Carding Manual V 3.0 - 2023
Contents:
Encryption part 1
lecturer: Hello everyone, today's lecture will be devoted to encryption, so we will look at all the main aspects, and also talk about encryption in general. lecturer: I would like to discuss and analyze the fundamental principles of encryption, we will study symmetric and asymmetric encryption, and also lightly touch upon concepts such as hashes, SSL, TLS, certificates, data interception using the SSLStrip utility and weaknesses associated with encryption. This is the fundamental knowledge needed to select appropriate security controls to reduce risks.
lecturer: Many of you, if you dig deeper, do not have the slightest idea about your security and privacy. They can only blindly object based on other people's opinions.
lecturer: But when it comes to security and your privacy. Only you can act as a guarantor of your safety, and no one else.
lecturer: But surely some smart guys will already ask the question: “How can I act as a guarantor of my safety if I don’t know anything about it?” lecturer: One of the principles that you must master is the principle of planning. All your actions must be clearly planned.
lecturer: But in order to plan something, you need to understand this area, and answer your questions: what is it and what is it for?!
lecturer: In general, encryption consists of two components - encryption and decryption. lecturer: With the help of encryption, 3 states of information security are ensured:
lecturer: 2. Integrity - encryption is used to prevent changes in information during transmission or storage.
lecturer: 1. Confidentiality - encryption is used to hide information from unauthorized users during transmission or storage.
lecturer: 2. Integrity - encryption is used to prevent information from being changed during transmission or storage.
lecturer: 3. Identifiability - encryption is used to authenticate the source of information and prevent the sender of information from denying the fact that the data was sent by him.
lecturer: In order to read encrypted information, the receiving side needs a key and a decoder (a device that implements the decryption algorithm).
lecturer: BTW: The idea of encryption is that an attacker, having intercepted encrypted data and not having a key to it, can neither read nor change the transmitted information.
lecturer: Let's imagine a locked door, in order to find out what is on the other side of the door we need to open it with the key to this lock.
lecturer: The same is true in the case of data encryption. Only instead of a lock we have a data encryption algorithm, and instead of a key, a secret key (password) for decrypting the data.
lecturer: Purposes of encryption
lecturer: The main purpose of encryption is used to store important information in encrypted form. lecturer: In general, encryption is used to store important information in unreliable sources and transmit it over unsecured communication channels. Such data transfer consists of two mutually inverse processes:
lecturer: 1. Before sending data over a communication line or
before storing it, it is encrypted.
lecturer: 2. To restore the original data from the encrypted ones, a decryption procedure is applied to it.
lecturer: Encryption was initially used only for the transfer of confidential information. However, subsequently they began to encrypt information in order to store it in unreliable sources. Encryption of information for the purpose of storing it is still used today, this avoids the need for physical secure storage (usb, ssd drives).
lecturer: BTW: We will look at examples of encryption methods and will clearly see the whole point, so don’t worry about it. (tomorrow)
lecturer: What encryption methods are available:
lecturer: 1. Symmetric encryption - uses the same key for both encryption and decryption.
lecturer: 2. Asymmetric encryption - uses 2 different keys: one for encryption (which is also called public), the other for decryption (called private) or vice versa.
lecturer: These methods solve certain problems and have both advantages and disadvantages.
The specific choice of the method used depends on the purposes for which the information is encrypted. lecturer: In order to make the right choice in the encryption approach, which encryption method to use where, and answer other related questions, you will need to understand what encryption is, as I said earlier.
lecturer: Based on the infographics above (link), we can clearly understand the principle of how encryption works
lecturer: — The sender sends an encrypted message: “Hello, Marfa”
lecturer: — Attackers intercept this message, but since they do not have a decryption key, they only see a set of characters: “%#&$!”
lecturer: — The recipient, having the decryption key,
can easily read the message sent by the sender in encrypted form, and he already sees the sender’s text in its original form: “Hello, Marfa” lecturer: It is not an exaggeration to say that encryption is the best tool , which is the only thing we have in our arsenal to protect against hackers and surveillance.
lecturer: According to definitions by the way
lecturer: Encryption is a method of converting data that is readable by a person, this is called plaintext, into a form that a person cannot read, and this is called ciphertext. This allows data to be stored or transmitted in unreadable form, thereby keeping it
confidential and private.
lecturer: Decryption is a method of converting ciphertext back into human-readable text. If you do a simple Google search, you will see that it says HTTPS and has a green padlock icon, which means that all content on web pages is not readable by people who monitor data transfers over the network.
