC. I mean, if their fraud (about this later) didn't like something, then, for example, when changing billing, they can call KH and clarify: "Do you change the billing?" , and rolls will die, the card will be re-released.
Where to get?
We now know what Enroll is, the next question arises: "Where to get it?".
There are two options: Buy from us on the forum, or else fill it up yourself.
First method:
We go to the "carding offers" section on the forum and buy the enroll from the seller, for example, from me: D
The second method is harder, we are trying to roll on our own.
I can warn you in advance, you can be lucky the first time, and maybe from the fifth it will not work to fill up the map.
My first roll turned out the first time, and then I could not make 6 cards in a row.
In this case, we must know the banks that roll with a minimum of information, must buy the CC, and penetrate to it the very information.
Different banks require different info for enroll.
They can simply ask for SSN / DOB, or they can ask for the mother's maiden name, pin code, and billing phone, answers to the backgrund holder, the code provided by the bank, a commercial account and so on.
We need those who ask for SSN / DOB
SSN - social security number of the holder.
DOB - holder's date of birth
We have many services on the board that deal with this type of piercing, I recommend to contact the Syndicate.
Next, after receiving the ssn / dob, we go to the bank site and try to make an enroll by filling out the appropriate fields with the required information.
If everything is smooth, then we get the same enroll What can be "not exactly":
You enter your data, but it does not give you a card to fill up, there are several answers here:
• The card is dead
• The information is not correctly broken.
• The card does not belong to the person who was indicated at the time of purchase, but a real holder mom / dad / wife / husband / son
• The card is not the main one, but serves only as an additional card which is tied to the main account of the husband / wife / mother / father or someone else.
Sometimes, when I wrote that the data I enter do not fit, but the card is 100% valid, I could break through the husband / wife data, and very often came up and the card rolled, this often happened with boa and synovus banks
But I recommend doing this when you have experience and free money.
And the last option:
• The card has been filed up to you, that is, the holder has already registered a personal account
This we consider in more detail. Primary Enroll and ReRoll There are two types of Enroll
Primary - the holder before you has not yet made a personal account, and you calmly do it yourself
ReRoll - a personal account has already been made before you, BUT the bank allows you to recover your login and password. Most often, this requires having the same.
information as with the enroll primary, sometimes we can get to the background of the holder in the form of secret questions.
Many banks for ReRoll require you to specify a Username or E-mail. In this case, more often than not, there is no sense to fight further, because the information for recovery will come to the mail of KH.
To get to Primari enroll, I can advise you to take cards with a maximum validity period of the card, that is, newly issued cards, with exp / ** / 21 or ** / 22
the more exp date the better
Much more likely that the holder did not get around to creating a personal account
As a rule, the balance that we can use is signed - available credit.
The balance that CH spent - Current Balance.
I will tell for those who do not know how credit cards work. Roughly speaking, CH takes a loan from a bank, and these funds are kept on the card, not in cash. Accordingly, Current balance is that part of the credit funds that has been spent, and Available credit is how much is still available. Do not confuse these concepts!
444796 - here is the bin of Credit One bank. It rolls and rolls very easily, but the balances there are pour. On This bank you can be trained, as it allows you to make a reroll and rolls 9 cards out of 10, but even 1k you will see there very rarely. Just for experience.
The last bank I used was a boa, there are usually good balances, but a lot of cards have already been played, a reroll cannot be made, and primary rarely come across.
I will tell you how it all happens.
I take bins that I know that they roll and go to XTA and see what is there by the presence.
I choose several cards, put in ssn ext, and try to roll.
When enrolling I take the dedik / ssh / socks under the card holder.
I go to the site and try to roll
I postpone all the cards that I managed to roll up until Monday
On Monday, I take the sox / ssh / dedik for the staff of the drop already and change the address
Next, the address changes from 2-5 days of weekdays, weekends are not counted
I usually wait again for Monday, and I am going to card in. You should not bomb the rollk at once in a bunch of places, card it in one shop, wait until the pack is delivered and go to card it again if the card is still alive.
Gift and E-Gift
In the course of the lecture, I will cover this topic and give you an understanding of this niche as deeply and comprehensively as I can from the basis of my experience in this area.
Physical Gift and E-gift
For those who do not know: Gift - translated from English - "Gift". This is a gift certificate, a prepaid card, for the amount of the nominal value of which you can buy goods in the shop of this Gift.
Gifts are physical and electronic, Gift and E-Gift. Physical arrivals are delivered to the recipient (or buyer) by mail or to the mailbox in real life, while the electronic gift arrives to the recipient (buyer) by email (email).
The main difference between the drive of physical and electronic gifts (hereinafter referred to as e-gift) is manifested in the following subtleties of work:
We need addresses for reception under the physical gift, most official intermediaries do not accept them, in most shops they cannot be recalled, the time difference between hammering and getting ready for use is enough, and the AVS system will not miss the order everywhere.
Physical Gift can be merged directly in the offline store, come and just pay them at the box office. It is also possible with E-gift, but not in all shops.
Although the anti-fraud is tightened stronger, but with them there is no need to bypass the AVS, do not need drops, intermediaries and waiting a few days between carding and receiving, therefore, you can wrap funds inside the work several times faster. Gifts are sold mainly in denominations of $ 1 to $ 1000. In some shops you can add several gifts when paying.
Shops are divided into several basic types:
- Point. The shop sells its own gift cards to its store. In such shops, the antifraud is weaker relative to the following two types of shops.
- Multi-lift resellers. The shop sells dozens or hundreds of Gift of various shops, for example: ebay.com. These shops have an average antifraud.
- Aggregates. The direct manufacturers and simultaneously sellers of gift cards, they have some of the strongest antifrodies.
It should be immediately realized that if the point shops have antifraud weaker than the aggregates, this does not mean that it will be easy to break through them.
Direct carding in gift - carding directly into the shop, whose gift you plan to get. Buy ebay Gift on ebay. Carding into an resender - obviously, carding into a reseller. Resellers usually make their way easier (especially not public), be guided by this. Search shops as well as all the rest, a couple of additional layfak will be in this lecture.
The following parameters will directly affect the outcome of the work:
1. Device + system
2. IP
3. Maps
Since I reveal these points in the lecture "Carding from A to Z", here I will tell you in a few words what directly affects the work specifically with GIFTs, see the lecture "Carding from A to Z".
- Device. Top shops are difficult to card from a normal virtual machine, since their anti-fraud detective is antifrod. For top shops you need to use either real devices (for example, a mobile phone), or remote accesses (DEDIC, VNC- machines), or anti-detections.
- Much depends not only on the purity of the ip address, but also on the provider. There are providers that are at risk for anti-fraud, there are also hosting providers. The use of such providers has a negative impact on carding. Pay attention to this and write down the provider.
A couple of examples of well-established Internet companies from personal experience: qwest, charter, cox, att, verizon, comcast. They can be viewed in the shop when buying a socks or tunnel. A couple of examples of bad providers: rr.com, myfairpoint.net. But this does not mean that
You can forget about cleanliness. On the contrary, the cleanliness of the ip on blacks and risk proxies will be equally important.
- Maps. I recommend using the least popular banks. NOT such as Chase, BofA, CapOne, WellsFargo and others.
Naturally, with these and other popular banks, you can card, however, with less well-known patency higher. The level and type of the card is not critical. Most often, carders use MasterCard and Visa. Amex is also possible, but with Amex, bins play a key role, and charges is also much faster.
Checking cards before carding
Cards should not be checked before carding gifts if you are not sure about the bin and the checker. Firstly, because the purchase transaction itself is included in the number of high- risk operations with banks.
Secondly, because the checker often kills cards and is even more fraud than buying gifts, in sum, these two parameters increase the risk of card death, and therefore waste time and unsuccessful carding.
Brut accounts + billing change
Under shops you can also write brutes, download mail-pass databases and collect accounts for these shops.
Often in a shop the holder leaves his card tied, and from it you can also buy a gift. But, there is a problem here -
CVV. Even if the map is saved, in most shops (and in all large ones) the CVV will enter every time you purchase, and since we do not own it, we have 3 options for using brute accounts, namely:
A) Search for shops where CVV is stored. There are such, but they are mostly small, so it's not easy to look for them.
B) Billing change (adding a new one) in addition to holding billing. We take a spin to an akkant and simply tie up a new card and billing to it.
What is the meaning, you ask? - The point is that this account was created by a real person, he made successful purchases without charges, therefore the anti-fraud is more loyal to him than to the newbee
But do not forget that adding a new card and billing addresses to an existing account is relatively fraud action, so this method of hammering is not a panacea, but it is the place to be. Sometimes you can add accounts, add cards / billing and lie for a week or two, it makes sense.
I talk about this kind of drive-in not because it is a priority, but because it exists. In fact, for most large shops (for example, mircosoft, walmart and others), there are extremely few brutes, or they are extremely unstable, which makes this type of work difficult, to find a coder, to pay, to find good proxies for brute force, a bullet-proof server, etc. If you decide to try yourself in this niche - at first, never start with the major world-famous shops.
C) Purchase for bonuses. In some shops there is such, accumulative points and discounts, but I hardly ever met one of them.
Carding from paypal.
Carding in with paypal brute is also possible, as well as from cards, but here shops play a key role. Because the GIFTs mainly come to the mail of the account paper, to which we almost never have access (if we don't use soap and a stick) or buy PP with access to the soap. When carding with a paypal, shops should be selected carefully and tested intensively.
Carding paypal from selfregs is real and functioning, but there are other ways that it is more profitable and easier to pour selfregs, therefore, few people do it.
You can card a ring as well as another product. But not all shops treat this well, and some, on the contrary, only sound and are carded in. I do not recommend starting with this, but note this option.
Emails and Messages
When you buy Egyft, most of the shops will offer you to enter the recipient's email address, then, when registering or registering, send your email address. Not only the domain zones of mails (gmail.com/yahoo.com/etc.) Are important, but also the text in it before @, because the anti-fraud pays.
attention to this and happens when order cancellation comes only because the anti-fraud didn't like your email.
I recommend entering the name of the cardholder from the card when registering, and choosing the most natural (not mail.ru) and least fraud (not mail.com) domain zone. The best options are: corporate email (mysite.com), gmail.com, hotmail.com (outlook.com), yahoo.com.
A good mail for a holder will look like "name- [email protected]" after registration, for example, [email protected]. The numbers in the mail is normal, because often the name is already taken when registering - [email protected].
You have dealt with the buyer, now about the recipient - everything is the same as with the holder, except for the domain zone. For a change, it is recommended to use an excellent mail domain from the buyer (that is, if @ gmail.com is the buyer, then @ yahoo.com is the recipient), in fact this is not critical, otherwise everything else. If weak imagination, the recipient's name can be generated, for example, here: http://www.fakenamegenerator.com
Of course there are shops where you can send directly to your email, however, if the shop offers you to enter the recipient's email address, it will be suspicious and unnatural to enter the mail of the holder in most cases.
On the checkout page and the selection of the nominal EGIFT, it will be possible to enter a personal message to the recipient.
This is really an influential fad, and it directly affects the result of carding. Even if everything is perfect (system, card, mail, etc.), but the message says something unimaginably stupid or suspicious, then during order processing (especially manually), the cancellation of the order may even follow.
There were cases when the cancellations of gift were due to illiterately written texts where it was obvious to the store manager that the buyer was not an American, it happened because of the complete absence of a message.
Unleash your imagination and writing, at least, of course, not necessarily cool and a lot. Write a greeting, wish, congratulation or thesis / quote from the book. Imagine that you are giving this gift to your girlfriend or sister and do not think that you are buying it from someone else's card.
Sometimes it can roll the text from special sites that can be found by talking about "happy birthday greeting in English" or "engagement greeting", etc. The downside is that these sites are already overused, so they can and should be used to create a "skeleton" and develop fantasy / vocabulary, but as a complete tool for everyday use, they are not suitable. Do not neglect this parameter to card EGIFT.
Continuing the topic of parameters when driving, we consider the phone number.
In E-gifts, especially in US stores, the passage of the anti-fraud by the AVS parameter plays a very important role. Very important, but not critical. Beginners at.
I advise you to write exactly the number of the holder. The reason is simple - 90% of the shops do not call, or call only in special cases - when you have not passed the anti-fraud and they need verification in this way.
However, there are fewer cases than cancellations due to the AVS mismatch. Of course, there are top liquid shops that periodically call the holder to confirm the order, but they can only be calculated empirically, that is, by tests and carding.
Small shops can call, so you can try to write another phone number or your google voice / skype. Personally, I always write only the number of the holder.
Mean and shop lists.
Our and other forums are full of e-gifts meanings, each with its own interest, feedback, terms and methods of work, different lists of liquidate / non-liquid e-gifts buying and shops. Scans can be found on our carding forum.
Before starting work, I recommend comparing conditions, percentages and reviews of various scans, choosing my own miserly thing
But I started talking about them not for this, but in order to show you the simplest - shops right before your eyes, you can find liquid shops as well as illiquid ones in the themes of buyers, which are easier to get. There are also buyers of especially illiquid gifts, for a smaller percentage, but it is also easier to work.
The options on the forum where to put the gift does not end. The Internet is full of sites where you can even resell the gift even to Americans who think they are buying a white gift certificate. The simplest example: https://localbitcoins.net - here, GIFTs can buy even by a large percentage, but sometimes they are needed for verification, therefore you need to choose a mean no less carefully than on the forums.
There are dozens of such sites, each one needs to be tested and analyzed, each one can find some interesting shop that is not on the list of forum scams. Putting the case on stream, you can start selling sales not only on specialized sites, but even on ebay.com, but for beginners this understanding will come only with more experience, and with more experience the complexity of work will increase a hundred times, keep in mind.
Liquid and non-liquid assets can be determined by the proposed percentage. The classic interest rate for the illiquid asset: 25-45%, for liquidation - 45-90%.
When exposing or offering a buying gift not from the list and offering a percentage, focus on the assortment of the store. If there is a technique in it - ask from 40 to 70%, if things are 25- 50% depending on the brands.
Distilling
Gift merchandising to the address of intermediaries or drops is made from the ip under the state or city, from Dedik, Socks or the tunnel. The name is not necessary to use the same that was listed in the receiver of the Gift when buying. Basically, only very small shops can "ask" for it, and in which case you can solve it by ringing.
When trying to buy liquid gifts of top shops, try not to use the overwritten addresses of public resenders, otherwise the account may go to the bank and you will lose the gift.
It is better to check the GIFT's balance (validation check) on the shop's website from the country's ip of the country, do not check with the German VPN or your home ip address, otherwise the system may block the gift. It is not recommended to buy gifties day-on-day, wait a day, and here work time is already important, since on weekends the physical stuff is mostly not sent.
Spike of small stuff on CH and the addition of goods to the basket.
Sooner or later, many vifits of the gifts ask themselves the question: "What if we add socks for a dollar to the shopping basket in addition to the gifta and buy them at the address of the holder? Will this add antifraud's loyalty?". The answer is NO.
In your carding, everything exactly remains e-gift, and the analysis of the order by antifraud will still pass as an order with egift. It makes sense to do it only at different times - today we bought socks and warmed up this shop, tomorrow they bought a gift from the same account
Add and remove items to the cart as a warming up shop, it is possible, but not necessary. Shop the shop, read the description of the goods, see the catalog before buying E-gift directly - yes.
Recarding of previously used cards and shop accounts
Recarding as a phenomenon can be divided into two variants of actions with the card:
A) intertwining cards after decline or cancels
B) intercepting the cards after a successful order and the spent of E-gift
Consider each of the options in more detail.
And - this is done in cases where you are not sure that the cancellation or the decline was due to a dead card. Roughly speaking, the antifraud did not pass - they went to try their luck in another shop. It makes sense, because sometimes it works, and the material costs are not needed, the only thing is that driving into 2 different shops served by one merch - having intercepted will almost always be useless, because your data is already in the system, because merch two different shops are common, so pay attention to the merchandise.
In option B, we have several decisions that need to be made before carding in. First and foremost - to card the same shop, or another? On the one hand, the shop already knows us, we conducted a successful order and it seems like it should add loyalty, on the other hand it's may cause suspiciousness of the shop due to the monotony of the goods and the actions of the buyer.
Of the recommendations for making this decision, I can only say - make your own decision, depending on whether your access is still alive (Sox, tunnel, Dedic) or not. If alive, then you can try to card into the same shop from the same ip, if not - replace the ip and go to another shop.
The second question is how much to intercede the card? More, or the same, or less? I usually focus on the level and type of card. If this is a low-level debit (classic), then I card for the same amount as before. Accordingly, if the card level is higher (platinum and so on) or type of credit, then you can try to increase the amount.
The minus of interrupting is that we do not know whether this card is still alive, but the plus is that we don't need to buy it; having brought in, brings an intuitive understanding of the work of the antifraud of specific shops and their relation to the re-purchase, it also gives working bins. When recruiting it is recommended to change the recipient.
The most important plus of repetition lies in a simple truth: it will significantly shorten the time to find the causes of the declines and cancels, direct you on the true path and tell you where to look for mistakes, and, therefore, sooner or later lead to a solution.
Decline or stationary? But in another shop passed? - The conclusion is simple, you did not pass the anti-fraud shop or the bank!
Decline or cancel in several shops? - Conclusion: shit bin / card is dead or bad sox / system. You can try to find a trouble-free shop with a wild illiquid asset and check cards on it
Based on this, create your own method of identifying problems, because Training is Education. Learn to learn, as they say
Time of day for carding and response time from the shop (final result)
Often, newbies ask themselves the question - At what time of the day did they still card? Answer: depends on the shop, its schedule and working days.
Some large shops may issue gifts instantly even at night on weekends, while in small shops you will have to wait for work time on weekdays. Begin to card on weekdays, as you gain experience, you can card at any time of the day and thus find out how the shop reacts (to test it).
Several types of reaction of shops for understanding:
1 - Gift came instantly (instantly, up to 5 minutes)
2 - Gift came in 1-12 hours. - This is the average processing time, provided the shop has working hours. This is normal. But, if the same shop had already given you a gift by an instance, then this time you didn't reach the anti-fraud while passing the checkout process or go into a manual check.
3 - Shop requested verification. I tell about the verification on my lection "Carding from A to Z".
4 - Instant cancels (multiple order cancellation) - something the store didn't like so much that it sends a refusal instantly.
Sometimes it can mean a cancellation by the bank or a dead card. You can try to interchange in another shop.
5 - Processing was delayed for a day or more - a manual check in large shops, sometimes means trying to ring up the holder or hammering in after hours. In a nutshell: either they didn't get it or they didn't have it.
Record the time and results (reactions) of each shop and merch for acquiring methods to work with them.
Profit Arithmetic
Suppose we buy cards for $ 10 / piece, a log or a tunnel $ 1.5 / piece - the minimum set of necessary tools for carding. If you card with dedik, add instead of socks for $ 1.5 the price of a dedik, that is, from $ 4 to $ 10-12 / pcs. Prices are average, they can vary depending on the shops.
For this we take a liquid gift with a par value of $ 100, buying up at 60%. We add up the cost of materials, we calculate our percentage from the nominal value of the Gift, we remove the difference between the costs and the revenue - we get the net profit. (10 + 1.5) - (100 * 60) = $ 48.5 of net profit from one successful liquidation made on the first attempt.
But everything is not always so smooth, because on the first attempt the gift may not come, and then the costs will increase, and in order to pay off you will have to try to card the gifts for all large sums, 150, 200, 300 $ - and in top shops such sums one must be able to card in, because their antifraud is strong, beginners will simply lose money and go whining that the card is dead.
That is why I advise everyone to start carding in illiquid assets, buying up 25-40%, depending on the shop. With the same material costs, gift values can be successfully dragged several times more relative to the liquidation of shops, since medium-sized shops make their way through an order of magnitude easier.
Costs: $ 11.5, Gift Value: $ 300, 25% Avg. Percentage, then net profit = $ 63.5 - even more than from liquid Gift, but at the same time it is almost times easier to bypass the antifraud.
Everything is important in Giftah.
Time of day, map, ip, operating system, device, emails, addresses, banks, shops, merchs and everything I listed in the lecture. All customizable parameters need to be brought to automatic reproduction, all theoretical knowledge to bounce off teeth, all unknown X and Y learn to calculate by exclusion and through testing.
Only then can you work adequately on the gifts, so be prepared to drain money at first if you start your journey with gifts, and vice versa, do not start with gifts if your budget is limited or small.
The uniform formula of a successful carding is as follows:
Preparation parameters (ip, system, card, etc.) + shop (merch, overused or not, liquidity, verification, etc.) = Here is your eGift Card!
A + B = C.
Starting to work on the guffs, my statistical exel file consisted of about 60 cardings, of which 4 were successful or 5. This is 8% of success. In terms of dollars - the amount of expenditure on materials at that moment already increased $ 700 until the moment when I began to go into profit. Why did this happen? - Because at that time I did not know all that I told you about in this lecture.
Carding Liquid stuff using Enroll
Greetings to all! Today's lecture will be devoted to the topic of liquidation stuff using Enroll
In this lecture we will learn:
1. How to correctly use enroll when changing billing.
2. The main mistakes that should not be allowed when carding.
3. How to build logical chains when carding
4. Well, the most important thing is the result. How to make your favorite gucci sweater on your hands!
Maybe somebody already has a question, what is Enroll?
That is why, for starters, I would like to focus your attention on the analysis of these incomprehensible words, which will often be used in the lecture.
So that you as students / learners do not have problems in mastering and understanding the material.
For convenience, you can copy these definition words to yourself in a notebook so that during the lecture you can unwittingly pry if any difficulties arise in understanding.
Definition words:
Enroll is a cc (Credit Card) with access to a bank, where you can later change the billing address of the holder ...
Drop - the definition is extensive, but in our case it is a person who accepts the goods and then sends them.
Resender - a company that is engaged in sending your purchased goods from the United States / Ey to you in the CIS
Holder - The owner of the card, bank, account, etc. Bill (He is billing) - the personal address of the holder Spike - Address for which we order goods
Go ahead.
Material Preparation.
Many newbies and not only, as I think about the question, it immediately arises in my head: "Where do we get these same enrolls?" or "From whom to buy?"
The answer to this case is simple - buy from sellers!
There are many sellers at the site with the sale of enroll with interchangeable billing.
We need to take an enroll with a changeable billing online (As a rule, the billing changes for the 3rd day). Highlight or write down this moment.
We will also need a drop, namely a drop, not a resender, because the billing on the resender simply will not change and your material will fly into the lock
What about the system?
On this occasion, opinions are controversial, someone likes to card from dediks (Exclusively brut), someone with the VNC (Remote Computer Management, VNC can also be purchased from sellers on the forum), there are many options, you can list and list them .. .
Personally, my first card -in with the help of Enroll was from Dedik under the city of the drop.
In any case, the IP-address must be not under the enroll bill, but under the drop.
Progress.
We go to our purchased material, go exclusively from the un under the drop. I think many people immediately have a question: "Why change a bill not from an ip of the holder?"
Again, you can use the ip under the holder, and what's the point? We turn on the logic, immediately put ourselves in the place of the holder, imagine, you move to live in another city, say from New York to Dallas at the very move, you won't be sure that you need to change the billing in your bank account right now. Accordingly, you will be changing the billing address upon the move
With this moment I think everyone understands. Go ahead.
Immediately after the change of billing, it is from the moment of filing the application, that is, immediately, go and select a shop in which we will card from. Remember once and for all such a moment, you can break through any shop!
Whatever protection he had, if the shop was created for an ordinary person, then we can make a product from him.
I'll tell you about the search for a shop on my own example:
When I started working on this topic, I was not particularly steamed with the search for a shop (Why, some will say, a shop that gives is the key to success) Far from it! The key to success
is only in a well-constructed logical chain to break through the shop!
And so, at that time, I went to Google and wrote "buy gucci", went straight to the 2nd page and poked randomly at the shop, that's all! Nothing more is needed! Somewhere to buy shops and engage in other nonsense, I strongly advise.
Only their own time and personal search will lead to success. Remember one thing, no one will ever sell you money for money. (Maybe you will meet "Sellers" on the way, who will sell "Magic shops", which give an "apple in ru". I think the meaning is clear.) Do not buy anything from such people!
We go to the shop, register for the data rolls holder (Full name enter the holder, billing and shipping address - drop)
I think many people will have a question: "why should I register at the shop right away? And if the bill does not change, and the meaning is not yet ready for the main tool for driving," I always make sure of one thing, 40% of success is warming up the account! This is the most basic part (in my opinion) for achieving the result.
How is warming up? And what kind of a beast?
And this beast, something between heavy and simple, I would call it faceless.
Work on the warm-up can be done in different ways, but I strongly recommend to approach this issue seriously.
To warm up your account, I recommend using the largest possible number of known methods, I will tell you only a few of them.
1. Surfing - I think the most popular way to turn the heat on your account! Without surfing, you can not card anything, only if in the most leaky shop.
you need to constantly surf the site, look at the product, read the rules of the site, look at the parameters of the product, material, etc.
We always put ourselves in the place of a real holder, I don't think that the holder would come in and place an order in 5 minutes, no! Americans and many Europeans are very sensitive to the choice of any product, even if it be ordinary socks
A real pendos(American), before buying any product, reads everything about it, reads a bunch of reviews, thinks whether it needs 100 times or not, then we will look at the quality of the material, check it with other product analogues, only then it will buy, I know it personal experience with pendosy
To warm up our account, you need every day until the billing changes.
Simply put, logged in to the account for an hour or two looked at the product. Close to the one that we will order.
For example, if we order a guchi jacket, surf only jackets or just a guchi brand, sometimes we go for something else), the next day we do the same operation and so on until the bill changes.
2. Ping, chat
As practice shows, the heating of this type is very strongly pushing for success. Immediately put yourself in the place of the holder. Suppose you are registered in the shop, looked at the product and you immediately appeared
A few questions, where will our curious holder run to ask them? Of course in the online chat.
Questions may be different, the essence is not at all in them, but the fact that when communicating in a chat, fraud begins to smile more and more, because we are beginning to fit the description of a real holder!)
For those people who are friends with English:
Ask different questions: "How long is the delivery time?", "And if the item doesn't fit, can I change it?" "I want to make a gift to my brother, can you make a gift package?" And so on ... there may be a lot of questions, turn on your brain and think!
For those people who do not speak English:
There are many different calling services on the forum that have the "warm up chat" service, for a certain amount (usually not more than $ 5-8) they go to your account and communicate with the store.
There are much more ways, but basically I use these two methods
During the next course of work, 2 reversals of the event:
1. The bank changes the billing and everyone is happy.
2. The bank blocks the account. What to do in this case? We turn to dialers, the chance of unlocking an account is about 30- 40 percent. It all depends on the bank and how much information you have on the holder.
How much goods to buy?
The question is very delicate, here again, it all depends on the bank and the limit on the holder's card. How to find out the limit? Again we appeal to the pioneers.
The meaning of a conversation with the bank should be such that the holder wants to make a purchase on the Internet (Suppose you card in the amount of $ 1,500) and find out if the payment will pass normally? I mean, will there be any problems?
There are 2 options:
1. Your future purchase meets the limits and the bank says "Everything is fine, you can make a purchase"
2. Or "You have a card limit for an online transaction of $ 1,000, we can increase your limit
2nd version is the most common. We do this not only to find out the limit in the bank, but also for warming transactions, what does this mean? And the fact that we have now directly informed the bank that we will make an order for
$ 1,500! And the bank already knows about it! What could be better?
Always remember. There were some problems with the order, immediately contact the callers, a good sound test can pull out a lot.
If there are not solvables from the shop, the problem is with you, not with the shop! Always check the system carefully to see if everything is set up correctly. When carding, you need to consider
A lot of factors, not everything is as simple as it seems, with each carding you will be more and more experienced.
Let's talk a little about the construction of logical circuits and what factors should be considered when carding.
To the experienced, this information may of course seem obvious, but many newcomers, respectively, do not know about it. I will tell you briefly about the main factors.
- Customized machine for carding
I repeat once again that everything goes smoothly, be sure to use the replacement of ip under the drop! Why? I described above.
In general, for convenient work and better cardings, I advise you to buy a sphere, get acquainted in more detail and you can buy in this topic.
(Trainees 1 month FREE! Write on the contacts in the topic)
I personally use it for 3 months, carding and other work is much better than with the same ones. Yes, and for the money, it will be much more profitable for you, the price for a homemade Dedik is 8-10 dollars, the price for a sphere is 100 dollars a month, here and count! Soxes cost a penny
It is also much better to work with VNC than with dediks. At the choice of the machine for carding, there is an individual approach
- Mail
It is better to use the gmail domain. Also, if you call Holder for example "Leen Helson", then I advise you to do something like this: "[email protected]", who handles email databases: the pass will understand that mainly amers use the first name or just the last name for the mail login , the most common type.
- CTR + C CTR + V
The error of many newbies! Write any data with your hands! And only hands! You never need to copy and paste anything, be it a login, password, billing, and so on ... 90 percent of the anti-fraud system look at it, because a real holder, your address or data from the card will not exactly copy and paste!
- Points from different SP
Very often it happens that in the process of a 3-day carding, a sock or a Dedik who has been in work for a long time dies, I think this unpleasant situation is well known. If this happens to you, do not even think about taking the first Dedik or Sox and climbing into your account, be it a bank or an account in a shop!
In such a situation, select the most similar type of SP with what it was, try to find the same zip if there is no zip city. If this is not done, from the side of the shop it will look like this.
Sign up
You are from Texas, you sit for a day, look at the goods, after 3 hours you come in from Las Vegas, is it not strange?
Immediately we recall the fraud glasses, which we don't really need, and the fraud's smile immediately begins to subside. If this happens even from the same city, but from different addresses, it's okay, let's say you came to a friend with him. passed registration, climbed with him, looked at the goods, then came home and again went to the site. The situation is simple.
I think this is understandable.
There are a lot of factors, every little thing can and will influence progress! Always imagine yourself in the place of the holder! After all, you are an ordinary American who wants to make an order.
- carding time
Not in any way, I do not recommend carding in on Friday, Saturday and Sunday! Do card only from Monday to Thursday! Because they send the goods on these days, if you make a cardi on a day off, your goods will be sent on Monday and the chance that by this time the transaction will be canceled is very large!
Lets go to carding!
Everything is simple, you do not need to invent anything. Chose the product, read the reviews (if any), looked at the quality of the material, added to the basket!
If there are several goods, go ahead and look at various goods, at least 15 minutes, found?! Well done! Add items to cart!
In no case do not go to the product links. Suppose you have taken 3 guchi jackets for you under the order, you respectively throw off the site to the client, where to look for these jackets, the client dropped you 3 links, open them strictly on another machine, you can go to the main one, and they will come again evil fraud glasses!
We proceed to the payment of the goods!
We enter the bank's holder in the billing address, the name of the name + the address of the drop (when it changed in the bank).
In the shipping name, the name of the drop, the address, respectively, too, the differences in billing and shipping only in full hire
Many will immediately get a question: "How will the shop react, if the names are different, does it immediately raise suspicion" Does the suspicion arouse ?! I would not say.
Beyond the hill, this is a very frequent phenomenon, when holders order goods for a brother, mother, father, sister, and so on, as a rule they live together! Why and why? Many are very busy to pick up the package, for example, work, study, and the mother who is always at home, easily cope with it, or when they make a gift to someone
A common phenomenon, here the shop will not particularly bother, because in fact, there is nothing like that in it.
Press the confirmation! If you did everything right, you will see so many nice green signs.
What to do if cancel appeared?
First of all - calm down! Yes, the spectacle is not quite pleasant, because you tried so hard, and here is an instant cancellation! But you should not be afraid, first of all, double- check that you entered all the data correctly, CC number, eksp, bill! If not, correct and try again!
If yes, press the confirms anyway anyway, because an ordinary holder would have done so. If again the same song, call immediately in the shop and anxiously find out what happened and why it happened, because your brother has a birthday in 2 days and you really need these things! Usually they help and take a card either by phone or you re-do it and everything passes.
Next, I recommend to call the shop or write in the live chat! Say something like this: "I made an order, is everything normal and when will they be delivered?" Again, you need these things so urgently!)
In normal practice, everything goes bang, they send the goods! But even here there are pitfalls, cancel is also very fond of arriving by mail, but if you saw this sign, we immediately call the shop and find out what it is. In such cases, if we do everything correctly, often the bank simply cancels the transaction, the reason for that in 90 percent of cases, is the call of the holder and cancellation of the payment.
Immediately we write to the dialer and try to pull out the transaction, if not, then alas! In every case, there are unpleasant things. Here we do not despair and go on.
Let's summarize. Today we learned:
- Competently set logic circuits when driving - We studied the main factors of working with enroll
- Understood how important it is to use the ringing service, that without him we will not go far
- Make the correct account warming up! Understood that this is a mandatory part of the drive!
Well, I hope in the future, you will do and will do the goods with the help of enroll!
Homework:
Task # 1 Write down in a notebook, journal, notebook where it is more convenient for you, those things that you did not know before this lecture and constantly try to repeat it so that you have it in your head, because having made the slightest mistake you can simply lose goods, money for material and the most important thing is time, because it is priceless.
Money can be earned, and here you will not return time, use it wisely
Task # 2 Everyone to make at least 2 attempts of such a drive! Write out the whole algorithm of work!
An example of the algorithm:
1. Shop - www dwdwd. com (EXAMPLE!)
2 Bank rollers + bin (The first 6 digits of the card)
3. Description of the full method of work:
What were the calls and how many + Call results Warm-up methods
Shop behavior (Letters from him, etc.)
Try to record all the factors that were in the process!
4. RESULT! (I hope you will have it positive)
Unsuccessful algorithms or problems (in the process), you can throw me, I will help and correct them. Problem will try to pull out.
Hotels
welcome everyone, today we will talk about such a direction of work as booking and rent
and more specifically hotels, cars, excursions tomorrow we will discuss air tickets, and also tomorrow we will work in the form of question-answer just today there is no point on questions since tomorrow there will be more info which will probably give all the answers
there are several ways to make a hotel reservation for someone else's account:
payment in the form of authorization - Payment of CC through an agent - Payment through BOOKING - Payment by reward.
Now let's talk in detail on each of these topics 1) Option on the authorization form.
And so what is this generally:
Download http://rghost.ru/6BsVFb7Jn and carefully look!
The authorization form is a questionnaire in which all data of the payer, the period of residence and card data are indicated, with this form the CX confirms its consent to withdraw funds
then an employee of the hotel, enters the card data in the POS terminal and makes payment.
Now everything is in order:
Go to http://www.booking.com choose a hotel, make a reservation on the one who will be settled, you can do without booking.com and immediately call the hotel.
Call the hotel and appear to be an agent asking for an authorization form to pay for the reservation.
An approximate dialogue looks like this:
- Hi, I am from the travel agency "XXXXX" we want to book a room for our client. Is it possible to pay through the authorization form?
- Yes, of course
- Very well, send the form to [email protected] Fill in the authorization form:
Credit Card Holder's Name we enter CH or a false name.
Hotel Guest Name we enter the one we will occupy.
Phones specify Skype with an answering machine.
We do the drawing, there is an important nuance, it is better to do the drawing not in the form of scans, but in the form of photos in hand.
We send all this to the soap indicated in the form, they often ask to send it by fax, then you need to call and ask for an email address.
We receive a slip-check (check confirming the performed transaction).
Without this check, never lodge anyone!
You must comply with the maximum limits per transaction.
Do not make more than $ 2-3k, because very often for large sums there is a limit on making payments
What to do if the cost of reservation is 4k for 10 days?
We break into two armor: the first for 2k 5 days and the second for 2k 5 days
The scheme looks like this:
Go to http://www.booking.com make booking for the one who will live (you can do at least a month before the settlement).
2-3 days before check-in we call the hotel, we get an authorization form - we pay.
Settled.
1-2 days before the start of the second booking we call from the same room to the hotel, we get an authorization form - we pay.
The best cards for making a payment are: Malaysia, Singapore, South Africa, Germany, we value the maximum charge time.
It is necessary to approach the ringing and drawing as seriously as possible!
The quality should be high, there should be no doubt among the hotel employees!
Carding option to an agent.
There is a lot agents between the hotel and the person who needs this hotel.
The main difference here is that the agent has his merch to receive payment for the hotel.
Let's look at the example of Expedia.com
We card from a dedik or the tunnel, the selection of tunnels and dediks is a very serious thing!
Agents have a very tough antifraud, so we are doing everything as clearly as possible!
We select the mat carefully too, the zip of the tunnel / dedik must coincide with the zip of the CC if you cars US
There is no mate for zip, it means we don't take this tunnel / dedik, because even if the payment passes, the reservation will not give, and if it does, it will be canceled, checked many times!
There is one more thing that increases the chances.
You can enter in the residents of CH, then he may simply not come, or even better ring the hotel on behalf of the agent through whom they made the reservation and ask them to change the KH Name and Surname to the desired
Tou need to understand that Expedia.com is very popular, and it gives it very reluctantly, but there are a lot of agents and you just have to look.
I'll tell you right away that the search for an agent is expensive and time-consuming, then you need to go systematically - try a different mate, different schemes, etc.
Be sure to record all your actions during the tests, so that you can understand exactly how to card and so on.
Respectively, these experiments need to have available funds the main disadvantage of such carding is a terrible antifraud, often calling and drawing are needed, and so on but it all pays off a plus: rarely are cancellations during your staying time. This is due to the fact that the cost of fraud merch takes over)
What is worth paying attention to:
Very often, they check the phone from the CC data, and often they call - at the slightest suspicion, then we can initially check if the number is active at CH, and if it is turned on and KH picks up the phone, then you need to flood it to death turned off, well, or buy a CC where the number is not active
And accordingly, when they can't reach you through merchandise, they will not be able to call them on the mail, and they will have to call themselves.
Also pay attention to the hotel itself, which vibrates, if it is new or unpopular, they can begin to suspect on suspicion of the bay
Carding into booking.com
Booking.com - one of the largest companies in the online travel market.
Everything is very simple with them - hotels exhibit their objects, users choose suitable ones and pay to hotels that pay Bucking a commission once a month.
THEN, there is a booklet that doesn't charm at all and doesn't have its merch!
When you enter data on the site, the CC booking via a secure channel sends your data to the hotel.
And the hotel deducts money from you at some point in time at its discretion lecturer it can charged immediately, maybe in a month, or maybe charged at all and asked you to pay on the spot.
Charging of the card is an absolutely unpredictable thing, and it is determined solely by the owner of the hotel, but not by Booking.com.
And here you have to be prepared for many questions like: show the card, pay in cash and so on.
You have to understand that when you or your clients are settled, all these questions may arise, and you will not speak Russian, but there may be a situation when there is no staff who can help with payment issues card in, then it is very desirable to check the debiting of funds, ringing the bank on a robot, or if they beat me with rollers, then it is necessary to look at tranzes online.
If you hit the euro, then according to circumstances, most often you don't know anything there ...
But in a situation where the hotel could not debit funds from the card, they can write on the email and then you can stick another CC.
BUT PARTLY THEY DO NOT DO IT!
Next, wait a while and call the hotel and talk "Hi, I am Vasya Pupkin, I have just paid for the room through booking. Please check whether everything is paid and whether there is a need for additional costs from me.
You must be like a real tourist!
If everything is in order, then you can settle.
With booking services such as him, Agoda, for example, a very serious disadvantage is that the charge often arrives during the stay. In such a situation, you have to pay yourself in cash. And in the event that KH raises kipish, then you can talk to the local police.
Accordingly, you can NEVER card the mat of the country where the tourist goes!
Important aspect: HOW TO DIFFER AN AGENT FROM A FAKE AGENT IN GENERAL
that is, when searching for merch, we need to understand the principles of its work and it is for them to decide whether it's for you or not.
Initially, we read Google, reviews about the service, the so-called how it work, respectively, we card in foreign services and also read not on ru sites.
