BadB
Professional
- Messages
- 2,502
- Reaction score
- 2,574
- Points
- 113
So, this post is for all those who have not yet grasped all the secrets of the Madrid court, semi-private and private google - after all, everything new is well forgotten old. You agree with me? Let's go then?!
As you know, Antifraud does not sleep in shops, and if the first payment, for example, is successful for you and the staff is sent to you, then the second and third orders will most likely be canceled in most cases. The alternative in this case is the search for a new shop that is not yet familiar with our contingent and has just come to online trading, and which I will also tell you about today? Today, there are quite a few such options, but they exist and are worth looking for.
So sit back and stock up on cola, we're starting. The first parameter, which is important, is called WebRTC. Yes, yes, I am aware that you already know about this, including the method of bypassing it, but the most interesting thing is ahead - be patient and give the newcomers a way, and honor to us, dear old people.
And so, to begin with, let's find the info, what kind of parameter it is and what functions it performs - let's turn to Wikipedia. WebRTC (English real-time communications) is an open source project designed to organize the transfer of streaming data between browsers or other applications that support it using point-to-point technology. Its inclusion in the W3C guidelines is supported by Google Chrome (and other browsers based on it), Mozilla, and Opera. In terms of anti-fraud, the WebRTC standard allows third-party users to determine the IP address of a network user at a time, bypassing the software barriers of VPN, TOR, SOCKS and other network defenders. To resolve this issue, we have two options. The first is to disable WebRTC.
Some information on how to do this:
Enter in the address bar about:config
Find the media.peerconnection.enabled parameter. To avoid manual searching, you can use search simply by entering this parameter. Set it to false.
But if it is disabled, then this is 100% fraud points from the shop and with a probability of 99.9% your order will be canceled, so you just need to replace it. How to do it:
Install the firewall with the subsequent settings.
Click on “Advanced settings”.
Next, click on “Windows Firewall Properties”.
Then, in all three tabs, point to “Outbound connections: Block”.
Next, go to Outbound Rules and click on New Rule.
Choose “Program”.
Indicate the application that should go online (Bitvise, proxyfier).
However, do not forget that the main application can use auxiliary ones to connect to tunnels or socks (usually putty or plink in the folder with the main application) - they will also need to be added to the exceptions.
Indicate “Allow the connection”.
Next, set the name of the network and close the setting.
We are trying to connect to the Internet - in our case using “Bitvise” and tunnels.
If everything was done correctly, then WebRTC will show us only the intranet IP without the external one.
Now our webrtc has a local address - this is quite enough for this detection to not be detected. Ideally, the following manipulations should also be done:
Go to the equipment manager and select “Add legacy hardware” in the “Action” menu, after clicking on the “Network adapters” section.
Vhoose manual installation. We select “Network adapters”.
Choose “Microsoft” and choose “Microsoft Loopback Adapter”.
After installation, go to the settings of this adapter. And we indicate in its properties the IP, which showed us the Whoer.
In my case, it is 64.53.67.252. Then we save and run the command line.
In the command line, write the following:
route add (tunnel / sock address) mask 255.255.255.255 (default gateway) metric 1.
To find out the Default gateway, enter “ipconfig” into the command line. If the line is empty, look for the gateway address in the virtual machine's network settings.
In my case, I enter into the command line:
route add 64.53.67.252 mask 255.255.255.255 192.168.111.2 metric 1.
If everything is ok, then the command line will answer =)
If you received an error with the text “The requested operation requires elevation”, then run Command Prompt as administrator.
Next, I would like to talk about another important parameter:
WebGL is the context of the HTML canvas element, which provides a 3D graphics API without the use of plugins. The 1.0 specification was released on March 3, 2011. The library project is run by the non-profit Khronos Group.
In order to change this parameter, open the Firefox browser, write about: config and look for this line: webgl.enable-priviliged-extrensions, after which we change this value from false to true by double-clicking the mouse.
After that, one more parameter must be replaced.
We register in the search:
webgl.vendor-string-override, click on it and enter, for example, NVIDIA GTX 1080 or any other name of the video card, after which this parameter is changed.
Now let's consider the replacement of various canvases, including the unique fingerprint of the audio codec and browser.
Actually, the link to the software itself: it is called virtual audio cable.
We install this software on a virtual machine, after installation, we will be able to edit the settings associated with our audio device.
Now we need to set the default value of the new device.
To configure your audio codec more subtly, open the virtual audio cable program itself and change all the values.
Next, consider the substitution of the browser fingerprint itself, it is called Browser Fingerprint. To change this parameter, it will be enough for us to download a certain plugin for the fox - it is called
http-useragent-cleaner. Here is a direct link. Add to the browser, set and change this value in the browser settings. You can read how to work with this plugin in Google, there is enough information there.
So, these are the main meanings that can be changed and which I know about, but definitely not all detectors that exist. With such settings, it is very difficult to break through the fraud of a top US shop - for example, Walmart, Amazon or Microsoft. For when the antifraud is running in full mode, it is advisable to install a clean virtual machine before configuring the browser. It can be 7 or 10 wines, of course, English. To quickly change machines, a hard disk size of at least 250 gigabytes is required - before installing the system on the virtual machine, it is necessary to download the necessary software (plinker, BitVise, proxyfier, etc.), then configure everything for yourself and make a clean snapshot of the system.
I recommend taking under this case a fullz, punched on a credit history - since antifraud at the office, as regrettable as it may sound, is more than present. In addition, it is much more convenient, because you do not need to invent anything and take information from the sky, so that the accounts do not get lost, and the work was not in vain.