lecturer: Simply put, or symmetric encryption (the encryption method means 1 out of 2 things to say) lecturer: there are two main components of encryption: lecturer: 1. The encryption algorithm is publicly known and many, many people have carefully studied it in an attempt to determine whether the algorithm is strong.
lecturer: 2. Secret key - you can imagine that the secret key is a password and it must be kept secret.
lecturer: The algorithm can be thought of as a lock, and the secret key is the key to this lock (see the infographic link above).
lecturer: In symmetric cryptosystems, the same key is used for encryption and decryption. lecturer: Based on the infographics above, let's look at an example, I want to send Marfa some file, but I don’t want any third parties to be able to view it. For clarity and ease of use, I decided to encrypt the data.
lecturer: Sectors/disks are encrypted using the same similar structure in VeraCrypt, TrueCrypt, let’s take the same as an example.
lecturer: Let's look at the screenshot above:
lecturer: 1. An encryption algorithm is a mathematical process of converting information into a string of data that looks like a random set of symbols and letters. lecturer: 2. A hash function is a transformation of input data, in our case carder-club, into an output bit string. The purpose of the function is to ensure integrity and allow unintentional modifications to be detected. lecturer: 3. AES-256 – indicates which algorithm is used (AES) and what block size (256), as we see in 7-Zip there is no possibility of detailed configuration than in VeraCrypt.
lecturer: 4. Using the entered password, your key will be generated for the selected encryption algorithm (in our case AES-256), for decryption you will need to indicate the decryption algorithm if available and enter the password in our case again carder-club lecturer: At the exit we we get an encrypted archive, which in order to unpack and obtain the information that is inside, you must enter the decryption key, in simple terms a password.
lecturer: You may have noticed that a symmetric block encryption algorithm was used for encryption - Advanced Encryption Standard (AES). lecturer: This algorithm uses only 1 key, the key is created using our password (see point 4 for clarity of the conversion)
lecturer: You can also choose what block size will be used 128 / 256 / 512 / 1024 bits, in our In this case, there were only 256 bit and 512 bit options.
lecturer: BY THE WAY: Imagine a door and many locks on it. It will take you a long time to open or close this door. Also with algorithms, the higher the bitrate, the stronger the algorithm, but the slower it encrypts and decrypts, you can consider this the strength of the algorithm.
lecturer: 256 / 512 bits is also the volume of the key space, that is, a figure indicating the total number of possible different keys that you can obtain using this encryption algorithm.
lecturer: BTW: To crack a symmetric cipher, you need to try 2^N combinations, where N is the key length. lecturer: To break symmetric encryption with a key length of 256 bits, you can create the following number of combinations, that is, possible keys: 2^256 = 1.1579209e+77 or if you expand 1.1579209e * 10^77 when calculating, you get the following number of possible variations (this is 78- digit number).
lecturer: 2^256 = 1157920892373161954235709850086879078
53269984665640
564039457584007913129639936
lecturer: If you can check this number yourself here http://kalkulyatoronlajn.ru/
lecturer: Thus, for everyone who doubts the safety of the chances of a collision of 2^256, there is a number: there is a probability that the collision will have 1 out of more than 1.1579209e*10^7= 78-bit number (the number that above)
lecturer: All this means that the key is extremely difficult to guess, even with the help of very powerful computers, but provided that you used a long and random password when generating the key. (we’ll talk about passwords in detail tomorrow)
lecturer: BTW: We’ll talk about the password separately, which one
to use, etc. Along with programs and why. In order not to clutter your brain with unnecessary information at this stage, so fill your head, now we’ll talk about everything...
lecturer: People and governments are constantly trying to crack encryption algorithms. In this article, I will give you a list of algorithms that are good and which are not, which ones are hackable, and which ones are currently unhackable.
lecturer: Symmetric encryption algorithms
lecturer: 1. Data Encryption Standard (DES) - an algorithm for symmetric encryption developed by IBM and approved by the US government in 1977 as the official US government (AFIPRS 4K6-3E). Block for DES
lecturer: 2. Triple-DES (3DES) is a symmetric block cipher created in 1978 based on the DES algorithm in order to eliminate the main drawback of the latter short key length (56 bits), which can be cracked by brute force. key
lecturer: 3. Blowfish - a cryptographic algorithm that implements block symmetric encryption with a variable key length
lecturer: 4. RC4 - stream cipher, widely used in various information security systems in computer networks (for example, in the SSL and TLS protocols, wireless network security algorithms WEP and WPA).
lecturer: 5. RC5 is a block cipher developed by Ron
Rivest from RSA Security Inc. with a variable number of rounds, block length and key length. This expands the scope of use and simplifies the transition to a stronger version of the algorithm.
lecturer: 6. RC6 is a symmetric block cryptographic algorithm, derived from the RC5 algorithm.
lecturer: 7. Advanced Encryption Standard (AES) – a symmetric block encryption algorithm (block size 128 bits, key 128/192/256 bits), adopted as an encryption standard by the US government based on the results of the AES competition. This algorithm has been well analyzed and is now widely used, as
was its predecessor KDEES.