Next, we card a test from the rolls and look in transactions who debits money, if the hotel debits the hotel, then this is not an agent but a booking service, if it debits the site merch itself, then the agent is
I ask you to pay attention to the fact that even carding into an agent there is no guarantee that the reservation will not fly off during your stay!
4) Brut accounts of rewards
You can get a cherished reservation using various loyalty programs
They are of two types:
Loyalty programs of banks of CC issuers, I think everyone knows about it.
CH for when paying with a card for every dollar spent receives: miles / points / rewards for a virtual account
And they can spend hotels / air / auto or something else
And the second type is the loyalty programs of hotel chains / large tour agencies / big stores, etc.
It's certainly not so easy to work with them, and quite a lot of money is needed for experiments, you need to be ready for this.
Initially, information is collected on existing loyalty programs, then write software for brutus, find accounts and try to make a reservation.
There are many nuances there and each such program has its own chips ... you can understand them only by trying.
The main problem: will it allow you to make a reservation not on the holder of aka on the left Vasya?
It is not difficult to guess what most often will not give.
Here you can do this:
Trying to change the guest data in the merchandise, but here you need to be prepared for trying to dial the holder and the question of the number activity arises
You can call the hotel and say "Hello, Vasya and his wife will come instead of me".
Another option on the scan (drawing): when checking in shows a reservation, and if the question arises: "Where is the person for whom the room is booked?". Answer: "It is not there yet, it will be later" and show a photocopy of his passport which was previously drawn and printed.
There are still options to combine, for example, take an account and link a new card to it, and pay for it.
Rent a car there are two options for booking cars payment in full through the agent (our option) payment of a part from the card is usually 30-50%, and the rest is via the cash desk directly (this does not suit us)
carding is standard to describe, everything is simple and so after succes successful, you go to get a car, then you have to make a deposit for the car from your card which has your name!
http://prntscr.com/gwsw9a
The card is used to block a certain amount as insurance and after passing the car the amount is unfrozen in 3-5 days
what you need to pay attention to:
be sure to read the rules for using the service
make sure that you pay 100% for the rent, and no additional payments are required !!!
Be sure to look at the minimum age of the driver, often they do not pay attention to this and simply do not give out the car!
we always have money to pay for the rally!
The card you leave should not be important to you, that is, if you use such a service on it, you must make a card to deposit it after the lease, since money can be withdrawn after a few months !!!
Excursions one of them is viator.com cardings in here are standard, no sense in explaining, I'll dwell on some of the nuances antifraud often also very serious
just like with a booking, there are services that do not charge themselves, rarely but such ones are found, so when testing you need to pay attention when filling in the data, we indicate the data for the transfer, that is, the hotel where to pick up and the phone.
You can specify a hotel next door, and just go there, but you don't need to be late so the driver wouldn't call the hotel in your room.
If you leave a phone number, then also look at whom it is decorated.
You should not card the mat of the country where the tour is going).
Then I want to tell you the obligatory rules when using carding-hotels:
Before check-in, always ring the hotel and confirm that everything is in order with the reservation!
ALWAYS have money in cash, so that when you rally you could pay for everything!
Do not spend more money than it is!
When you pay by the form, always wait until you receive a "slip-check", because even when you call you may be told that everything is in order, and after settling in, it turns out that there isn't, and you have to pay.
NEVER give your card, I can ask for a deposit or something else, if asked, leave cash!
THE LIFE PERMISSION should not be more than 14 days, you should understand yourself - the less the better!
NEVER and no one to say where the reservation comes from, etc., no one should know about the carriage!
I do not recommend settling in the RU hotels for carding.
In Russia, upon check-in, you will be asked for a passport, there is all the data there, it's easy to find you.
Air
Good evening, today let's talk, perhaps, about one of the most profitable topics in carding - air tickets.
First, I will tell you about the different options for tickets, then we will talk about the security of the whole event, and then I will answer your questions So, what are the options:
AGENTS - FORM - REWARDS - CARD IN AK an agent is an intermediary, for example, bravofly.com, between a huge number of airlines and a passenger, while the agent is paid this option is safe for the one who flies, since during the rally all questions to the intermediary who issued the ticket most often agents are merchandise sites with payment of varicose veins that is, we have here three options:
CC + VBV = the reservation keeps best, but the mat is very expensive and it is very difficult to find it.
In the euro of the merci mat usa + vbv I used to climb normally - now it's not much of a climb either)))
CC novbv Bins rally here is possible at any time, very dependent on the CC country on the merch itself and on a lot more
CC ameks - CC amex themselves do not have varicose veins per se, now they have done something like, and some time ago there were merchs that amex took in and if they card amex Australia or New Zealand they gave
now this method is less effective, as everyone clears and tightens fraud there are still some merchandise without a bomb, but there are very few of them and they are very tough)))
I have been busy with tickets for quite a while, and will give some tips:
if you decide to try yourself in this field - make sure that you know how to card, without experience with staff, gifts, etc., you don't need to start at all, as you will need experience in understanding how the antifraud works and in setting up the machine for carding and in drawing and in calling do not start the search for air merchandise without good capital - which you can safely drain learn how to work systematically that is, when you find a merch that you think should give, you should develop a system for testing it you need to try a different mate
It is necessary to test different directions, if it did not give the RF, this does not mean that it will not give something else.
Before you fly yourself or send clients, you must be 100% convinced that your method is reliable!
Today, the topic of the air is badly beaten, and even the checkmate with the BBB does not give any guarantees of success
Depending on the airline and the directions from the passengers, they may request a drawing of ?? at the front desk, for example, you should know all the details in advance.
Very often the payment goes well, the tickets are given but a meeting takes place, more often it is an additional check of payment or something else. Here you need to ring out and understand the reasons for the rally, that would continue to work more productively.
When working with a varicose mat, it is worthwhile to consider himself carding in more detail:
We set up the virtual machine, everything should be perfect, after carding in we make cleaning, if we use the Antique we clean it.
We buy a sock or a tunnel, it is important that it be fast and clean, we select as close as possible under the ip of CH.
Data on ip CK and user agent CX are obtained from the seller CC + VBV.
We go to the site of the agent, if we beat VBV, then we need to know 100% what it is), choose a ticket to pay
Using the example of CC + VBV, the Germans will describe how there:
CC DE FULL INFO CLASSIC (these are classic bins), the price of such bills is up to 50 euros (limit-guarantee is on average 500 evro)
CC DE FULL INFO HIGH (these are bins from premium to corporate), the price of such CCs is up to 75 euros. CC HIGH come with a limit of guarantee up to 750 euros.
CC DE FULL INFO BUISNESS (business and corporate bins, etc.), the price of such CCs is up to 90 euros. Limit guarantee up to 1300-1500 euros it is clear that the figures are average, and the guarantee limit and price may vary significantly there are also currently Sellers who do not give a guarantee limit at all they take advantage of the fact that such a mat is rare and in great demand we never buy fullki of- SPARKASSEN (name of the bank), firstly petty, secondly powerful anti-fraud system, thirdly, there are no substitutes for them.
Naturally, if the card is not valid, a replacement is also made.
Replacing the CC all sellers do strictly when providing video of carding in the CC
The video should start from the moment of opening the CC from the seller in the favor, then show that the sock / tunnel you read (check2ip.com) and end with either a successful carding or problems with dumping, etc.)
I will give a link on a program for record http://rutracker.org/forum/viewtopic.php?t=5022971
The format of the issued cc is normal, but plus to this in the full DE is haberstatum (short ADD).
Kontonummer (account number from 7-10 digits).
Servicenummer (not for all IC) Bank number where to call, but it is rarely required.
Bankleitzahl (bank number for other banks, usually does not ask for it, since it is one in the bank).
SC, respectively, Security Code, for us it is known as VBV, but a very large BUT, it is not needed in 70% of cases, as the automaton in German banks of the UK is reset every 30 days it turns out we activate the SC each time using Kontonummer (account number), Haberstatum (ext), Gultigkeit (emergency date) and Prufziffer (Sv2 code - a three-digit code).
We put in passenger data, we put in card data, we change varicose veins and if everything works out, then we rejoice. If the card is not invalid, there are not enough funds up to the agreed limit, it does not allow us to change the PIP, we put Bandikami on a stop, fill it on a sendspace, send it to the seller and wait for the replacement and here is another very important nuance.
Yesterday in the lecture on hotels I spoke in detail about services like booking.com
Let me remind you of these services that do not have their own merchandise and simply transfer your data to AK and the airline already processes them.
You may not see it yourself.
That is, when you make a reservation through an aggregator of the skyscanner type, then you see that you switched when paying to another site.
And when booking on vayama, you don't go anywhere, but that airline takes off the money whose flight you are doing!
In fact, this is direct carding with all the ensuing consequences
How to figure it out:
there are two methods here - card tests with rollers and see who wrote off the money
You can also call the AK and disguise everything under the guise of making some changes, but this method is not 100% often the case in AK says "contact the agent who issued the
ticket" although the airline itself wrote off the money!
If you made a ticket through such a merch, then it is advisable to make the client fake docks on the ticket and be sure to warn about possible problems
With such type of carding, NEVER card the mat of the country where you are flying!
There have been cases when they are filmed on a transplant and begin to torment very strongly!
The next way is carding into the agent form of payment.
It's all the same as with hotels.
We only call the agent, invent a story why we cannot pay via the Internet, request a form, draw a picture, call it and make a ticket.
I have to say the right away, very few agents are now accepting payment according to the form, and of course it is not interesting to make tickets for small amounts here because the cost price is high
The next topic is the rewards.
Here is the same as for hotels, I told a lot yesterday.
I will note an important thing - most often loyalty programs just allow you to make hotels / air / auto that is everything for the tourist
It remains quite a bit - to find.
Miles from airline companies is also a very working topic, although large airline companies have already managed everything, and here I want to point out an important nuance
When we pay for the ticket with miles, we often need to pay additional taxes and fees in cash, then we card the CC, but we also need to find the CC so that the charge is as long as possible
The amount of taxes and surcharges are usually not much 20-100$ per passenger.
Sometimes it is possible to pay taxes from a virtual card like QIWI or ?, but almost everywhere it does not work.
The most beaten airline companys are shaved, delta, lufthansa ... they behave very strangely, they can get off the cruise on a transfer, it happens that they take flight for a flight and are not allowed into the plane.
I write all this to the fact that before sending someone it is important to test everything.
Phone activity is very important, I talked about this in the last lecture on hotels, if yesterday someone did not read the logs
There are also miles not some particular airline company but unions, such as SkyTeam, and in some it is possible to card in code-sharing, that is, you have airline A miles, and you use them for company B flight
There is such advice here, do not use miles of Russian airlines, and do not use miles of western for russian airline company flights.
We can get accounts in the following ways:
We brutal ourselves - We buy from logs - We buy in shops.
Thanks for reading this manual.
I wish you all successful work and good luck. Happy carding!
Heading:
Encryption part 1
Encryption part 2
Introduction to security based *unix-like systems
The safety and anonymity in the Internet. Configuring the virtual machine
Cards
Mediations
Warming-up shops
Antidetect
Searching for shops, merchant
Europe and Asia
Carding from A to Z
Selfregistered Paypal
Methods of working with Paypal self-regs
Brutus of Paypal
Work with Brut accounts
Brutus Ebay + Paypal
Pickup, Interception
Work on Android
Enroll
Gift and E-Gift
Carding Liquid stuff using Enroll
Hotels
Air
Encryption part 1
Welcome everyone today's lecture will be devoted to encryption, we will analyze all the main aspects, as well as talking about encryption in general.
I would like to discuss and analyze the fundamentals of encryption, we will study symmetric and asymmetric encryption, and also slightly touch some terms, such as: hashes, SSL, TLS, certificates, data interception using the sslstrip utility and other weaknesses associated with encryption. This is the fundamental knowledge required to select the appropriate security tools to reduce risks from being calculated by
"federals".
Many of you, if we dig a bit deeper, don't have the foggiest idea about their safety and privacy. They can only blindly object things, based on the opinions of other people.
But when it comes to your security and privacy, only You can be the guarantor of your safety, and no one else.
But surely, some smart guys will ask the question: "How can I be the guarantor of my safety if I do not know anything about it?"
One of the principles you should learn is- the principle of planning. All your actions should be clearly planned.
But in order to plan something you need to be competent in this area, to answer your questions, such as: what is it and what is it for?!
In General, encryption consists of 2 components - encryption and decryption.
With the help of encryption, the following information security states are provided:
2. Integrity - encryption is used to prevent information from being changing during the transmission or storage.
1. Privacy - encryption is used to hide information from unauthorized users during transmission or storage.
2. Integrity - encryption is used to prevent information from changing during transmission or storage.
3. Identifiability - encryption is used to authenticate the source of information and to prevent the sender from rejecting the fact that the data was sent by him.
in Order to read the encrypted information, the receiving party needs to have a key and a decoder (a device that implements the decryption algorithm).
BY THE WAY: the idea Of encryption is that the attacker, who is intercepting the encrypted data and not
having a key to it, can neither read or change the transmitted information.
Let's imagine a locked door, in order to find out, what is on the other side of the door, we need to open it with the key from this door.
And in the case of data encryption. Only instead of a closed door, we have an algorithm for encrypting data, and instead of a key from this door, a secret key (password) for decrypting data.
Goals of encryption.
the main purpose of encryption is to store important information in encrypted form.
in general, encryption is used to store important information in unreliable sources and to transmit this information through unprotected communication channels. This type of data transfer represents from itself two mutually reversed processes:
1. Data is encrypted before it is sent over the communication channels or before it is stored.
2. The decryption procedure is used to recover the original data from the encrypted data.
Encryption was originally used only for the transmission of confidential information. Subsequently, the information was encrypted with the purpose of its storage in unreliable sources. Encryption of information, with the purpose of its storage is used as for now, it avoids the need for physical storage of it (usb, ssd disks).
BY THE WAY: we will analyze the examples of encryption methods and after that, you will clearly see the whole point of it, so do not worry about it. (tomorrow)
What are the encryption methods:
1. Symmetric encryption - uses the same key for both encryption and decryption.
2. Asymmetric encryption - uses 2 different keys: one for encryption (which is also called open (public)), the other for decryption (called closed (private)) or vice versa.
These methods solve certain problems and have both advantages and disadvantages. The specific method used, depends on the purpose, for which the information is encrypted.
in order to make the right choice in the approach to encryption, which encryption method to use? And to answer other related questions, you will need to understand what encryption is, as I said earlier.
Based on the infographics above (link), we can visually understand the principle of encryption
- the Sender sends an encrypted message: "Hello, Marfa"
- Attackers intercept this message, but since they do not have a key to decrypt it, they only see a set of characters: "%#&$!"
- The recipient, having the decryption key, can easily read the message sent by the sender in encrypted form, he already sees the text of the sender in its original form: "Hello, Marfa" it is no exaggeration, if we say that encryption is the best tool that we have in our arsenal for protection against hackers and surveillance.
By the way, about the terms:
Encryption is a method of converting human-readable data, called plaintext, into a form that a human cannot read, and this is called ciphertext. This allows you to store or transfer data in unreadable form, because of that information remains confidential and private.
Decryption is a method of converting encrypted text back into human readable text. If you perform a simple Google search, you will see HTTPS and a green lock icon, which means that all the content of the web page is not readable by people who may try to intercept data transmission over the network.
Simply put or symmetric encryption (encryption method is meant 1 of 2 that say)
There are two main components of encryption:
1. The encryption algorithm is publicly known and many, many people have studied it carefully attempting to determine whether the algorithm is strong or weak.
2. Secret key - you can imagine that the secret key is a password and it must be kept secret.
The Algorithm can be represented as a closed door, and the secret key is the key to this door (see Infographic link above).
Symmetric cryptosystems use the same key for encryption and decryption.
Based on the infographic above, let's look at an example, I want to send Marfa some file, but I do not want any 3rd party people to see it. For clarity and ease of use, I decided to encrypt this file with the program 7-Zip.
By this analogous structure sectors/discs are encrypted in VeraCrypt, TrueCrypt, we will also take this for example.
Let's look at the screenshot above:
1. An encryption algorithm is a mathematical process of converting information into a string of data that looks like a random set of characters and letters.
2. A hash function is a conversion of input data, in our case, to an output bit string. The purpose of the function is to ensure integrity and to detect unintended modifications.
3. AES-256 - indicates which algorithm is used (AES) and what block size we have (256), as we can see in 7-Zip there is no possibility to customize the configuration, rather than in VeraCrypt.
4. With the help of the entered password, your key will be generated for the selected encryption algorithm (in our case AES-256), for decryption you will need to specify the decryption algorithm if its possible and enter the password, in our case again.
At the output we get an encrypted archive, which is for unpacking and obtaining information that
is inside, you must enter the decryption key, in simple terms the password.
As you can notice the symmetric block encryption algorithm, Advanced Encryption Standard (AES), was used for encryption.
This algorithm uses only the one key, the key is created using our password (see point 4 for clarity of the conversion)
You can also choose which block size 128/256/512/1024 bits, will be used, in our case there were only 256 bit and 512 bit variants.
BY THE WAY: Imagine a door and a lot of locks on it. It will take you a long time to open or close this door. Same as for algorithms, the higher the bitrate, the stronger the algorithm, but the slower it encrypts and decrypts, you can consider this as the strength of the algorithm.
256/512 bits - this is also the volume of the key space, that is, a digit, denoting the total number of possible different keys that you can obtain using this encryption algorithm.
BY THE WAY: To break a symmetric cipher, it is necessary to go through 2 * N combinations, where N is the key length.
To break the symmetric encryption with a key length of 256 bits, you can create the following number of combinations, which are, possible keys: 2^256 = 1.1579209 e+77 or if you decompose 1.1579209 e * 10^77 when calculating, we get the following number of possible variations (this is a 78-bit number).
2^256 = 11579208923731619542357098500868790785326998466564 0
564039457584007913129639936
If anything, you can check this number there http://kalkulyatoronlajn.ru
Thus, for all those who doubt the safety of the chances of collision 2 ^ 256, there is a number: there is a probability that the collision will have 1-n of more than 1.1579209 e*10^7= 78-bit number (the number which is higher)
All this means that it is extremely difficult to pick up the key, even with the help of very powerful computers, assuming that you used a long and random password when you were generating the key. (about the passwords we will analyze in details tomorrow)
BY THE WAY: we will talk about the passwords separately, what to use, and etc. Together with the programs and why. Don't stop up your brain with all this information at this stage, lets now talk about this..
People and governments are constantly trying to crack encryption algorithms. In this article, I'll give you a list of algorithms that are good and which are not, which ones are amenable to hacking and which ones are currently impossible to crack.
Symmetric encryption Algorithms
1. Data Encryption Standard (DES) is an algorithm for symmetric encryption, developed by IBM and approved by the U.S. government in 1977 as the official standard (FIPS 46-3). The block size for DES is 64 bits.
2. Triple-DES (3DES) is a symmetric block cipher, created in 1978 on the basis of the DES algorithm in order to eliminate the main drawback of the last small key length (56 bits), which can be broken brute-forcing key search.
3. Blowfish is a cryptographic algorithm that implements block symmetric encryption with a variable key length
4. RC4 is a stream cipher, which is widely used in various information security systems in computer networks (for example, in SSL and TLS protocols, WEP and WPA wireless security algorithms).
5. RC5 is a block cipher developed by Ron Rivest of RSA Security Inc. with variable number of rounds, block length and key length. This extends the scope of use and simplifies the transition to a stronger version of the algorithm.
6. RC6 is a symmetric block cryptographic algorithm derived from the RC5 algorithm.
7. Advanced Encryption Standard (AES) - symmetric block encryption algorithm (block size 128 bit, key 128/192/256 bit), adopted as the encryption standard by the us government on the results of the AES competition. This algorithm is well analyzed and is now widely used as it was with its predecessor DES.
Symmetric algorithms are used in most encryption systems that You use daily: HTTPS, Full disk encryption (TrueCrypt, VeraCrypt and others), file Encryption (7-Zip, WinZip and others), Tor, VPN. Symmetric encryption is used almost everywhere
BY THE WAY: Advanced Encryption Standard (AES) is a common standard for symmetric encryption. For maximum protection, use AES-256 where possible. AES is fast and today- it is impossible to crack (assuming that you have a strong password, about this will be below).
2nd type or method, to whom as it is more convenient Asymmetric encryption
Very smart people have invented this encryption using public and private keys and algorithms based on the complexity of certain mathematical problems. I will not go into mathematical details because their understanding is not necessary for your protection.
For the right choice of security tools, you only need to have the basic understanding of algorithms and the strength of algorithms, as well as cryptographic systems that you are going to use.
As we know, the symmetric encryption method uses 1 secret key, whereas asymmetric encryption methods (or public key cryptography) use one key (public) to encrypt information and another key (secret) to decrypt information. These keys are different and cannot be obtained from one another.
Let's solidify this material immediately
Symmetric encryption method - one key, uses the same key for both encryption and decryption.
Asymmetric encryption method - two public keys (public from English) and closed (private from persistent)
so, we have a file for Marfa, which if You remember in the section of symmetric encryption (see Screenshot above) was encrypted using the 7-Zip program using the AES-256 encryption algorithm and a strong password, but how do we get the password to Martha so that she can decrypt the file?
BY THE WAY: the Best way to transfer something and to be sure of the delivery of the information to the specified recipient, is to hand over personally.
But this is not a good idea, because we may simply not know where the addressete is, or he may be so far away that to deliver something "in personal" becomes problematic, or maybe we just need anonymity.
Asymmetric algorithms (using public and private key):
1. RSA (Rivest-Shamir-Adleman) is a public key cryptographic algorithm. This algorithm is very popular, 1 of the most common asymmetric algorithms you'll see, and I'll show you where to look for them and how to use them.
Definition: the cryptographic Stability of this algorithm is based on the complexity of factorization or decomposition of large numbers into the product of Prime factors.
2. ECC (Elliptic curve cryptosystem) - a common and gaining popularity algorithm. This cryptographic system based on elliptic curve cryptography, or ECC. The strength of this algorithm relies on the problem of computing discrete logarithms on elliptic curves.
3. DH (Diffie-Hellman) - Its stability is based on the problem of discrete logarithm in a finite field. Diffie-Hellman is becoming more and more popular because it has a property called "direct secrecy," we'll discuss it later.
4. ElGamal - scheme El-Gamal, and the cryptographic strength of this algorithm is also based on complexity of discrete logarithms in a finite field.
DEFINITION: cryptographic Stability (the ability of a cryptographic algorithm to resist cryptanalysis) - this algorithm is based on the complexity of factorization or decomposition of large numbers of the product of Prime factors
Narrowed with determination, sorry
These asymmetric algorithms helps to solve the problem of key exchange or negotiation, as well as to allow the creation of so-called electronic digital signatures. So potentially we can use public and private keys to send Marfa our private key in a secure way, without the possibility of intercepting its content.
BY THE WAY: once Again, in algorithms using public and private keys, two keys are used, not one, as in symmetric encryption.
the Difference is that asymmetric encryption has a public key that is created to be known to any person, that is, it is the public key, and there is a private key, which should always be kept secret and be private. These keys are mathematically linked and both are generated at the same time. They must be generated simultaneously because they are mathematically related to each other.
Any website that uses HTTPS has public and private keys that are used to exchange a symmetric session key to send you encrypted data. It's a bit like the Zip file we saw. They use these public/private keys and then they need to send another key, the type of key that we use for the Zip file, in order to perform encryption (end-to-end will analyze later)
REMEMBER HOW the LORD's PRAYER AND UNDERSTAND:
If You encrypt with a private key, You need a public key to decrypt!
If You encrypt with a public key, You need a private key to decrypt!
In asymmetric encryption, if the message is encrypted with the 1st key, then the 2nd key is needed to decrypt this message. If you encrypt with a private key, you need the public key to decrypt.
If you encrypt with a public key, you need a private key to decrypt. It is impossible to encrypt and decrypt with the same key, and it is extremely important. For encryption or decryption, you always need related keys.
But why would we encrypt with a public or a private key? What's the difference? What's the point of using them? Why don't we use only one of them?
Especially for you, I drew an infographic to simply and easily explain the usefulness of these keys and how they can be used.
BY THE WAY: In this infographic we are looking at two directions of encryption that are considered, first we will analyze the one with green arrows, and then with red ones.
1 way (green arrows)
The method with green arrows shows that the sender encrypts using the public key of the recipient, Marfa, it means that you need anonymity and confidentiality so that no one can read the message except the recipient.
IMPORTANT: let's Say You encrypt a file using the public key of the recipient. The message can only be decrypted by a person who has a suitable private key, that is, the private key of Martha.
So that we know that these keys are interrelated with one another,we will decode with one and encrypted with another and there is no other way.
the Recipient (Marfa) cannot identify the sender of this message. Since the public (public) key is public and that it is laid out and usually shared, so that anyone can use the public (public) Marfa key for encryption.
When the sender encrypts using the public key of the recipient, the message is confidential and it can only be read by the recipient, who has a private key to decrypt the message, but as I said before, there is no possibility of identifying the sender, provided of course if You do not send there any data for subsequent Identification
2 way (red arrows)
All of the above results in the 2nd method of using open (public) and private (private) keys.
If you encrypt with your own private key, it means that you are interested in authentication. In this case, it is important that the recipient knows that you sent the encrypted message. To do this, you encrypt with your private key. This gives the recipient confidence that the only person who could encrypt this data is the person who owns this private key, Your private key.
EXAMPLE: You are the Creator of some software, but the government is indignant and hinders your activities in every way. Let's simulate the following situation:
Let's say I want to download this software, here is the hash amount of this file, however, if the website is compromised, it means that the attackers could substitute this file for downloading and add a Trojan or something to it, to spy on me, and they could also replace the checksum.
So, this hash doesn't mean anything. It will not detect intentional modification of the file. We need something else to verify that this website, is in fact, the official website of the software.
And here we come to certificates, digital signatures and other means. All these documents are obtained as a result of cryptographic transformation of information using the private key signature and allows you to check the absence of distortion of the information in the electronic document since the formation of the signature (integrity), belonging to the owner of the signature key certificate (authorship), and in the case of successful verification to confirm the signing of the electronic document (non-repudiation)
We will talk About this later. I еhink tomorrow.
Encryption of data, using the private key of the sender, is called the format of the public message, because anyone with a copy of the corresponding public key can decrypt the message.
you Can think of it as if you officially put something on the Internet for public access, and since you encrypted it with your private key, anyone can make sure that it was you who left this message. Privacy or anonymity in this case is not provided, but the authentication of the sender, that is you, is provided.
Next. When different encryption technologies are used in combination, such as those that we have already discussed, since they can all be used in combination and cannot be used individually, they are called cryptographic systems, and cryptosystems can provide you with a range of security tools.
Cryptographic system can provide you with a number of security tools. Among these tools:
1. Confidentiality - the need to prevent leakage (disclosure) of any information.
2. Authentication - authentication procedure, that is, we know that Marfa is really Marfa and no one else.
3. Prevention of failure - which means that if you send an encrypted message later you will not be able to deny this fact.
4. Authenticity - the authenticity of the fact that the message has not been modified in any way.
Examples of cryptosystems are any things that use encryption technology, such as: PGP, BitLocker, TrueCrypt, VeraCrypt, TLS, even BitTorrent, and even 7-Zip which we used to encrypt a file in a symmetric encryption method.
for EXAMPLE: So that we can send our file to Marfa, we can use Marfa's public key to encrypt files, or to transfer anything in encrypted form.
But first, of course, we'll need the public key of Martha, it is enough to obtain it once, in some protected way, it is important, and then we will be able to always send an encrypted messages, available for Martha to read.
PGP is a system that we can use for this purpose, it uses the technology of encryption of messages, files and other information presented in electronic form
DEFINITION: PGP (Pretty Good Privacy) - a computer program, also a library of functions that allows you to perform encryption operations and digital signature of messages, files and other information, presented electronically, including transparent encryption of data on storage devices, such as a hard drive.
For these purposes, we can use Jabber + PGP or OTR, I recommend to read this article, pay particular attention to paragraphs 7 and 8.
Write it down for homework.
By the way on the account of IP who uses there will be an article or in General other servers, they use Sdn that is, it turns out that the IP address of the resource is hidden behind the SDN, that is you, who sends a request it goes through a chain like this YOU - SDN - IP servers
that is, the Sdn is intermediary and the site is tied when working with the domain, it will issue SP Sdn and there will be no connection with the jabber.
But let's go back to encryption. When it comes to cryptography with public and private keys or asymmetric encryption, there are both strengths and weaknesses.
Asymmetric encryption - public and private keys:
1. Better key distribution, since Martha can put her public key right into her signature and anybody will be able to send her encrypted messages or data that only she can read.
2. Scalability - if you use symmetric keys and want to send your file to Martha and, say, 10 other people, you will have to pass your password 10 times. It's completely non- scalable. Asymmetric algorithms have better scalability than symmetric systems.
3. Authentication, prevention of failure - this means that if you sent an encrypted message, then later you will not be able to deny this fact. Since it was encrypted with a private key, your private key
4. Slow - if you look at the length of the message in bits (see screenshot below) after asymmetric algorithms work, you will notice that it is much longer than the symmetric key encryption algorithms, and this is the evidence of how much slower they are.
5. Mathematically-intensive - The longer the bits are, the greater the number of mathematical operations, and therefore the greater the load on the system.
Symmetric encryption - private key:
1. Fastness - if you look at the length of the message in bits (see screenshot below) after running symmetric algorithms, you will notice that it is much smaller than the encryption algorithms with asymmetric keys, and this is the evidence of how much faster they are.
2. Reliable - Look above about AES-256 where was the calculation of the number 2^256 and see for yourself, but there are also 384 / 512 /1024 and more..
For a visual demonstration look at this screenshot below
in Order to fix the material, let's return to the analogy with the number of locks on the closed door. With the open and closed keys on the door there are hanging a lot of locks, so encryption and decryption takes much longer. For the CPU, this is a lot of mathematical operations, which is why there are hybrid systems, or hybrid cryptographic systems.
Public and private keys are used to exchange negotiation keys, and we use symmetric algorithms like AES to encrypt data, thereby extracting the maximum benefit. HTTPS, which uses TLS and SSL, is an example of this type of hybrid system, as is PGP.
Encryption part 2
We have passed a brief introductory course, now we should talk in more details about what is encryption in General, let's delve into what is the hash itself, etc.
Hashing
Hashing is the transformation of an array of input data of arbitrary length into a (output) bit string of fixed length, performed by a certain algorithm. The function that implements the algorithm and performs the transformation is called a "hash function" or "convolution function". The source data is called an input array, a "key" or a "message." The result of the conversion (output) is called "hash", "hash code", "hash sum", "message summary".
Let's look at the image, see here:
1. Input
2. Algorithm or hashing function
3. The Resulting output is always a fixed size.
Hash function accepts input data of any size. It can be e-mail, file, word, in our case, the phrase "Hello", and the data is converted using the hash function in the following form
732b01dfbfc088bf6e958b0d2d6f1482a3c35c7437b798fdeb 6e7 7c78d84ccb1
For better assimilation and analysis of this material, let's move away from the dry text and make a visual demonstration
As we can see from the animated GIF above, our input is converted using a hashing algorithm, namely SHA-256, to a fixed-size output.
explanation: As we can see, when changing our input data by adding "=) " our output has a different form, as in the bit equivalent the multiplier has changed. Consequently, the value of the output itself has changed. When returning to the original input data, the value again gets the original form.
You can present this as an example: 1. "Hello" = 5
2. "Hello =)" = 7 3. "Hello" = 5
The hash algorithm itself is the second arbitrary multiplier, let it be 2, then:
1. 2*5=10
2. 2*7=14
3. 2*5=10
And with the hash, only the hashing algorithm has more complex mathematical operations than I gave before, if you need a specific conversion formula used in the algorithm, see Wikipedia.
An important feature of the hash function is that you cannot convert from the hash back to the original input. This is a one-way hash function and does not require keys.
For example, again look at our GIF, which I gave earlier
Hello > SHA-256 > 732b01dfbfc088bf6e958b0d2d6f1482a3c35c7437b798fdeb 6e7 7c78d84ccb1
As we can see, we only used the input data, without any keys, and then we got the resulting output, which always has fixed size depending on the type of function you are using.
This ensures integrity and allows you to detect unintended modifications. It doesn't provide privacy, authentication, it does not allow to determine the presence of intentional modification.
by the WAY: There are many examples of hash functions: MD2, MD4, MD5, HAVAL, SHA, SHA-1, SHA-256, SHA-384, SHA-512, Tiger and so on.
WHAT to USE: NOWADAYS, if you choose a cryptographic system, you should use SHA-256 and above, I mean SHA-384 and SHA-512 and so on.
To make it easier to deal with the material, let's move away from the dry text and simulate the situation
let's Say You were given the task to download the operating system Windows 7 Home Premium x64bit
We know that this operating system comes from the developer Microsoft, then we go to the search and make the following search query: site:microsoft.com Windows 7 Home Premium hash
Site operator: This operator limits the search to a specific domain or site. That is, if we make a request: site:microsoft.com Windows 7 Home Premium hash, the results will be obtained from pages containing the words "Windows", "7", "Home", "Premium" and "hash" on the site "microsoft.com" and not in other parts of the Internet.
This is also the key information to search for the shops using operators in search engines, learn more about how to search using operators in Google use this article - https://habrahabr.ru/sandbox/46956/ .
As we can see from the Gifs above, I easily found the hash amount of the operating system Windows 7 Home Premium 64bit on the official website of Microsoft
Here it is - SHA1 Hash value: 6C9058389C1E2E5122B7C933275F963EDF1C07B9
In General, I would recommend you to find the hash amount and search from 256 and above, but on the official site there was only this amount, so I'll take what we have
Next, we need to find a file that corresponds to the hash amount, for this we also use the Google search engine and operators, how to search using operators and what it is, the link above.
inurl:download "6C9058389C1E2E5122B7C933275F963EDF1C07B9"
After you download this file, you can use our hash amount to make sure that this file has not changed, i.e. it has integrity.
There are tools that you can download to do this. https://en.wikipedia.org/wiki/Compar..._verification_ software
One of these tools is the Quick Ha (https://quickhash- gui.org), and I will show you an example with it, how to verify the hash amount and verify the integrity of the information received.
As we can see, the hash amount of the downloaded file corresponds to the hash amount given to us from the official website of Microsoft.
I will also attach below information on other hash amounts of this file
MD5: DA319B5826162829C436306BEA7F0F
SHALL-1: 6C9058389C1E2E5122B7C933275F963EDF1C07B9
SHALL-256: C10A9DA74A34E3AB57446CDDD7A0F825D526DA78D9796D44 2DB5022C33E3CB7F
SHALL-512: E0CB678BF9577C70F33EDDC0221BC44ACD5ABD4938567B92D C31939B814E72D01FAC882870AB0834395F1A77C2CD5856FD8 8D2B05FBE1D1D9CCE9713C1D8AB73
You may notice, as these numbers increase in the hashing algorithm, the length of the hash becomes longer as it is the length in bits. SHA-1 is short, 256, 512, and MD5, which is weak and should not be used at all. So this is a way to confirm that the file you downloaded has kept its integrity.
Some of you will probably ask, "What if the file I'm going to download is already compromised?"For example, here we have a website (https://www.veracrypt.fr) software VeraCrypt (https://ru.wikipedia.org/wiki/VeraCrypt).
And I want to download VeraCrypt, the site has a hash amount of files encoded SHA-256 and SHA-512
SHA-256: 6cff2cce52eb97321b1696f82e9ccefa7c80328d91c49bf10b 49e3 897677896e VeraCrypt Setup 1.21.exe
SHA-512: 5c68a5a14fa22ee30eb51bc7d3fd35207f58eefb8da492f338 c6d
ac54f68133885c47fa2b172d7836142c75d838dac782b9b9fa ca4 06a2ffb8854cc7d93f8b359 VeraCrypt Setup 1.21.exe
However, there is one "BUT", if the website has been compromised, it means that the attackers could substitute this file for downloading and add something to it, a Trojan or something for surveillance, and they could also substitute the checksum.
So, it appears the hash means nothing, that is, it cannot detect the intentional modification of a file. And we need something else to make sure that this software really comes from the developer. That the site VeraCrypt is the official site of VeraCrypt, etc.
And here we come to the certificates, digital signatures and other tools, that are we going to parse, but for now, let's touch on a not unimportant essence of hashing.
I don't want to copy etc. it's important to see everything in colour and details Now let's talk about Digital signatures
So let's go back again to our VeraCrypt, how to find out that the site is really official and the software comes from the developer.
a very Simple and tricky way to find out if it is an official website is to find the software in Wikipedia, and to follow the link to the official website of the software from there.
However, we can also click on the target lock and there see the certificate that was issued https://puu.sh/xQAFM/e687c816ce.png
A digital signature is a hash value. This is the result of a fixed-size hash function that is encrypted with the sender's private key in the purpose of creating a digital signature or signed message.
From a technical point of view, a digital signature is a mark, confirming the person, who signed the message. This is the issuance of a guarantee for the object that was signed with it.
For clarity, what is a digital signature open screenshot ( https://puu.sh/xQAFM/e687c816ce.png ) and look at the Signing
Signing: What you can see on the infographic above, but based on our file which we parse hash Algorithm > hash Value (6cff2cce52eb97321b1696f82e9ccefa7c80328d91c49bf10 b49e3 897677896e) > Private key (see Asymmetric encryption) =
Digital signature.
If the encryption object is signed with a digital signature, authentication is provided, because the object is encrypted with a private key, which can only be encrypted by the owner of this private key. This is authentication.
It makes it impossible to refuse authorship, because, as I said before, the private key of the sender was used. And it provides integrity as we hash.
Digital signature can be used, for example, in software. It can be used for the drivers inside of your operating system. It can be used for certificates, confirming that the signed objects come from the person specified in the certificate, and that the integrity of the data of these objects has been preserved, and that they haven't undergone any changes.
And how to make sure that the file really comes from the developer, in our case VeraCrypt, that is, in the case of fraud, etc. you could say with 100% certainty that I used your software, and it was signed by your digital signature.
https://puu.sh/xQB20/5166e3d0c8.gif - usually the certificate is checked automatically.
After we watch the gif, open the screenshot https://puu.sh/xQB5Y/c840f4670d.png
What we see here. Certificate issued: to-IDRIX SARL, to - GlobalSign. So, GlobalSign is the company whose private key was used to digitally sign this program. GlobalSign reports: "This software is legitimate and has not been modified." It says here: "the Certificate is intended to certify that the software comes from a software developer, the software is protected from modification after its release." To find out if it's a valid digital signature or not, we need to reverse the original process.
so we open again our screenshot https://puu.sh/xQAFM/e687c816ce.png
Check: What you can see on the infographic above but based on our file that we are parsing
Signed message > Public key ( this is a file in format .asc usually has the following form - https://www.idrix.fr/VeraCrypt/VeraC...public_key.asc, the private key also looks the same ) =hash Value, that is what you should get 6cff2cce52eb97321b1696f82e9ccefa7c808d91c49bf10b49 e389 7677896e
After that, this hash value will need to be checked with the specified hash, open the file with the program QuickHash, run our file and in the algorithm that it is presented to us, everything must match, if it does not match the file itself is changed, and there may be a Trojan, or something to wiretap us, or something bad
SHA-256: 6cff2cce52eb97321b1696f82e9ccefa7c80328d91c49bf10b 49e3 897677896e VeraCrypt Setup 1.21.exe
I checked the received hash ( https://puu.sh/xQBAz/8905455dd7.png ) and as we can see in the screenshot, they are identical, the files are legitimate and correspond to the digital signature of the developer and this file exactly from him.
And this software will infect your computer with WannaCry or any other bad virus, it will be guilty.