You can find very important and valuable information on how to bypass anti-fraud protection in this thread:
carder.market
As you know, Antifraud does not sleep in shops, and if the first payment, for example, is successful for you and the staff is sent to you, then the second and third orders will most likely be canceled in most cases. The alternative in this case is the search for a new shop that is not yet familiar with our contingent and has just come to online trading, and which I will also tell you about today? Today, there are quite a few such options, but they exist and are worth looking for.
So sit back and stock up on cola, we're starting. The first parameter, which is important, is called WebRTC. Yes, yes, I am aware that you already know about this, including the method of bypassing it, but the most interesting thing is ahead - be patient and give the newcomers a way, and honor to us, dear old people.
And so, to begin with, let's find the info, what kind of parameter it is and what functions it performs - let's turn to Wikipedia. WebRTC (English real-time communications) is an open source project designed to organize the transfer of streaming data between browsers or other applications that support it using point-to-point technology. Its inclusion in the W3C guidelines is supported by Google Chrome (and other browsers based on it), Mozilla, and Opera. In terms of anti-fraud, the WebRTC standard allows third-party users to determine the IP address of a network user at a time, bypassing the software barriers of VPN, TOR, SOCKS and other network defenders. To resolve this issue, we have two options. The first is to disable WebRTC.
Some information on how to do this:
Enter in the address bar about:config
Find the media.peerconnection.enabled parameter. To avoid manual searching, you can use search simply by entering this parameter. Set it to false.
But if it is disabled, then this is 100% fraud points from the shop and with a probability of 99.9% your order will be canceled, so you just need to replace it. How to do it:
Install the firewall with the subsequent settings.
Click on “Advanced settings”.
Next, click on “Windows Firewall Properties”.
Then, in all three tabs, point to “Outbound connections: Block”.
Next, go to Outbound Rules and click on New Rule.
Choose “Program”.
Indicate the application that should go online (Bitvise, proxyfier).
However, do not forget that the main application can use auxiliary ones to connect to tunnels or socks (usually putty or plink in the folder with the main application) - they will also need to be added to the exceptions.
Indicate “Allow the connection”.
Next, set the name of the network and close the setting.
We are trying to connect to the Internet - in our case using “Bitvise” and tunnels.
If everything was done correctly, then WebRTC will show us only the intranet IP without the external one.
Now our webrtc has a local address - this is quite enough for this detection to not be detected. Ideally, the following manipulations should also be done:
Go to the equipment manager and select “Add legacy hardware” in the “Action” menu, after clicking on the “Network adapters” section.
Vhoose manual installation. We select “Network adapters”.
Choose “Microsoft” and choose “Microsoft Loopback Adapter”.
After installation, go to the settings of this adapter. And we indicate in its properties the IP, which showed us the Whoer.
In my case, it is 64.53.67.252. Then we save and run the command line.
In the command line, write the following:
route add (tunnel / sock address) mask 255.255.255.255 (default gateway) metric 1.
To find out the Default gateway, enter “ipconfig” into the command line. If the line is empty, look for the gateway address in the virtual machine's network settings.
In my case, I enter into the command line:
route add 64.53.67.252 mask 255.255.255.255 192.168.111.2 metric 1.
If everything is ok, then the command line will answer =)
If you received an error with the text “The requested operation requires elevation”, then run Command Prompt as administrator.
Next, I would like to talk about another important parameter:
WebGL is the context of the HTML canvas element, which provides a 3D graphics API without the use of plugins. The 1.0 specification was released on March 3, 2011. The library project is run by the non-profit Khronos Group.
In order to change this parameter, open the Firefox browser, write about: config and look for this line: webgl.enable-priviliged-extrensions, after which we change this value from false to true by double-clicking the mouse.
After that, one more parameter must be replaced.
We register in the search:
webgl.vendor-string-override, click on it and enter, for example, NVIDIA GTX 1080 or any other name of the video card, after which this parameter is changed.
Now let's consider the replacement of various canvases, including the unique fingerprint of the audio codec and browser.
Actually, the link to the software itself: it is called virtual audio cable.
We install this software on a virtual machine, after installation, we will be able to edit the settings associated with our audio device.
Now we need to set the default value of the new device.
To configure your audio codec more subtly, open the virtual audio cable program itself and change all the values.
Next, consider the substitution of the browser fingerprint itself, it is called Browser Fingerprint. To change this parameter, it will be enough for us to download a certain plugin for the fox - it is called
http-useragent-cleaner. Here is a direct link. Add to the browser, set and change this value in the browser settings. You can read how to work with this plugin in Google, there is enough information there.
So, these are the main meanings that can be changed and which I know about, but definitely not all detectors that exist. With such settings, it is very difficult to break through the fraud of a top US shop - for example, Walmart, Amazon or Microsoft. For when the antifraud is running in full mode, it is advisable to install a clean virtual machine before configuring the browser. It can be 7 or 10 wines, of course, English. To quickly change machines, a hard disk size of at least 250 gigabytes is required - before installing the system on the virtual machine, it is necessary to download the necessary software (plinker, BitVise, proxyfier, etc.), then configure everything for yourself and make a clean snapshot of the system.
I recommend taking under this case a fullz, punched on a credit history - since antifraud at the office, as regrettable as it may sound, is more than present. In addition, it is much more convenient, because you do not need to invent anything and take information from the sky, so that the accounts do not get lost, and the work was not in vain.
You can find very important and valuable information on how to bypass anti-fraud protection in this thread:
Антифрод защита и методы её обхода
Во всех инет шопах, принимающих креды задействован т.н. "Credit Card Fraud Detection service" (далее CCFDs). Суть его работы заключается в количественной оценке вероятности фрауда. CCFDs высчитывает т.н. Fraud Score (далее FS). с помощью формулы, основанной на известных факторах риска сделок...
carder.market