T.COM
lecturer: Symmetric algorithms are used in most encryption systems that you use every day: HTTPS, Full disk encryption (TrueCrypt, VeraCrypt and others), File encryption (7-Zip, WinZip and others), Tor, VPN. Symmetric encryption is used almost everywhere
lecturer: BTW: Advanced Encryption Standard (AES) is a generally accepted standard for symmetric encryption. For maximum security, use AES-256 where possible. AES is fast and today it is impossible to hack it (Provided that your password is strong, this will be discussed below).
lecturer: 2nd type or method for whomever is more convenient lecturer:
Asymmetric encryption
lecturer: Very smart people invented this encryption using
public and private keys and algorithms based on the complexity of certain mathematical problems. I won't go into mathematical detail because understanding it is not necessary for your protection.
lecturer: To choose the right means of protection, you only need to have a basic understanding of algorithms and the strength of algorithms, as well as the cryptographic systems that you are going to use.
lecturer: As we know, in the symmetric encryption method one secret key is used, while in asymmetric encryption methods (or public key cryptography) one key (public) is used to encrypt information, and another (secret) is used to decrypt it
. These keys are different and cannot be derived from one another. lecturer: Let's immediately consolidate this material lecturer: The symmetric encryption method is 1-key, uses the same key for both encryption and decryption.
lecturer: Asymmetric encryption method - 2 keys open (public from the English Public) and closed (private from the English Private)
lecturer: So, we have a file for Marfa, which if you remember in the symmetric encryption section (see
Screenshot above) was encrypted using 7-Zip using the AES-256 encryption algorithm and a strong password, but how do we get the password to Marfa so she can decrypt the file?
lecturer: BY THE WAY: The best way to convey something and be sure of the delivery of information to the specified addressee is in person.
lecturer: But this is not a very good idea, since we may simply not know where the addressee is, or he may be so far away that delivering something “personally” becomes problematic, or maybe we simply need anonymity.
lecturer: Asymmetric algorithms (using public and private keys):
lecturer: 1. RSA (Rivest-Shamir-Adleman) - a cryptographic algorithm with a public key. This algorithm is very popular, one of the most common asymmetric algorithms you will see, and I will show you where to generally look for them and how to use them.
lecturer: Definition: The cryptographic strength of this algorithm is based on the complexity of factorization or decomposition of large numbers into a product of prime factors. lecturer: 2. ECC (Elliptic curve cryptosystem) is a common and increasingly popular algorithm. This is an elliptic curve cryptographic system, or ECC. The robustness of this algorithm relies on the problem of computing discrete logarithms on elliptic curves.
lecturer: 3. DH (Diffie-Hellman) – Its strength is based on the discrete logarithm problem in a finite field. Diffie-Hellman is becoming increasingly popular because it has a property called forward secrecy, which we will discuss later.
lecturer: 4. ElGamal is the El-Gamal scheme, and the cryptographic strength of this algorithm is also based on the complexity of the discrete logarithm problem in a finite field.
lecturer: DEFINITION: Cryptographic strength (the ability of a cryptographic algorithm to withstand cryptanalysis) - this algorithm is based on the complexity of factorization or decomposition of large numbers of the product of prime factors lecturer
: CSkoStilYs oXpreMdelAenRiemKsoEryaTn.COM lecturer: These asymmetric algorithms help solve the problem of key exchange or
agreement, and also allow you to create such called electronic digital signatures. So we could potentially use the public and private keys to send Marfa our private key in a secure manner, without the contents being intercepted. lecturer: BTW: Let me note again that in algorithms using public and private keys, two keys are used, and not one, as in symmetric encryption. lecturer: The difference is that in asymmetric encryption there is a public key, which is created to be known to any person, that is, it is a public key, and there is a private key, which must always kept secret and private. These keys are mathematically related and they are both generated at the same time. They must be generated simultaneously because they are mathematically related to each other. lecturer: Any website using HTTPS has a public and private key, which are used to exchange a symmetric session key to send you encrypted data. It's a bit like the Zip file we saw. They use these public/private keys and then they need to send another key, like the key we use for a Zip file, in order to perform encryption (end-to-end will be discussed later) lecturer: REMEMBER AS
OUR FATHER AND UNDERSTAND
lecturer: If You encrypt using a private key, you need a public key to decrypt
lecturer: If you encrypt using a public key, you need a private key to decrypt
lecturer: In asymmetric encryption, if a message is encrypted with the 1st key, then a 2nd key is needed to deciphering this message. If you encrypt with a private key, then you need a public key to decrypt.