For example, this is how you, as a child, would deny that fact, that you ate all of the but your mother pokes you in the face with evidence, such as video and says, I have it all recorded, look here. And no matter how hard you try, that's what digital signature does.
Read a few times, if you do not understand, and try to understand this point, it is really important
And what we saw directly in this screenshot https://puu.sh/xQAFM/e687c816ce.png
This is what Windows verifies, the certificate of authenticity, that such certificate is really registered with a such number.
Let me draw an analogy to understand what Windows does, when it writes these lines https://puu.sh/xQBLa/604166ab6c.png in the certificate
You come to the Bank with fake money, and they check the money through special devices, and then BAM and the paint washes off, or they do not Shine through the watermarks and you are told that your bills do not match, and they are fake, as well as Windows.
So if someone else rewrote all of the data in the certificate and made a copy of the certificate for signing, with such data it would not correspond,
it is a complex topic, but actually I think it is clear.
And if the verification fails, you usually see a warning ( https://puu.sh/xQC61/ef80678f6b.png )
This means that any file that does not have a digital signature or Windows ( remember the Bank employee ) does not trust this digital signature ( and in the case of an employee of the Bank, he does not trust in your bill ), you can check the way I described above ( and the Bank employee well, there too, can check on your machine or there applying solutions ).
In Linux, this is simple, because you just do not install proprietary SOFTWARE as all SOFTWARE is usually put from official repositories.
You can take as homework to study etc.
Write yourself.
Let's go through this material again, because I am sure that for some of you it may seem quite difficult to understand.
https://puu.sh/xQAFM/e687c816ce.png - watch signing
https://puu.sh/xQAFM/e687c816ce.png - watch signing
So, the value of the hash (the program itself, if the dude himself drove it through QuciHash), which was encrypted using the private key (his private key, his personal fingerprint, so to speak on the network) of the sender or software release. It's a digital signature.
This ensures authentication, non-repudiation and integrity. But if you encrypt anything and in addition you would provide it with a digital signature, you will be able to achieve privacy together with authentication, repudiation and integrity.
Digital signatures certify that a program or anything else is received from a particular person or publisher, and they protect the software or messages from being modified after they have been published or sent.
I think we have now dealt with digital signatures. Let's now move on to End-to-End encryption (E2EE).
End-to-end encryption is that the data is encrypted by the sender and decrypted only by the recipient. If you want to avoid tracking, mass surveillance, hackers and so on, then you need this kind of encryption of transmitted data.
Examples of end-to-end encryption technology are things like PGP, S/MIME, OTR, which stands for "off the record" (Rus. not for writing), ZRTP, which stands for Z in the RTP Protocol, and SSL and TLS implemented correctly, all of which can be used as end-to-end encryption.
Companies that develop software, that uses end-to- end encryption and zero-knowledge systems cannot disclose the details of data exchange to your enemies, even under duress, even if they wanted to. This is the advantage of end-to- end zero-knowledge encryption.
End-to-end encryption provides protection in the process of data transmission, but it is obvious that it can not protect the data after it is received. Next, you need another protection mechanism. Use end-to-end encryption wherever possible.
the Use of secure HTTPS on all websites is becoming increasingly necessary, regardless to the types of data transmitted.
Let me show you what END-TO-END encryption is on the example of websites.
Is a digital certificate, the same as a digital signature, there are a number of differences, there are certification authorities and etc., you usually are not faced with that, not going to talk about this now, anyone interested can surf in Google "Centers of certification of keys and HTTPS and Digital certificates" a Green padlock in the URL or HTTPS means that your Internet provider or, say, the government, they can only track the target domain. What's the meaning of that?
let's Say there is an attacker between us and Google in the same way as in the case of sending a message in the infographic above. He won't be able to know exactly what I was looking for, because it's end-to-end ( or end-to-end ) encryption between my browser and the server.
Let's look at a visual example, and see what the provider can learn about us
First, we will use the example of non-encrypted connection using HTTP connection.
HTTP, HyperText Transfer Protocol - a widespread data transfer Protocol, originally designed for the transfer of hypertext documents ( that is, when you click on a word in the article to go to another web page ).
By default, HTTP uses TCP port 80.
For the screenshots below, I will use the WireShark network traffic analysis program.
For the experiment I took a site based on HTTP Protocol uznayvse.ru after I click on the link, the request from the site will be displayed in the program window WireShark, under the number 1, but let's immediately analyze what is responsible for each window of the program for better assimilation of the material.
1. This area is called Packet List -you can see in it, with which server the data is exchanged, the Protocol that is used and General information about the frames.
2. The next area is called Packet Details - it displays the details of the packages that have been selected in the Packet List.
3. And the last area is called Packet bit - it displays the 16th display of this package, also displays the offset in the form of Asuka, and also if we right-click on this area, we can see how it would look like in bits.
Here's what happens, when you click on a link, all traffic data is immediately filtered.
Let's look at the resulting packages, read more and find out clearly about the surveillance, analysis and etc.
1. Forwarded packets by our filter
2. Target domain, that is, the main page of the site is after slash "/"
3. User agent, browser settings, operating system version and other parameters..
4. Referer - indicates from which page we went to this page since we went from a secure page, there were many packages with redirects in the end, if we came from the same page it referred to ourselves, if I, for example, moved from the main page of the site to this then in the referral would be the main page of the site. ( see the screenshot below with an explanation to fully understand the meaning ).
5. Cookies, or session ) Here is your password sailed ) you Can go under your session logged in and fumble ) from the logged-in user that is you
by the WAY: If you think that this is the maximum of what this software is able to do, I am afraid to upset you, this is only the tip of the iceberg
6. Well, this is the final page where we are by the WAY: If you think that this is the maximum of what this software is able to do, I am afraid to upset you, this is only the tip of the iceberg in Order for you to have no doubts after reading, I decided to analyze these items by going from one page of the website to another and as we can see:
1. Refer - indicates the previous page that we parsed, we came to this page from it
2. What page are we on now?
As we can see, by itself, the HTTP Protocol does not involve the use of encryption, to transfer information.
However, for HTTP, there is a common extension that implements the packaging of transmitted data into the SSL or TLS cryptographic Protocol.
the Name of this extension is HTTPS (HyperText Transfer Protocol Secure). For HTTPS connections, TCP port 443 is typically used. HTTPS is widely used to protect information from eavesdropping, and generally provides protection against man-in-the-middle attacks - in the event that a certificate is validated on the client, and the private key of the certificate has not been compromised, the user has not confirmed the use of an unsigned certificate, and the user's computer has not implemented certificates of the attacker's certificate authority.
1. Google is using the secure HTTPS Protocol 2. Request packet data via a secure Protocol HTTPS
3. As we can see in the details of the package we have only Encrypted Application Data: 0000000000000016eec0818f25b5eb9bd4690883155a74b6.. .
No other information that is contained on the web page or where the person - we don't have
4. Since we have under the number 2-and the IP- address from which packets are exchanged with the server, we can see what kind of IP-address is there, and based on the data, we can conclude that the person is on the landing page of Google.
In fact, the use of HTTPS is secure and as I said earlier that: Companies that develop software that uses end-to-end encryption and zero-knowledge systems cannot disclose the details of data exchange to your enemies, even under duress, even if they wanted to. This is the advantage of end-to-end zero-knowledge encryption.
SSLStrip - https removal.
But also based on this, there are attacks on the removal of SSL, let's quickly analyze what it is?
Any attacker who can be located between the source and destination of traffic, in our case, the COMPUTER and the SERVER, this attacker can make an attack of the form "Man in the middle" ( Rus. "Man in the middle" ). One such attack, which requires very little skill and resources, is called SSL stripping ( Rus. "Removing SSL" ). The attacker acts as a proxy here and substitutes encrypted HTTPS connections for HTTP connections.
Let's open the screenshot and see what it is https://puu.sh/xQFWy/edbaf90d7a.png
1. As we can see we have sent the request with http
2. It passes through the SSLStrip and does not change, just goes on
3. The server sees that you came over in a insecure Protocol, without encryption and changes it to secure using encryption that is, https ( that is, 301 or 302 redirect is performed - this is configured on the server )
4. SSLStrip sees that the server has sent you a request in HTTPS ( see point 3 ) and automatically changes it to insecure that is on HTTP thereby removing TLS encryption
SSLStrip here, pretends to be the proxies and responds from the web server, simulating your browser, and sends you back the HTTP version of the site. The server will never notice the difference.
Because the server thinks that you are communicating over a secure https Protocol, because it does not see that an attacker ( SSLStrip ) has changed your Protocol to an insecure one
And what you will see - it will be almost indistinguishable from the original site. Let me show you what a website should look like.
https://puu.sh/xQHeu/014bf0515b.png
1. We see a secure version, that is, with end-to-end encryption
2. I have now done HTTPS-stripping ( removing SSL - SSLStrip ). And this is how the version of the site looks like after the attack.
As you can see, the difference, is that you no longer have HTTPS and most people will not notice the difference. And like I said, the server will never notice that something is wrong because it communicates with a proxy that behaves exactly like you would.
I advise you to read it with color
https://youtu.be/0wpxrPD90a4 - 1 Part of MITM. How is the MITM attack.
https://youtu.be/quZjKlrmCvQ - Part 2 MITM.
Network attack methods MITM in parts, write down your Homework also view, etc.
You can delve more deeply into this issue What can I say as an EPILOGUE.
I believe that we have a lot of disassembled encryption, the only thing that I did not have time to disassemble, I wrote above ,that we did not say this option with PGP, OTR, ZRTP, OMAXA, such protocols, about them you can read in Google or learn from me, I will give information if you need it.
Well, with PPP and OTR I think everything is clear
ZRTP is voice communication,and Omaha is a new type of encryption from the OTP series, only with their buns from offline messengers, encryption of chats, conferences, etc.
Encryption is a fantastic tool for privacy, security and anonymity, it is a tool that really works and attackers ( hackers ) will try to avoid it.
In simple words.. No fool would make a direct attack on encryption.
Remember the case of Ross Ulbricht the Creator of the "silk road" he got on captcha. That is, a simple little thing, because people forget about the most important thing, namely the simplest things.. The basics so to speak.
That is, no one will ever brute your passwords, it is much easier to install you a Keylogger on your system, or send you a link to a site with an infected JS script and make an attack, or a PDF file, etc.
But as I said encryption, no one will ever want to break. Attackers will simply try to circumvent the encryption. You should keep that in mind.
Security is a so-called the weak link phenomenon . It is as strong as the weakest link in the chain. Strong encryption is often a strong link.
We, human beings are usually the weak link. As they say my Tongue is my enemy
Introduction to security based *unix-like systems
Introduction to safety.
I will try to explain in simple language how you can theoretically get hacked. I will explain this without any complex terms, for ordinary users lecture. Let me give you a colorful idea of hacking the operating system, and more advanced users between the lines will read the technical information.
I Think that the user of any operating system, and especially those who are associated with this work, it is necessary to understand that professional viruses - are not executable files, which were renamed into a document and ask you to run them ( Stiller or warrior ). And the blocking of the macros may not prevent an attacker from executing code on your system.
I use various OSes, from Windows and Linux, and for a long time have been a supporter of such holivarov, I will deal a bit later with Macbookair: Security is the so - called weakest link phenomenon. It is as strong as the weakest link in the chain. Strong encryption is often a strong link.
I work on Linux, but sometimes I use Windows. Next, we can possibly say lot of negative things about Linux, but it is not associated with any fanatical beliefs, I just want to objectively tell and convince you that no matter what operating system you use - you can hack everywhere.
Remember my words, which I completed the article on Encryption, namely in the Epilogue.
Security is a so-called phenomenon of the weak link. It is as strong as the weakest link in the chain. Strong encryption is often a strong link.
We human beings are usually the weak link. As they say my Tongue is my enemy.
Your choice of operating system is important for your security, privacy and anonymity. Different operating systems are suitable for different needs.
For Example, to draw graphics for you, I need to go from Linux to Windows as I need Photoshop and other graphic editors, we will talk about this. But I think the main message of the information is clarified.
The Purpose of this section is to help you understand this difficult situation. Answer the questions: which operating system fits your requirements based on the risks and what you want to use it for, for a specific situation, for specific requirements.
It's like in school, to teach you orienteering, here in the same way, as your paranoia will not bring you to good.
After all, without knowledge, you can only make things worse.. Message and clarity
Let's talk about our choice of operating system and how it affects your security, because the operating system is the real basis of your security.
There are many misconceptions when it comes to operating systems and security. You've probably heard, for example, that MacBooks can't be infected with viruses.
Also, a lot of people are constantly discussing how much a leaky Windows operating system can be reasoned for years, but I wonder how safe Linux is?
And there are people, let's call them Linux camp, who believe that Linux is the best operating system. If you ask Linux fans, and if you have an antivirus, the answer is only laughter.
The Argument is - Linux is created by professionals, and everything is protected by default (standard). Here we put our favorite dog for Ubuntu and you can not worry about its data.
In General, there are two things that are infinite, the universe and fools. The universe is clear, but what about the last? Here's how to explain to various Windows users that you can't work without antivirus protection? And how to explain to the creators of MEGA Information Security systems ( antivirus in the common people ) that you can not protect yourself from hacking the access matrix ( this is when you block the reading or writing of some files, that is, access control ) and that hacking is not always: "a threat is Detected: the autorun Process.exe is trying to write to the system registry branch."
Your security looks good only in theory. Let's say you are the same Ubuntu user, you install on the PC of your favorite dog Bob this OS. Then a lot of people argue about the next - if Bob on - will come message myDocument.docx, even if it turns out to be an executable file, and it will run it according to the instructions, then nothing will happen - because for most actions you need the root password ( administrator password in the sense ). Are you serious? You are protected from the invasion of the representatives of the Junior school ? Or is it against attackers who are members of criminal gangs that control large flows of money and just mowed their brothers loot?
This is a reference to those users who use and blindly believe in the Means of information Security ( ESS ) or those courses that they were taught in textbooks on Information Security ( is ).
A Long time ago, when Linux was in its infancy, most of its users were professionals. But over time, there were many convenient distributions of linux for the average user, and it began to increase the number of users-Housewives. What does any housewife do? That's right, makes Internet payments, and where the money, there flock like bees to honey swarm of various scum that wants to fix their finances free of charge.
90% of Housewives use Windows - and viruses are developed for this operating system, and only at least 20-30% of Housewives will switch to Linux, then there will immediately be a money flow for the development of malware for Linux. And reports from anti-virus companies show a slow but increasing number of such programs.
OK, back to Bob, the only reason not to worry about their safety - the development of a Trojan under his OS is unprofitable. But so is economically disadvantageous, possible intruders income is less than expenses. How long will this continue is a big question.
But still, technically, how possible is it that Bob will be hacked and the data taken away? If Bob's strong point is that nobody needs him and viruses under his OS do not write yet - this is a game of Russian roulette.
Alice, a friend of Bob, knows that on account of Bob is a tidy sum of coins (BEETHOVEN), the key lies on the PC Pinocchio, and they together with Pinocchio decided to figure it out for two. What they need: a small start-up capital, straight hands of Pinocchio and some courage.
Alice knows that Bob uses Ubuntu 14 LTS. How to imagine the process of breaking Bob? He, like most users, believes that Alice will send him an e-mail file with an attachment that he will be asked to run and since he considers himself a specialist in the PC area and the file he will not run, then of course his data is safe!
Some nice actions from Pedro.
Then Alice goes to some unnamed and shadow resource and buys from Pedro vulnerability to Bob's favorite browser for N-th amount of eternally green. Pedro not only supplies Alice with technical information about the vulnerability, but also sends an example of how to run for Pinocchio (Alice's accomplice).
https://imgur.com/a/YMCfx
the Vulnerability that Alice gets is a zero-day vulnerability in the Google Chrome browser. For example, open hole CVE-2015-1233 or CVE-2014-3177, CVE-2014-3176, CVE-2013-6658 ( see Screenshots above ) and how many of them will still open the file and they are known only in limited circles (more details will be discussed later).
see the link above (screenshots where )
As you can see from the description of vulnerabilities ( see screenshots above ) Alice can execute the code in the context of the process and it will work not only in Windows, but
and on Linux and Mac OS. The vulnerabilities are taken as an example and are random. Once again, this is a vulnerability in the BROWSER.
Pinocchio is a script ( JS - Java Script ) and writes there the shell-code ( a set of lines that are written on the command line ), which must be executed on the target system
- BOB's PC. To do this, he needs to somehow pass the link. The first option with the post of Alice and Pinocchio was canceled
- Bob is a careful user and does not open links from email. Then they decided to improvise a bit. They know that Bob is a normal person and does not suffer from paranoia... Well shortly there are, for simplicity, Bob, just passed the link - Alice persuaded there to create a strip, or even some crap does not matter. In General he moved.
After Bob visited the link in the context of his browser process, a small code was executed, which was written by Pinocchio - just a few commands that were later loaded to the body of the virus and moved to its execution. But Yes. Bob is sure that Alice just shows him her photos, no files are downloaded to the disk, there are no warnings, nobody asks for root passwords.
Raise the privileges.
After the development of Pinocchio began to perform their first instructions on the processor of Bob, was the question, and what to do next? In Bob's theory, even if it does get infected, it won't get infected, Bob.
Puts a complex password for root access, and doesn't enter it suddenly at any cost.
Pinocchio and Alice have prevented such matter and solved it in advance. The same as Pedro told them that he had a couple of zero-day vulnerabilities in the Linux kernel, like the recent vulnerabilities in the kernel version 3.17 and 3.14 -
CVE-2014-9322, CVE-2014-3153.
After Reading the description of vulnerabilities Pinocchio realized that they will allow him to execute code in the context of the OS Bob. And all he needs is for his malicious application to take advantage of these fresh holes and execute the code in ring-0.
While unsuspecting Bob is looking at Alice's photos, Pinocchio's code has already seriously invaded the vastness of his system and neither the antivirus ( it simply does not exist ), nor anything else can not even display a message about the invasion. Since Pinocchio decided not to stop there, he went on. Once at the lowest level of OS Bob which is supposed to execute only trusted code, Pinocchio began searching for the file that is responsible for running the OS. As soon as the SOFTWARE from Pinocchio found this file, it modifies it so that when Bob's PC restarts, the Pinocchio code continues to run.
Rootkit - a program or set of programs to hide the presence of an attacker or malware in the system.
And so Buratino and Alice got access to the PC, Buratino under the control of Linux, but how can they hide their presence? Bob is not a fool and every 5 minutes he will check the integrity of the OS system files. For this Pinocchio decided that overwrite the code of the operating system, which is loaded into the memory of BOB's PC, but how? After all, if the same actions are carried out on Windows, then one small system component will detect this and force the PC to restart.
Bob does not worry about his security - even if the attacker's code is executed in the kernel, in fact, in the latest versions of the Linux kernel, the system memory areas are write-protected. Even if Pinocchio will try to overwrite the OS code in RAM, the processor will give an error and reboot the PC.
Then Pinocchio opened the documentation on the processor, which is on BOB's PC and began to study... He knows that the architecture of the processor Bob x86, but what does it give? After all, the necessary pages in the kernel is write- protected. Then Pinocchio drew attention to the register cr0 - a small block of memory which stores the data with which the processor works. And what will happen if I set the 16th bit to zero, quickly overwrite the necessary kernel methods and immediately restore the register - thought Pinocchio. And so he did, as it turned out if you reset this bit to zero, the recording protection can be temporarily disabled.
Thus Pinocchio got full control over BOB's OS, but the vulnerability was then found and fixed, but
the program code that is stuck in this way in BOB's OS can not be found. Every minute integrity monitoring shows that no single file in the system is not modified - the program Pinocchio just substitute it when reading. There are no new processes - the malicious process is simply hidden and if there are solutions on another OS that have been already discovered such techniques, then under BOB's OS there is no such.
In General, the conclusion, Alice and Pinocchio took pity on Bob... and deleted all his files. Ah okay, seriously, never be so fanatically sure of anything. I tried to explain the essence of the problem in an easy way and without technical terms.
Epilogue.
I wanted this simple story to show simple principles. How it all happens is that you need to clearly separate virtualization and use, because virtualization is another large- scale thing in the parameter of your security. We'll get to that later.
Do not try to surf some resources on your PC, open suspicious links and download some unnecessary software, and it is not clear from where, carefully approach your security issues, about JS and include it on trust resources and much more.
But as I promised earlier, I will not nightmare you. Such vulnerabilities usually cost a lot of money, and the fact is what exactly you will get hack is reduced, despite the fact that it will be interested in you, the probability is extremely small.
Risk Assessment.
In this part of the article, I would like to make a visual assessment of the risks and based on these points, so You can also do it yourself. without any special skills, purely its logic. We are not in vain in the previous article, abstracted and analyzed vulnerability, modeling of penetration and other aspects.
But you ask why.. Why I told you now about it, and not only security means matter. We are concerned about what our real risk is in the real world, and to determine it, we also need to take into account the history of bugs and security vulnerabilities. How weak, in fact, was a particular operating system? Perhaps you are interested in the question, which of the operating systems we will consider the weakest? Windows, OS X or various Linux systems, perhaps the Linux kernel, which of them was the most vulnerable in history?
https://www.cvedetails.com - it is a free database / source of information about the CVE vulnerability (It is a common standard for naming vulnerabilities present in commercial and open-source software products). You can view vulnerability information by CVE number, exploits, vulnerability references, Metasploit modules, full list of vulnerabilities products and cvss of assessment reports and the tops of vulnerability over time and many more.
Let's try to work with this site. To begin, we will go to this page of the site - https://www.cvedetails.com/top-50- products.php - here is a list: "Top 50 products by total number of vulnerable vulnerabilities" ( from 1999 to the present ).
And as we can see on the first line we have Linux Kernel - speaking in Russian. This Linux Kernel, as we can see, it occupies the first line in the number.. And you might ask what the fuck? Linux you should be the benchmark.
Okay, let's figure it out! The numbers shown in the right column are the number of vulnerabilities found in a particular operating system or application.
https://i.imgur.com/yz6dmcX.png https://i.imgur.com/LhiTLgC.png
Between the data on the screenshots the difference of 3 months
Let's go down to the bottom of the web page. We see the following "Total number of vulnerabilities of 50 products by manufacturers" (see screenshots above).
And as we can see Linux does not take the first line, but you say that Windows (Microsoft) is constantly updated, and it has a lot of products on the market
Office and other programs, and Apple have different versions of the operating system and also there are nuances..
Yes, that's right. All of you will be right, but Linux has a lot of things... Let's take a closer look at the specifics of this use.
I want to teach you self-analysis. And best of all is to teach you at least just to start thinking with your head, not the head of some school hacker, which is right now divorced and want to sell something not knowing anything about it and a lot of moments that are coming from this.
Well, let's not be too abstracted, let's better analyze everything in practice, and then I think You will understand what I want to tell you.
Go to the page https://www.cvedetails.com/vendor.php?vendor_id=33 - this page shows Linux vulnerability Statistics
https://i.imgur.com/eYcMyc6.png https://i.imgur.com/r8bDjUF.png
Let's get acquainted firsthand what you should pay attention to (see screenshots above).
1. Number of vulnerabilities by year 2. Vulnerabilities by type
Now you need to understand what parameters you should pay attention to:
The First thing that we should pay attention to is the number of vulnerabilities by year ( figure 1 ), as we can see that every year there is a trend to increase vulnerability detection;
The Second thing we should pay attention to is the degree of vulnerability risk ( figure 2 ), as we can see here are serious code execution ( Execute Code ) and buffer overflow.
Red and orange:
• the Red column is the execution of the code on the client side without his knowledge, I think it is not necessary to tell what is fraught.
• the Orange column is a buffer overflow, i.e. a phenomenon that occurs when a computer program writes data outside the buffer allocated in memory. Fraught with the fact that elevation of privileges, and much more.. You can see at wikipedia.org
https://i.imgur.com/ilfcwll.png https://i.imgur.com/Ny4goay.png
And to complete the picture, we can go a little higher, and see a table with vulnerability trends over time (see screenshots above) from structured data, we can easily make an analysis, as we see the ranking of data by time cycles (years) and severity of vulnerabilities (the columns).
As we can see in the first screenshot for October 2017, 166 potentially dangerous code execution vulnerabilities (figure 1) and 37 potentially dangerous overflow vulnerabilities (figure 2);
When 2017 ended, we see the following statistics: 169 vulnerabilities on code execution and 42 on buffer overflow.
A Little remark, I just update the studying materials and this is why I can do such statistics, in fact you do not need to wait 3 months, you can compare by year. I thought it would be good to give you such statistics, and not to delete the old one.
https://i.imgur.com/yYYTnra.png https://i.imgur.com/JjAUSS3.png
Detailed statistics on vulnerabilities: 1st code execution and 2nd buffer overflow
You can also click on these numbers and see detailed statistics about vulnerabilities (see screenshots above).
Analysis of developers.
Now we have a small picture of how everything works, we analyzed it on the basis of Linux, but the analysis requires several candidates. Now I will examine in a short concise way on the example of the 3 main developers, namely:
• Linux
• Microsoft
• Apple
https://i.imgur.com/LhiTLgC.png we took this screenshot in the beginning.
As we can see (see screenshot above) in General vulnerability statistics for all products:
* Microsoft-8938 vulnerabilities; * Apple-5408 vulnerabilities; * Linux Kernel-2000 vulnerabilities. https://i.imgur.com/Ny4goay.png https://i.imgur.com/oep1hkM.png https://i.imgur.com/6GUuyXq.png Microsoft: Microsoft, Apple, Linux https://i.imgur.com/ESqV1dc.png
So it is more easier for you to understand, you can just open them and read https://i.imgur.com/6uNE2SP.png https://i.imgur.com/6uNE2SP.png https://i.imgur.com/SgrbSMH.png
Here, it will be easier to study by the screenshot.
Let's look at some of these beliefs, based on facts and statistics, and find out what we actually come to when it comes to the security of these operating systems.
so, 1st we're going to Windows, how leaky the Windows operating system, you can talk years. Actually as I said earlier... It is enough to look at the statistics previously described and in your mind should light red light that would signal you.
and indeed PAIN is the guru of Windows and all the Windows stuff =)
But statistics - are statistics, let's understand why It originally had a weak security system.. I gotta hand it to her. In later versions of operating systems, Microsoft began to take security seriously.
And with the latest products, the latest security tools such as BitLocker, EMET, Device Guard, Windows Hello and trusted Windows apps, there is now a very serious set of security tools.
But is it really so? In General, I agree, the security of Windows operating systems is gradually improving, but this is not enough, and even more so for us.
In these operating systems, everything is closely interconnected with Microsoft servers, all your actions in the system as the threads report to the Microsoft server, just fail Windows, especially in the current version of Windows 10, the problems associated with surveillance and privacy, it is not particularly related to security, but it pushes some people, what to say about us..
I would recommend to read this article - so you can look from the outside at the picture as a whole.
Important point: If you read the license agreement from Microsoft which goes with each operating system of the Windows family, you will see that they will give your encryption key from BitLocker on the first call from law enforcement, and this stumbles upon the idea of what the hell Windows?! Why do you keep my encryption passwords on your servers, what the fuck.
The Fact that "putting a tick" in the license agreement with Microsoft, users give the Corporation the right to dispose of their data. "We may access, disclose and retain your personal information, including any content, any files on your devices, in your emails and other types of personal communications, if we have reason to believe it is necessary to protect our customers or to comply with the terms governing the use of our services" - says the license agreement
In other words, anything you say online, write, save, create or download on your computer or any other device with Win 10 can be remotely deleted or copied from you - if someone at Microsoft decides that they need it. That is, under the terms of the Microsoft EULA to interfere in the privacy of customers and control over it is not required even the sanction of the authorities!
you Only need permission to install OC from users who are too lazy to read the full license agreement.
As I said I will not analyze Windows, my goal is to provide you with information so that you can see it and make some comparative analysis.
Most Likely I will write an article about it soon, and then I will refer to it... It will be published in my section. If I can find the time...
Mac OS X
Next we have, Mac OS X, for today, again, like Windows, contains reliable security tools. Things like randomization of address space allocation, sandbox for running apps, FileVault 2, privacy settings, and Apple's trusted apps store ( AppStore ). All strong security features.
But if not for one "BUT" Mac OS X also has privacy issues.
If you have upgraded to Mac OS X Yosemite (10.10) and you use the default settings, every time you start typing Spotlight (to open the app or find a file on your computer), your local search terms and location are directed to Apple and third parties ( including Microsoft ) ( see screenshot https://puu.sh/xTGkj/dbe1f88d3e.png ).
there is a bracket and a point in the address erase
the Washington Post also published a video demonstration of real-time tracking Yosemite.
Let's open it https://www.washingtonpost.com/postt...b18_video.html
By the Way there is also some information nowdays about MAC OS hacking, I did not prepare the text for it, but you can easily Google it.
Let's look at this video, and who is bad with English, I will try to make out all the main points that you have just watched.
1. For example, a simple spotlight search, a tool to search for files on your operating system, now sends your location and the names of the files you are looking for to Apple on a regular basis. You may notice that your location is transferred to Apple even though if you don't see the corresponding notification icon. They decided to
hide this notification under the pretext that users will be overloaded with too many notification messages. This means that if you have agreed to use location services, you have also agreed to share your location information with Apple ( see screenshot https://puu.sh/xTGyC/11d372083a.jpg )
Let's open it .gif animation https://puu.sh/xTGZQ/58a24bfd28.gif and analyze it.
You may notice that the data starts to be sent before you type the text, as well as when you press the keys, that is, I go typing, the data is also sent.
As we see the author of the video says, "I'm looking for a document on my computer called 'secret plans that Obama leaked to me', and Apple gets information about it along with my location and user ID, which is a unique string of
Letters and numbers used to identify me. Apple tells us that this value changes every 15 minutes, but we have to believe that the new value is not tied to the previous one. Again, they get information about our location, and as the author shows, that indeed it is in the Washington Post office, based on the transmitted coordinates.
Well, let's talk quickly, how can we turn off these things with surveillance the corresponding icon with the notification.
To disable these things, first we need to go to System Preferences > Spotlight https://puu.sh/xTJ6F/e59027c2cd.png
We see in the screenshot all the places where Spotlight looks to search for you. It can be very useful. However, this may be a privacy issue, as you may have just seen. I would recommend disabling everything, but if you need something you can certainly leave it.
If you are using Safari, you need to disable the following, click Safari > Preferences > Search and uncheck Include Spotlight Suggestions (see screenshot https://puu.sh/xTJ2m/dcb32d4c13.png)
there is Also a good website https://fix-macosx.com
It presents a large amount of information about privacy issues in Mac OS X. Specifically on this issue, the site certificate has expired and the project seems to be dying.
Well, these are old things.
Next we have Linux similar operating systems actually the basis of our course. Please read this article before reading further.
In your case I gave it yesterday.
But you can also write on the homework, this is for those who have not read in General, would recommend
Linux-like operating systems, Unix-like operating systems. There is a great variety of them, I group them all into one category. If you are looking for the most secure operating systems, you will find them here, or rather will even say ONLY here.
Things like SELinux are a good example of this, is the implementation of a differentiated mandated access control - MAC that meets the requirements of the government and the military.
Definition: Mandatory access control (MAC) - differentiation of subjects access to objects, based on the assignment of a privacy label for the information contained in the objects, and the issuance of official permissions (admission) to the subjects to access information of this level of confidentiality. Also sometimes translated as Forced access control. This is a method that combines protection and restriction of rights applied to computer processes, data and system devices and is designed to prevent their unwanted use.
SELinux ( SELinux ) is a forced access control system implemented at the kernel level. This is not so much of an important point for you to sharpen at this point.
We will look at more standard operating systems: Ubuntu, Debian, Fedora, Arch Linux, Tails, etc. - again, they all have fairly reliable security tools.
When we look at Windows, Mac OS X and Linux, they are all in similar conditions.
But when it comes to their existing security tools and functionality. When we add privacy to the security package, we need to start looking at Linux distributions.
I would recommend using Linux distributions for security, but you will have to sacrifice interoperability and usability. For example, you can not use Photoshop or Microsoft Office, although it is solved with the help of "wine" - what is it you can see on YouTube, and maybe I will analyze it in this course. I don't know, it takes a lot of time to write, catastraphically a lot..
In a nutshell, if you don't know, there are many,many operating systems that have evolved in a certain way since the mid-1960s from an operating system called UNIX ( it was led by a paid system for corporations, etc.). )
I promised to give you a list of operating systems when I said that it is worth choosing a system that has the money to quickly eliminate vulnerabilities, here you can see clearly how many Linux distributions and from whom they came:
open: https://upload.wikimedia.org/wikiped...ns/1/1b/Linux_ Distribution_Timeline.svg - plus this link that is the format
*.SVG therefore you can search on this geneological tree via Ctrl+F directly in the browser;
Just look at how many operating systems are based on Debian, now you can go back to the statistics we did on the analysis earlier, and look at it from a different angle.
All of them are developing in General, look carefully and then go read more by the way, ctrl +F works there too.
I would recommend using distributions based on Debian - Debian, Kali Linux, Parrot OS, as well as Fedora, Arch Linux.
At the end you can find a list with a bunch of distriubtion on Debian and there with a little remark.
Let's talk a little about these operating systems
As you have already noticed with a detailed acquaintance with *.SVG infographics above, the 2 main communities are Debian and RedHat, so there are a bunch of others, but like I said earlier : "if you have a less well-known Linux or Unix-like operating system, you may find that the release for the fixes is slower, because there is no multibillion- dollar corporations behind them, in which they release of all the fixes puted on stream".
it Also applies to the support from the community and so on...
Fedora Linux is a Linux distribution with one of the largest user communities, among other distributions. But it is not as popular as Debian. There is an opinion among users that Fedora is difficult to use and configure.
a Significant advantage of this system is that Fedora is only free software. The Linux operating system is very often regarded as free software. But that's not 100% true. Although most of the programs you use are free, some drivers and hardware firmwares have private code. There are also open source components, but with a limited license, such as media codecs.
At the very beginning of Linux sharing I asked You to read the article which describes the moments of security and proprietary SOFTWARE, just to this reference.
The developers of the distributions determine how often users come into contact with proprietary software. They can include media codecs, video card drivers and network adapters, as well as additional modules, such as Adobe Flash, in the distribution. This will help users listen to music, play games, and browse the web, but it is not free software.
Fedora takes a principled position on this issue. This helps to avoid lawsuits against Red Hat. Proprietary software is simply not allowed in the repository. The distribution will not prevent you from installing such programs, but it will not help either. You will have to use third-party repositories, such as RPM Fusion. This is one of the reasons why Fedora is considered difficult. But it takes a few minutes to add a repository to the system.
But such articles https://habrahabr.ru/post/337290 injected of course slightly misleading. As before, non-commercial products, as far as I remember, did not fall under such bans. Fedora Project, though sponsored by the red Cap for the development of new technologies, but is a non-profit structure and does not derive profit from its activities, as far as I understand. This is weird.
Arch Linux is an independently developed Linux distribution optimized for i686 and x86/64 architectures, targeting experienced Linux users.
in General, you need to be a competent user to use this system, you need to be aware of it in advance. It uses Pacman, a self-developed package Manager from the Creator of Arch Linux. Pacman provides the installation of up-to-date updates with full package dependency control, working on a system of floating releases or rolling releases. Arch can be installed from a disk image or from an FTP server.
let me Explain the package Manager / repository - it's like the App Store or Google Play from where you can download and install the desired application or program in 2 clicks.
the default Installation process provides a solid Foundation that allows users to create a custom installation. In addition, the utility Arch Build System ( ABS ) provided the ability to easily assemble new packages, modify the configuration of stock packages, and share these packages with other users via the Arch User Repository (Repository for Arch users). This is a lightweight Linux distribution. It is supported primarily by free and open source software and SOFTWARE from the community-supported Aur repository.
Ubuntu - To dismiss this issue immediately say that Ubuntu sends your data to 3 persons without your consent.
If you're an Ubuntu user and you use the default settings, every time you start typing Dash (to open the app or find a file on your computer ), your search terms are sent to various three individuals, some of whom advertise you.
by the Way, you can remember the situation about Windows that decided to give WIndows 10 for free, but in the end collects all the data allegedly for advertising, that is, all your personal information, etc. In General, I do not want to repeat for this reason, as the bias is not more in the direction of it, I have already talked enough about it. If you want more information on this system, read at least the Windows License agreement. And your eyes will start to twitch )
At the expense of Ubuntu to prevent it from sending data to 3rd parties, you need to execute a number of instructions on this site https://fixubuntu.com/ listed here follow the instructions here show how to change the settings as desired. Previously, we looked at a similar situation on the example of Mac OS X.
However, I do not recommend Ubuntu in any case, I am only citing this for your interest in case you happen to be using this system. Ubuntu is better for privacy and anonymity than Windows or Mac OS X. I recommend Ubuntu to people who have no experience with Linux and who think that the above distributions are too complex to learn for them.
There are forks Ubuntu Mate there are fixed from what I know
Debian is an operating system based on Linux, it is a Linux distribution. It consists entirely of free and open source software, most of which is under the GNU General public license.
The Debian Distribution contains over 51,000 packages of compiled programs, which are packaged in a great format for easy installation on your machine. All are free. It looks like a tower. At the base is the kernel, above it - the basic tools, followed by all the programs that you run on your computer. At the top of this tower is Debian, carefully organizing and putting it all together so that all the components can work together.
With this approach, your system will not knock on Microsoft home servers.
Tails is a Debian-based Linux distribution created for privacy and anonymity. It is a continuation of Incognito OS development. All outgoing connections are wrapped up in the Tor anonymous network, and all non-anonymous connections are blocked. The system is designed to boot from LiveCD or LiveUSB and leaves no traces on the machine where it was used. The Tor project is the main sponsor of TAILS. The operating system is recommended for use by "the Fund of free press" and was also used by Edward Snowden to expose PRISM.
Use it only for surf for example.
For example, you came somewhere with your harddrive, and used it to open programs using it Kali Linux - GNU/Linux-LiveCD Arising from the merger of WHAX and Auditor Security Collection. The project created Mati Aharoni (Mati Aharoni) and Max Moser (Max Moser). It is intended primarily for safety tests.
The Predecessor of Kali was BackTrack, created on the basis of several linux-distributions. Originally intended to be used on Slackware OS and then smoothly switched to Ubuntu. After is based on Debian.
Parrot OS is a Popular security distribution based on Debian-linux. Quite easy to learn, suitable for beginners and professionals. This distribution is aimed at both penetration testing and anonymous work on the Internet.
a Fairly easy and effective tool, many security experts have found it a replacement for the increasingly "voracious" Kali, especially since Parrot uses Kali repositories for updates.
Use graphics and its surroundings MATE display Manager LightDM.
It is similar to Kali Linux in terms of functionality, here too, along with the system comes a huge amount of special software for security testing.
As you can see all the systems I mentioned above are mostly based on Debian in one way or another. Starting with Ubuntu and below.
How you handle security updates on Linux will depend on the distribution you are using. I'm going to talk about security updates using Debian and Debian-based systems as examples.
Look, here https://wiki.debian.org/Derivatives/Census all distributions derived from Debian are listed. Many of them are operating systems that are important for security, such as Kali, Tails, and so on. The Debian project does an excellent job of providing security updates for Debian.
Here you can read about other distributions.
Security is a priority for this project and this operating system.
If you want to find details of the security issues that patches are being released to fix, take a look at the security information page provided by Debian.
https://www.debian.org/security
If you go down below, you will see all the updates. You can click on any update and get more information about that particular update. You can go to the Mitre CVE directory and learn more about the vulnerability you choose. Here is detailed information about this vulnerability. More details can be seen here. And from here, we can go to various sources for more information, and in principle, we can even find the exploit code for this vulnerability. We had previously used as an example https://www.cvedetails.com .
According to the Debian Project, they handle all security issues brought to their attention and fix them within a reasonable time frame. They also say that many security warnings are coordinated by other free SOFTWARE vendors and published on the same day as the vulnerability is found, and that they have an internal security Audit team that searches the archives for new or uncorrected security errors.
They also believe that security by hiding doesn't work, and that public information makes it possible to find security vulnerabilities, and that's cool.
All this is good, which is why I recommend Debian- based distributions as the main reliable operating system for everyday use when it comes to security, privacy and anonymity.
I have decided not to give you a sample analysis for installation and etc, the only thing that you need to understand that it is necessary to create the installation flash drive in ddimage mode using rufus for example, Linux users can use dd command for this.
https://i.imgur.com/tD3lDok.png that's what DD image
in Order not to clog and not to make porridge in your head, if there are those people/group of people who have decided to tightly master the Linux environment. You can directly contact me or as I said before to contact through correspondence QUESTION / ANSWER.
Where already VSS will advise and help with these or other issues, in fact, the segment of your actions is similar as when working with Windows and what will tell you Payne, so it is perhaps a little bit different installation, and so everything is similar.
A lot of videos are on YouTube which shows an example of the operating system installation, disk partitioning and other points.
Linux is an amazing system with which you need to learn to work with it and it will become your true friend.
The safety and anonymity in the Internet. Configuring the virtual machine
Good day, ladies and gentlemen! Today I will give a lecture on "Security and anonymity on the web. Configuring the virtual machine"
the Lecture will be divided into several parts:
- Security
- Virtual machine and related parameters(parsing the virtual machine for surfing to communicate, parsing the virtual machine for driving),
- Storage and turnover of funds
During the lecture I will explain the basic methods and parameters, as well as give useful links and recommendations.
We will start with the first and the main-the basic part. Safety.
Let's start with the fact that it should be so clear to everyone that everyone should accept as a certain "TABOO" and never do so:
Do Not talk language, not on the Internet, not in life. We are not engaged in freelancing, so no one ever needs to know where you are, what your name is, how many children and any other personal information, NO matter who asks - a friend or acquaintance, anyone may not be who they are positioning as themselves, and even me.
As the saying goes: "the Personal should remain personal, job is work"
Nicknames. Do not use nicknames that you took from your Vkontakte id, steam, email or any other service or site.
The nicknames used in the white life - can bring people out of the gray life to you, there was such things like that it was enough just to Google the nickname of the person to learn everything about him and his relatives.
Don't register e-mails and accounts on your phone number, services providing services mailbox easily display the information on demand. For SMS you can use online services, such as: <http://sms-area.org/>
There are lots services, you can just Google them on request "take SMS for registration".
The Postal service, such as gmail.com & hotmail.com can register e-mail without SMS if IP has not been previously, used in their system. For mail.com SMS is not required.
Do not use personal email when registering on the gray sites and shops, make a separate for this purpose.
You should Never think that, "I'm not so big fish that I was looking for" - often such people then look for money for lawyers, do not forget yourself, never neglect safety, because it is better to sleep peacefully.
Next TABOO: never work on RU/CIS/Ukraine and the entire post-Soviet space. Do not buy in such shops, do not use such cards and services nothing, otherwise you will quickly leave the intelligence services. The news often shows those who worked in their country - a funny observation.
handling is carried out only through intermediaries, shipment services, or drops. Don't Shine your names anywhere.
Jabber and all other means of communication is better to be stored in a virtual machine, if you store on the main one - it is better to disable saving history and passwords.
If you value your own ass, its comfort and inviolability - it is better to observe these taboos.
use Jabber on secure servers that are trusted, for example: servers exploit.im and zloy.im
Never to neglect Garant-Service, even on not a very large amount, it is better to save the nerves and money and lose a little time than the other way around! No matter, tuber, moderator or friend - he's a man like You, Regardless of the number and the colors of the ribbons under the nickname, Regardless of reputation, everyone had a ball and start to throw their/others'.
let's Start analyzing the virtual machine and related parameters.
I recommend using virtualbox or vmware. Do not forget to include virtualization in the BIOS of your PC - otherwise the virtual machine will not be able to work.
it would be Better if you put the virtual machine image in a coded flash drive (or ssd) or container. For flash drives the best options are USB 3.0, 32-128gb.
SSD the more the better, but look at Your needs. For encryption we will use the following software:
(a) truecrypt 7.1 a
b) veracrypt
Both options are interchangeable. Use either a or b.
option a - TrueCrypt version 7.1 a, the rest unsafe and viracept - procreation trucrypt because TrueCrypt was abandoned by the developers. I'm using variant b - veracrypt https://veracrypt.codeplex.com
Crypt the flash drive/ssd, or create a container on the PC, and inside the container put the image of the virtual machine. Now before starting new path, You will need to first open an encrypted container with a password. How to encrypt - you can see in the help of the program or Google, it is not difficult and requires pressing just a few buttons.
There are two alternatives to containers, namely:
- encryption of the entire hard drive on your computer
- create hidden OS
With conventional containers encryption key can be pulled from the hibernation file and removed from RAM, so disable hibernation on your computers. But if you use a hidden OS, you can put all the information and files inside it, and even if you are tortured, you will be able to give out the encryption password from the usual white OS, while the hidden one will peacefully store your files.
Encryption of the entire hard drive - a long time (I have a 1TB disk takes about 6 hours of encryption), but a reliable tool, as with hibernation, even if it is turned on the keys are not pulled out, and to have time to remove from RAM, you have to try very hard, there is only Brut, and then we move on to the next point of security, namely - passwords.
If there is a hidden OS or disk encryption, the system start-up will need to enter a password at boot-loader'e, that is even before the password accounts for Windows, to enable the system.
On any forum, social network page, e-mail or hidden container it is necessary to comply with the MANDATORY items when choosing a password:
1. Length not less than 15 characters, better all 30
2. Upper+lower case, numbers and special characters. Example of a good password: sHO&D=633qwvBB!aC{6} - Brutus will take decades, if not centuries, for this password.
3. On one forum/shop/site - one, unique password.
4. Two-factor authentication - use wherever possible.
5. You can store your password, for example, in keepass or in your head
If you use the same passwords, it is likely to break all that is possible.
No one is immune from the drain or sale of the database on some shop Dedikov, for example.
Attackers just get your password, and then in a circle wise login on all services/forums, and take all that is possible.
But a strong password is not a panacea, because they can intercept directly from your system, picking up a Stiller, malware or other virus. The output is simple - create a separate virtual machine (generally any) specifically for software and dirty, untested files.
And run everything ONLY on this virtual machine, let it suffer better than your computer. It is much easier to follow the basic rules of hygiene than to lose accounts or pay the victims, so do not be lazy and do it, but you will sleep peacefully.
the Purpose of the virtual machine for You will be divided into two points, namely:
- Surfing, socializing, everyday use
- Work
Depending on the purpose, the configuration will be divided into two types, let's start with the first, in this case the most important is anonymity and security than the state of the system ready to drive, but the first subparagraph is the same in both cases.
List of the minimum necessary database of programs for surfing and communication:
- VPN. - At least one, ideally doubleVPN(double). Use VPN third world countries or at least another continent. VPN service should NOT log. When you connect a VPN your ip should change to the country, you included. You can check it here: whoer.net
VPN we put on the main car - TOR Browser https://www.torproject.org
If the site has mirrors in the onion zone(in the Tor), use these features to maintain greater anonymity!
- Jabber / ICQ
According to the fact that at this moment You are reading this in jabber- there is no point of explaining about this programm, but a few recommendations to take note:
1. Don't Shine a toad! Brutus will start, spamming will start and it will add complications, and it is necessary to nobody. If you really want - for public exposure, create a separate jabber account.
2. OTR encryption. In jabber's clent PSI+ it is included in plugins, for Pidgin it is downloaded and installed, there should be no problems. OTR encryption, a widely used for communication. For ICQ it is also there. I do not recommend using Skype, it is unsafe.
Also replace your DNS in the system, for example, Google http://support.li.ru/google-dns/win7/
They can still be registered in the router. For greater effect, you can use dnscrypt software - take a note and familiarize yourself with the functions on the Internet.
- Browser for surfing (I recommend firefox) - disable webrtc. WebRTC allows third-party users to determine the IP address of the network user, bypassing the software barriers VPN, TOR, SOCKS and other network defenders
https://whoer.net/blog/article/kak-otklyuchit-webrtc-v- raznyx-brauzerax
- If you use socks or tunnels, proxifer+plinker. We will not talk about this, a lot of information on these two programs you can find on the forum.
- you Can also close the Internet through the firewall so that when the VPN FALLS on the virtual machine there is no access to the network, and your real ip is not leaked. Some VPN clients have this feature, or you can Tinker with the firewall.
Virtual machine Settings for vbelow:
For carding you can use any virtual machine, it all depends on your needs and shops.
But, the necessary software for the work and the parameters I will still call, let's get started.
0. VPN, we talked about this earlier. we select IP using SSH-tunnel and SOCKS5.
An SSH tunnel is a tunnel created through an SSH connection and used to encrypt tunneled data. It is used to secure data transmission on the Internet
Socks5 allows you to create a chain of multiple servers, thus achieving anonymity on the network.
1. Brasure. Firefox spoofing verts, chrome with disabled verts and several portabl browsers chrome/Firefox.
Substitute for webrtc, you can use this extension:
If you want to use chrome, install the WebRTC leak prevents add to prevent or substitute webrtc other ways (there are on the forum).
2. Software for using tunnels and socks: proxifer and plinker/bitvise
3. Teamviewer (on the dev and on your main machine) (optional)
4. NotePad++ for temporary entries
5. If there is and if needed - antidetect Parameters:
Let's start with the ip address parameters (Dedic/tunnel/SOx) Negative parameters:
- Two-way ping and belonging to the hosting provider
Belonging to the hoster = ip is in the cloud, such as the IP at work is not recommended to use.
Two-Way ping detects tunnels, SOx, VPN ping, I punched large merch and with it, but it is still a negative parameter, the decision - search VPN country or put TOR in front of the tunnel, if this doesn't help - than the replacement of the IP.
- DNS - not the country ip rather adversely affects(but not critical), there is a lot of information on the forum about this.
- Flash, uptime, OS.
Optionally, you can put a flash, but now it is not appropriate for all real users.
Uptime - the uptime of your IP, it is strange if your IP works without interruption for several months, is not it?
The Time (timezone) of the system must match the time of the ip address.
OS - range of use, everyday life and confidence. For example, most ordinary users use Windows. The xp will add more fraud for the reason that the system is outdated, respectively win10 - a set, more confidence. The Golden mean is Win7.
Windows and browsers should be English, it's all that can get checked. But if at the same time some program in the system will be in Russian - it's okay, antifrod is not able to detect through the browser.(Flash must be eng)
ProxyScore + Riskscore ip - this is what anti-fraud systems pay attention to, so try to take with zero or minimum indicators. Some access sales services(socks/tunnel/Dedic) provide this service directly within the service
Open ports (8080, 8081, 3128, 80, 81 and so on): this is not always a negative parameter, since this is really a common misconception, we refer it to the neutral parameter.
Some anonymity checking sites scan IP's and consider that if some port is open, then IP's are proxies and lower its anonymity. But actually this is not so, the majority of such IP, it's just the web admin of the router. If through such admins it was possible to make a proxy so easily, they would be made by millions, it can be checked most.
Since mass port scanning is prohibited in many countries, large merch instead of port scan turn to services such as maxmind, which in turn provides services such as maxmind fraud check & maxmind geo check api, so if some service shows open ports at the ip address (for example whoer or maxmind geo check api). 2ip.ru), this in most cases is not a negative indicator. And even if such services will show good result, not the fact that something will come from carding.
In my practice, large merch repeatedly successfully missed orders from IP addresses, where anonymity verification sites found open ports and thus defined IP as a proxy, based on this, I dare to assume that open ports are not always bad, and do not dwell on it, especially since you do not actually own an ip address, you will not do anything with it. But at will it is possible to select ip addresses and without ports, or with opened 80 port is valid in any situation, as it is natural.
Geolocation of IP addresses is better to select as close as possible to the zip code of the card holder. For example, if the card holder has a zip code of 85012, you need an IP with a zip code of 85012 or 8501* - that is, as close as possible.
Before carding,it is possible to surf at popular websites like youtube/amazon/facebook and other things, some serious antipode can shoot your story browser. It's strange when a man with an empty story of a browser flies off to buy a thousand dollars ' worth of gifts, isn't it?
Antifrod can also see tabname - open tabs in the browser at the moment, and determine from which site the person came. (And on what request).
- Audiofingerprint - audio imprint, a relatively serious protection system. Look various articles on this topic, not all of them are for use.
Serious merch can also check the sites on the list where you are logged in https://browserleaks.com/social - you can check here, for example. In practice, when logged in, for example, Facebook is a plus, but not critical.
For randomization of fingerprints (system prints) when you are carding in one merch/shop you can do the following:
- Change browsers, change browser versions
- Change fonts in the system, screen resolution - Fill or import cookies.
- Plugins and extensions in the browser.
- Change the system
Speaking of extensions, for example, merch can not see the extensions installed in the browser, but they can send a request to the browser like "is the extension installed with such an id". Thus, merch can detect certain extensions, such as, for example, CanvasDefender.
Option bypass - replacing the extension id (Google) or simply Uninstallation. thereof in the browser.
And of course we do not use the same variables for several cardings, such as emails.
When you are checking the location of ip (geolocation), try not to focus on whoer.net - there is an outdated maxmind geo database, use the sites ip-score and maxmind.
Several sites from themselves to check the system and ip:
whatleaks.com - check everything including timezone
2ip.ru/privacy check ports, bilateral, hosting provider and other
whoer.net - use this website as less as possible, very fucked-up, absolutely all of the merchs medium and above levels are extremely negative attitude to the cookies of this site in some cases that will drive the ip hacky sack / ssh maxmind fraud check database.
https://www.maxmind.com/en/home?rId=iplocation - geolocation of IP directly from maxmind. Of course the accuracy of the paid and free database varies, but in my practice in 75% of cases it is necessary to trust this site.
browserleaks.com ip-score.com noc.to
Copy yourself this list of sites.
Where to store, how to withdraw earned money? Of course Bitcoin!
Recommended wallets: https://blockchain.info/ru/wallet/ Bitcoin Core.
Personally, I use the first. On the forum in the section "Cryptocurrency" you can find lists of wallets and explore, choose what suits You best. It is not necessary to store money in bitcoin constantly, as the rate can both rise and fall. So evaluate your risks and desires of their own.
Qiwi - not all accept for payment, but as one of the options, perhaps.
+ of Qiwi: the Possibility of direct output to the card, if you do not Shine a phone number, it is almost impossible to steal
Cons: your wallet can get blocked by the Russian payment system, and therefore qiwi will give any data of yours by demand, therefore I strongly recommend if you use kiwi, only in the following format:
- Not your SIM card, possibly virtual
- Not your email
- Transfer money if possible with kiwi vouchers (eggs)
- do Not use your phone, buy new one or use a virtual SIM.
- Output only on the card drop.
- Do not use your ip and computer (can be dev)
Options for withdrawal of money from online to real life, if everything is clear with qiwi, then bitcoin is more difficult, namely:
- Exchangers. Through the exchanger, you can exchange money from bitcoin to a card or qiwi, or a Bank.
- Conclusion immediately in CASH. There are exchangers that provide this service.
- https://localbitcoins.net - a kind of exchanger, looking for money changers with good reviews.
The fact that bitcoin is anonymous is a myth and a misconception, all transactions in the blockchain at a glance, they are easy to track, just do not need any personal data to register. Therefore, to preserve the anonymity of funds, I recommend using bitcoin mixers. (see forum section of the Cryptocurrency)
in Addition to online security, there is also offline, I dare to recommend my article on this topic.
Cards
Hello class today at CC, lets go.
Each of you has encountered CC in one way or another in your life,but it was a bit in a different way.
The first thing that a beginner in this business should learn, so it is of course information about credit cards, simply put cardboard / CC
Credit card (CC) is a credit card, cardboard, potatoes, etc
First of all we need to find cardboard. The easiest option is to buy it from the seller
When you buy you will receive cardboard in the following format:4306651004564350 | 10/10 | 826 | Richard Lang | 56 Groveview Cir | Rochester | 14612| NY | USA | 661- 298-0881
(The format of each seller is different)
4306651004564350 - credit card Number. 10/10 ( 10 month / 10 year) - card expiry date.
826 - Cvv/CVV2 card Security code
Richard Lang - First and Last Name (first name, last name) 56 Groveview Cir - Address
Rochester - City 14612 - Zip code (zip) NY (New York) - State USA - Country
661-298-0881 - Phone
BIN - bank Identification Number - the first 6 digits of the credit card number, the Bank that issued the card.
Each banking organization has its own unique number. Information on each map can be found in the services through the search. Make a request in Google, bin check and then go to the links and enter our first 6 digits
Example map 4306651004564350 where 430665 - room of the Bank which issued the card.
10/10 - exp (card validity) 09 month 10 year 826 - cvv (the secret code)
Richard Lang - (name of the cardholder) 56 Groveview Cir - (street) Rochester - (city) NY - (state) 14612 - (zip code) US - (country)
661-298-0881 - PHONE NUMBER (Phone)
You can also add SSN, DL, MMN, DOB to USA CC(you will learn this information at other lectures)
For additional $ you can research for additional information
Let's talk about the types of CC.
Visa, MasterCard, American Express, Discover are most often used visa credit card numbers.
Start with the number 4.
They have a protection called Verified by Visa (VBV)
3 digit CVV code.
Verified by Visa (VBV) - used to protect Visa card numbers from unauthorized use. In other words, the holder has a code that he will have to enter when buying something.
MasterCard credit card Numbers start with the number 5.
they have a protection called MasterCard SecureCode (MCSC) 3 digit CVV code.
MasterCard SecureCode - the principle of operation is the same as that of VBV.
American Express starts with the number 3 already have a 4 digit CVV code.
Discover starts with the number 6 3 digit CVV code.
Next we will talk about the types and levels of CC there are 3 types of cards, credit, debit, prepaid.
Credit - a card that can be bought on credit, not having enough money on it. The size of the loan is determined by the issuing Bank.
Debit card, which can be used only in the limit of the amount available on the account.
Prepaid card with pre-paid amount - smart card, which stores electronic money, pre-paid by the cardholder.
Prepaid card is not personalized, that is, it will not indicate the name and surname of the owner, it is the main stock in trade of prepaid Bank cards
It can be paid both in real and online stores. The card limit is limited only by the amount that is on it.
We will go Through the levels of cards , from classic to black. The higher the category of the card, the more it has the cost of service, and the richer its owners, the more money it can have
There are cards of classical category, gold, platinum and higher cards, such as MasterCard Black Edition or Visa Black. With the increase of the card category credit limits on it grow. For example, the credit limit on the classic card can be 1K$, so on the platinum credit card the credit limit can be 10K$+
I suggest to take credit and debit cards from gold level and above, most widely used - gold, platinum, signature, world, black. The possibility to see the last one I low. In the us they do not give as we have in tinkoff and etc
Each credit card company (American Express, MasterCard, and Visa) names their higher-level credit cards a little differently.
At American Express, this BLACK - card is positioned as a symbol of the holder's belonging to the top of society and can only be issued to a person who has the appropriate social status.
MasterCard has a World Signia - Credit card of the highest category in the line of products from MasterCard with the personal signature of the owner "gold" on the front side.
Visa has a Black Card - this level has an increased level of security that prevents unauthorized access to funds.
The most premium CC that are listed above owns a special caste of people on the planet they are "massons" joke, this level has higher credit limits and there are no any spending limits, such cards are very difficult to find and the cost for them will be very expensive, they are more for the pros only
Then lets talk about about how it takes a payment from CC
The process Of paying by credit card on the Internet is not as easy as it seems at first glance.
While you press the confirm button (confirm) and there happens a bunch of processes. Responsible for these processes, the processing center of the Bank.
Processing center is a high-tech system of processing payments by Bank cards in the field of e-Commerce the main task of the processing center is to provide shops with the opportunity to accept credit card payments.
In Addition, the processing center coordinates payments between the card issuing Bank, the acquiring Bank (which authorizes transactions), the shop and the card holder.
Acquiring Bank - Bank providing card payment processing services to the store
Issuing Bank - the Bank that issued the card, which the buyer is trying to pay for the goods
The Process of payment for goods/services by credit card is as follows: you place an order on the website of the shop and choose to pay by credit card.
Shop redirects the buyer to a secure form of payment processing center, on a secure form of payment you specify the credit card information.
The processing center confirms the status and parameters of the shop in the system.
And also checks the generated request for compliance with the established requirements and system restrictions and sends the generated request for authorization to the acquirer Bank.
Bank acquirer, which carries out the authorization of the payment, having received a request for authorization of the transaction sends it to the appropriate payment system (Visa, MasterCard, etc.)
The payment system determines the issuing Bank, which issued the credit card, and then sends a request for authorization to the processing center of the Bank.
After the issuing Bank has confirmed the authorization of the payment, the processing center sends a positive result of authorization to the store and the store, in its turn, notifies you of the successful payment of the order. Here is a complex process takes place after you click on the pay button
What in its turn does the shop do when accepted?
When all the items described above have been successful and you see that the payment is accepted, the shop takes the order into processing.
Processing consists of manual check of the order, specification of details of the order of the address of a thorn (not always), at specification of details shop makes a call to the specified number in the order for confirmation of the order according to this it is advisable to write the number on which you will be able to take the call
After clarifying all the details, the shop begins to prepare the goods for delivery
If you card egifts, delivery is carried out immediately after the test, if you card stuff, they can send it on the same day and the next to card stuff is not necessary on Friday, as the transfer of stuff in delivery will be carried out only on Monday
After the transfer of stuff in delivery,yop will get, by mail or in your account of the store, the tracking number.
Usually it is a set of letters and numbers on which you can track where your product is.
Then you just follow your product tracking number and rejoice when it is delivered, but it can be when the card holder sees that the money is removed from the card, in which case he calls the Bank.
He in turn makes a call to the store and reports that the purchase was made by criminals.
In the tracking number in this case it will be written that the sender has requested the return of the goods. In this case, do not worry and try to card a new order with a new CC and you will certainly be lucky!
next we will talk about what does the shop when there is a payment with the CC
the store is also a checks the order for fraud.
Antifraud is a system that analyzes your actions on the Internet for fraud over years, it has formed a portrait of fraudgellent actions and the actions of these card holders the system begins to analyze you from the very first moment,as soon as you visit the site
it looks at whether you are logged in with a browser or a mobile application, looks at what you bought when you bought, how often you bought looking at your ip address, cookie information, including the ID of the http session, etc.
combines all this information and analyzes it with the actions of holder.
Your task is to adapt as much as possible to the card holders, you need to warm up the shop, I will tell you about this at the next lecture.
After warming up shop anxious to collect all the data, you spend your monthly salary to buy an expensive laptop.
I don't Expect the shop will believe that you just went and spent a month salary of ordinary American.
As a rule, if you are burned, you will not be allowed to pay for the goods. Don't throw out your CC, in this the case is not necessary because the information may not have reached the Bank and you are blocked at the level of the shop
In this case, write/call the shop and say that I tried to buy you a laptop but something did not work.
do Not forget, you are an American who has wanted for a long time to buy a laptop but you are not given
The shop will tell you why you can not make a warrant. Whether you have not passed the anti-fraud system shop, or the Bank has blocked your transaction
In the first case, you can find out how you still make an order, you will be offered solutions to choose
If you were blocked by the Bank, it is easier to throw out the CC than to make a call to the Bank, as there is a very hard identification that does not pass.
Mediations
Hello Everyone
Today's lecture will consist of 2 parts: resenders and drops.
1 part of the Resenders.
The resender is a logistics company engaged in the delivery of goods from one country to another. Resending is used in 2 cases: when the shop does not have international delivery, and when you just want to do the consolidation of packs.
Resenders are not created for us carders, but for ordinary people who want to order some goods from the United States.
For example, things from GEP and other stores that do not have delivery to other countries except the United States.
there are also resenders in the European Union, but they are not used so often.
Consolidation of packages is the process of combining several parcels into one, to reduce the cost of delivery.
Conditions of consolidation should be clarified by the resenders, read the relevant sections of the site.
At the moment, a lot of resenders are used to much for carding, so you need to look for your resender.
How to find "your middle man"
you can find Your resenders only experimentally, sending packages there, and looking at the reaction of the resender. I will give the main points that need to be addressed.
1. To card step by step. Made 1-2 tries, wait for delivery, look as the resenders react. Sent to yourself.
2. Use different types of carding for different accounts. That is, 1 ACC of resenders try to card with the CC, the second with e-gift, 3rd ACC of resenders try to card a stick and so on. Is done for moreover, to understand that likes in between, and that there is no. Because some resenders safely take packes carded with the CC, others may lock ACCs for this. Someone from the Resenders take packs, carded with e-gift, and some don't. Therefore, it is very important to have at the first stage a few ACCs, and when some of the accounts lock, you will know what for.
3. Avoid Resenders requiring payment by credit cards or money orders. Personally, I prefer the re, receiving payment with BTC or PayPal. It so happens that you have to pay for the resender with "your card", this card needs to be done in stuff - which is impossible. Wire transfers are immediately clear. It's pale. It is better to avoid such intermediaries at once.
4. Pay special attention to the tariffs of the Resender s(acceptance, storage, forwarding). It happens that the adoption of the pack is free, and the cost of storing the pack, begins to accrue the next day. Or on the contrary - the Adoption of paid and expensive, and storage is free. We are best suited to an Resenders where the acceptance of the pack is free and the free shelf life is between 30 and 60 days.
5. Carefully study the rules of Resender for the reception of packs. Usually written with which I agree, and why not, and what documents are required while receiving and when sending packs.
Found suitable under the terms of the Resender, go to registration and get the address.
Resender come with a personal account, and without.
In the resender with a personal account, identification is happening on a personal number, it is usually written in the address and the delivery you need to write this number.
Accordingly, the seller sees that these are large numbers, and the fact that it is an intermediary the Best in this case would be to write it as an office number for example.
The Second type of resenders that do not require registration.
There is simply written the address of the warehouse without any personal numbers.
In this case, the identification is still going on by Name and Surname on the pack.
So, how do we register a resender?
the First thing you need, but not necessarily to buy a set of documents.
I don't normally do this, because my broker never calls for it.
But it is better to do it.
What is included in the set of documents.
Passport, main page and page with registration, snils, documents confirming the address of your residence, usually bills for housing services.
To Find someone who draws it pretty difficult, but when you pack can get lost, you start thinking smarter
Then, again, as a recommendation to have the FPS of the country where the shipping will be, and perform all manipulations with the resender of this Dedik.
Again, I don't, I go to the resender right from the runway FOR the mustache, with different IPS and all is well.
So, after registering in the resender, what do we see in the first place?
As a rule, resenders have several addresses in the United States
Warehouses in new Jersey, warehouses in Delaware, sometimes in California
Better send to Delaware.
This state is tax-free and do not have to pay extra for the goods.
Got the address. Address will be of the form: first name last Name
600 Markley St. Suite 107451 Port Reading, NJ 07064
So, the first line is clear, when ordering online store Name write in First Name
Last Name
In Adress line 1 , we write 600 Markley St.
Address line 2, we write Suite 107451
Actually this is my edited address, Suite is the office, the numbers after it is a personal identifier in the middle.
Port Reading is a city NJ - new Jersey state the last 5 digits are a zip.
Many resenders have a button to add an order.
This means that if you received the track from the seller, you can add the pack to your personal account. This will speed up the processing of the package through.
Further advice on working with resenders.
1. Do not send immediately after registration of an account, a million packs. Lie down for a week, better 2. Send 1- 2 pack per week. And gradually increase the number. Here is where the rule of the buildup, as in many other subjects. No normal person will send 10 iPhones, 25 pieces of playlists, and the same number of hours to your account in a week. Pay special attention to this.
2. Clearly study the rules of work of resenders, it will avoid the loss of packs. Read the FAQ page or the rules for receiving and sending parcels - most of the questions will disappear, and save a lot of time.
3. Do not overload the resender with expensive packs. It is better to have a few ACCs, and send to each a little. No normal person would buy 10 iPhones in 10 days. Remember this. Through this same office, which we bend, so should behave accordingly.
4. Do not use the resender, for driving expensive equipment, it is better to use a drop. So you do not kill the account, in the case of charge. Statistics say that resenders are killed with a ton of expensive stuff than cheap. ACCs, which accept goods of the average price category, live the longest on experience.
5. When driving specify Skype phone number or GV. Do not write the phone number through or holder. That is, in the column shipping address - write or the number of GV (Google voice) or Skype.
Recommendations for the shipment of goods to yourself:
1. Do not exceed the customs limit (for Russia) of 1000 EUR or 1200 USD per month - per pack. That is, if you specify that stuff in the pack for 1200 bucks, this month on the same name you will not be able to send the pack. He will get in the customs, and eventually come with a customs notice, all that over the limit, will have to pay 35% of the cost. Due to the recent events, in 80% of cases for sending packs in RU - resenders ask INN / SNILS of recipient, so I talked about buying a full set of documents. But since We do not know in how many hands they can be - the best thing is to agree with a drinking neighbor that he will take your packs, and take him to all the docks. Believe me for a bottle of good whiskey - he will do everything)
Continue.
2. Always underestimate the cost of goods on clothes. For example, if you send the Nike shoes for 300 bucks, write that sneakers NAIFY and indicate the cost of 30-40 bucks. I always do. The same applies to bags, pants, in General, all. It always does. Because to bother and to establish clear cost , no one will. Just do not write that stuff fake or replica such category of products is very strictly regulated for import into the customs Union by + 90% resender this is not love.
Therefore, it is better to write a non-existent brand, or find on the Internet sneakers for this amount and write that they are.
3. As for the watch - please open the box and send the watch separately, the box separately. But it is best to send the clock along with the rest of the stuff. When there is a pack of 10-15-20 positions, in my experience, such packs are much easier to pass customs than when in a pack of 1-2 positions.
4. As for jewelry - say that it is costume jewelry. And many putting in Pak should not be. It is better to send the chain separately, ring separately. We recommend to send jewelry with a bunch of belongings, less likely to burn customs. Although would still drag metals would be disposed by x-rays. therefore it is better not to be impudent, do not send a 15 kilogram pack, with a gold content of 1 kg - 100% will not pass customs)
5. The technique is to send 2-3 positions in the pack. For example 1 iPhone + 1 PSP + 1 video card. It is not necessary to cram in 1 pack on 10 positions of all goods. Remember that if the same position in the pack of 5 or more, you will fall under the commercial party, and then lose the pack. As they will request invoices, statements of accounts and so on. So I always throw the technique sweaters, jackets, pants. The more stuff , the better. This is my experience, You may not be suitable, but still try.
6. Not to hoard packs in the midst, is particularly valuable. Came iPhone / iPad / rolex in the resender - just send. It's better to pay an extra 60 bucks for shipping than to lose everything. That is, before carding to resenders, look at the date of delivery, and estimate the approximate time. You card in for example an iPhone, shipping 3-5 days, so next Wednesday will be in the middle, respectively, today you carded a couple of things, with the same shipping. Next Wednesday - Thursday stuff came like 5 items all up, clicked the button to send, pack, paid, waiting. No need to pack for months... it won't do any good.
7. To pay for the resender use only your money as the owner of the ACC. NO CARDING. Don't cut the branch you're sitting on. Made ACC stick or VSS kiwi, threw money on CC and so on. From 50-100 bucks, our wallet will not become thinner, and ACC will serve You for a very long time. Personally my ACC in the resender is living for a year and 2 months and is still all fine.
List of resenders and document scans on our carding forum.
Also recommend to use drops for receiving packs.
On the forum there is a person paydrop, takes packs in Rostov-on-don, and the cost of admission is usually 15$.
Much more reliable, but also more expensive drinking neighbor.
So, we finished talking about the resenders. Next are the drops.
Drops are ordinary people who accept Your packs. There are 2 types of drops: deceived (the ones that where lied about their role) and not deceived (the ones that know what they are actually doing).
deceived drops are drops that do not know that they accept packages. There is always the possibility of missing drop with parcels. Such drops are searched on job sites or similar places. Usually on such drops expensive packs are not send. The life of these drops is 10-15 days. The cost of accepting parcels by such drops is usually 50-70 bucks.
Not deceived drops - drops who fully understand what the risks are. The risk of losing the packs is minimum. Such drops receive a good salary and the life of the drops is on average 2-3 months. However, they often have a few other rules of work. More information about the rules can be found in the drop services that provide drop services. The cost of admission is usually $ 70-100 or % of the cost of the pack.
Recently drop-services began to work only in buying your stuff, that is, they take the pack and pay You your %.
Different drop services - different types of goods under the reception and, accordingly, different %. For mainstream technique, like Apple - they can give you up to 55%. By carding stuff on the buyer, it will save you from the problem of delivery of the goods to RU and of selling it, in this way you will earn much faster. However, the amount of earnings will be much lower than if you brought the stuff to yourself and sold it in RU.
As soon as the drops receive the pack, the drop service needs a label to send it to the resender.
the Label is a kind of postal form. Which is a piece of paper where it is written from whom it is sent, from what addresses goes to whom it is addressed and to what address. Such labels can be ordered on the forum from the relevant sellers. Usually, carded labels cost about 5-10 bucks if the label is white (not carded), the price can reach $ 500. Most often white labels are used to send packs directly to RU to ensure safe passage of packs in all instances.
Example label can be found here: http://prntscr.com/iekzf5
1 - name of the sender 2 -the Street of the sender
3 - City / State / sender Index
4 - name of recipient
5 - the Street of the recipient
6 - City / State / recipient Index
7 - date of dispatch
8 - parcel Weight 9 - delivery date
10 - the Track number of the parcel
Warming-up shops
Hello everyone!
I would like to divide my lecture into 3 main parts:
1. I'll tell you about warming up the shops.
2. I'll tell you about calls to the shop for order verification.
3. Will tell you a little about reroute.
Let's Start with the fact that we will give a definition to what is- warming shops. Warming up, this is a call to the shop.
Before ordering, the purpose of which is to win over the sups and, accordingly, increase the chances of sending the pack.
Warm-UPS are carried out mainly in two ways: 1. Through the bell. 2. Live chat. Ah either the most wooden way - through email.
Let's start with live.
In general, I believe that this is not the most effective way, but it is still can be firstly, due to the fact that sups do not communicate with you live, they do not hear you and can not understand who is sitting on the other end, so you do not cause them increased confidence secondly, live chats are usually only in big shops, where your conversation will simply get lost among hundreds of others and you will not attract any attention to yourself live chat is good when you need to check something in the order, but you can not call or do not want to give money for calling, well, or if you really want to know something specific about the product, but not for warming up in addition, if you do not have a very high level of English, it can play a cruel joke with you, as some sups can pay attention to your writing, your literacy and compliance with the rules of grammar, relatively speaking, if you make an order from some John Jones, and write phrases like I am don't know, then you will at least confuse the agent
So I do not recommend to use Google translator to write letters or communicate with sups, if you are not confident in your abilities.
Next, I will talk about a more effective method of warming up.
Warming up by phone.
There are some nuances here too.
For example warming up large stores, where there are dozens/hundreds of Sups, in my opinion it is not that effective. In this case, it is better to request a call after you card, as sup will be able to make notes that the buyer called and was interested in the status of the order if you do it before ordering, sup will have nowhere to take notes and it can help to expedite the processing of your order, however, you will be asked to call again for verification such call for warm up, does not replace the call for verification, if it is required
Next, I'll tell you about the warming up of small shops
the process of warming up these shops, I usually divide it into 2 types
1. I pretend to be a hose and ask a lot of questions to Sup.
This is suitable, for example, for small shops with electronics/clothes, you can ask the characteristics of a product to ask the presence of features etc
Ask questions about the speed of delivery, etc
Roughly speaking, we just pretend to be a typical American consumer.
This will work especially well in shops, where sups with whom you talk will be responsible for sending the goods and processing the order.
2. The second case is something more complicated This case has to do with shops selling something specialized, such as musical instruments, professional equipment, auto parts.
It is important to understand the specifics of the product, its purpose, otherwise it will not make sense to warm up, otherwise you will fail
If you buy spare parts, it is important to understand what it is for and what brand.
I often call up a shop with musical instruments, especially guitars, since I understand this quite well, it plays a good role, because when you communicate with me, sups begin to trust and, accordingly to process your order more quickly and more willingly.
I also want to touch upon the topic of warming up shops for sending to the address which differs from the billing.
Americans are very responsive people and you can play on this responsiveness to come up with a legend to be sent to a different, from the billing, address do not try to push through the legend that you are sending a package to your mom / dad / brother while you are visiting them, this is all nonsense that will not help you.
In states, cataclysms occur very often, mostly in the south this is worth playing therefore, sometimes to compose a legend, I use these events to make more trust for myself for example, there are regular hurricanes in Louisiana, or Florida or Alabama and let's say we just have ss from those places
You need to spike, for example, in Oregon or Washington.
If you explain the sups that you are fleeing from hurricanes and storms to relatives on the other side of the country and did not take something vital and now you are trying to buy it, then your chances of sending goods increase significantly
If we suppose nothing like this happens in the United States at the moment, you can tell a legend about how termites have eaten your home, or how you have cockroaches, which you just poisoned and now can't go back home, because there all this rubbish did not disappear
Americans are very much empathize in such cases
Forget about legends about: went to relatives, to mom and so on. this is ineffective, the more difficult and hopeless your situation, the greater the chance summarizing the warm-up actions.
Warming up is still not a panacea, even for small shops, believe me, in the USA there is not one shop probably who would not suffer from fraud, therefore shops are very, very serious about all orders, so don't be surprised if even after warming up they will refuse to send you, this is a nomral process, not all shops are led to this, but if you correctly approach the warm-up, you will remain in +, the main thing is to find the perfect scheme by which you will work
Next, I would like to tell you about order verification.
Very often, after carding, you will receive messages- call us to confirm your purchase or something like that.
Some shops, not even to send an order, but afraid to run into a real holder, and they say that they could not verify the details of the CC with the Bank.
I am sure that some shops are stupidly afraid to send your order, for some reason (fraud marked, IP away from billing, IP in black), but are afraid to accidentally run into a real CH (cardholder), so they write this nonsense several times I had to get such packs but 98% of such cases do not end in your favor And in some cases really billing does not match here you can try to ring the Bank (previously, at least having the DOB and SSN, without it, do not even try) and try to resolve the situation with billing but again, it is very unlikely that you and the Bank will be able to decide something, if you do not know whenever there is a real billing (you can poke your finger in the sky punching BG and see the last addresses CH, but it is very expensive and unnecessary risk)
but in fact-it is easier to card to another place and see what will be there.
Now let's consider the questions asked by sups for verif basically sups compare the same, email, 4 digits CC, billing/shipping address but you can get asked questions with a trick many shops may ask a question with a trick, for example, the name and phone number of your Bank which is written on the back or the nearest street to your address (by the way I recommend before each call to open the address in Google maps to be able to answer) there can be a lot of questions with a trick, however, as least the search for street address of Ch in Google maps will allow you answer many questions, which you will be asked
1. Name Of The Holder:
2. Em@il holder:
3. CC data:
4. Billing (the address of the holder):
5. Shipping (shipping address): -
6. SSN\DOB\Number of years (if any)
7. The website where you carded or where you need to make the order:
8. The order number:
9. Order date and time:
10. Product name (link to product)
10. (EGIFT) the name of the recipient, email of recipient:
11. Order amount:
12. Number where to call:
13. Number from which to call (if you need substitution):
14. Name of the Bank that issued the card:
15. Phone support Bank (if you need to call the Bank, individually)
16. Letter from the office, where and for what reason we call (link to photo):
17. Reason and purpose of the call, description of Your situation:
Here is the form of the calling service, save her and fill it out for them, don't be lazy, you will be better from this.
Also they often ask the question, regarding the substitution of the callers id number (that appears on the other side).
I think that it is better to call with a substitution, it causes more confidence in you for some shops this is a mandatory requirement-a call from the billing number CH.
Well, in conclusion, I would like to tell you a little about the reroute.
Reroute/redirect is a change of address on the parcel to the address of the drop/resender.
I will not tell you how to do it, but I will tell you a little bit of the technical component.
I'll start with reroute UPS. when we rerute UPS, the request for the change is visible immediately, within 5-10 minutes the track is repainted in yellow and you see the phrase: Request to change the delivery address, but it is too early to rejoice, the shop can quickly deploy the parcel back and you can not do anything with it (the request for a refund is always higher than others and you can not cancel it).
Reroute of fedex is more complicated.
Fedex request for reroute is displayed only when the pack is in the city of CH and there are different types-1. caption: change delivery request sometimes the track is red and gives you-requires action, at most it features Fedex and this inscription will disappear in a few hours.
You will be given a new track the new track can be displayed as a track on the return of goods and hang directly on the site, if you see it, poke at it and look at the destination, if it coincides with the location of the drop(sometimes there may be another city but the same state, then check in Google maps the location of cities is likely to be the same city we know the other part) or a new track will have to drag a call, if the pack is not moving for some time, refer to the bell or call them and you will be given a new track
Antidetect
New generation anti-browser browser
We are pleased to present to your attention the most convenient and secure.
tool for professional work on the Internet Lifetime 5% -10% discount on all licenses https://ls.tenebris.cc
Greetings to all who decided to attend a lecture on Antidetection. Today we will talk about the various antidetect who are well established in our field of work, types of antidetection, we will understand some of the intricacies and specifics of antidetection when carding and not only.
First, let's deal with you, what is the "Antidetect"in General? Anti-detect is a solution (program, browser, browser plug-in, etc.) that allows you to bypass various anti-Fraud systems on the Internet, whether it is online banking, or an online store or a client installed on a computer to play poker. The antidetect allows you to use the same machine to work without changing it, by bypassing various detectors. Thanks to this, the anti-Fraud system every time thinks that in front of her new user, or, conversely, the same user, in the event that we
Need someone to "belikeuser". The task of modern antidetection is not just to unicilize users, and to give him the ability to blend in with the crowd.
I will Explain very simply and easily: in the first case, if we imagine that Touch ID on the Iphone is an anti-fraud system, and to unlock it you need to apply a NEW finger every time, then thanks to the anti-detect, we can make very, very many fingerprints, and each time calmly and successfully we will pass this protection. We can say that the antidetect is like a glove that allows one finger to leave a huge variety of prints. In the second case ,if we imagine that the Touch ID on the Iphone is an anti-fraud system, and to unlock it you need to apply the same finger every time, which is the principle and corresponds to reality on the Iphone, then we can "copy" the finger of the owner and successfully bypass the protection(of course knowing about how this fingerprint should look).
you Should understand that the modern anti-fraud systems don't stand on one place and are improving every day - if you previously used to identify yourself, the most simple methods, then now, they evaluated a number of factors.
In this context, the antidetect plays a very important role, and if used correctly, it will undoubtedly allow you to get the result, but success is not ensured by only one fact of its use
- you need to correctly and consciously approach the work in a particular direction, which will come only through knowledge and experience.
You can look at the huge number of factors takes into account by the modern antifrod on the example of a very common system Threatmetrix. As you can see, the browser plays only one role, although at the front of events: (See the video after the lecture).
https://www.youtube.com/watch?v=2PQxoQQOPpY
Another great example for the analysis of AF systems can be specified: https://developers.seon.io/?shell#request
I advise you to see this example at your leisure, especially on how many numbers of parameters refers to E-mail, the use of e-mail addresses in other services (Screenshot: http://prntscr.com/isj1yg), phone number, etc.
Antidetect are of two types: Iron Antidetect and Browser Antidetect. Let's analyze each of them in more detail.
Iron antidetect allows you to replace the parameters of the iron computer or virtual machine. As an example, you can give: substitution of information about the processor, video card, BIOS, network card and various other devices.
Iron antidetect may be necessary when you are working in the field of poker, casino and other areas that are associated with the installation of client programs for Windows.
An Example of iron antidetects can be:
1) CCTools 7 (many have heard about this software).
2) VirtualBox Hardened Loader - patch for iron antidetect Virtual Box. Vector T13 tells more about this in its webinars "virtual machine Antidetect" (These webinars can be found on YouTube) . It was well relevant at the end of 2016, although this decision now takes place.
4) Antidetect 2018 Pro OpenSource by Vektor T13 - New free solution in the field of iron antidetect from Vector for Virtual Box. This decision is relevant and supported by the author. I would like to highlight the full support of the graphics card on VirtualBox. The disadvantage of this solution is at the same time its advantage: the solution is free, therefore, full support (free) for this solution you will not get.
5) Aff combine - in fact the first iron antidetect VmWare, fully relevant and ready solution in 2018. Also includes browser-based antidetect based on Mozilla Firefox browser. It is sold here on the forum. Price $ 1000. 20% discount on tubers.
The only actual IRON antidetect on the forum is -
Browser antidetect is a program that allows you to emulate the browser, based on the specified parameters.
Simply, by emulating various parameters, we can simulate any system (Windows, Linux, Android, IOS, MAC OS, Blackberry) and browser (FireFox, Safari, Chrome, IE, Opera, etc.) and even game consoles (Playstation, Xbox).
Browser antidetect are of two types:
1 type: Antidetect based on a conventional browser with the "sewn" extension (Chrome) or addon (Mozilla Firefox).
Basically all antidetects of this type (Antidetect 7.1, Antidetect from Sert (Cert), Antidetect from Good Job, Fraudfox, Antidetect from Vector T_13)
Here Antidetect can be divided into two categories:
A) Antidetect using physical browser Firefox. This category includes: Antidetect 7.1, Antidetect from Good Job, FraudFox, Antidetect from Vector T_13)
B) Antidetect using physical browser Chromuim. This category includes: Antidetect from Sert( Cert), Bitovski antidetect 8.
The antidetect based on the physical chromium browser is much more complicated, more expensive for attachments and knowledge and
it takes more, so usually the price of such browsers is higher.
2 type: Antidetect, written on the source engine. From the examples that I know, this can be attributed to Linken Sphere.
Antidetect written directly using the source engine allows for a more deep approach to the implementation of substitution.
Read more about existing browser antidetect that are worth our attention:
Antidetect from Sert( Cert) - antidetect based on Chromuim. It is attached to iron, i.e. it can be used only on 1 system. Well-established, the author, Cert - one of the first developers of the antidetect in General, and even more it is developed on the basis of the browser Chromuim. Updates are not very frequent, but stable. Sold at the Shipyard, worth $ 5,000. There was a time when I used this antidetect. Now I do not have it and I do not use it. As for me, the price of the product is unreasonably high. Even if I did loose the$ 5,000 - would not have taken it. As for me, its price is many times lower. Each update is also paid and costs from $ 50 to $ 300 .
Even if you missed some update and did not take them, you will have to pay for all previous updates to get the latest version. In my opinion, it is not worth buying for newbies.
Byte antidetect 8 - antidetect based on Chromuim. The author of the product Byte, author Antidecet 5, 6, 7 who have proven themselves well in their time. Antidetect 8 - unknown product, total 4 clients. In his topic there is no reviews. Sold at the Shipyard, price: $ 3000 + $ 100 per month subscription fee. In my opinion it is not worth buying for newbies. Seems like nothing extraordinary compared to other antidetection on Chromuim there, and evolving the product as it is slow.
FraudFox, Antidetect from Vector T_13 - allocated them into one category as essentially irrelevant FraudFox antidetect and antidetect Vector T_13 are not really fit for the job, they are too "raw" and the author forgot about them. The product Vector T_13 is positioned as a means of increased anonymity and is not suitable for work (vector T_13 itself positions it). The product is free, everyone can download and read it on the author's website.
Antidetect from Good Job - antidetect based on Firefox. It is attached to iron, i.e. it can be used only on 1 system.Not frequent updates, judging by the reviews, the author puts the "male device" on customers and reach out to him is not so easy, and even more so to get support for the program. Sold at the shipyard, the full license costs $ 2250 + subscription fee $ 200 per month. Not even used. You should not take.
Now we come to antidetection that great in terms of price-quality, suitable for beginners, and which you should have in your "Arsenal":
Linken Sphere is an antidetect written on the source code of the Chromuim engine. It is sold here on the forum. The advantages include: Excellent support, frequent updates, there is no binding to the system, the substitution of all the main prints, built-in functionality for working with ssh, socks and tor, its own unique socks service integrated into the anti-Detect, the ability to work from several tabs, because 1 tab as a virtual machine, and such tabs can be opened a lot
minuses, as for a beginner, will be: monthly subscription fee of $ 95 (5% lifetime discount), the shop with the configurations is not available, ie configs; if there is no PRO subscription (price $ 475), there is no possibility of full settings windows.navigator . the combination of the parameter allows you to recommend it, i also use it.
I will explain at once what is a config. A config is a javascript code that contains information about the browser and the system (javascript browser settings, WebGL settings, font set, etc.). In fact, the config is a snapshot of the system and the browser. The use of configs further reduces the time, because you do not need to prescribe and come up with all the parameters, but simply loaded the config, edited, if necessary, and work from it.
Configs are real and generated. Real - these are those configs that are "copied" from real computers, by collecting parameters, and the generated configs are made with the help of programs (generator). The disadvantage of the generated configs is that the parameters may not always be correct and correspond to the OC or browser, or even have values that are not peculiar to the real system.
Antidetect 7.1 - antidetect based on Firefox. Seller on our carding forum. The price of the it for our students $ 50. Sometimes I use an antidetect to the present day. The product is completely worth the money. A good option for a beginner.
Antidetect takes forever; there are no subscription fees and binding the browser to the system, i.e. it is possible to card with the main machine, and with the new path, and with a system friend, neighbor, etc.
Configs can also be purchased immediately, without the need to fulfill any conditions. Antidetect 7.1 - allows you to fine-tune some settings, for example in windows.navigator. The
disadvantages include that the author ( Byte)forgot about the software and updates will not be, antidetect is not a substitute for some prints, for example audiofingerprint, webGL, some configs require manual adjustments.
Any antidetect reduces the time spent on typing, because you do not need to worry about cleaning cookies in the system settings WebRTC in the system, the installation of plugins in the browser, the fonts in the system, etc.
Also, thanks to anti-detections, it is possible to approach the shop "from different sides", i.e. card it with OC Windows, Mac, mobile device and various browsers
Sometimes in certain shops or merch patency of any OS or browser is higher.
If we look at this from the money side, antidetects save us money, compared to VNC, Dedik, antidetect saves more money. Config costs 1-3$+ sock (0.2-1$) or tunnel (1-2$). Good dedicated server will cost 10$( and not the fact that it's NOT hammered into your shop, especially if it is popular, and Dedik often "die" if they are produced with the help of Brutus); VNC price starts from$20.
BUT! Regarding to carding, antidetect is not a panacea and not a button "money". It is not necessary to use only antidetection. There are situations when carding is better with real devices (mobile phone for carding, laptop/computer for carding without virtualok) . Therefore suggest "to have in your Arsenal," the new path configured to carding, the mobile device
Emulator (Genymotion, Nox), the actual mobile device for carding several antidetection, etc.
Tips for ensuring your safety by using antidetection:
First, use on different forums, sites, different configs (different OC and different browsers).
Secondly, periodically (for example every 3 weeks) change the OS or Browser on each forum and website.
Third, store the software itself and browsers that have built-in add-ons, extensions, on a encrypted flash drive or hard disk or container.
For antidementia Linken sphere (Sphere) can be added:
A) Do not tick the box to remember the password, and keep it in your head. This is to avoid getting access to your cookies, sessions, configs to third parties.
B) Use tor or TOR+SSH TUNNEL in the connection chain. Do NOT uncheck the "Save and encrypt cookies before exit "option".
For Antidetect 7.1, you can add that after the generated browser itself will not be needed for work or typing, it should be immediately removed, and do not accumulate a huge amount , because each browser deals with about 100 mb, and with a large number of browsers it all takes a considerable amount of GB, plus each browser contains history, cookies.
Which will not be a plus when accessing browsers by third parties.
Now consider, in practice, work with 2 antidetection: Antidetect 7.1 and Linken sphere (Sphere).
Antidetect 7.1
After buying Antidetect 7.1 and configs for it (ideally for a beginner to take about 20 configs; enough to start with and if you need more - you can always buy), after installing and running the antidetect (about buying, installing, running and configuring contact @Billy Bones) you will see the following window: Screenshot with explanations - https://prnt.sc/h2wovg
let's Run through each of the items and settings:
Item "1" - This button creates a browser, or rather its Portable version, which is sewn Addon antidetect. The browser is not able to bind to iron and it is possible to work on any machine and pass on to anyone, even partner, even though the neighbor. In order to check the box lit up and was active, you need to select any PHYSICAL browser from the container (Number 5 in the screenshot).
Item "X" - This check mark determines whether the addon of the antidetect will be sewn into the Portable browser or not. If there is no check mark, it will create a normal portable Firefox version that you choose from the container (number 5)
Item "2" - This tick is responsible for the presence of Flash in the browser. In my experience, it is better to create a browser without Flash, use Flash when it is really necessary and can affect driving.
Item "3"- is Responsible for the physical version of Flash in the browser. You can select different versions from the list. The physical version is that which will be used for substitution, merch and shops don't see neither the physical version of the browser or Flash, they see that version or that browser that is set in a config.
Item "4" - Copies the path to the folder of the created browser.
Item "5" - Select the physical version of the browser. You can choose the Firefox version from 41 to 49. Specifies the version of Firefox which is "sewn" Addon Antidetect. If you do not put a tick in the item "X", it will be a normal Firefox Portable browser.
Item "6" - Select config from the drop-down list. Configs need to be downloaded to the folder "configs", previously unpacked from the archives.
Item "7" - Shows a brief information about the selected config.
Item "8" - Responsible for WebRTC. When the item is included, here you need to enter the IP of the sock, the tunnel from which you are going to make driving.
Item "9" - Allows you to change the config language to the desired from the list.
Item "10"- Allows you to add advanced eng. language. When is it? For example, if you are trying to "zakosit" under the holder from Germany, whose main language is German, you can add more and English, because many on the computer several languages, such as English and Russian residents of the Russian Federation.
Item "11" - Allows you to open the folder of the last created browser.
Item "12" - Allows you to select the time zone and set it in the system with 1 click.
About the use of configs and generation. There is no generation of configs in version 7.1, you can use it if you have version 6.5, but it makes no sense. Configs are better to use everything except Internet Explorer, because they are buggy and non-working. It is best to use configs with Firefox browser, i.e. Win XP, 7, 8, 10, MAC, Android + Firefox Browser.
Now on the setup window, before you create a browser: required items, where are the checkboxes: "X" and "8".
"9", "10", "2" - optional, if necessary only.
Let's Say you selected a config, created a browser, opened a folder with a browser. Let's talk about some manual settings that you can make in the created browser.
Opened the folder with the browser, then opened:\ ff_????.Browser version\App\Firefox\browser.
Example: ff_46.0.1\App\Firefox\browser
There will be two files that we need, open Notepad++, then the first file:"jsoverrider.json." What can be changed there?
First, languages can be edited manually as needed, for this you need to change the value of the parameter "Language" and "Languages" (if any)
Second, it is possible to enable or disable JAVA (NOT to be CONFUSED with JAVASCRIPT!).
To do this, find the "javaEnabled" parameter and change its value from True to False (or Vice versa). Example: "function javaEnabled() {return true;}" on "function javaEnabled() {return false;}"
Third, you can edit the parameter "Useragent" and "appVersion", I would even say that it is necessary, because the configs that you will have, whether Firefox, Chrome, Opera, Safari, etc., will be old by the browser version.
Take, for example, the Firefox config. There will be, for example, Useragent: "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1" and appVersion: "5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"
Firefox version for these parameters is now 40.1, it is outdated, we need to change it to a more modern, change for example to a stable version 48.0. This replaceable piece in the two parameters "Firefox/40.1" to "Firefox/48.0". Save changes, open whoer or another checker and enjoy the changes.
So you can change any parameter, knowing roughly what does it and mean. This can be easily learned by yourself, giving it a little time. Applies to any HELL, not only to 7.1.
Go to the second file: "jsoverrider.js." There you can correct WebRTC and Canvas print. Open this file.
Canvas in the file: you can change it, you can disable the substitution of Canvas, thereby making the stock (standard) canvas browser Firefox.
In order to change the Canvas print, you need to change the value of the variable "var CanvasWebglRandomParameter", i.e. put other digits in it, for example. (Screenshot: https://prnt.sc/h2y65s)
In order to return the stock (standard) canvas of your browser, you need to remove the line "return context.b_fillText (CanvasWebglRandomParameter, 2, 17);"
Carding can go better with stock canvas, can better with the substitution of canvas, there may not be any difference at all, especially if the shop is small or simply does not request the canvas parameter of your browser.
Next WebRTC. In this file you can edit all 3 WebRTC(1 external, 2 internal).
The variable "ipAddressRemote" contains an external WebRTC. The variable "ipAddressLocal" contains the internal Market.
Another value of the internal WebRTC I noted in the screenshot below the number "2" Screen: https://prnt.sc/dny2q9
Also in this picture, I showed the Blue areas, the boundaries of the code of each of the 3 WebRTC. This may be necessary, for example, to remove one unnecessary internal WebRTC. The red area shows what needs to be removed for WebRTC to be completely disabled.
Also external and 1 internal WebRTC can be changed on the fly in the browser. Screenshot: https://prnt.sc/h2yyko
I want to add that in the screenshot I indicated that what other columns are needed for.
to configure 7.1 antidetect all. Some chips, tips, answers to the questions I posted in my topic - FAQ Antidetect.
It will be useful to read after the lecture to those who are going to take the Antidetect 7.1
And we move on to the next Antidetect, called "Linken Sphere" (Sphere).
the After purchasing, installing, and launching the browser (on the issues associated with buying, installing and running the program, refer to @nevertheless or to customer support) the first thing to configure General browser settings. They are in the tab "Edit", then from the drop-down list find "Preferences". Screenshot: http://prntscr.com/itjman
In the screenshot I highlighted, there are the most necessary settings for a beginner. About all the other you can see and read the documentation on the website.
So, 1 point - the default search engine, ie, this parameter sets what the search engine will open if you type a query in the address bar of the browser. For carding easier to put the PS Google, for anonymity and security DuckDuckGo.
2 point - this option allows you to specify the site that will be opened after the session is created. For Viva is useful to indicate any checker, whoer, detect.cc, browserleaks etc., whichever is more convenient.
3 point - allows you to set the physical size of the screen, a very important parameter, I advise you to put it every time under the session (config). To check these settings (device- width, device-height) here: https://browserleaks.com/css
4 point - defines how the system time will be replaced. Important parameter. There are two options: 1) Via Javascript.
2) System time will change. It is best to choose the second option, system override, as for me it is 100% not pale-yellow, because in fact we do not replace time through Javascript, but as if we change it manually in the system.
5, 6 - settings I would have carried to safety. Ideally, if you are very worried about your safety: put a tick on point 5, on point 6 - no.
In fact, the 5 point - allows you to use TOR when logging in antidetection.
6 point - allows you to choose whether or not to save the password from your account when you log in.
7 point - this item allows you to close ports in Web Sockets. Web sockets is a Protocol used to exchange messages between a browser and a web server. Speaking a simple language, through Javascript the site can check your open/closed ports Web Sockets.
Checker: http://www.andlabs.org/tools/jsrecon.html
The settings of the checker: IP Adress - "127.0.0.1", Start Port, End Port - here specify the range of ports (minimum 2), for example Start Port: 5939; End Port: 5940. Protocol: WebSockets. After scanning, you will be shown whether these ports are open or closed. In the example I used the port "5939"
- it belongs to TeamViewer. These ports are related to VNC technology (5900, 5901, 5902, 5903) 3389 - RDP technology, etc.
To configure this item: better not to change anything.
Ports 80 and 8080 to close thus will not work, just saying so you keep that in mind)
Other parameters are aimed more at usability (font design, size, backups, proxy for updates, etc.)
Next, go to setting up browser sessions. Each session in fact is a separate system, like a virtual reality, which has its own config.
Learn more about free and paid configs and differences in configuration at work, we'll talk later; first you need to understand the important settings of browser sessions for beginners.
let's Start with the analysis of the first section. Screenshot: http://prntscr.com/itjucp
1 item - Select the session (config) from the list.
2 item - This item is needed to create a new session. To do this, enter the session name in this field.
3 item - session notes window. Very useful feature. In order not to get confused in the sessions and simplify your life on the analysis of drives, I advise you to specify all the useful information in this field( Proxy Score, Risk Score, In which shops were driven, by what method, the card used, the result of driving, etc.).)
4 item - allows you to set the color of the session, the color of the session will be displayed in the browser (screen: http://prntscr.com/h3njn3)
5 item - allows you to copy the entire session, including canvas, audio, fonts, rects prints (if necessary).
6 item - allows you to change the session name( rename session).
7 point - this point allows you to change the algorithm of substitution of canvas, in other words, this is the second version of its substitution (about the first will be below). Which option is better to use? Answer: Both, in different shops can be
different outcome, so you better try 2 options empirically by analyzing what better suits in your case.
8,9,10 item - allows you to enable/disable HTML 5 Storage, item 9 - allows you to save data and use them even after restarting the browser, item 10 - allows you to save and use the data through the standard storage of large structured data "IndexedDB" . In short - without delving into the theory. For carding there should be included both of these items (exception: carding from a blackberry phone, for the rest, the security IDPs, items 8,9,10 better off.
let's Move on to a very interesting section for many "Prints and other settings" (Screenshot: http://prntscr.com/itkiz7)
1 item - enables/disables the substitution of Canvas. Everyone has already heard about this parameter. Actually, making this substitution in the field - she makes it unique, the canvas, without changing much "his image", so it looks less natural. Check the canvas here: https://browserleaks.com/canvas
If you strongly change the image of the canvas, to use popular add-ons for browsers
firefox and chrome change the canvas is 100% that the shop will be able to see that. Here is the checker for browserleaks that defines it: https://browserleaks.com/proxy (Option: HTML5 Canvas Protection). Also with fonts, "CSS Fonts Protection"option). At the moment, minus of the technology of
the unique Canvas is that the output is 100% unique, and this applies to all antidetection. But, nevertheless, some AF systems are very hostile to react to too high uniqueness, so try to periodically disable this feature if you suspect that the shop does not give you because of this parameter.
2 item - enables/disables the substitution of the Audio fingerprint. Audio imprint, of course, is not as popular as in canvas, but over time, more and more banks, shops introduce it into their anti-fraud system. Checker: https://audiofingerprint.openwpm.com/
The antidetect successfully replaces 4 parameters for each session: Fingerprint using DynamicsCompressor (sum of buffer values), Fingerprint using DynamicsCompressor (hash of full buffer), Fingerprint using OscillatorNode,Fingerprint using hybrid of OscillatorNode/DynamicsCompressor method
3 point - enables/disables font substitution. Very popular detection, replace easily and without antidetect, but in addition to replacing the print, the scope allows you to customize the list of fonts, which is a definite plus. Checker: https://browserleaks.com/fonts (two parameters "Fingerprint")
4 point - enables/disables substitution of rects . In shortly, it is a substitution of the browser coordinate system. Element "getClientRects" allows you to get the exact position and pixel size of the desired element, and depending on the system, but rather the screen resolution of the system, fonts and many other parameters, the results will be different. The sphere
allows you to replace it without too much altering them, which in practice is not seen by the Anti-fraud systems. Checker: https://browserleaks.com/rects (Parameter: "Full Hash")
5 point - Enables/ disables the use of random plugins. This option allows you to add a random set of plugins to your session to avoid detection by plugins. The function is needed for those who have free configs, and who are too lazy to manually register plugins. Of course in the paid config the set of plugins included.
6 item - enables/disables saving and encryption of cookies after logging out of the session. Should be necessarily included. An additional advantage for security is encryption.
7 item - enables/disables Flash. Here as with antidetection 7.1 - without much need to enable flash. The technology at the moment is outdated, all its features have long been HTML5, so due to its absence, few people will not look at you askance.
8 item - when you include this item, each time after opening, the session will have new prints that I described to you above. For carding in this there is no need, for safety - possible to use.
9 point - allows you to choose which prints to make new, random (Canvas, Audio, Plugins, Rects, WebGL, Fonts, Media Devices) . Refers to paragraph 8.
10 point - this parameter blocks the output of the canvas hash. It should be used in the event that you are sure that your shop or merch does not respond well to 100% uniqueness of the canvas. Screenshot: http://prntscr.com/h3pk3m
Turn to section "setup and choose a connection type". Screenshot: http://prntscr.com/itCHrv
1 item - allows you to select from the drop-down list the type of connection. Now I will analyze the most necessary for the work of a beginner.
No proxy - this mode allows you to use a direct connection, i.e. the Internet is taken from your system. It is necessary if you really want to work with Proxyfier, Bitvise SSH and other software to use tunnels and socks. As for me, this mode is not necessary, because it does not allow you to use the advantage of the sphere in the use of different sessions at the same time, each of which is configured with a separate connection of the sock or tunnel, depending on what you like to use. An exception to this situation is the use of a router in which it has the ability to connect a sock or tunnel in the router, not on your system. On the forum you can find such configured router.
Tor - this mode of connection I advise you to use for your security chain, when surfing shadow forums and to go to the forums through the tor, for example verified forum.
Socks, SSH Tunnel - connected these modes. The first relates to the use of Socks (Socks 5) and the second to the use of Tunnels (SSH). These modes can and should be used for carding. For each session you can configure different connections and use them simultaneously, i.e., essentially like carding from several systems (virtuallock). Card with socks or tunnels - it is only at your discretion, who likes to work with. I personally use for carding socks, LuxSocks. But the problem is that recently they have problems with socks, the number of socks fell sharply down. So now I additionally use the SOx service "Faceless".
Sphere socks - Socks raised on mobile devices. These mobile socks are exclusively for customers of the sphere, they are integrated directly into the antidetect. This solution allows you to save even more time and increases the usability and uniqueness of the anti-detect, because IP data socks - from a common pool of mobile operators, therefore, the anti-Fraud system can treat you more loyal. For better performance I advise you to use these socks configs Android devices (Mobile phones + Tablets). Today, socks are at the stage of implementation.
2 item - Field to enter the IP sock/tunnel and port. For example, enter SOCKS 5: 173.244.217.119:1081
3 item - this checkbox allows you to disable the internal IP. That is, when using this item, only the external IP webRTC will be displayed.
4 item - sock/tunnel authorization. Actually all tunnels are with authorization, so enter here login and password is required, but socks (Socks) are not so often with authorization, so if you do not have a login or password, leave the fields empty.
5 item - enable/disable the substitution of WebRTC. If you turn off the switch, then WebRTC WebRTC will fit your system where you installed antidetect.
6 item - This checkbox is responsible for the External IP WebRTC. You need to disable the checkbox when the IP to connect is different from the IP which is obtained at the output (to check on any checker can, for example, whoer.net). Here is an example with Luxsocks, after the purchase of the sock I receive here the ip
ort to connect to "212.83.165.56:29007" I check whoer.net and there is the IP "97.113.91.76", therefore, this option is the one that I should disable, and in the "EXTERNAL IP WEBRTC" for a competent substitution, I need to write this IP "97.113.91.76"7 item - this item allows you to enable IPv6 substitution. You need to use it only if your system is "leaked" for this information. To check out the leak here: https://browserleaks.com/ip "IPv6 Leak Test".
8 item - substitution disables WebRTC, ie when you enable this feature, WebRTC will be showing that it is off (disabled). Checker: whoer.net
9 item - allows you to set your DNS. It should be used if your sock or tunnel does not have DNS or it is from another country, or you need to replace DNS, not for carding, but for your safety . Button "check DNS" -checks the health of your specified DNS server. Note that working with this parameter is
Very important - DNS has the same value as the IP itself. In addition, it often happens that when buying socks without your own DNS, you show the DNS of the system (this is what happens by default, if this field is not filled, and the juice does not have its own parameter), and you catch the declines due to suspicious activity.
10 item - this button "Check Proxy/ Geo" allows you to automatically when you press it to check the Sock to connect to the operation, and automatically set based on its GEODATA ( based on MaxMind) and Ip: Time Zone, External WebRTC, GPS)
Go to section 3 of the program: https://prnt.sc/itkq52
1 area - responsible for UserAgent. By clicking on the "manage"button,you can edit, add, remove Useragents. After the drop-down list, you can quickly select the desired Useragent in 2 clicks. Buttons on the top ("Chrome", "Safari", "MSIE","Other") allow you to quickly select the type of browser.
I want to clarify that on the website, in the personal Cabinet there is a section "UserAgent" - there for free, you can choose a ready UserAgent by OS, Browser and device type.
2 area - responsible for the language (language) session. You can select a country from the drop-down list, and the language will be written automatically, you can register yourself manually in the input field, which is to the right.
3 point - Pop - up blocker. This feature prevents pop- UPS from being created. Use only when necessary, sometimes shop or merch have "necessary" pop-UPS.
4 point - All you need to know about it for a beginner is if the site is loaded with errors, or something does not work on the site, which does not allow to make the end of carding, it is necessary to enable this function. No need to turn on. The Following section - https://prnt.sc/itklmh
1) Config manager - simply put, free configs. Jabbed the button, chose the type of browser, chose the OC, clicked generate, and a free configuration is loaded.
2) Setting Up WebGL. This section allows you to configure all possible options WebGL 1, WebGL 2, disable WebGL, if necessary, as well as to generate it if you are too lazy to configure.
3) Advanced settings. (Screenshot: https://prnt.sc/h3q2d0) This section allows you to manually register plugins, add http headers manually, edit manually more than 27 Javascript parameters.
4) Fonts. This section allows you to edit a set of fonts,
i.e. you can create your own list of fonts that will see the anti- fraud system in addition to the substitution of the print fonts.
5) window resolution Emulation. This feature allows you to hide your real screen resolution, and it will match the data of the user. Useful when working with mobile configurations.
6) Emulation of touch screen - just a MUST HAVE when working with mobile configs. Full touch screen emulation on mobile devices. None of the existing antidetection in addition, there is no such function.
7, 8) These two values set the screen resolution. 7 - the width of the screen 8 - the height of the screen. Example 1920x1080
Go ahead, the next small section. Screenshot: http://prntscr.com/itkmis
1 area - is responsible for the substitution of geoposition. Latitude - latitude, longitude - longitude.
It is not necessary to put a geoposition directly under the ZIP of your tunnel, it is normal and natural to look if you put a geoposition up to 10 km from your sock. Example in the screenshot: http://prntscr.com/h3pyv1
The label in Google maps marked the coordinates of the sock, around the circle - so that's the area of the circle is quite a natural geoposition for this sock/tunnel.
2 area - is responsible for the substitution of the timezone, and simply put - setting the time zone and time. Time can be set either by selecting a state from the drop-down list or by selecting a time zone from the drop-down list.
Again, I want to clarify that when you click "check proxy/geo" geoposition and time is set automatically, which saves us valuable time.
We have dealt with all kinds of settings of the sphere that may be needed, now let's finally get to work with this product.
Option 1 - you have a PRO account and access configscope. Scheme of work - buy the right config in configscope, add it to the field, set the type of connection, WebRTC, DNS if necessary, press the Check proxy/geo (machine configures the time zone and location,) then choose off those prints that you want to replace
and go ahead and card. In fact, what I described takes about a minute.
Option 2 - you have no access configscope, then you can complete the configuration in two ways. The first is the installation of the desired User (choosing from ready or loading your own, which is preferable), after which the parameter is generated using the built-in generator .
After generation, you will need to see, tweak, adjust the parameters of WebGL, Advanced settings, Fonts, etc. the Second option - the use of built-in free configs (about 50 000) - create a session, click Config manager, select the desired browser and OS, get the configuration of the real device from the built-in database. With nothing further to do - then no different from the first option: configure the type of connection, WebRTC, DNS, if necessary, click the Check proxy/geo (automatic time zone and geoposition is configured,) then select the checkboxes those prints that you want to replace and forward to drive.
However, the built-in configs tend to turn around, because they are used by a fairly large number of people, and their quality is objectively worse than those in the shop, and this can negatively affect the result, although they are quite suitable for testing the forces of a beginner.
It is also possible not to download a free config, but to actually write it in the field from scratch, but for the first option and for the second, you need to have experience, knowledge of all parameters. You can read about all the parameters in detail in the product documentation + Google help.
More useful chips in this Antidetect:
1) The Antidetect has its own Web Emulator - this tool allows you to simulate the behavior of a real user, visiting sites automatically. In practice, this is necessary in order to reduce the routine work on the set of cookies's site files, site history, in other words, "warm up" the system before carding shops. You can also configure the emulator to simulate the user's behavior in the shop before carding.
2) Data Entry when carding is simplified - the antidetect built own Vbivotron (an example of software for the system on our forum). The function is convenient, but note that some sites are very hostile to copying, and even specially configured intervals of human-like input can fall under antifraud. Use the function if you are sure from your own experience that the shop does not react to such input in any way.
Searching for shops, merchant
The Lecture will be divided into 2 parts, with a short break, as the amount of material will be large.
Part 1 - Searching for shops. Part 2 - analysis of the merch.
And so, let's go. Part 1. Searching for shops.
I'll Start with a warning: look for shops, requests such as: buy apple iphone X, or buy macbook pro, or buy Gucci jeans - it makes no sense. Since the first pages of search engines - will always shop giants like BestBuy, Amazon, Seers, etc. You can work with them, but they need a completely different approach and experience. Take the first available CC and card 10K dollars- this will not work, do not try.
So how to find the right shops? Here are just a few options:
1. You can search for shops using SEO-optimization resources, one of the sites of the desired theme. SEO optimization is a set of measures for internal and external optimization of the site to promote it in search engines.
Accordingly, the higher the position of the site in the search engine - the more traffic, and accordingly for its promotion used more high-frequency queries.
For Example: at the request of Gucci jeans Google gives the following picture http://prntscr.com/gpqxsz, for example, take the 5th site: http://prntscr.com/gpqxig ahhh! Go to the website, find any necessary category (in this case, jeans) and click the right mouse button on the free field in the browser field.
We need a line View Page Source http://prntscr.com/gpqy48 - click on it, get it: http://prntscr.com/gpqyez - we see in the line meta name - spelled out the requests for which this page is moving. We can only compile queries with their own and go to look for more points, for example: if you make a query "clothes shop+inurl:super slim jeans" then Google will give http://prntscr.com/gpqzqh I http://prntscr.com/gpqzu9 ahhh!
2. Shops can also be searched through the "query operators", which you can read more about here https://sites.google.com/site/tilrom...-zapros-google, and even better poizuchat their on SEO forums, many interesting things there to find. As an example, the following query operator: clothes shop+ inurl:e-gift - will give us a list of shops that have the phrase e-gift in the link, or "clothes totes egift" - Double quotes allow you to find only the expression that they contain.
3. Shops can also be searched through eBay, but not everyone has their own sites, you need to search. Simply go to the product we are interested in, and see the information about the seller, if it is a shop - we will see, usually the page is colorfully decorated, and the name of the seller is like: freeshippngshoes, bestshoes, goodwatches, etc. Study carefully. Next, we will put into Google all these data and go to the site of the shop, if such exists. However, it is not always possible to immediately bypass the anti-fraud systems of shops, sometimes it's easier to card in eBay ( but more about that in the lectures on Brutus).
4. Shops can also be searched through the Amazon. Go on amazon.com, enter a query in the search bar, such as SSD. We are interested in the left column http://prntscr.com/dusrr7 , go down below, we need the line "Seller" and click "See More" http://prntscr.com/dussij, we'll be taken to the next page http://prntscr.com/dust0d ahhh! On this page you will find sellers of products of this category. We need to copy their names and paste into Google, and then by analogue with the previous one.
5. Shops can also be searched for parsers, such as butterfly. Disadvantage of parsers is that we will find a lot of junk, so you'll have to sort through manually. Although of course they are sometimes very much helpful.
6. Shops can also be searched through SQL Dumper, with proper preparation of dorok - you can find very sweet shops, but the dumper eats a lot of proxies, so you have to constantly load new ones into it. In General, it is necessary to search for vulnerabilities on the sites, but also under the search for shops simply adapts
7. The same shops you can look at the discussion forums, for example: forum of young mom, or a fishing forum. With the right approach, and SI - you will merge a bunch of shops, which will be a very long time to search the Internet. Thank you young mother Michelle - suggested an excellent shop with expensive baby strollers and lame anti-fraud system. The shop unfortunately closed, and the stroller arrived in RU.
8. Shops you can look at the website http://www.resellerratings.com
Top drop-down menu store ratings. There, select the browse all stores by category and to the left will be a menu with categories. Select for example apparel and jewelry. See "sort by" and click
So we will be displayed on the first page of the sites with the lowest rating. But these sites are in the clothing and Bijou section of 468 pages. About 70% of them have a zero rating and about three-quarters of those 70% of shops are small, well-giving. Sometimes there are shops, like on this site, there is no rating at all, but in fact the shop is large and it will not send anything to you.
In fact, there are many ways to find the right shops, with the right product, but I often use these methods of work. I recommend You to experiment with query operators, as this is the fastest and most convenient way to search for shops.
In my experience, sometimes large stores send much better than small ones, but it is rather an exception and straight hands than just luck). You need to try to break through all the shops you like.
Sometimes it happens that we face scamer shops, for example, met one where Canada Goose cost 200$, so in such shops it is better not to card the Mat , they are created by our colleagues to collect the Mat. Carefully study the shop before carding.
Part 2. Analysis of merch and their features.
Merch is an electronic aggregator for processing incoming payments, in other words - it is a program that directly accepts payments through the site. There is a lot of kinds of Merchs, large and self-written.
To determine the merchandise I often use the site http://builtwith.com for - who have the opportunity, can buy the subscription for their money too, is $ 500 a month, do not try to card it - you will fail. Put down the address of the shop in the line, and we will get all of the information on the shop, in the e-commerce section, we will need merch. Sometimes merch is not shown, then you have to look out for redirects in the browser or card randomly, this also happens.
As for the Euro merch, most often they can be seen during the checkout, that is, when already carding a card, as most Euro shops - do not place information about merch on the pages.
Below is a list of most common merchs:
1. Shopify - it is considered that every month it is harder and harder to card it, but no. Everything is much easier, you need to adjust the system for this merch. Merch loves real iron, and he practically doesn't care for socks and tunnels, the main iron and unique fingerprint of the system. Very important
- fine and competent system setup. In general, merchandise sees deds, and the replacement of ip. He doesn't even bother himself with letters about order cancellation and letters about possible fraud on your part. Exit - to perfectly customize your system for carding.
Under each merch, I have a separately set up virtual machine, and accordingly I simply change my socks and card.
To find shops on this engine, use the following search query: Ecommerce + Software + by + Shopify + dildo
2. WooCommerce is quite an interesting merch. I met it not so often, it all depends on the shop. That is, what level of security is configured by the merch. Some shops are shipped in tons, some of which don't even let us pull out a dollar.
BigCommerce - in principle, everything is the same as above.
Shops look like this: dildo + giftcertificates.php - will find all shops with gilds dildo.
4. Magento and its derivatives. My favorite merch. Easy to work and not particularly capricious.
Shops look for dildo + .com / checkout / cart / - the actual basket, dildo + .com / customer / account / - the account.
5. Shoprunner - merch / engine of many mono-brand shops. Easy enough to work with. You can also punch him with the brutus.
6. Zen Cart - is also quite common. It cards a little more difficult than the previous ones, but it does not cause much trouble.
7. PrestaShop - basically all the same. Clean sock + well tuned system and you will be happy.
8. OpenCart - my most unloved merch. Even with the perfect carding - can tell you fuck off.
9. X-Cart - it's not so easy to find, but if the shop has started to let you card, then prepare wagons.
Europe and Asia
Today we are talking about EU and Asia, I would say in general about the work on the world. Stop Flood.
Working with cards of other regions (other than us) carries a number of features, it is logical, because from region to region, different banking systems.
I would advise you to look at this direction when you have either a baggage of knowledge (and I'm talking in general about the mechanics of work and setting up the machine), or you have money for tests, but of course the best option is when you have this and that.
The direction is interesting, but requires injections, start working on it, keep statistics, and you will see patterns.
The lecture will be of a more general nature; I'll tell you the important parameters below.
So let's start, but first I will highlight one of the main advantages of Asia and Asia - the AVS system is not connected, who forgot the link below.
And let's see right away what 3ds is (it's vbv / mcsc)
Bin is the first 6 digits of the card, well, I hope you already know this.
Remember that the AVS system is in England (uk), and countries that are near (Ireland, Scotland) because they are serviced by English banks. Also, there are no avs systems on the corners of England. There are also Autovbvs, that is, when you the fraud system likes you, the 3DS code is not requested, it can be configured on the shop or bank side.
For example, a shop may simply not request a vbv up to a certain amount, let's say it just has a few merchs, or dynamic 3dc is cut off from a merch.
Remember that entering a card in the country of a cardholder can have consequences in the form of a quick charge.
We warm up the shops, we are ready to communicate. SI is our main tool. Communication with shops, receiving feedback, all this is important. At a minimum, it saves you money when you learn important information before carding, such as for example - of what countries does the material pass through.
Just imagine, you can communicate with shops (tell them your stories, be like a holder), you can ring up banks and find out the reason for the declines, etc.
If you're having difficulties with english, then use google translit, or browser plugin grammarly.com
As a rule, the world (that is, outside of us) communicates with shops / offices by mail, less often by phone.
With international carding-ins, get ready for the fact that they can request docks, this is normal, it will be more convenient if you immediately draw the docks so that when you request a shop, do not take them too long. Unless, according to us, they can request docks by specialists, in order to take time and charge.
CC with 3D code and CC without 3D, everything is simple.
That is, somewhere you know the 3ds code, somewhere there is no, somewhere it is simply not installed on the card or not needed at all for work, or it can be changed as a password in the mail (either easier or unrealistic).
With regard to resetting the 3D code (like resetting the password) - it can be changed if you know the additional.
Info on the card, like dob or ssn or other data depending on the country and bin. https://prnt.sc/fyheyl
Further, the material and methods of work are divided depending on the countries, and the methods of receiving vbv (static, in SMS code, 2fa to the bank application).
For example, what you can work with:
Usa / UK card with resetting of the 3DS code - it is relatively painlessly dropped on the USB, uk is reset on dob, zip, but more and more often over phone, reception of a code in SMS.
Carding - crawls around the world, in Asia, Europe and other regions.
We also should remember the customs limits, naturally all info is in Google.
A web page has its own anti-fraud which needs to be passed, as a rule, it is not difficult except for the already tired Germany.
Yes, cards with 3ds usually have a long charge (except uk and usa), and if payment occurred, the fault lies on the holder, the shop itself is not responsible for it, so even if the shop sees a request from the bank, it can send it.
Amex has an analogue of the vbv, this is efk (but shops with the support of this protection are not very common).
In conclusion, I want to say that the trend is that everywhere they are trying to make the 3DS code via SMS, or 2fa through the application, card-in with a reset code either it dies quickly or the code simply does not reset. Considering that a mat with a well-known code is difficult to find, then it is worthwhile either to card into shops where there is no 3D protection, or it is not on the card (or avtovbv).
Carding from A to Z
Hello again to everyone.
What is carding in and what does it consist of? In general, carding is as follows:
1. Found a shop
2. Picked up materials for carding (card, socks / tunnel / dedik, address / intermediary)
3. carded in
4. PROFIT
But ... when instead of Order Success you start receiving an order canceled / decline, you get an understanding that in actual fact there are much more details / underwater rooms / devils in the still waters - call it what you want - much more than 3.
Perhaps you have never thought about this, but this could / may be the cause of your cancels. Right now, I propose to disassemble what is carded and what it is eaten with.
Let us base on the naming of each part "variable". We call a group of variables that fit under one category - a block;
Each block consists of several subparagraphs and variables within it; let's proceed to a detailed examination of the blocks and variables inside them:
CREDIT CARD Block:
- bin (first 6 digits of the card, determines the issuing bank, country of issue, card level, presence / absence of vbv)
There can be a restriction on payments, limits on spending / limits on payments on the Internet on a particular bin, or it can simply be "cashless", different types of VBV / MCSC and its reset (reset varies depending on the bin);
Autovbv bins - when the card is on the card, but does NOT require a password and is automatically processed.
We read about VBV on our carding forum.
You should not dwell on this subparagraph, but at least you need to take note. For this, write down every bin you encounter in your work, as well as the result of working with it.
- Card Level, Card Type
Card level, Classic / Platinum / Premier / Gold, etc., as well as Debit / Credit. Based on the level of the card, it can make an assumptions about the presence of a balance on it. It is logical that on platinum credit cards there will be more than on debit classics - purely statistically.
- card validity
Nothing matters: neither ip quality, nor system setup, if the card is dead. One hundred percent can be convinced of this only by ringing the bank (or if there is an enroll to the card). Checkers often kill cards, so blindly they can not believe, and the United States before carding is better not to check at all.
- billing info / address - credit card address (billing address, billing - cardholder residence address), unfortunately, curves periodically jump on cards billing, and in the case of carding a bad card in merch, which is checked by AVS (for example, almost all USA shops), such card will not be included.
The reasons contributing to this are the methods of extracting cards, almost always the information about the card gets to us, in the form that the holder entered it somewhere.
He can order something for work, house-in-law, and so on.
There are various methods of dealing with this, I will tell you about a few that I used personally:
A) Find out the billing of the holder before carding the card
B) Search for information about the holder in publicly available sources, for example, by searching Google for Name + zip (John Woods 18462) and checking the correspondence of the address and the name on various sites and social services. networks.
C) Beating certain bins and types of cards. Types of cards include Business Cards (cards for business). These are work cards that are often registered with a company / organization (so don't be surprised if you see something like "Mike Stewart Washington Water Restoration" instead of a name on such a card)
Plus, carding such cards is that in billing they are even in 99% of cases than other types of cards cannot boast, due to the fact that the company orders goods or pays services relative to its business address, that is, billing. Minus - not all bins will have positive outcome.
- check cards. There are several types of card checkers:
A) Authorization and cancellation. A random amount of money is authorized on the card (from $ 0.01 to infinity, but usually not more than $ 1), according to the same principle, a check is made somewhere when debiting the amount.
B) Pre-authorization and / or cancellation of authorization. With pre-authorization, the amount is not debited due to the quick cancellation thereof; when canceling the authorization, the zeroing (cancellation) occurs after the immediate authorization of the amount
C) Call to the bank
Each bank and bin differently refers to different kinds of card checks, but this is mainly a negative impact (especially when working in the USA) and sometimes it kills the cards (even pre-authorization)
The next block is a masking unit:
The first item will be called "human factor". At the moment, many banks automatically analyze the amount of monthly expenses and the type of cardholder transactions, and because of absurd behavior (this is when a 65-year-old lady buys a snowboard) is possible (I stress, possible) transaction failures on the part of the bank.
This is not critical, but it is impossible not to mention it. The shop sends information about the transaction to the bank, so you need to collect the minimum fraud-speed to bypass the antifraud systems - be guided by this.
To this item there is a sub-item "Pattern of conduct".
By this I mean the motivation and purpose of a person
buying something at this particular moment in a particular shop.
Create your own image, become a holder, you card in your card, not someone else's, believe it! Are you a 65 year old and you decided to give your son a laptop? Talk about this with the support of the shop and ask for advice, read the description of the product, make a mistake when entering the text, your eyes are not the same as in your youth!)
Socks and the tunnel as a whole can be grouped and called the ip-address block, then the variables in this block are as follows:
- clean ip on blacklists
- open ports
I talked about this in my lecture on security, in short, this is not a negative, not a positive parameter in most cases.
- geolocation of ip address on maxmind base (or other is important)
Whoer.net and a number of other sites have an outdated max- mind geo base, so the flow of geolocation information from the site being driven in compared to whoer and some similar sites can be very coordinated and critical, up to another state.
Some sites have their own geo-bases, often on these sites you are offered to automatically fill in a zip-code, city and state, therefore when carding in such shops are better guided by the information provided by them and select the material based on it.
- proxy & risk score
- provider, host name, DNS, ip hosting provider
Internet provider ip, hostname can tell about ip affiliation to cloud hoster (see lecture Security and configuration of Wirth machine)
- distance of the zip code ip from zip code cc
On an example: we own a card with a zip code in billing 97401, which means zip ip should be as close as possible to zip, that is, 97401/9740 * / 974 **, etc. - however, it directly depends on your theme and the place where you carded in, for e-gifts it is necessary to select as close as possible, for clothing cases depending on the situation: under the drop / middle or the holder.
Dedik, virtual and physical machines are included in the second group of masking, respectively, are a separate unit and have their own groups of variables, namely:
- OS
Windows / Linux version, etc.
- browser (Browser, version, WebRTC settings, coockies)
Serious merchandise can also request the browser information about installed plugins (can only check by requesting the id of the specific plug-in (s)), check sites on the list where you are
Logged in https://browserleaks.com/social - you can check here, for example). In practice, when logged in, for example, Facebook is a plus, but not critical.
What is a packing coockies?
- Stuffing cookies, surfing on various sites - imitation of a real user BEFORE carding.
It looks strange when a person with a "bare and empty" browser goes to buy GIFTs for a thousand bucks, isn't it? Therefore, we create the image of an ordinary hamster user, having previously previewed on the sites of all local clinics / restaurants, Amazons, ebay, facebook, etc., in general, I told about this in my lecture on setting up the system and security, now I recall because it takes place here.
- all kinds of prints (fonts, fingerprint, audiofingerprint and many others)
The totality of prints generates your unique user impression remaining in the system, is solved by changing the system (changing the screen, etc.), replacing a number of point prints (such as fonts, screen resolution, video card frequency, etc.) and / or using antidetekta.
Block-process of carding. In my opinion, the card-in process itself consists of several things, which, like all variables, can vary and / or modify themselves:
- method of getting into the shop (for example, from Google, or from Facebook / Twitter, other places)
Yes, this is also important. Yes, shops see it too! To one degree or another it also matters. There are several types of transition, talk about them ranging from less trusting to more trusting, respectively:
A) Directly by the link from the browser's homepage, for example, browser > amazon.com
B) From search engines, for example, google.com > amazon
C) Social networks, affiliate programs, various coupon / cashback services
The shop keeps track of where you came from, at least the arrogant methods = the most trusted!
- manual input of the text or copy-paste - antifraud sees it, do you copy your name from the clipboard when shopping from your card? I do not think.
- warming up the shop
Surfing the shop, AUDIORED product selection, reading reviews, delivery methods. Deletion / addition of goods to the basket [from], registration of an account in a shop (and possible temporary revelation of it), preliminary ringing or communication with a support.
- carding by call / no
Some shops have the option of order by phone - order by phone. It happens that the holder does not load the site and then the support operator comes to help, who personally enters your card details and so on. Plus the fact that the antifraud does not actually see your system / ip address, respectively, does not assess the risks based on these factors.
- billing = / shipping
Matching the input billing address, shipping address, it happens that orders are canceled due to differences. You can fight in the following ways: pass antifraud on all other indicators / warm up the shop (for example, chat live in live chat and say you want to buy a gift for a friend, etc.) / search for shops / dropping billing
= shipping = drop / middle (when checking AVS system does not roll in most cases) by carding in an illiquid, which is not "tightened antifraud".
- shipping
A number of addresses of well-known resenders may be in the black list of many shops and merchs, duplicates are also monitored (were they bought at this address earlier in the same shop)
- email under the holder and under the recipient (in the case of Gift)
Mail also has a certain risk-speed. Most trusted - corporate mail like [email protected]. The most fraud ones are those who have simplified the registration process (for example, mail.com, in other words, those where you do not need to receive SMS during registration)
Among other things, some merchis pay attention to the name in the mail address ([email protected]) - can check the presence of the name / surname of the holder is also not critical, but also an important thing.
As you can observe, there are a considerable number of variables. Therefore, when there will be a cancel, think twice about the number of other variables that directly affect the result of the work. The analogy of creating this list can be done in any job, be it with a stick, poker, banks or affiliate programs.
Block of the effects of card-in. There are many different options for the effects of your carding work, consider the main ones:
- Decline. Decline The shop did not even allow you to hang up an order, which often means that you have problems with the card, so first of all you should pay attention to it and see the CC Block. In other cases, the site or technical problems and nuts are tightened (rarely), or you do not pass antifraud (or shop or bank) from the word at all and burn somewhere, in this case, see Blocks "Masking", "ip-address" and "Process drive"
- Cancel. The order hanged itself, but after a while (or immediately) the order was canceled on the email, reasons: the anti-fraud / shop did not pass, the holder rang / something was wrong with the card and the shop could not write off the money.
The antifraud did not pass and he did not like: something - 2 options for the development of further events:
1 - cancellation directly from the antifraud system of the shop (or the bank was not allowed to conduct a tranz)
2 - according to the sum of points scored, the indicators fraud order was manually processed (this is when the manager manually approves / cancels the orders) and the manager canceled it, or rang the holder.
Otherwise, if everything is clear with the first case, the rest should be disassembled in somewhat more details.
A shop rang to the holder - yes, there are shops that always call, there are also shops that can only call on specific orders (for example, E-gift) and / or on a specific specified order amount (for example, all orders $ 500 +)
The methods of dealing with this are as follows: indicating your / your telephone number ringing, in order to receive a call / left number indication (for example, some neighboring cafe with a holder) or a non-existing number, if necessary.
However, due to the AVS system in some countries, such orders can also suffer, I personally never shaman with the holder number as in my work the coincidence of AVS should be 99.99%, so look at your needs and desires.
The third and last option is the cancell due to card problems. It means that the holder either managed to see the actions on his card, or your shop process orders are not immediately
- requests by the shop, for additional verification in the form of a photo of an identifying document (passport / driver's license) or photo card. It means that you have missed the antifraud somewhere, or your order seemed suspicious. It also arises in cases when the shop is already quite jolted and requests verification at the slightest suspicion.
- request for additional verification by calling, ask you to call to "clarify" some details. Usually they drive along the back-edge (see the lecture on breaking through), depending on the shop you can also mean that the card has a billing issue.
How to fight? Punch, call, draw. If the warrant or tests are worth it. Recorded results in the record and draw conclusions.
The last point of the lecture is Checklist. Cheklisty, my method of work on point shops by developing and refining the approach applied to them.
It is a list of points (usually 10-20), telling how you can break through a specific shop based on the tests driven by this shop, various useful notes derived from experience again (for example, how quickly orders / stationary arrive) - to me helps in work, a kind of creation of a template that you need to focus on for success.
An example of my checklist for one large shop: "SHOP *****. Com
- Should be smooth billing
- carding should occur with one attempt at 1 ip. Exception: 2 attempts
- Only manual input and previously non-repeating variables (a la mail)
- Consider the version of cardings from dediks
- If the anti-fraud did not pass, but the card is good, the cancel will come to email within 25 minutes
- When the order does not miss the anti-fraud system, merch gives a decline with the text: Unable to process credit card at this time, processor reported (Authorization Failed)
- If the card has insufficient balance or billing curve, merch gives a decline with the text: Please double-check your billing address and credit card information.
- The following bins came in: 517805 464018 for such and such sums ... *
And so on.
As you can see, the blocks are divided into points and group order, in order of the order to classify the groups as follows:
Blocks Credit Card, Disguise (system) - consolidated - preparation for carding.
Blocks: The process of carding, the consequences and checklists are the result of the preparation for carding and, in fact, the consequences. It is important to trace the causal relationship between the preparation and the result in order to learn how to understand where and when you are guilty, and where the shop or suppliers of the materials are to blame.
"Those who give practice without knowledge are like a sailor going on a journey without a rudder and compass ... the practice must always be based on a good knowledge of the theory."
Selfregistered Paypal
Okay, comrades, hello everyone again.
Today we are considering self-pp (selfregistered paypal account) subgroups.
First we will analyze the theoretical part, then we will register a self-reg and further answers to questions.
I think this is understandable the most important advantage of a self-reg is a long (as a rule) charge and if the trance has passed, then most likely the goods will be sent and he will reach without problems.
There are no problems with cc, cancellation of transfers, reversal of the pack with self-regs there is no but naturally there are also disadvantages to the self-regs namely the buildup of as to make a self-reg and to card-in 1k$ immediately- will not work
it is possible, but it is rather an exception to the rule therefore, self-regs must be pumped up by small purchases / transfers
in order to create a self-reg is necessary:
1 - Full info (fulls, fullz)
2 - Phone
3 - BA (bank account)
4 - CC / VCC
FULLz is data on real american here is an example of full info "Dale S Murray":
7955 Colee Cove Road Saint Augustine
FL us 32092
SSN - 593-12-7088
MOB - 904-237-3757 DOB - 09/16/1966
Dale S Murray - full name 7955 Colee Cove Road - address Saint Augustine,
FL us 32092 - city / state / zip
SSN - 593-12-7088 - social security number MOB - 904-237-3757 - telephone
DOB - 09/16/1966 - date of birth
Fullz is the easiest to buy. Normal Full info costs $ 0.5 Full Info with high COP (loan soon) 2-3 $
Much better if you buy an CC and then search for a fullz for it and the ideal option is to fill up this card and tie it to pp such an option is good and you can pay / send $ 200- 300 at the new self-reg
2 - TELEPHONE
We will need to take sms from pp.
Therefore the phone number in the stick we indicate the one to which we have access namely, gv (google voice) or textnow.
3 - BA
BA can be tied to a stick in two ways 1 instant through a log pass.
- binding instantlly means that pp we choose the bank that we need, enter the login and password from it, then select the desired account and link to the pp.
- mini deposits and each bank account has an account and routing number. So for linking this account to pp, we write down these numbers and send mini-deposits to them mini-deposits are two charges from pp on this account to $ 1 which are charged off then in one amount
In a stack it looks like this:
verifing PP john smith +0.10
verifing PP john smith +0.20
verifing PP john smith -0.30
Account and routing numbers for are sold immediately with the ba or you can search through the appropriate services on the forum it is best to take ba immediately with numbers this may be useful in the future when drawing states or, if necessary, confirming the ba again the cost of the ba is 1-30 $ depending on the bank and the balance of the ba
When buying, be sure to pay attention to the conditions for replacing the BA.
I recommend at the initial stages to take ba 5+ to 4- CC / VCC
4. CC said above, with regard to all of us use visa vanilla card.
We enter these cards, we confirm it with mini deposit and the card is attached.
On the theory we finished.
Methods of working with Paypal self-regs
The topic is actually quite extensive and there is always a place to show your creativity
We will consider the most common options.
So the first rule, behave like a real american so here.
if the self-reg did not give a purchase, send, donat-helps with unloading, reducing the amount of the transaction, changing the product / seller / mail / shop
I repeat, before working with self-regs, it is highly recommended to read the archives on paypal.
We will understand slang:
"send" - sending money from one aka pp to another mini deposits
"state" - statement - bank statement
On the organization of work, as I said, takes paypal with a number, and when you accumulate a decent number of samoregov, then the issue of statistics and reporting becomes especially acute therefore I advise you to immediately start a statute in Excel or a similar prog, to whom it is convenient
I usually write in the article: date of registration binding date ba date of last action which ba is tied (mini deposits if there is) mail and space for notes.
I write down trances there, when such an info is cleared in addition to this, as I said above, I advise you to install thunderbird, a mail collector for the convenience of monitoring your self-regs some options for non-standard account registration 1) through payment with CC we are looking for a donat who accepts payment for a pp, we try to pay with CC for 1-2 $. enter data, put a tick "Register an account for PayPal" pay and get a self-reg with one transit then we go to the acc, add dob and ssn through add money.
If everything is cool, then link a ba and put it away for 3-7 days.
I will explain it right away, if I lie down, this is when we don't go into ak pp after successful transes.
2) Set up an invoice for an empty email "empty mail" is the mail on which the account has not yet been registered from a self-registration software pp we set up an invoice for an empty mail, a letter with an invoice comes to this mail, we follow the link from it and pay the invoice with vanilla (up to $ 100 comes in norms) at the same time we upgrade our two others accs.
3) Send on an empty mail from a trusted acc of pp acc can be a good swagger as well as a ppc account of a real american with many successful transits in the second case, you will have to be creative, for example, buy game keys and sell to americans on the forum with payment through pp to empty mail
The salt of this method is that to such a self-reg paypall will initially have higher confidence and it will be much easier to merge it next types of payment in self-reg pp:
1 - with CC / VCC
2 - with ba (e-check and instant)
3 - with balance PP
4 - bl
I will explain about the payment from the ba it is of two kinds:
1) e-check
2) instant
Payment by echek takes 3-5 banking days.
In simple terms, this is a bank transaction for debiting funds from a bank to a pp ba and transferring them to another pp account payment by the ISTANT is the same but with one difference.
In the case of instant, paypal trusts our acc nn and sends the money right away, sort of crediting us, and then waits for it to be cleaned the day when the transfer of media from the ba to the pt is completed and is called the day of purification (clear jeka).
Let's look at refs (refunds)
Ref is cancellation of purchase and refund as a rule, paypalers use refs to get the money out from the ba to the paypal balance.
What features and pitfalls are there.
If the payment occurred with the CC, then with the ref, the funds are returned to the CC.
If with a BA that has been cleared by a BA, it falls on the balance of PP.
If with a bank, the funds were deducted from the bank but the tranza itself in pending will fall into balance in 3-5 business days.
If from a ba instantly, after 3-5 business days falls on the balance with bf ref will fall back to bml options for cashing out the balance of PP.
Cashing into stuff available options:
1) Send from the balance to the another self reged acc (that is for cashing out) and withdrawal from it to the visa (about 3 business days)
2) output a ba on the same self-report the easiest and most effective method in my opinion paid, refed, cashing out into stuff sometimes it is easier to merge into stuff than to cash out a ba but there is less a percentage of your profit when you card to people who buy stuff and the wait is longer profit if you send it yourself
For this reg ACC of eBay, do not link pp to ebay swing it a small transfer to the balance we register the ebay acc on the resenders data fill in 5 feedbacks with small stuff and then you can start to card on to the resenders iPhones, MacBooks with the balance of our screws next
It happens that the acc with Balance went to the limit of 180 days.
It's okay, this acc should get postpone, after 180 days knit your withdrawal account and merge Balance.
It is better of you have an ebay business acc so it will be a little easier to cashout with it if the selfreg doesn't give anything.
It helps if you give it a rest for 3-7 days or reduction of the amount of carding, change of seller, shop do not make many attempts of the same type of action you will get "unusual activity" in the worst case a limitation it's called jerked off acc make 3 attempts, no longer desirable bundles for working with screws PP
1) 1 Virtual mahcine = 1 selfreg + tunnel/socks
2) basis + antique + tunnel/socks
3) virtual machine + portabl under everyone + tunnel/socks
4) basis + sphere + socks limits:
easy - to receive SMS, password change, secret, questions/confirmation BA.
medium - need a drawing of the passport, iD, state / BA, proof of address. Two business days review if this time is not removed then you need to call the paypal.
heavy - all of the above plus clarification on transfers the percentage that you will remove this limit is extremely small easier to drive 180 that's about it.
Brutus of Paypal
Good evening everyone! Today I am your lecturer and the topic of our conversation is carding
bruted accounts of Paypal or shortly - Brutus of PP.
I will give you basic information on working with this area of carding and answer questions that you may have during the lecture. Go!
Let's Start with a short introduction.
I Work with a paypal from the moment of registration on the forum and training.
Lured this direction in the first place for its simplicity and accessibility for me then.
because for the work we just need to have the dedicated server, the account and address where to send. Everything else is a matter of technique.
During this time, the paypal may many times tightened its antifrod and became more and more difficult and expensive. But we did not stand still each time, we learned something new.
So you understand how the antifrod has changed for these 2 years in the work with Brutus of PP, here is an example.
Earlier, when I was just starting, I could do this.
You Go to any shop with the liquidation (iPhones, etc). Trying to card with paypal there, and when we putted in the log pass I just added the resender, paypay late this address and what the realties of the phone was coming to me to the warehouse. Perhaps you don't understand what's wrong. But if you start working in this direction and then re-read this lecture, you will realize that now it is almost impossible to do, or it would be great luck.
Now directly about the work with Brutus of PP let's Start with the purchase of accounts for work.
due to the fact that the sellers have different checkers, the type of account that you buy can change from time to time, but in General the information there is written the same.
For example:
==========================
[email protected]:Sklo5151 Holder name - shellie kotovich
Address - shellie klotovich|Po box 160||CROCKETT|CA|94525 Primary e-mail: [email protected]
Limited: - False Country - US
Phone - 19253815811
Balance - USD|0
Card - CC 5805/11/17
8134 Bank|J. P. MORGAN CHASE BANK, N. A.
Transactions:
85.05 USD-Bank account 30.06.2017
85.05 USD-Jennifer Nicolini 10.06.2017 233,00 USD-Bank account 29.05.2017 210,00 USD-Jennifer Nicolini 29.05.2017
===========================
Here in General everything should be clear and without knowledge of English
but I will briefly explain
In the beginning there is a login and password from the stick. Further name (Holder name), address (Address), mail, phone, limit\nolimit, account country, phone, balance,
credit card, Bank (BA) and Transfers committed by the owner from this account.
Before buying, it is desirable to determine which country You will be working on.
These are mainly such areas - usa, EU (Europe) and exotic (in fact, all other countries).
to Say which country to work with is the best I can not. Personally, I started my journey with US accounts, but You would be advised to start with EU accounts, because according to my observations there orders go better.
Guys, all clear from the above written? any questions? Go ahead, just started.
At the moment, all sold accounts can be divided into 2 categories - with transactions (1) and without transactions (2).
The second type of accounts is also called zeroes
The good accounts type 1, so it is the fact that CH there is active, there are purchases in various shops or services, and the percentage that your carding will be of course much higher my best most often use to hijack your account, and the subsequent attachment of BA to cash out it in the shops\services.
you can find sellers of brut pp in the appropriate section on the forum.
Now let's move on to the topic "how to card".
1. Dedicated servers (Dedik), from sellers you can meet such types: Homework (Home) \ Servers \ Amazon
2. SSH (tunnels) \ socks \ proxy
I can Not say where to card that it gives 100%, I think you know.
But, focusing on the fact that you are just starting your journey, and you like no one else is important at least some positive result, I would advise you to start with Dediks.
But do not take the homework from $ 10 although the sellers say that they are the best and clean, we do not need this yet.
You have more material to spend and splurge Take homework servers up to 5$
Loved and love to drive with Amazon Dedikov, they are an average of 1$
For those who are more confideint, I advise to use the scheme "virtu+tunnels".
Sellers of all these goods can be found in the relevant sections of the forum.
For Dedik use - mRemoteNG.
Now imagine that you have bought accounts of Brut pp and decided on the device from which you will card.
Now it remains to understand: where to card and for what purpose? According to the old scheme, I will divide where we can card into 2 categories:
1. Physical goods
2. Electronic goods
The first category of goods you can card either on the resender, followed by transportation to yourself, or on the drop, with the delivery of goods for a percentage.
About the second category probably guessed, it includes various gifts stores that you can also pass in a crowd\sell\yourself to card it to the resender.
Very carefully consider the choice of the resender, because there are very unpleasant companies that consider parcels under a microscope, and any discrepancy leads to a ban account.
A few more important points. After new yaer 2018 paypal got noticeably tightened the anti-fraud and now even just to log in is problematic.
How do we do this? Takes any shop with some illiquids and through the instant checkout buy something cheap.
Then write in the address bar paypal.com and look at the outcome. If you are in the account, that's fine. If not, take another AK and repeat the operations.
Even if the security check appears it does not mean that you can not get into your personal account. If sc has popped up, try to write paypal.com you will not lose much time, but there is a chance that you will get thrown into to the personal account
Most of the shops can be divided by the method of carding into 2 categories. The first is so to say "classic". When you found the shop - put the goods in the cart - click checkout - entered billing\shipping address - chose the method of payment PayPal - you threw on the site of the paypal where you entered the log pass - shop entered the address in the paypal - you paid for the order.
The second category makes its way through a quick checkout, through which we just try to get into the online acces of the Paypal acc at the beginning. What does it look like? You found a shop, put any product in the basket, and there you will immediately see a button - Check out with PayPal. This is the quick checkout button. When you click on it and enter the log fell, you will see when reviewing the address of the CC. Here is an example of a shop for you to understand, with such a checkout - shop.lego.com.
Shops only with such a checkout make their way so.
In the beginning you would take the 1st category shop, reached the review, when the shop entered the address you need, you DO NOT pay for the purchase, you leave the account to rest for a day or two.
Be sure to save cookies at sendspace.com if it is a dead dedik and he can die.
Then go to the shop with a quick checkout (category 2), and already there when you click buttons Check out with PayPal you will see your address at which you can easily make an order.
be sure to learn how to save cookies.
This is very important in working with paypal. Dedik can die, and all your efforts with the rest will be
vain. Could get into the account - this is the reason to save cookies.
If this is a Dedik, then download the portable Mozzila (up to version 55) directly to it and install the extension to work with cookies, I personally use advanced cookie manager, but you can search for something of your own.
I would also like to point out the big mistake of newbies. When you try to card paypal, take small amounts, about $ 50-100
you are now the main thing to get at least some result. Do not card ebay.
Although right if you really want, you can try, but the main thing is not for large sums!
Any material as if it were a Dedik or a socks, you always pick it up under the state if it is US, and under the country if it is EU (Europe).
Save any results. I always worked with excel. If you card , go through - write down everything that can be useful - shop, mail where you drove in, log of the paypal itself, from where it was carded(Dedic, socks), if the order is there then write down its number, etc.
I would also like to note such a very important point. Paypal works with a floating antifraud, and if you are working today, and using your method of doing a couple of orders in an hour, this does not mean that tomorrow you will have the same thing.
In order to know when the stick "twirled" the antifraud and other nuances a little, I advise you to always monitor the discussion section on the work of brute nn on the forum.
Work with Brut accounts
Well, let's start probably. If someone is late, he will catch up with the logs.
Today we will talk about brut. This is the most profitable direction in carding in terms of financial expenses. Of the minuses in it, it is just the opposite of costs - time consuming. Recall what brute is
Brut - the process of searching the lines login: password from the database, using software for validity to the service you need...
What do we need for this:
1. Bases
2. Proxy
3. Server
4. Soft
Now about everything in order.
1. Base. What is it and where is it taken? Base - merged dump hacked site where user credentials are stored in the form of login: password. In the form of login: the password is not always, there may be hashes, but mostly they are sold in a pure form
The bases have several characteristics.
This is privacy - the ratio of the number of unique combinations login: password to the ratio of those combinations that have long been gathering dust in public
This is valid - the ratio of the number of lines login: password, with which we can get to the mail to the holder
Well, the subject with geography.
2. Proxy. You choose the proxy individually, and if you find your ideal, do not tell anyone about it. This is the same "bread" as the medium and giving themes. If you need to reset the accounts of some poorly protected service, such as a small shop with gear, you can take the first ones. If you need to brutal Amazon, Ebey, PP, then you have to look for
3. Server. It is needed only in order to provide the software with normal working conditions, increase your security and for your brute to work without interruption. You should approach the choice of service based on your financial condition, offers for such requests are enough to exploit, the price tag ranges from 10 bucks and higher, ten times higher
I will immediately answer the possible question of whether it is possible to rotate on your computer / virtual machine. It is possible, only in the case of Wirth, the efficiency will be low (system requirements), but on its basis I recommend not to run ANYTHING bought on our forums.
Today, the software is normal, and tomorrow with an update your cue ball will leave to the software developer.
4. Software. Most importantly, without that, it will not work out brut. It is purchased for the site you need at Exploit and BHF (oh for good reason). Look closely at reviews and how long this coder came out in public. Often happens, coders saw goodness, and then they fuck up on updates.
Updates will be made only by people who are firmly motivated by their turnip and finances.
Software is also written under the order, on the same forums.
There is still such a thing as "combines", these are software, where brute is assembled at once under many different sites. I don't recommend taking them to you, because at the beginning of sales it works fine, but then everything starts to fall off and the coders often merge. At the beginning of the way 2 times so stumbled
You can find a site for working with brute accounts on your own even though you already have a niche in all the gaps, there are still unoccupied holes. First of all, you need to evaluate how often people use this site, of course, that on Ebey and Amazon the number of "buzzes" will be several times higher than on an unpopular site with a gear, only the work on these services will be very different. The virgin store, which has not yet been raked out, will give easily and naturally, and to work with giants you will have to pay a lot of money for tests.
You should also check if the site saves a credit card. To do this, we take 2 grandfathers (2 Wirths + proxies, or antiques), take one CC, mail to mail.com and go to card in with the first dedik. Save payment information when paying. Then, having only a username with a password, go to the same shop from the second dedik, try to log into the account and make a second order If you have succes, you are not asked for a CVV or any other data that you don't have, then you can work with a brute using a shop
Evaluate whether it will be brutally liquid, order software and go into battle. Pure shop is always fun.
There is another chip, which I used to mention often. Feel free to use Google, he knows everything. If you think that the shop is virgin, it does not mean that it is. Try to drive in the request www.nameshop.com carding, carding, it is quite possible that it will pop up somewhere in our nigaz brothers in black
Now let's go through how we can card.
We have several options. We either charge it all on the resender, in a barbaric way, or charge a drop in the same barbaric way, we can hit the address of CH, if the shop sends mail that can be redirected, pickup, etc.
A little bit more.
1. Direct on the resender or drop. We just log into the account, change the shipping address to your own, without affecting the billing (relevant for usa) and card. Rolling - shaking and waiting for the confirmation, not rolling - shoveling accounts further
It's better to beat it all the same. In all of the shops people, managers, they know the addresses of the resenders, they know how to use Google
By the way, about Google. Research your drops from admins panels.
They can be "ignited", to such an address the arrival of goods as a holiday, usually if there is a black list, the account will immediately block the account
Also, try not to touch the name of the holder. If John Vick changed the address, this is acceptable, but if he suddenly changed his name, especially Vasya Pupkin, then the chances of you fall into zeros. If you use intermediaries, then go to these non-Slavic ones, some Dzhamshuts and we have enough there too
As for the pickup, I can only say that the chances of carding are about the same, because the amounts should be large, but getting the pickup goods is still a buzz. Here, they can take a drop, and he can hide it himself, and DS wants to eat, may lose your pack.
I can also advise you to carefully study the shop in which you are going to work, read thoroughly. They often have any promotions, chips that, given fantasy and the proper level of skill, give freedom for action.
As an example, in one shop it was possible to card from a brutus, to make a refund to the balance until the moment of sending the stuff, and to balance the gifts there. Another example - the balance was also returned, but it could be transferred to the partners of the store, the goods that were bluffed from such a baance were "clean" for all antifrodies and the work was excellent. There are a lot of examples of this, so do not be lazy to read for 15 minutes. Carding and, in particular, brut is not a stupid brute force of accounts, but the work of the head
Now, by the brut accounts, they are not only with cards. There are also with Paypal's linked accounts, and with other payments, there is enough. The easiest way to learn and work is the account + CC, everything is the same; only the antifraud of a shop bothers you, and the antifraud of a bank usually does not affect the work. But with PP you and the whole smut of the paypal with her ICP get. In addition to the
fact that the shop itself can be shaded, paypal will also be strewed with MF, SM, etc.
PP is good for "see" how it works, there are penny accounts.
But for work I do not advise, if you are not friendly with paypal tightly.
You carded your product, the order is in pending. What can we do in order to increase the likelihood that the order will be sent to you.
We can only influence how information about this purchase will be available to the account holder.
To begin with, we understand the account. We change there the email, password and phone to our.
Post your mail already after the successful carding under the name of the holder, you can go to mail.com, this is done quickly, you do not need to receive SMS there.
If the order is small, put the number out of the head, if large, put your Skype number or a ringing number.
This will help only if the holder already forgot about this shop and did not receive SMS from the bank.
Unfortunately, in the sphere of international payments the development has gone far and often holders have push notifications to the phone and sms and the shops themselves call.
But if CH is broken, he may not notice the first few days, and then he will not be able to do anything.
For prevention, if the order is large, we can load him with spam by mail. But this is such an option and is needed only as a safety net, if the order is very important. Rather, the holder will know about spending on SMS or on the phone
Also, look at the contact details of CCs not only in shipping info, but also in billing, there is often a duplicate phone number and it is quite possible that the data on the PP account, where the mail may be different
Brutus Ebay + Paypal
Hello everyone. Today we talk about brute ebay + nn (PayPal), analyze what it is and what it is eaten with.
I have been working in this direction for about a year, I found both good times and not so much, for example, as now.
I note right away that I did not make millions, but if we consider that it took a minimum of time and money, I consider this a good and affordable way to earn money.
Today we will learn to card accounts from ebay and during the whole lecture we will try to get to know this giant in more detail - Ebay.
Let's start first with the advantages that await us:
This is an easily accessible material, I think if you've browsed through the shops a bit, almost everyone saw ebay + pp, ebay + cc, completely different countries
Actually, now with ebay accounts it's not very good, because they die within a few hours, because the way of authorization with which the akka was checked broke.
The main countries of eBay are USA and UK accounts, which stand out, but there are also IT, DE, CA as far as I know, but now most sellers sell it as a mix or under a different name from different countries. All of these accounts have a variation either with pp or with ss, respectively, with the associated account paper or card.
Actually, this is how the account log looks like:
[email protected]: neil1976 / Access Email: NoCheck / UserID: neil132011 / FeedbackScore: 17 / Orders in the last 60 days: No / CC: No / PP: Yes / Country - GB / State - Scotland / City - Aberdeen / Street - 1 lossie place / Zip - ab166tj / Phone - 07927 938797 / Seller: No
Let's look at the order of Hodler's emai / access to email (this is not the case in all shops it costs a couple of times more) / user ID on ebay, he is a login (most often you go through user ID rather than email) / Number of reviews (the more the better, the better, but in fact, if there are a lot of reviews, the account owner will notice our purchase from his account) / purchases in the last 60 days (most often he tells us about account activity, most often it's not bought from these, by the way, but the holder can even forget about his account) / tied map / attached payal / country / state / city / address / zip / phone / seller or not, but I think that here you yourself will figure it out a.
Actually the price of the same accounts. Ebay accounts are cheap, if memory serves me, then for 1 account we pay from 0.3$ for USA, UK accounts, the mix of the country will be cheaper, probably you know why
The work environment, for example, your dedik, socks, vns, tunnel and everything, everything that you can think of for work. Personally, I used to work on Dedik and processed more than 100 accounts from a single server. At least I think that it should also work with the same VNS, but I personally didn't test it, because it was quite expensive to take VNS and sometimes VNS lives much less than Dedik, but recently I changed the direction, but more on that later.
As far as I know, the best thing is carding from a real phone, but I personally don't use it, because I just don't know how to set up the phone and preferably we can use a patched router to get it if we decide to work well from the phone.
Holidays. As in all shops fraud is weakened, we can enthusiastically try amounts that we could not try before.
Now let's go to the minuses, there are about the same. Actually cons:
Easily accessible does not mean good, but I often hear questions like something like "tell the seller account, store, topic, forum and everything" there is no perfect shop, just test everything, if you need I will give a list of shops with I use some accounts that I know, but time is ticking and I cannot say or, more accurately, call one of the shops good.
Now this problem is particularly relevant, because the accounts die quickly.
Like this, for example, it looks like a bad account https://imgur.com/PEXanW6, that is, it is already locked and you will not be able to enter it.
Each seller has his own rules, that is, one has a replacement within 3 hours, and the other has 6, and one has 12, but if the seller is decent, he must make a replacement.
Immediately advice, if you bought accounts, then immediately go for them work them out. I honestly do not know how ebey scorched that the account is lost, but after a while it can be blocked. We quickly worked, got what we wanted or didn't get, but the account worked for you and the seller has no problems. Do not postpone accounts ever!
It now seems that there is no guarantee for many accounts at all (for the above reason).
It will be difficult for us to find undelayed socks, dead coaches, tunnels (they are especially), unless they are usually clean. This brut, it is publicly available, so get used to the fact that the socks are offensive, the dead man is killed. Finding crystal clear materials is very difficult now, but it is possible.
Personally, according to Dedik, I can say that there are no good Dedikov on the forum. There are normal ones, but they are not good at all, so get used to the fact that you will still need to wear socks, but I have not tried all the services that we have, so maybe I am not right in the dirt. Private shops with Dedik are not bad. We cannot check the risk collector and the proxy monitor, and when the seller sells to us, they personally assure me that the best they have, and in private ones will most likely be built in, but by itself, the lower the numbers, the better.
For example, here is a screenshot of one of the private services with Dedik https://imgur.com/a/u4eTx96
I'll warn you right away that for those who are planning to work with Dedics. We buy only homework, server skip. We don't have the server from which we are shopping at home, right?
The very zadrochennost ebeya. With this we can do nothing at all. In ebeya there are peculiar periods, like paypal. Most often this happens at the end of the month. Basically, from the 25th to the end of the month + - it is better not to go for a couple of days at this time.
We turn directly to the process of carding. I will divide the directions into 3 parts.
Carding on ch followed by a rerout. It gives you quite a lot of money and basically it's USA, because there are drops, rerouting, stingy, in general, everything is good there, but I personally do not work in this area, since it's getting worse and worse, but nobody forbids you to work on UK, but as far as I know, there is a tightrope with a recap. There may be difficulties with the mail.
There are 3 main mails in fedex, usps, ups.
Fedex with a ban - rerouting, usps with a ban also rerouting, ups with a ban - consider it gone.
But if you buy from some private trader on ebee, then the probability that he has a ban on rerooting is small although there are some sold out who follow the track right and will deploy it back if you rerout it. I met a couple of them like that, but there's no way to escape from it, but if you still got to this one, then just write down his username so you don't fall for the same rake later.
Carding with the change of address. The amounts here are not large. On average, up to 150 pounds (200$), but this is a trifle, but nice. The country of work is UK (different countries will also go), because in my experience the address changes much better here, but as a plus, we can spike straight into the CIS, or any other country on our drop, among other things, Uncle Vasya. I strongly advise not to spike on myself !!! Many say that the amount is small, so that you will not be afraid, but do not burn your name. The drop services are quite expensive for us, but if we work in duffel, as I wrote above, up to 150 pounds, so Uncle Peter from the next door will not refuse to go for a package for Magarych, again the chance that you will get the minimum, but Some % risk is always in any business.
Digital direction, they are also digital goods, if in our business, then gift cards. All these Gift cards, vouchers, games, game currency. The list is simply huge, but it's better to look at the topics of miserly, there you will find % $, as well as a complete list of what they are buying, but if you didn't find your gift in the mean list, then do not be discouraged, it may be taken away too, but it's better to clarify whether it is necessary for the GIFT to be stingy or not, so as not to suffer losses in case of unprofitability
Ebay is probably the easiest way to get a gift card, which is, and yes the country of this direction is USA. There are also some in the UK, but basically all of them are USA. Amers with Gifta just a disease.
The maximum that I bought here is a Victoria Victory Secret for $ 500, I have never seen a greater value. Here the goods are divided into two types. There are E-gifts, and there are paper ones, if you can call them that, but we don't look at it.
We need the seller to send the card number and the pincode looks more often like this card number: 006493300605817195 Pin: 4234
Or a game card / key, a certain number of characters, for example AAAA-AAAA-AAAA-AAAA, everyone has a different number
With the help of this data we can check the balance of the card, and then we will transfer them to the mean. So, we are only satisfied with sending ebay with a message, or with email attached to our paper account, but for the latter we need to buy an ebay account with access to mail. This is quite rare, but you can find it, though the price will be different. I saw about 2$ per account in one shop. But remember that the gift cards and games are not the only thing that you can find in the digital direction. It all depends on your imagination, because the search for ebay is not very clever, so some things are generally better to search through Google, for example "buy dildo on ebay".
And so driving in, it's up to you to decide what to card in, some use mobile devices, but it is rather difficult to tune and, as a rule, working with them is slower than with anything, but also more profitable.
Dedik is quite expensive to start, so let's start or advise you to start with virtual + socks. There are a lot of resources where to buy socks, but I personally take on VIPs, but if you want to make serious amounts, namely, the ones voiced above, I recommend abandoning them, and if you want to work across America, then it is better to forget about VIPs, and Europe still will go. After we pulled on the sock, we go to the entrance and the scale of anonymity should reach 90 at least, but better than 100.
The most frequent problem that I constantly encounter is that sox dns of another country. Here we are powerless, but once we took it, then we will try. I personally always try to do it all the same, it's brut, after all, it's brut, which is taken by quantity, not quality. The browser is either mozilla or chrome. We will also need to download the extension so that after each account we clean our browser. Then google it, there are a lot of them for every taste and color, but I personally use portable, that after restart everything is deleted.
Vip72 socks are more likely to just try. They are cheap, but the quality is so-so. There are many good resources with socks, such as suites, feysssess, sokslab (there seems to be even mobile socks there). But everything except the last one went away in private, and for the account of the same suites you need to throw in greenery, the facess in this plan is cheaper. I do not know if regga is open there now, but a month ago the registration was $ 50, which will fall on your balance.
Moving to ebay.com is better to do it from Google, but if we do USA with rerout or digital products, use the domain .com, small products with the change of address we use ebay.co.uk.
Clicking on Sign in go to this page Https://imgur.com/h0y80OH, here we enter under our userid and password, I recommend to try to enter with the userid right away, because I often don't want to get from the mail.
The first one is always warming up or as it is called warming up, namely it is an inexpensive product, I usually buy some kind of ball up to 10 bucks or some other garbage. For example, one of these three products https://imgur.com/a/rycIL then choose what your heart desires, it's just warming up, but if we work in the UK and we need to change the address, then we should pay attention to the delivery, that is is there a delivery to our country and how much does it cost.
In the last month I often stumbled upon the fact that I wanted to buy crooks, which cost 50 pounds, but delivery to my country cost the same, so do not be lazy, look for a seller who sends cheap mail, whatever mail you send from England, it will come to you at the Ukrposhta, if in Yua and to the Russian post office, if in Ru, therefore I do not recommend carding goods, so as not to spoil your mood) you know what kind of mail we have
We see this beauty somewhere in the middle of the page - https://imgur.com/vwh8Qvm, and behind it we find the one we need country - https://imgur.com/vwh8Qvm 16 pounds is the normal fo delivery. Again, if we are on the USA for a redirect, then we skip all these points, just see what kind of mail the seller sends, because some cannot be redirected, and a redirect may be banned on some goods, but this is often the most expensive, it's still too early
Digital do not touch anything, just buy our warm-up goods.
In uk, before buying, we change the address, as an example here we see one delivery address https://imgur.com/Yoijj6E, but often there are many, if the address is one, then we change it to the one you need right there in it, there are a lot of them, for example, from 3 and more, then we are trying to add our own, just do not forget to tick off make this adress primary.
This is what a full changed address looks like, a phone number we indicate is not real, just the country you need - https://imgur.com/a/HVV57.
If it gave me a change, then the blue payment button lights up again https://imgur.com/a/o320F, if not, then you will see an error, you can score on this account after we didn't let us change the address, but go ahead and delete the address that you wrote before in the account settings.
Next, the sweetest is again a search for goods. We turn to the search, I advise you to buy something illiquid
Listings, I always put up buy it now to weed out unnecessary auctions, which only make my eyes hurt.
Sort I always change from Best Match to Newly listed to show the goods that have recently been posted.
It is also worth paying attention to the seller who sells. Do not choose a seller with a reputation of 0-50 is the most optimal 100-200, but as well as giants, they often hiss quickly, they are easy to buy.
It is better to skip the first search page in general and start with 2-3, by the way, some sellers need to be bombed, so it's better to write them down, as in general it's better to record all the actions, but honestly, I gave some regularity to the ebay- stoped watching Recently, but the list of sellers on ebee will really help you, you do not need to paint a lot just a login or a link to it and a few words for example:
PR0 $ 3LL3R228 - sent a brick instead of an iPhone. PussyEater99 - quickly spit, quickly added track.
This is of course in a comic form, but I hope that you understand me.
We are transferred to the stage that the order has already been made, now we need to cover our tracks and wait for our track / gift card, if you are not rerouting, but spike somewhere in a certain place, such as in my case in the CIS, then just every 2 weeks send your person to the post office to check, if the track still did not come
But in the case of a reroot, the track is obligatory for us, as well as the name k, and the address where the pack goes to us.
We can change absolutely all the data in the ebay account without any confirmations, so you can do it, but as I noticed, this doesn't really help, because everything is very quickly restored.
As an option, there is always a flood of mail, but it often doesn't save when the CH simply has an application called a paper and shows that the money has gone, but do not be upset if the account is restored, the goods can still be sent, entrepreneurial in orders, click the button More actions > Hide order, now there may be a chance that CH will simply not notice our order, and how to pull out the track from a dead account I will tell further.
There are many services that offer this feature for free, oddly enough, there is always a chance that the big hand of the big brother will get to your pack, but neither I nor my acquaintances have ever encountered this.
https://imgur.com/a/exkmJ click as in the screenshot and we will see a link in the address bar. Next, we see a pair of parameters in the link - itemid and transid. It is in my link that itemid is 173009293376, and transid is 1801961736007, which is what we need to save.
In the case of digital goods, we simply monitor either personal messages on the account while it is available to us, or mail, if decided to fork out. That's all for it.
Pickup, Interception
Hello again
Today, the topic is the pickup / interception lecture.
I will ask right away if someone has questions in the course of the lecture, ask them when I inform you that you can ask questions. If, according to the information that has now passed the question, we write it in a notebook and then quickly copy it, I reply and continue.
Let us examine what it is and how to work in this area.
By pickup, I advise you to work hard people who do not mind the dough for the tests.
For example, people beat ebay, stick, etc.
They have $ 300-400 from one successful operation, and it can take much more time to add to everything.
In a pickup, everything is different. if you find a giving store, then from one order the profit will be 1k +
It is desirable to know English for work, or to have a caller on the salary, you will have to make a lot of calls, there are not so many queries about drawing.
As I said, you need a decent amount of money for tests. Now, not like before, I took a cc, carded it into the first store and waited for the goods, this is not only in the pickup, but in all other topics. Right now everything is very difficult and finding something giving is difficult. Need a lot of work.
I think the tests will be enough for 1-1.5k $
This money includes expenses for CC, and preferably it should be a roll. Only the essence of rollers does not change the address of the phone, etc., that is, we don't jerk the bank don't score fraud points, and the rollers just to know the balance, take the miniks in rare shops.
The second item is the cost Dedik. The price of a good Dedik reaches $ 25 And one Dedik can be used in one shop. So consider. 1k bucks on roughly 30 samples.
But there is a bright side
They invested, and paid for a couple of orders. Mine is not bad.
Now to the specifics.
We take a homemade Dedik clean (with socks and tunnels that would give a need to sweat), you can antique (the linken sphere browser will work too), go buy CC for the pickup area, go to the store, select the staff and beat.
In principle, everything is simple.
But like in other directions there are many pitfalls. I will tell you about all the pitfalls during the lecture. There are 2 types of pickup.
This is a pickup for fake cardholder documents (CH) And a pickup in the name of the drop.
I do not think that it is necessary to contact a pick-up truck in the name of a drop, because it has not been practiced for a long time.
In 95% of cases, pickup for fake documents prevails.
The term Fake ID is fake documents.
Services for pickup is not stable. At the moment there are a couple of workers on the forum, it happens that there are no services at all, sometimes you can not choose from their abundance.
Here are a couple of services for example.
There you will see the conditions, the coverage map, the goods being bought.
You can write a support and talk, they are usually sociable.
Now let's talk about the types of work.
Previously, there were 3 types of work in services.
Work 50 to 50, work under the mean, work under the forward.
At the moment, in the services for the most part there is only work for the mean
But you can try to agree, and I think it will be possible to improve relations and work on other types.
Now about each species in order.
Work 50 to 50 it means.
For example, you have carded a macbook with a touchbar and suddenly you wanted this for yourself, write to the service, I want this laptop, he says let's 50 50
in this case you make another such macbook (pick-up service can offer something else similar in sum).
And in the end, one MacBook is sent to you, another service takes it, thereby covering expenses work under the mean everything is simple, you have a macbook with a touchbar for 2k.
He has reached, and the service pays you a percentage. all services have different percentages. Let it be 35% for Apple.
The goods are taken by drop, the miser pays you $ 700 Everyone is happy.
The last type of work, work under the shipment. This species is very rare, and not very good.
You made a macbook with a touchbar, say you switched but you refuse from 50 to 50 in this case, the service tells you, cut the costs and send. As a rule, cost coverage is 35%.
You pay the service $ 700 + shipping dollars 30-40 and he sends the macbook to you on the medium, nobody sends to RU.
+ from an intermediary to the ros delivery of bucks 50- 100 depending on the intermediary.
By type of work all.
After driving you have 2 options
1 you see the red letters that you are a scumbag and go work in the factory
2 thanks for your order, order number, send information to the mail.
We will analyze the first option
no need to give up, real Americans also suffer from all this.
What are we doing? We take and call the manager of the shop.
We swear on them.
We say that we spent 40 minutes here to choose and design and we were sent please understand the manager can tell you that let's try the phone operation or they send you to fraud department.
If you are told that we are on the phone, report all the data. and there is a possibility that the order will still pass (this means that the order in the system setup was messed up and the shop antifraud did not allow the transaction)
If it fails, this is already a bank error and you are also sent to the fraud department, there your evil uncle says, let's have a conference with the bank and then they ask you for all possible information that you don't know, it could be anything, questions about loans, cars, houses and so on.
So here we just hang up and throw out CC, she died.
It will not work; you can try to use it in the instantcheck mate for the future)
Now the second option after placing the order.
There are some shops that do not immediately debit money from the card, but after a while they write to you and thank you for the order, etc.
And after 2-3 hours you notice in the mail that the order is cancelled or frozen.
If it is frozen, it is usually asked to call to clarify the information, everything is according to the old scenario. You call, and the manager can either just specify the address, or redirects you to the fraud department, to which you can not say anything.
If everything turned out well with you, and after clarifying the address you receive information with a track number- everything is fine.
But even now you should not rejoice) All these stones are stones.
Now we need the pack not to go home to the cardholder but stayed in the mail popularly called hold.
When all is well in the status of the track is written Hold for pickup.
What we do, we take the track and call the transport company (UPS, Fedex).
And there we say that they would not deliver the parcel to the address of the owner, and what would be left and we will take everything there are also 2 outcomes of events
The first one says that everything is fine and after 5 minutes checking the track you see the inscription Requested leaving the pack in the mail.
We are waiting here and the next day, as a rule, the request is approved and the parcel is waiting for it to be taken.
The package is 5 days, if it is not taken within 5 days, then it is returned back to the store, the money on the card.
Now the second outcome of events You are told that the hold cannot be done. We go to the trick.
Where the goods were bought, we are looking for the name of the manager and already in the transport company we call on behalf of the store manager.
We say that the client has addressed and asks to leave the pack in the mail usually do not refuse.
But about a year ago they introduced such a thing as a program hold for actions it means that you called on behalf of the manager, an employee of the company wants to make a hold, but a program in which he makes it gives an error that the hold is impossible
in this case, we forget the shop because the hold cannot be made at all.
Go look for a new one.
After a successful hold when you've done everything transfer information to the drop service and sit and wait while they pick up the package check the track, it happens that it is deployed, and the parcel goes back
When we see the word Delivered we start to rejoice, it means that the drop service took the pack but not always.
Sometimes for some reason no hold and the delivery man picks up and carries a pack to the delivery address maybe this is a deliveryman most likely it is duck here if you checked the track and it says Out for delivery
it is necessary to sound the alarm and call the transport company to swear for the deliveryman to bring the pack back to the post office.
You don't always have time and then the pack is dirty such cases happen but rarely.
If your pack is delivered and the drop service says it was taken just waiting for payment.
Now about reporting.
I advise you to get a sign where we will enter information for convenience and not to card in one not giving the store 10 times table view - gonna sent It to you now:
Date / Shop ss / Shop of goods / Country ss / card type / bin CC / bank CC / warm shop / device / alex / tel CH or skype / order amount / delivery method / primary result / track / full explanation
I also do not advise working alone, too many costs and time and money gathered in a team of 2-3 people and we test different shops throwing off statistics in a hostel much easier.
It is very important to pick up the phone when the store calls back.
There was a case that I drove a laptop for 3k shop calls back just to clarify the address and manager's joy was not redistributed when I picked up the phone
he accelerated my delivery with joy.
Very often people underestimate calls from shops this is their important mistake.
Work on Android
So guys, we start the lecture on Android (bucket).
Set up an android for carding isn't that complicated and everyone is able to do it.
I would single out 2 types of work with android
1) a simple option, without deep settings - this is carding from the browser
2) deep tuning, carding in from the application
But in any case, it is necessary to get a root of the right on the device (not to be confused with admin rights, this is completely different, you need to perform a number of other functions, this is so for common development some people think that root = admin rights)
I always do it through kingo root (google), download the apk file to the phone and install it. The easiest way to get root rights now I'll take off the list of programs and go over them kingo rooT
xposed installer (framework)
device id changer Pro
Proxy droid xprivacy
ccleaner
root cloak
location cheater
and so, what are they for.
The basis for carding with applications on a pc is the xposed framework. This is a system program for changing the firmware settings (OS versions). We will touch on it in parsing carding from the application.
device id changer pro changes the data on the hardware of your phone (imei) and other parameters. This is the xposed framework module.
Proxy droid - we put socks through it. I do not work with tunnels and I do not advise you.
DNS Forwarder - in a proxy droid sometimes it does not work correctly to connect dns from socks (just the internet does not work on the phone) for substitution we use this application.
ccleaner I think he knows everything, it is convenient to clean the garbage on the phone.
location cheater serves to spoof location data.
root cloak (framework module) serves to hide from other applications that the phone has root rights.
xprivacy this is a program that replaces a sim card and not only, it either allows or forbids seeing certain information to all applications. In addition to it, I have a sim card application, it can hone what to prohibit, and what to allow applications to see so that they display the correct information about devices
All applications above (except the cliner) do not work without root rights.
Let's start parsing the settings for working with applications we put xposed installer after we got the root rights, and through it we install the framework. I will say right away, here we will face the difficulty of installing the framework, we need an android on version 4.4.4 (it's easiest to install this program) on the versions above, this is extremely problematic, but if you can install custom recovery and flash archives, you can try. Otherwise, I advise anyone to upgrade the firmware above by the bucket itself to 4.4.4 or take it to a service center and they will fix it there, it doesn't cost much. Plus 4.4.4 is much more convenient to work than on the versions above.
And here is a link to w3bsit3-dns.com there you will find an installer for 4.4.4. (and versions above) https://w3bsit3-dns.com/forum/index....owtopic=425052
After I installed the xposed framework, we install the following programs device id changer Pro, namely Pro Proxy droid DNS forwarder ccleaner Location cheater
All these programs are downloaded in the play market xprivacy
root cloak
These programs are downloaded xposed installer. go to the download section and look for them there in the search and install.
Well, an important note. apkpure.com immediately bookmarked the site, and download sim card applications (green sim card on the label)
When you have installed all the above programs you need to go to the xposed installer, the modules section and tick all the modules (device id ch / root cloak / xprivacy)
Then go to the framework section and wait for a quick reboot so that the modules are installed if the modules do not work correctly
At this stage, our device is almost ready for carding.
Now I'll tell you a little about the xprivacy module, a very useful thing when you work with shops, banks, etc., I personally use it to replace a SIM card, in fact, we have more options and go to the parameters section, touch only those values what are associated with sim and this phone number MCC
MNC country code operator ICC ID
Subscription ID.
Let's take as a basis the number 4356681778, if someone adjusts to the holder and he needs to break through the operator, go here http://www.whitepages.com
What is the MCC can see here https://m.wikipedia.org/wiki/Mobile_Country_Code, from the same page you can take a value for our parameter in the program
MNC is an operator code, you can also see the code of the desired operator (desired country) here https://en.wikipedia.org/wiki/Mobile_country_code
Country and operator everything is clear.
Now what is icc id and subscription id, and how to register it icc id is the serial number of the sim card, which always consists of 19 digits https://i.imgur.com/HzmKDk7.png
the first 2 digits of 89 are always put in defuta, this refers to the industry, its indicator.
Then what is highlighted is the code of the country, from 1 to 3 digits long https://i.imgur.com/5uIizLl.png in yusse it is 01. in other countries the value differs (more precisely, it is most common in yusi 01)
Since we adjust to usa, the first 4 digits will always be 8901 in the ICC ID value, and the remaining 15 digits can be written randomly.
https://i.imgur.com/1xoxBvF.png in the middle, by the way, this is just a SIM card number, and the last digit is calculated by the moon method https://en.wikipedia.org/wiki/Luhn_algorithm
It is used as an example for calculating the number of a bank card, etc., if you work in carding, I think you will hear it again subscription ID (in xprivacy) In general, this is called sim imsi. how to register it. We look at the picture https://i.imgur.com/uAfNjDl.png, it always consists of 15 digits, We first set the value of MCC, then MNC, then write the other numbers randomly, so that there will be 15 characters in this field
How to make the data replaced when you install a new application, xprivacy throws a notification, and the data that needs to be changed, click on the button to disable (deny).
And here the simcard application comes in handy, which will help you to tame what values to replace.
Now I will describe how to card.
Put the socks in the proxy droid, prescribe ip, port, do not forget to specify the type of proxy, just try to tick the dns from the socks, but if the Internet does not work, cut down this option and everything will work (if the socks are not dead) and turn on.
We go to whoer.net we look at what time zone, go to the settings, set the time zone and language under the holder.
If dns does not work through a proxy droid, then go to the dns forwarder, select ip and cut it in then in the location cheater we set the coordinates, I usually put in a couple of meters from the desired address (under ip or spike address).
Go back to the whoer and see if all the norms have been put.
If the sox fell off, turn off the proxy droid, dns forwarder, and cheater, and re-enable them, this does not happen on all devices, but personally I've got everything to work fine, turn these programs on and off, annoying, but what can you do.
To check if the location cheater is working or not, download Google Map, and look there (press my location button).
If everything works, then download the necessary application and open root cloak.
Go to the root of the cesspool go to the first section (add / remove the application), click on the plus sign, and look for our application, then to save the settings go to the xposed installer, the framework section, and click the fast reboot. After that even if you delete this application, it will be remembered by the root of the cloac and you don't need to do it every time.
After carding, to start go for the next try, you need to go into the device id changer, in the first section of the device id, click random all and apply, then go to the xposed installer section of the framework, and click the fast reboot to change the hardware and so, in fact, we have learned how to substitute data on iron, etc.
Now we re-install the application and card in, do not forget to change the data in xprivacy.
If you need to conditionally beat the stick with an exhaustive search and not to download the application each time, not to google the Google account, which is very tiring, use the website apkpure.com to download the application and add it to your phone that is, how we completed the acc, deleted the application, changed the data, rebooted the device, simply reinstall the application
Now let's move on to the carding from the browser.
Everything is much simpler here, in general, any version of android is suitable for work we need to work with the browser:
1) the browser itself (chrome, ff, native phone browser)
2) ccleaner (or application manager, is in the settings on each phone)
3) proxy droid
4) dns forwarder
5) location cheater
In case of working with the browser, it is not necessary to change the iron, but it is desirable to reinstall the browser and clean it carding is almost the same as with the application, just skip the points, with the device id changer / root cloak / xprivacy
mostly beat with Mozilla (since there webrtc is turned off just like on a computer), or from a native browser (on new versions, buckets are rare). We clean the cache (and history) via ccleaner or application manager after each drive
on apkpure, you can download previous versions of the application (if for example you need different versions of the browser there).
I forgot to add, yes, I usually work from under the left sim, but for those who work with wi-f1, for example, the VPN is needed, Tunnel Bear is generally convenient (download Google Play), everything is intuitive, we turn it on before the proxy!
Enroll
Let's start.
My nickname is Fox. Today I will be your Enroll lecturer.
I'll tell you what it is, where to get it, and how to use it. In my opinion - this is the easiest way to work on clothing.
What is Enroll?
This is the most common CC (credit card), or a debit card (but for all the work on the Enroll I found only one bank that allows you to charge a debit card) and a personal account to this card.
Change Billing address
Most banks allow you to change the billing address to the one we need (drop / client / medium) in the online account mode.
Why do we need it? In the USA, there is a system for checking billing addresses and shipping addresses, called AVS. You should have already learned about this from the first lectures. And in the US, most shops are very fundamental in this regard.
If the billing does not coincide with shipping, then the shop will either refuse to place an order, or else they will shower you with a bunch of different checks and verifications.
So, to get around this, rollkits will help us. They have the opportunity to change the billing address of the CC to your own. This is all done very simply in your account. Just fill in the form of the address you need. After that we go to the shop, and beat billing = shipping.
As a rule, the change takes 2-5 business days (depends on the bank, most often - 3). Weekends do not count.
I also note that not all banks have such an opportunity. There are banks where the change of billing occurs by ringing, or there is no possibility at all.
Mini-deposits / Minics
Also, access to your personal account does not allow you to see mini-deposits (minics).
This is a micro-transaction that the shop charges you. As a rule, the amount of the minics will be around 1-2 dollars. This transaction serves as verification of your card in the shop.
Shop withdraws a small amount of money from you and asks you to say exactly what amount they took from your card, or the transaction code that came with this minic.
If you called him, then everything is Ok. The level of trust of the shop to you is greatly increased and from the side of the shop there will be no 99% problems with this order, but this applies only to those shops for which the minics are everything.
There are shops that don't care about the bill = spike, the main thing for them is to verify the minics. If they minded them, then with a 99% order, there will be no problems.
I will give you a couple of examples so that you understand what I mean.
I have a roll of a bank that allows me to see an instant (without waiting) minicar. I go to Steam, and card it into a hundred bucks. Steam immediately blocks for a week my account for manual verification of this operation, or offers to accept minics for verification.
I send these minics, Steam sends 2 mini-transactions. I roll it in, see which two transactions came from Steam, and confirm them on Steam. Everything, the hold is removed, Steam is used to the map, and then I undress this card in the same Steam without any delays or hold.
Second example
Skrill without a minik allows you to get 140 bucks akk in the akk, but if I confirmed the minics, I can already drop it to 5k.
But I want to note in advance. Most offices a la Steam, Skrill and so on. Already overused rolls, and skip certain bins / banks / cards. How to find out what will let? Check with the "Trial and error" method, or find out from those who already know (but such information is unlikely to be told for "Thank you")
VBV / MCSC
This can be said internet pin code. If he comes to SMS in SMS, then he is static in the JEC, that is, he is one and does not change. KH it installs itself.
VBV (Verified by Visa) - if the card is VISA. MCSC (MasterCard Secure Code) - if MasterCard.
Amex and Discover do not have this type of protection at all.
Usually you can install it while carding. At the time of payment, a window will pop up from you and ask for this code, there you can either immediately put your own, or just reset the old one and also put your own, or set it in advance.
Here is the site for Visa: https://verified.visa.com/aam/activa...andingPage.aam
Similar is for MasterCard. I did not save it, but you can find it on our forum, it was mentioned more than once.
According to the results, if the VBV code request is set in the shop and you entered it, then this is another good plus in the shop trust to your purchase.
There are shops and services that without a commission will not miss a warrant at all.
Phone change
The last point that we consider from the advantages of enroll is the change of the phone holder in the map.
It's no secret that we can call with the substitution of the number that was specified when buying the card / or we found it in the office, but the shop can always call back the number from which we called.
If the shop does it, then they will get on the holder, we don't need it. Even a call from our number, which we could buy on Skype, will not save us, because from the shop they often call the bank to verify the address, the name of the holder, as well as his phone.
And if the bank says that the information does not converge, then immediately the shop cancels the tranz, and the bank blocks the card. The end, we have no warrant, and the card is dead.
In this case, the enroll will save us. Together with the billing address, we can change the phone. As a result, when you call the shop to the bank, all the information provided is the same and the pack will safely go to your drop.
But there is another side to the coin. Recently, many banks, with any suspicious activity on the roll, can ring the CC. I mean, if their fraud (about this later) didn't like something, then, for example, when changing billing, they can call KH and clarify: "Do you change the billing?" , and rolls will die, the card will be re-released.
Where to get?
We now know what Enroll is, the next question arises: "Where to get it?".
There are two options: Buy from us on the forum, or else fill it up yourself.
First method:
We go to the "carding offers" section on the forum and buy the enroll from the seller, for example, from me: D
The second method is harder, we are trying to roll on our own.
I can warn you in advance, you can be lucky the first time, and maybe from the fifth it will not work to fill up the map.
My first roll turned out the first time, and then I could not make 6 cards in a row.
In this case, we must know the banks that roll with a minimum of information, must buy the CC, and penetrate to it the very information.
Different banks require different info for enroll.
They can simply ask for SSN / DOB, or they can ask for the mother's maiden name, pin code, and billing phone, answers to the backgrund holder, the code provided by the bank, a commercial account and so on.
We need those who ask for SSN / DOB
SSN - social security number of the holder.
DOB - holder's date of birth
We have many services on the board that deal with this type of piercing, I recommend to contact the Syndicate.
Next, after receiving the ssn / dob, we go to the bank site and try to make an enroll by filling out the appropriate fields with the required information.
If everything is smooth, then we get the same enroll What can be "not exactly":
You enter your data, but it does not give you a card to fill up, there are several answers here:
• The card is dead
• The information is not correctly broken.
• The card does not belong to the person who was indicated at the time of purchase, but a real holder mom / dad / wife / husband / son
• The card is not the main one, but serves only as an additional card which is tied to the main account of the husband / wife / mother / father or someone else.
Sometimes, when I wrote that the data I enter do not fit, but the card is 100% valid, I could break through the husband / wife data, and very often came up and the card rolled, this often happened with boa and synovus banks
But I recommend doing this when you have experience and free money.
And the last option:
• The card has been filed up to you, that is, the holder has already registered a personal account
This we consider in more detail. Primary Enroll and ReRoll There are two types of Enroll
Primary - the holder before you has not yet made a personal account, and you calmly do it yourself
ReRoll - a personal account has already been made before you, BUT the bank allows you to recover your login and password. Most often, this requires having the same.
information as with the enroll primary, sometimes we can get to the background of the holder in the form of secret questions.
Many banks for ReRoll require you to specify a Username or E-mail. In this case, more often than not, there is no sense to fight further, because the information for recovery will come to the mail of KH.
To get to Primari enroll, I can advise you to take cards with a maximum validity period of the card, that is, newly issued cards, with exp / ** / 21 or ** / 22
the more exp date the better
Much more likely that the holder did not get around to creating a personal account
As a rule, the balance that we can use is signed - available credit.
The balance that CH spent - Current Balance.
I will tell for those who do not know how credit cards work. Roughly speaking, CH takes a loan from a bank, and these funds are kept on the card, not in cash. Accordingly, Current balance is that part of the credit funds that has been spent, and Available credit is how much is still available. Do not confuse these concepts!
444796 - here is the bin of Credit One bank. It rolls and rolls very easily, but the balances there are pour. On This bank you can be trained, as it allows you to make a reroll and rolls 9 cards out of 10, but even 1k you will see there very rarely. Just for experience.
The last bank I used was a boa, there are usually good balances, but a lot of cards have already been played, a reroll cannot be made, and primary rarely come across.
I will tell you how it all happens.
I take bins that I know that they roll and go to XTA and see what is there by the presence.
I choose several cards, put in ssn ext, and try to roll.
When enrolling I take the dedik / ssh / socks under the card holder.
I go to the site and try to roll
I postpone all the cards that I managed to roll up until Monday
On Monday, I take the sox / ssh / dedik for the staff of the drop already and change the address
Next, the address changes from 2-5 days of weekdays, weekends are not counted
I usually wait again for Monday, and I am going to card in. You should not bomb the rollk at once in a bunch of places, card it in one shop, wait until the pack is delivered and go to card it again if the card is still alive.
Gift and E-Gift
In the course of the lecture, I will cover this topic and give you an understanding of this niche as deeply and comprehensively as I can from the basis of my experience in this area.
Physical Gift and E-gift
For those who do not know: Gift - translated from English - "Gift". This is a gift certificate, a prepaid card, for the amount of the nominal value of which you can buy goods in the shop of this Gift.
Gifts are physical and electronic, Gift and E-Gift. Physical arrivals are delivered to the recipient (or buyer) by mail or to the mailbox in real life, while the electronic gift arrives to the recipient (buyer) by email (email).
The main difference between the drive of physical and electronic gifts (hereinafter referred to as e-gift) is manifested in the following subtleties of work:
We need addresses for reception under the physical gift, most official intermediaries do not accept them, in most shops they cannot be recalled, the time difference between hammering and getting ready for use is enough, and the AVS system will not miss the order everywhere.
Physical Gift can be merged directly in the offline store, come and just pay them at the box office. It is also possible with E-gift, but not in all shops.
Although the anti-fraud is tightened stronger, but with them there is no need to bypass the AVS, do not need drops, intermediaries and waiting a few days between carding and receiving, therefore, you can wrap funds inside the work several times faster. Gifts are sold mainly in denominations of $ 1 to $ 1000. In some shops you can add several gifts when paying.
Shops are divided into several basic types:
- Point. The shop sells its own gift cards to its store. In such shops, the antifraud is weaker relative to the following two types of shops.
- Multi-lift resellers. The shop sells dozens or hundreds of Gift of various shops, for example: ebay.com. These shops have an average antifraud.
- Aggregates. The direct manufacturers and simultaneously sellers of gift cards, they have some of the strongest antifrodies.
It should be immediately realized that if the point shops have antifraud weaker than the aggregates, this does not mean that it will be easy to break through them.
Direct carding in gift - carding directly into the shop, whose gift you plan to get. Buy ebay Gift on ebay. Carding into an resender - obviously, carding into a reseller. Resellers usually make their way easier (especially not public), be guided by this. Search shops as well as all the rest, a couple of additional layfak will be in this lecture.
The following parameters will directly affect the outcome of the work:
1. Device + system
2. IP
3. Maps
Since I reveal these points in the lecture "Carding from A to Z", here I will tell you in a few words what directly affects the work specifically with GIFTs, see the lecture "Carding from A to Z".
- Device. Top shops are difficult to card from a normal virtual machine, since their anti-fraud detective is antifrod. For top shops you need to use either real devices (for example, a mobile phone), or remote accesses (DEDIC, VNC- machines), or anti-detections.
- Much depends not only on the purity of the ip address, but also on the provider. There are providers that are at risk for anti-fraud, there are also hosting providers. The use of such providers has a negative impact on carding. Pay attention to this and write down the provider.
A couple of examples of well-established Internet companies from personal experience: qwest, charter, cox, att, verizon, comcast. They can be viewed in the shop when buying a socks or tunnel. A couple of examples of bad providers: rr.com, myfairpoint.net. But this does not mean that
You can forget about cleanliness. On the contrary, the cleanliness of the ip on blacks and risk proxies will be equally important.
- Maps. I recommend using the least popular banks. NOT such as Chase, BofA, CapOne, WellsFargo and others.
Naturally, with these and other popular banks, you can card, however, with less well-known patency higher. The level and type of the card is not critical. Most often, carders use MasterCard and Visa. Amex is also possible, but with Amex, bins play a key role, and charges is also much faster.
Checking cards before carding
Cards should not be checked before carding gifts if you are not sure about the bin and the checker. Firstly, because the purchase transaction itself is included in the number of high- risk operations with banks.
Secondly, because the checker often kills cards and is even more fraud than buying gifts, in sum, these two parameters increase the risk of card death, and therefore waste time and unsuccessful carding.
Brut accounts + billing change
Under shops you can also write brutes, download mail-pass databases and collect accounts for these shops.
Often in a shop the holder leaves his card tied, and from it you can also buy a gift. But, there is a problem here -
CVV. Even if the map is saved, in most shops (and in all large ones) the CVV will enter every time you purchase, and since we do not own it, we have 3 options for using brute accounts, namely:
A) Search for shops where CVV is stored. There are such, but they are mostly small, so it's not easy to look for them.
B) Billing change (adding a new one) in addition to holding billing. We take a spin to an akkant and simply tie up a new card and billing to it.
What is the meaning, you ask? - The point is that this account was created by a real person, he made successful purchases without charges, therefore the anti-fraud is more loyal to him than to the newbee
But do not forget that adding a new card and billing addresses to an existing account is relatively fraud action, so this method of hammering is not a panacea, but it is the place to be. Sometimes you can add accounts, add cards / billing and lie for a week or two, it makes sense.
I talk about this kind of drive-in not because it is a priority, but because it exists. In fact, for most large shops (for example, mircosoft, walmart and others), there are extremely few brutes, or they are extremely unstable, which makes this type of work difficult, to find a coder, to pay, to find good proxies for brute force, a bullet-proof server, etc. If you decide to try yourself in this niche - at first, never start with the major world-famous shops.
C) Purchase for bonuses. In some shops there is such, accumulative points and discounts, but I hardly ever met one of them.
Carding from paypal.
Carding in with paypal brute is also possible, as well as from cards, but here shops play a key role. Because the GIFTs mainly come to the mail of the account paper, to which we almost never have access (if we don't use soap and a stick) or buy PP with access to the soap. When carding with a paypal, shops should be selected carefully and tested intensively.
Carding paypal from selfregs is real and functioning, but there are other ways that it is more profitable and easier to pour selfregs, therefore, few people do it.
You can card a ring as well as another product. But not all shops treat this well, and some, on the contrary, only sound and are carded in. I do not recommend starting with this, but note this option.
Emails and Messages
When you buy Egyft, most of the shops will offer you to enter the recipient's email address, then, when registering or registering, send your email address. Not only the domain zones of mails (gmail.com/yahoo.com/etc.) Are important, but also the text in it before @, because the anti-fraud pays.
attention to this and happens when order cancellation comes only because the anti-fraud didn't like your email.
I recommend entering the name of the cardholder from the card when registering, and choosing the most natural (not mail.ru) and least fraud (not mail.com) domain zone. The best options are: corporate email (mysite.com), gmail.com, hotmail.com (outlook.com), yahoo.com.
A good mail for a holder will look like "name- [email protected]" after registration, for example, [email protected]. The numbers in the mail is normal, because often the name is already taken when registering - [email protected].
You have dealt with the buyer, now about the recipient - everything is the same as with the holder, except for the domain zone. For a change, it is recommended to use an excellent mail domain from the buyer (that is, if @ gmail.com is the buyer, then @ yahoo.com is the recipient), in fact this is not critical, otherwise everything else. If weak imagination, the recipient's name can be generated, for example, here: http://www.fakenamegenerator.com
Of course there are shops where you can send directly to your email, however, if the shop offers you to enter the recipient's email address, it will be suspicious and unnatural to enter the mail of the holder in most cases.
On the checkout page and the selection of the nominal EGIFT, it will be possible to enter a personal message to the recipient.
This is really an influential fad, and it directly affects the result of carding. Even if everything is perfect (system, card, mail, etc.), but the message says something unimaginably stupid or suspicious, then during order processing (especially manually), the cancellation of the order may even follow.
There were cases when the cancellations of gift were due to illiterately written texts where it was obvious to the store manager that the buyer was not an American, it happened because of the complete absence of a message.
Unleash your imagination and writing, at least, of course, not necessarily cool and a lot. Write a greeting, wish, congratulation or thesis / quote from the book. Imagine that you are giving this gift to your girlfriend or sister and do not think that you are buying it from someone else's card.
Sometimes it can roll the text from special sites that can be found by talking about "happy birthday greeting in English" or "engagement greeting", etc. The downside is that these sites are already overused, so they can and should be used to create a "skeleton" and develop fantasy / vocabulary, but as a complete tool for everyday use, they are not suitable. Do not neglect this parameter to card EGIFT.
Continuing the topic of parameters when driving, we consider the phone number.
In E-gifts, especially in US stores, the passage of the anti-fraud by the AVS parameter plays a very important role. Very important, but not critical. Beginners at.
I advise you to write exactly the number of the holder. The reason is simple - 90% of the shops do not call, or call only in special cases - when you have not passed the anti-fraud and they need verification in this way.
However, there are fewer cases than cancellations due to the AVS mismatch. Of course, there are top liquid shops that periodically call the holder to confirm the order, but they can only be calculated empirically, that is, by tests and carding.
Small shops can call, so you can try to write another phone number or your google voice / skype. Personally, I always write only the number of the holder.
Mean and shop lists.
Our and other forums are full of e-gifts meanings, each with its own interest, feedback, terms and methods of work, different lists of liquidate / non-liquid e-gifts buying and shops. Scans can be found on our carding forum.
Before starting work, I recommend comparing conditions, percentages and reviews of various scans, choosing my own miserly thing
But I started talking about them not for this, but in order to show you the simplest - shops right before your eyes, you can find liquid shops as well as illiquid ones in the themes of buyers, which are easier to get. There are also buyers of especially illiquid gifts, for a smaller percentage, but it is also easier to work.
The options on the forum where to put the gift does not end. The Internet is full of sites where you can even resell the gift even to Americans who think they are buying a white gift certificate. The simplest example: https://localbitcoins.net - here, GIFTs can buy even by a large percentage, but sometimes they are needed for verification, therefore you need to choose a mean no less carefully than on the forums.
There are dozens of such sites, each one needs to be tested and analyzed, each one can find some interesting shop that is not on the list of forum scams. Putting the case on stream, you can start selling sales not only on specialized sites, but even on ebay.com, but for beginners this understanding will come only with more experience, and with more experience the complexity of work will increase a hundred times, keep in mind.
Liquid and non-liquid assets can be determined by the proposed percentage. The classic interest rate for the illiquid asset: 25-45%, for liquidation - 45-90%.
When exposing or offering a buying gift not from the list and offering a percentage, focus on the assortment of the store. If there is a technique in it - ask from 40 to 70%, if things are 25- 50% depending on the brands.
Distilling
Gift merchandising to the address of intermediaries or drops is made from the ip under the state or city, from Dedik, Socks or the tunnel. The name is not necessary to use the same that was listed in the receiver of the Gift when buying. Basically, only very small shops can "ask" for it, and in which case you can solve it by ringing.
When trying to buy liquid gifts of top shops, try not to use the overwritten addresses of public resenders, otherwise the account may go to the bank and you will lose the gift.
It is better to check the GIFT's balance (validation check) on the shop's website from the country's ip of the country, do not check with the German VPN or your home ip address, otherwise the system may block the gift. It is not recommended to buy gifties day-on-day, wait a day, and here work time is already important, since on weekends the physical stuff is mostly not sent.
Spike of small stuff on CH and the addition of goods to the basket.
Sooner or later, many vifits of the gifts ask themselves the question: "What if we add socks for a dollar to the shopping basket in addition to the gifta and buy them at the address of the holder? Will this add antifraud's loyalty?". The answer is NO.
In your carding, everything exactly remains e-gift, and the analysis of the order by antifraud will still pass as an order with egift. It makes sense to do it only at different times - today we bought socks and warmed up this shop, tomorrow they bought a gift from the same account
Add and remove items to the cart as a warming up shop, it is possible, but not necessary. Shop the shop, read the description of the goods, see the catalog before buying E-gift directly - yes.
Recarding of previously used cards and shop accounts
Recarding as a phenomenon can be divided into two variants of actions with the card:
A) intertwining cards after decline or cancels
B) intercepting the cards after a successful order and the spent of E-gift
Consider each of the options in more detail.
And - this is done in cases where you are not sure that the cancellation or the decline was due to a dead card. Roughly speaking, the antifraud did not pass - they went to try their luck in another shop. It makes sense, because sometimes it works, and the material costs are not needed, the only thing is that driving into 2 different shops served by one merch - having intercepted will almost always be useless, because your data is already in the system, because merch two different shops are common, so pay attention to the merchandise.
In option B, we have several decisions that need to be made before carding in. First and foremost - to card the same shop, or another? On the one hand, the shop already knows us, we conducted a successful order and it seems like it should add loyalty, on the other hand it's may cause suspiciousness of the shop due to the monotony of the goods and the actions of the buyer.
Of the recommendations for making this decision, I can only say - make your own decision, depending on whether your access is still alive (Sox, tunnel, Dedic) or not. If alive, then you can try to card into the same shop from the same ip, if not - replace the ip and go to another shop.
The second question is how much to intercede the card? More, or the same, or less? I usually focus on the level and type of card. If this is a low-level debit (classic), then I card for the same amount as before. Accordingly, if the card level is higher (platinum and so on) or type of credit, then you can try to increase the amount.
The minus of interrupting is that we do not know whether this card is still alive, but the plus is that we don't need to buy it; having brought in, brings an intuitive understanding of the work of the antifraud of specific shops and their relation to the re-purchase, it also gives working bins. When recruiting it is recommended to change the recipient.
The most important plus of repetition lies in a simple truth: it will significantly shorten the time to find the causes of the declines and cancels, direct you on the true path and tell you where to look for mistakes, and, therefore, sooner or later lead to a solution.
Decline or stationary? But in another shop passed? - The conclusion is simple, you did not pass the anti-fraud shop or the bank!
Decline or cancel in several shops? - Conclusion: shit bin / card is dead or bad sox / system. You can try to find a trouble-free shop with a wild illiquid asset and check cards on it
Based on this, create your own method of identifying problems, because Training is Education. Learn to learn, as they say
Time of day for carding and response time from the shop (final result)
Often, newbies ask themselves the question - At what time of the day did they still card? Answer: depends on the shop, its schedule and working days.
Some large shops may issue gifts instantly even at night on weekends, while in small shops you will have to wait for work time on weekdays. Begin to card on weekdays, as you gain experience, you can card at any time of the day and thus find out how the shop reacts (to test it).
Several types of reaction of shops for understanding:
1 - Gift came instantly (instantly, up to 5 minutes)
2 - Gift came in 1-12 hours. - This is the average processing time, provided the shop has working hours. This is normal. But, if the same shop had already given you a gift by an instance, then this time you didn't reach the anti-fraud while passing the checkout process or go into a manual check.
3 - Shop requested verification. I tell about the verification on my lection "Carding from A to Z".
4 - Instant cancels (multiple order cancellation) - something the store didn't like so much that it sends a refusal instantly.
Sometimes it can mean a cancellation by the bank or a dead card. You can try to interchange in another shop.
5 - Processing was delayed for a day or more - a manual check in large shops, sometimes means trying to ring up the holder or hammering in after hours. In a nutshell: either they didn't get it or they didn't have it.
Record the time and results (reactions) of each shop and merch for acquiring methods to work with them.
Profit Arithmetic
Suppose we buy cards for $ 10 / piece, a log or a tunnel $ 1.5 / piece - the minimum set of necessary tools for carding. If you card with dedik, add instead of socks for $ 1.5 the price of a dedik, that is, from $ 4 to $ 10-12 / pcs. Prices are average, they can vary depending on the shops.
For this we take a liquid gift with a par value of $ 100, buying up at 60%. We add up the cost of materials, we calculate our percentage from the nominal value of the Gift, we remove the difference between the costs and the revenue - we get the net profit. (10 + 1.5) - (100 * 60) = $ 48.5 of net profit from one successful liquidation made on the first attempt.
But everything is not always so smooth, because on the first attempt the gift may not come, and then the costs will increase, and in order to pay off you will have to try to card the gifts for all large sums, 150, 200, 300 $ - and in top shops such sums one must be able to card in, because their antifraud is strong, beginners will simply lose money and go whining that the card is dead.
That is why I advise everyone to start carding in illiquid assets, buying up 25-40%, depending on the shop. With the same material costs, gift values can be successfully dragged several times more relative to the liquidation of shops, since medium-sized shops make their way through an order of magnitude easier.
Costs: $ 11.5, Gift Value: $ 300, 25% Avg. Percentage, then net profit = $ 63.5 - even more than from liquid Gift, but at the same time it is almost times easier to bypass the antifraud.
Everything is important in Giftah.
Time of day, map, ip, operating system, device, emails, addresses, banks, shops, merchs and everything I listed in the lecture. All customizable parameters need to be brought to automatic reproduction, all theoretical knowledge to bounce off teeth, all unknown X and Y learn to calculate by exclusion and through testing.
Only then can you work adequately on the gifts, so be prepared to drain money at first if you start your journey with gifts, and vice versa, do not start with gifts if your budget is limited or small.
The uniform formula of a successful carding is as follows:
Preparation parameters (ip, system, card, etc.) + shop (merch, overused or not, liquidity, verification, etc.) = Here is your eGift Card!
A + B = C.
Starting to work on the guffs, my statistical exel file consisted of about 60 cardings, of which 4 were successful or 5. This is 8% of success. In terms of dollars - the amount of expenditure on materials at that moment already increased $ 700 until the moment when I began to go into profit. Why did this happen? - Because at that time I did not know all that I told you about in this lecture.
Carding Liquid stuff using Enroll
Greetings to all! Today's lecture will be devoted to the topic of liquidation stuff using Enroll
In this lecture we will learn:
1. How to correctly use enroll when changing billing.
2. The main mistakes that should not be allowed when carding.
3. How to build logical chains when carding
4. Well, the most important thing is the result. How to make your favorite gucci sweater on your hands!
Maybe somebody already has a question, what is Enroll?
That is why, for starters, I would like to focus your attention on the analysis of these incomprehensible words, which will often be used in the lecture.
So that you as students / learners do not have problems in mastering and understanding the material.
For convenience, you can copy these definition words to yourself in a notebook so that during the lecture you can unwittingly pry if any difficulties arise in understanding.
Definition words:
Enroll is a cc (Credit Card) with access to a bank, where you can later change the billing address of the holder ...
Drop - the definition is extensive, but in our case it is a person who accepts the goods and then sends them.
Resender - a company that is engaged in sending your purchased goods from the United States / Ey to you in the CIS
Holder - The owner of the card, bank, account, etc. Bill (He is billing) - the personal address of the holder Spike - Address for which we order goods
Go ahead.
Material Preparation.
Many newbies and not only, as I think about the question, it immediately arises in my head: "Where do we get these same enrolls?" or "From whom to buy?"
The answer to this case is simple - buy from sellers!
There are many sellers at the site with the sale of enroll with interchangeable billing.
We need to take an enroll with a changeable billing online (As a rule, the billing changes for the 3rd day). Highlight or write down this moment.
We will also need a drop, namely a drop, not a resender, because the billing on the resender simply will not change and your material will fly into the lock
What about the system?
On this occasion, opinions are controversial, someone likes to card from dediks (Exclusively brut), someone with the VNC (Remote Computer Management, VNC can also be purchased from sellers on the forum), there are many options, you can list and list them .. .
Personally, my first card -in with the help of Enroll was from Dedik under the city of the drop.
In any case, the IP-address must be not under the enroll bill, but under the drop.
Progress.
We go to our purchased material, go exclusively from the un under the drop. I think many people immediately have a question: "Why change a bill not from an ip of the holder?"
Again, you can use the ip under the holder, and what's the point? We turn on the logic, immediately put ourselves in the place of the holder, imagine, you move to live in another city, say from New York to Dallas at the very move, you won't be sure that you need to change the billing in your bank account right now. Accordingly, you will be changing the billing address upon the move
With this moment I think everyone understands. Go ahead.
Immediately after the change of billing, it is from the moment of filing the application, that is, immediately, go and select a shop in which we will card from. Remember once and for all such a moment, you can break through any shop!
Whatever protection he had, if the shop was created for an ordinary person, then we can make a product from him.
I'll tell you about the search for a shop on my own example:
When I started working on this topic, I was not particularly steamed with the search for a shop (Why, some will say, a shop that gives is the key to success) Far from it! The key to success
is only in a well-constructed logical chain to break through the shop!
And so, at that time, I went to Google and wrote "buy gucci", went straight to the 2nd page and poked randomly at the shop, that's all! Nothing more is needed! Somewhere to buy shops and engage in other nonsense, I strongly advise.
Only their own time and personal search will lead to success. Remember one thing, no one will ever sell you money for money. (Maybe you will meet "Sellers" on the way, who will sell "Magic shops", which give an "apple in ru". I think the meaning is clear.) Do not buy anything from such people!
We go to the shop, register for the data rolls holder (Full name enter the holder, billing and shipping address - drop)
I think many people will have a question: "why should I register at the shop right away? And if the bill does not change, and the meaning is not yet ready for the main tool for driving," I always make sure of one thing, 40% of success is warming up the account! This is the most basic part (in my opinion) for achieving the result.
How is warming up? And what kind of a beast?
And this beast, something between heavy and simple, I would call it faceless.
Work on the warm-up can be done in different ways, but I strongly recommend to approach this issue seriously.
To warm up your account, I recommend using the largest possible number of known methods, I will tell you only a few of them.
1. Surfing - I think the most popular way to turn the heat on your account! Without surfing, you can not card anything, only if in the most leaky shop.
you need to constantly surf the site, look at the product, read the rules of the site, look at the parameters of the product, material, etc.
We always put ourselves in the place of a real holder, I don't think that the holder would come in and place an order in 5 minutes, no! Americans and many Europeans are very sensitive to the choice of any product, even if it be ordinary socks
A real pendos(American), before buying any product, reads everything about it, reads a bunch of reviews, thinks whether it needs 100 times or not, then we will look at the quality of the material, check it with other product analogues, only then it will buy, I know it personal experience with pendosy
To warm up our account, you need every day until the billing changes.
Simply put, logged in to the account for an hour or two looked at the product. Close to the one that we will order.
For example, if we order a guchi jacket, surf only jackets or just a guchi brand, sometimes we go for something else), the next day we do the same operation and so on until the bill changes.
2. Ping, chat
As practice shows, the heating of this type is very strongly pushing for success. Immediately put yourself in the place of the holder. Suppose you are registered in the shop, looked at the product and you immediately appeared
A few questions, where will our curious holder run to ask them? Of course in the online chat.
Questions may be different, the essence is not at all in them, but the fact that when communicating in a chat, fraud begins to smile more and more, because we are beginning to fit the description of a real holder!)
For those people who are friends with English:
Ask different questions: "How long is the delivery time?", "And if the item doesn't fit, can I change it?" "I want to make a gift to my brother, can you make a gift package?" And so on ... there may be a lot of questions, turn on your brain and think!
For those people who do not speak English:
There are many different calling services on the forum that have the "warm up chat" service, for a certain amount (usually not more than $ 5-8) they go to your account and communicate with the store.
There are much more ways, but basically I use these two methods
During the next course of work, 2 reversals of the event:
1. The bank changes the billing and everyone is happy.
2. The bank blocks the account. What to do in this case? We turn to dialers, the chance of unlocking an account is about 30- 40 percent. It all depends on the bank and how much information you have on the holder.
How much goods to buy?
The question is very delicate, here again, it all depends on the bank and the limit on the holder's card. How to find out the limit? Again we appeal to the pioneers.
The meaning of a conversation with the bank should be such that the holder wants to make a purchase on the Internet (Suppose you card in the amount of $ 1,500) and find out if the payment will pass normally? I mean, will there be any problems?
There are 2 options:
1. Your future purchase meets the limits and the bank says "Everything is fine, you can make a purchase"
2. Or "You have a card limit for an online transaction of $ 1,000, we can increase your limit
2nd version is the most common. We do this not only to find out the limit in the bank, but also for warming transactions, what does this mean? And the fact that we have now directly informed the bank that we will make an order for
$ 1,500! And the bank already knows about it! What could be better?
Always remember. There were some problems with the order, immediately contact the callers, a good sound test can pull out a lot.
If there are not solvables from the shop, the problem is with you, not with the shop! Always check the system carefully to see if everything is set up correctly. When carding, you need to consider
A lot of factors, not everything is as simple as it seems, with each carding you will be more and more experienced.
Let's talk a little about the construction of logical circuits and what factors should be considered when carding.
To the experienced, this information may of course seem obvious, but many newcomers, respectively, do not know about it. I will tell you briefly about the main factors.
- Customized machine for carding
I repeat once again that everything goes smoothly, be sure to use the replacement of ip under the drop! Why? I described above.
In general, for convenient work and better cardings, I advise you to buy a sphere, get acquainted in more detail and you can buy in this topic.
(Trainees 1 month FREE! Write on the contacts in the topic)
I personally use it for 3 months, carding and other work is much better than with the same ones. Yes, and for the money, it will be much more profitable for you, the price for a homemade Dedik is 8-10 dollars, the price for a sphere is 100 dollars a month, here and count! Soxes cost a penny
It is also much better to work with VNC than with dediks. At the choice of the machine for carding, there is an individual approach
It is better to use the gmail domain. Also, if you call Holder for example "Leen Helson", then I advise you to do something like this: "[email protected]", who handles email databases: the pass will understand that mainly amers use the first name or just the last name for the mail login , the most common type.
- CTR + C CTR + V
The error of many newbies! Write any data with your hands! And only hands! You never need to copy and paste anything, be it a login, password, billing, and so on ... 90 percent of the anti-fraud system look at it, because a real holder, your address or data from the card will not exactly copy and paste!
- Points from different SP
Very often it happens that in the process of a 3-day carding, a sock or a Dedik who has been in work for a long time dies, I think this unpleasant situation is well known. If this happens to you, do not even think about taking the first Dedik or Sox and climbing into your account, be it a bank or an account in a shop!
In such a situation, select the most similar type of SP with what it was, try to find the same zip if there is no zip city. If this is not done, from the side of the shop it will look like this.
Sign up
You are from Texas, you sit for a day, look at the goods, after 3 hours you come in from Las Vegas, is it not strange?
Immediately we recall the fraud glasses, which we don't really need, and the fraud's smile immediately begins to subside. If this happens even from the same city, but from different addresses, it's okay, let's say you came to a friend with him. passed registration, climbed with him, looked at the goods, then came home and again went to the site. The situation is simple.
I think this is understandable.
There are a lot of factors, every little thing can and will influence progress! Always imagine yourself in the place of the holder! After all, you are an ordinary American who wants to make an order.
- carding time
Not in any way, I do not recommend carding in on Friday, Saturday and Sunday! Do card only from Monday to Thursday! Because they send the goods on these days, if you make a cardi on a day off, your goods will be sent on Monday and the chance that by this time the transaction will be canceled is very large!
Lets go to carding!
Everything is simple, you do not need to invent anything. Chose the product, read the reviews (if any), looked at the quality of the material, added to the basket!
If there are several goods, go ahead and look at various goods, at least 15 minutes, found?! Well done! Add items to cart!
In no case do not go to the product links. Suppose you have taken 3 guchi jackets for you under the order, you respectively throw off the site to the client, where to look for these jackets, the client dropped you 3 links, open them strictly on another machine, you can go to the main one, and they will come again evil fraud glasses!
We proceed to the payment of the goods!
We enter the bank's holder in the billing address, the name of the name + the address of the drop (when it changed in the bank).
In the shipping name, the name of the drop, the address, respectively, too, the differences in billing and shipping only in full hire
Many will immediately get a question: "How will the shop react, if the names are different, does it immediately raise suspicion" Does the suspicion arouse ?! I would not say.
Beyond the hill, this is a very frequent phenomenon, when holders order goods for a brother, mother, father, sister, and so on, as a rule they live together! Why and why? Many are very busy to pick up the package, for example, work, study, and the mother who is always at home, easily cope with it, or when they make a gift to someone
A common phenomenon, here the shop will not particularly bother, because in fact, there is nothing like that in it.
Press the confirmation! If you did everything right, you will see so many nice green signs.
What to do if cancel appeared?
First of all - calm down! Yes, the spectacle is not quite pleasant, because you tried so hard, and here is an instant cancellation! But you should not be afraid, first of all, double- check that you entered all the data correctly, CC number, eksp, bill! If not, correct and try again!
If yes, press the confirms anyway anyway, because an ordinary holder would have done so. If again the same song, call immediately in the shop and anxiously find out what happened and why it happened, because your brother has a birthday in 2 days and you really need these things! Usually they help and take a card either by phone or you re-do it and everything passes.
Next, I recommend to call the shop or write in the live chat! Say something like this: "I made an order, is everything normal and when will they be delivered?" Again, you need these things so urgently!)
In normal practice, everything goes bang, they send the goods! But even here there are pitfalls, cancel is also very fond of arriving by mail, but if you saw this sign, we immediately call the shop and find out what it is. In such cases, if we do everything correctly, often the bank simply cancels the transaction, the reason for that in 90 percent of cases, is the call of the holder and cancellation of the payment.
Immediately we write to the dialer and try to pull out the transaction, if not, then alas! In every case, there are unpleasant things. Here we do not despair and go on.
Let's summarize. Today we learned:
- Competently set logic circuits when driving - We studied the main factors of working with enroll
- Understood how important it is to use the ringing service, that without him we will not go far
- Make the correct account warming up! Understood that this is a mandatory part of the drive!
Well, I hope in the future, you will do and will do the goods with the help of enroll!
Homework:
Task # 1 Write down in a notebook, journal, notebook where it is more convenient for you, those things that you did not know before this lecture and constantly try to repeat it so that you have it in your head, because having made the slightest mistake you can simply lose goods, money for material and the most important thing is time, because it is priceless.
Money can be earned, and here you will not return time, use it wisely
Task # 2 Everyone to make at least 2 attempts of such a drive! Write out the whole algorithm of work!
An example of the algorithm:
1. Shop - www dwdwd. com (EXAMPLE!)
2 Bank rollers + bin (The first 6 digits of the card)
3. Description of the full method of work:
What were the calls and how many + Call results Warm-up methods
Shop behavior (Letters from him, etc.)
Try to record all the factors that were in the process!
4. RESULT! (I hope you will have it positive)
Unsuccessful algorithms or problems (in the process), you can throw me, I will help and correct them. Problem will try to pull out.
Hotels
welcome everyone, today we will talk about such a direction of work as booking and rent
and more specifically hotels, cars, excursions tomorrow we will discuss air tickets, and also tomorrow we will work in the form of question-answer just today there is no point on questions since tomorrow there will be more info which will probably give all the answers
there are several ways to make a hotel reservation for someone else's account:
payment in the form of authorization - Payment of CC through an agent - Payment through BOOKING - Payment by reward.
Now let's talk in detail on each of these topics 1) Option on the authorization form.
And so what is this generally:
Download http://rghost.ru/6BsVFb7Jn and carefully look!
The authorization form is a questionnaire in which all data of the payer, the period of residence and card data are indicated, with this form the CX confirms its consent to withdraw funds
then an employee of the hotel, enters the card data in the POS terminal and makes payment.
Now everything is in order:
Go to http://www.booking.com choose a hotel, make a reservation on the one who will be settled, you can do without booking.com and immediately call the hotel.
Call the hotel and appear to be an agent asking for an authorization form to pay for the reservation.
An approximate dialogue looks like this:
- Hi, I am from the travel agency "XXXXX" we want to book a room for our client. Is it possible to pay through the authorization form?
- Yes, of course
- Very well, send the form to [email protected] Fill in the authorization form:
Credit Card Holder's Name we enter CH or a false name.
Hotel Guest Name we enter the one we will occupy.
Phones specify Skype with an answering machine.
We do the drawing, there is an important nuance, it is better to do the drawing not in the form of scans, but in the form of photos in hand.
We send all this to the soap indicated in the form, they often ask to send it by fax, then you need to call and ask for an email address.
We receive a slip-check (check confirming the performed transaction).
Without this check, never lodge anyone!
You must comply with the maximum limits per transaction.
Do not make more than $ 2-3k, because very often for large sums there is a limit on making payments
What to do if the cost of reservation is 4k for 10 days?
We break into two armor: the first for 2k 5 days and the second for 2k 5 days
The scheme looks like this:
Go to http://www.booking.com make booking for the one who will live (you can do at least a month before the settlement).
2-3 days before check-in we call the hotel, we get an authorization form - we pay.
Settled.
1-2 days before the start of the second booking we call from the same room to the hotel, we get an authorization form - we pay.
The best cards for making a payment are: Malaysia, Singapore, South Africa, Germany, we value the maximum charge time.
It is necessary to approach the ringing and drawing as seriously as possible!
The quality should be high, there should be no doubt among the hotel employees!
Carding option to an agent.
There is a lot agents between the hotel and the person who needs this hotel.
The main difference here is that the agent has his merch to receive payment for the hotel.
Let's look at the example of Expedia.com
We card from a dedik or the tunnel, the selection of tunnels and dediks is a very serious thing!
Agents have a very tough antifraud, so we are doing everything as clearly as possible!
We select the mat carefully too, the zip of the tunnel / dedik must coincide with the zip of the CC if you cars US
There is no mate for zip, it means we don't take this tunnel / dedik, because even if the payment passes, the reservation will not give, and if it does, it will be canceled, checked many times!
There is one more thing that increases the chances.
You can enter in the residents of CH, then he may simply not come, or even better ring the hotel on behalf of the agent through whom they made the reservation and ask them to change the KH Name and Surname to the desired
Tou need to understand that Expedia.com is very popular, and it gives it very reluctantly, but there are a lot of agents and you just have to look.
I'll tell you right away that the search for an agent is expensive and time-consuming, then you need to go systematically - try a different mate, different schemes, etc.
Be sure to record all your actions during the tests, so that you can understand exactly how to card and so on.
Respectively, these experiments need to have available funds the main disadvantage of such carding is a terrible antifraud, often calling and drawing are needed, and so on but it all pays off a plus: rarely are cancellations during your staying time. This is due to the fact that the cost of fraud merch takes over)
What is worth paying attention to:
Very often, they check the phone from the CC data, and often they call - at the slightest suspicion, then we can initially check if the number is active at CH, and if it is turned on and KH picks up the phone, then you need to flood it to death turned off, well, or buy a CC where the number is not active
And accordingly, when they can't reach you through merchandise, they will not be able to call them on the mail, and they will have to call themselves.
Also pay attention to the hotel itself, which vibrates, if it is new or unpopular, they can begin to suspect on suspicion of the bay
Carding into booking.com
Booking.com - one of the largest companies in the online travel market.
Everything is very simple with them - hotels exhibit their objects, users choose suitable ones and pay to hotels that pay Bucking a commission once a month.
THEN, there is a booklet that doesn't charm at all and doesn't have its merch!
When you enter data on the site, the CC booking via a secure channel sends your data to the hotel.
And the hotel deducts money from you at some point in time at its discretion lecturer it can charged immediately, maybe in a month, or maybe charged at all and asked you to pay on the spot.
Charging of the card is an absolutely unpredictable thing, and it is determined solely by the owner of the hotel, but not by Booking.com.
And here you have to be prepared for many questions like: show the card, pay in cash and so on.
You have to understand that when you or your clients are settled, all these questions may arise, and you will not speak Russian, but there may be a situation when there is no staff who can help with payment issues card in, then it is very desirable to check the debiting of funds, ringing the bank on a robot, or if they beat me with rollers, then it is necessary to look at tranzes online.
If you hit the euro, then according to circumstances, most often you don't know anything there ...
But in a situation where the hotel could not debit funds from the card, they can write on the email and then you can stick another CC.
BUT PARTLY THEY DO NOT DO IT!
Next, wait a while and call the hotel and talk "Hi, I am Vasya Pupkin, I have just paid for the room through booking. Please check whether everything is paid and whether there is a need for additional costs from me.
You must be like a real tourist!
If everything is in order, then you can settle.
With booking services such as him, Agoda, for example, a very serious disadvantage is that the charge often arrives during the stay. In such a situation, you have to pay yourself in cash. And in the event that KH raises kipish, then you can talk to the local police.
Accordingly, you can NEVER card the mat of the country where the tourist goes!
Important aspect: HOW TO DIFFER AN AGENT FROM A FAKE AGENT IN GENERAL
that is, when searching for merch, we need to understand the principles of its work and it is for them to decide whether it's for you or not.
Initially, we read Google, reviews about the service, the so-called how it work, respectively, we card in foreign services and also read not on ru sites.
Next, we card a test from the rolls and look in transactions who debits money, if the hotel debits the hotel, then this is not an agent but a booking service, if it debits the site merch itself, then the agent is
I ask you to pay attention to the fact that even carding into an agent there is no guarantee that the reservation will not fly off during your stay!
4) Brut accounts of rewards
You can get a cherished reservation using various loyalty programs
They are of two types:
Loyalty programs of banks of CC issuers, I think everyone knows about it.
CH for when paying with a card for every dollar spent receives: miles / points / rewards for a virtual account
And they can spend hotels / air / auto or something else
And the second type is the loyalty programs of hotel chains / large tour agencies / big stores, etc.
It's certainly not so easy to work with them, and quite a lot of money is needed for experiments, you need to be ready for this.
Initially, information is collected on existing loyalty programs, then write software for brutus, find accounts and try to make a reservation.
There are many nuances there and each such program has its own chips ... you can understand them only by trying.
The main problem: will it allow you to make a reservation not on the holder of aka on the left Vasya?
It is not difficult to guess what most often will not give.
Here you can do this:
Trying to change the guest data in the merchandise, but here you need to be prepared for trying to dial the holder and the question of the number activity arises
You can call the hotel and say "Hello, Vasya and his wife will come instead of me".
Another option on the scan (drawing): when checking in shows a reservation, and if the question arises: "Where is the person for whom the room is booked?". Answer: "It is not there yet, it will be later" and show a photocopy of his passport which was previously drawn and printed.
There are still options to combine, for example, take an account and link a new card to it, and pay for it.
Rent a car there are two options for booking cars payment in full through the agent (our option) payment of a part from the card is usually 30-50%, and the rest is via the cash desk directly (this does not suit us)
carding is standard to describe, everything is simple and so after succes successful, you go to get a car, then you have to make a deposit for the car from your card which has your name!
http://prntscr.com/gwsw9a
The card is used to block a certain amount as insurance and after passing the car the amount is unfrozen in 3-5 days
what you need to pay attention to:
be sure to read the rules for using the service
make sure that you pay 100% for the rent, and no additional payments are required !!!
Be sure to look at the minimum age of the driver, often they do not pay attention to this and simply do not give out the car!
we always have money to pay for the rally!
The card you leave should not be important to you, that is, if you use such a service on it, you must make a card to deposit it after the lease, since money can be withdrawn after a few months !!!
Excursions one of them is viator.com cardings in here are standard, no sense in explaining, I'll dwell on some of the nuances antifraud often also very serious
just like with a booking, there are services that do not charge themselves, rarely but such ones are found, so when testing you need to pay attention when filling in the data, we indicate the data for the transfer, that is, the hotel where to pick up and the phone.
You can specify a hotel next door, and just go there, but you don't need to be late so the driver wouldn't call the hotel in your room.
If you leave a phone number, then also look at whom it is decorated.
You should not card the mat of the country where the tour is going).
Then I want to tell you the obligatory rules when using carding-hotels:
Before check-in, always ring the hotel and confirm that everything is in order with the reservation!
ALWAYS have money in cash, so that when you rally you could pay for everything!
Do not spend more money than it is!
When you pay by the form, always wait until you receive a "slip-check", because even when you call you may be told that everything is in order, and after settling in, it turns out that there isn't, and you have to pay.
NEVER give your card, I can ask for a deposit or something else, if asked, leave cash!
THE LIFE PERMISSION should not be more than 14 days, you should understand yourself - the less the better!
NEVER and no one to say where the reservation comes from, etc., no one should know about the carriage!
I do not recommend settling in the RU hotels for carding.
In Russia, upon check-in, you will be asked for a passport, there is all the data there, it's easy to find you.
Air
Good evening, today let's talk, perhaps, about one of the most profitable topics in carding - air tickets.
First, I will tell you about the different options for tickets, then we will talk about the security of the whole event, and then I will answer your questions So, what are the options:
AGENTS - FORM - REWARDS - CARD IN AK an agent is an intermediary, for example, bravofly.com, between a huge number of airlines and a passenger, while the agent is paid this option is safe for the one who flies, since during the rally all questions to the intermediary who issued the ticket most often agents are merchandise sites with payment of varicose veins that is, we have here three options:
CC + VBV = the reservation keeps best, but the mat is very expensive and it is very difficult to find it.
In the euro of the merci mat usa + vbv I used to climb normally - now it's not much of a climb either)))
CC novbv Bins rally here is possible at any time, very dependent on the CC country on the merch itself and on a lot more
CC ameks - CC amex themselves do not have varicose veins per se, now they have done something like, and some time ago there were merchs that amex took in and if they card amex Australia or New Zealand they gave
now this method is less effective, as everyone clears and tightens fraud there are still some merchandise without a bomb, but there are very few of them and they are very tough)))
I have been busy with tickets for quite a while, and will give some tips:
if you decide to try yourself in this field - make sure that you know how to card, without experience with staff, gifts, etc., you don't need to start at all, as you will need experience in understanding how the antifraud works and in setting up the machine for carding and in drawing and in calling do not start the search for air merchandise without good capital - which you can safely drain learn how to work systematically that is, when you find a merch that you think should give, you should develop a system for testing it you need to try a different mate
It is necessary to test different directions, if it did not give the RF, this does not mean that it will not give something else.
Before you fly yourself or send clients, you must be 100% convinced that your method is reliable!
Today, the topic of the air is badly beaten, and even the checkmate with the BBB does not give any guarantees of success
Depending on the airline and the directions from the passengers, they may request a drawing of ?? at the front desk, for example, you should know all the details in advance.
Very often the payment goes well, the tickets are given but a meeting takes place, more often it is an additional check of payment or something else. Here you need to ring out and understand the reasons for the rally, that would continue to work more productively.
When working with a varicose mat, it is worthwhile to consider himself carding in more detail:
We set up the virtual machine, everything should be perfect, after carding in we make cleaning, if we use the Antique we clean it.
We buy a sock or a tunnel, it is important that it be fast and clean, we select as close as possible under the ip of CH.
Data on ip CK and user agent CX are obtained from the seller CC + VBV.
We go to the site of the agent, if we beat VBV, then we need to know 100% what it is), choose a ticket to pay
Using the example of CC + VBV, the Germans will describe how there:
CC DE FULL INFO CLASSIC (these are classic bins), the price of such bills is up to 50 euros (limit-guarantee is on average 500 evro)
CC DE FULL INFO HIGH (these are bins from premium to corporate), the price of such CCs is up to 75 euros. CC HIGH come with a limit of guarantee up to 750 euros.
CC DE FULL INFO BUISNESS (business and corporate bins, etc.), the price of such CCs is up to 90 euros. Limit guarantee up to 1300-1500 euros it is clear that the figures are average, and the guarantee limit and price may vary significantly there are also currently Sellers who do not give a guarantee limit at all they take advantage of the fact that such a mat is rare and in great demand we never buy fullki of- SPARKASSEN (name of the bank), firstly petty, secondly powerful anti-fraud system, thirdly, there are no substitutes for them.
Naturally, if the card is not valid, a replacement is also made.
Replacing the CC all sellers do strictly when providing video of carding in the CC
The video should start from the moment of opening the CC from the seller in the favor, then show that the sock / tunnel you read (check2ip.com) and end with either a successful carding or problems with dumping, etc.)
I will give a link on a program for record http://rutracker.org/forum/viewtopic.php?t=5022971
The format of the issued cc is normal, but plus to this in the full DE is haberstatum (short ADD).
Kontonummer (account number from 7-10 digits).
Servicenummer (not for all IC) Bank number where to call, but it is rarely required.
Bankleitzahl (bank number for other banks, usually does not ask for it, since it is one in the bank).
SC, respectively, Security Code, for us it is known as VBV, but a very large BUT, it is not needed in 70% of cases, as the automaton in German banks of the UK is reset every 30 days it turns out we activate the SC each time using Kontonummer (account number), Haberstatum (ext), Gultigkeit (emergency date) and Prufziffer (Sv2 code - a three-digit code).
We put in passenger data, we put in card data, we change varicose veins and if everything works out, then we rejoice. If the card is not invalid, there are not enough funds up to the agreed limit, it does not allow us to change the PIP, we put Bandikami on a stop, fill it on a sendspace, send it to the seller and wait for the replacement and here is another very important nuance.
Yesterday in the lecture on hotels I spoke in detail about services like booking.com
Let me remind you of these services that do not have their own merchandise and simply transfer your data to AK and the airline already processes them.
You may not see it yourself.
That is, when you make a reservation through an aggregator of the skyscanner type, then you see that you switched when paying to another site.
And when booking on vayama, you don't go anywhere, but that airline takes off the money whose flight you are doing!
In fact, this is direct carding with all the ensuing consequences
How to figure it out:
there are two methods here - card tests with rollers and see who wrote off the money
You can also call the AK and disguise everything under the guise of making some changes, but this method is not 100% often the case in AK says "contact the agent who issued the
ticket" although the airline itself wrote off the money!
If you made a ticket through such a merch, then it is advisable to make the client fake docks on the ticket and be sure to warn about possible problems
With such type of carding, NEVER card the mat of the country where you are flying!
There have been cases when they are filmed on a transplant and begin to torment very strongly!
The next way is carding into the agent form of payment.
It's all the same as with hotels.
We only call the agent, invent a story why we cannot pay via the Internet, request a form, draw a picture, call it and make a ticket.
I have to say the right away, very few agents are now accepting payment according to the form, and of course it is not interesting to make tickets for small amounts here because the cost price is high
The next topic is the rewards.
Here is the same as for hotels, I told a lot yesterday.
I will note an important thing - most often loyalty programs just allow you to make hotels / air / auto that is everything for the tourist
It remains quite a bit - to find.
Miles from airline companies is also a very working topic, although large airline companies have already managed everything, and here I want to point out an important nuance
When we pay for the ticket with miles, we often need to pay additional taxes and fees in cash, then we card the CC, but we also need to find the CC so that the charge is as long as possible
The amount of taxes and surcharges are usually not much 20-100$ per passenger.
Sometimes it is possible to pay taxes from a virtual card like QIWI or ?, but almost everywhere it does not work.
The most beaten airline companys are shaved, delta, lufthansa ... they behave very strangely, they can get off the cruise on a transfer, it happens that they take flight for a flight and are not allowed into the plane.
I write all this to the fact that before sending someone it is important to test everything.
Phone activity is very important, I talked about this in the last lecture on hotels, if yesterday someone did not read the logs
There are also miles not some particular airline company but unions, such as SkyTeam, and in some it is possible to card in code-sharing, that is, you have airline A miles, and you use them for company B flight
There is such advice here, do not use miles of Russian airlines, and do not use miles of western for russian airline company flights.
We can get accounts in the following ways:
We brutal ourselves - We buy from logs - We buy in shops.
Thanks for reading this manual.
I wish you all successful work and good luck. Happy carding!