lecturer: If you encrypt using a public key, then to decrypt you need a private key.
It is impossible to encrypt and decrypt with the same key, and this is extremely important. To encrypt or decrypt, you always need related keys.
lecturer: But why encrypt using a public or private key? Who cares? What's the point in using them? Why not use just one of them?
lecturer: Especially for you, I drew an infographic to simply and easily explain the usefulness of these keys and how they can be used.
lecturer: BTW: This infographic discusses
2 directions of encryption, first we will look at the green arrows, and then the red ones.
lecturer: Method 1 (green arrows)
lecturer: The method with green arrows shows that the sender encrypts using the open (public) key of the recipient, Marfa, this means that you need anonymity and confidentiality so that no one can read the message except recipient.
lecturer: IMPORTANT: Let's say you encrypt a file using the recipient's public key. The message can only be decrypted by a person who has the appropriate private key, that is, Martha's private key.
lecturer: Since we know that these keys are interconnected, we encrypt with one and decrypt with the other and nothing else.
lecturer: The recipient (Martha) cannot identify the sender of this message. Since the open
(public) key is open, it is usually posted in the public domain, and anyone can use Marfa’s open (public) key for encryption. lecturer: When the sender encrypts using the recipient's public key, the message is confidential and it can only be read by the recipient who has the private key to decrypt the message, but as I said earlier, there is no possibility of identifying the sender, unless, of course, you send it yourself any data for subsequent identification of you lecturer: 2nd method (red arrows)
lecturer: All of the above results in the 2nd method
of using open (public) and private (private) keys.
lecturer: If you encrypt with your own private key, then this means that you are interested in authentication. In this case, it is important for you that the recipient knows that it was you who sent the encrypted message. To do this, you encrypt using your private key. This gives the recipient confidence that the only person who could encrypt this data is the person who owns this private key, your private key.
lecturer: EXAMPLE: You are the creator of some software, but the government is indignant and in every possible way interferes with your activities. Let's simulate the following situation:
lecturer: Let's say I want to download this software, the hash amount of this file is indicated here, however, if the website is compromised, this means that attackers could replace this download file and add a Trojan to it or what -to spy on me, and they could also replace the checksum. lecturer: so, this hash doesn’t mean anything. It will not help detect intentional file modification. We need something else to verify that this site is, in fact, the official site of the software.
lecturer: And here we come to certificates, digital signatures and other means. All these documents are obtained as a result of cryptographic transformation of information using a private signature key and make it possible to verify the absence of distortion of information in an electronic document from the moment the signature is formed (integrity), the ownership of the signature by the owner of the signature key certificate (authorship), and in case of successful verification, confirm the fact of signing electronic document (non-repudiation)
lecturer: We'll talk about this later.. lecturer: I think tomorrow
lecturer: Encrypting data using the sender's private key is called the open message format, because anyone who has a copy of the corresponding open (public) key can decrypt the message.
lecturer: You can think of it as if you officially posted something on the Internet for public access, and
since you encrypted it with your private key, anyone can verify that it was you who left this message. Confidentiality or anonymity is not ensured in this case, but the authentication of the sender, that is, you, is ensured.
lecturer: Next. When different encryption technologies are used in combination, such as the ones we talked about earlier, since they can all be used in combination and cannot be used individually, then they are called a cryptographic system, and cryptosystems can provide you with a range of security features.
lecturer: A cryptographic system can provide you with a number of security features. Among these means: lecturer: 1. Confidentiality – the need to prevent leakage (disclosure) of any information.
lecturer: 2. Authentication is a procedure for verifying authenticity, that is, we know that Marfa is really Marfa and no one else.
lecturer: 3. Rejection prevention - which means that if you sent an encrypted message, then later you will not be able to begin to deny this fact
lecturer: 4. Reliability - the authenticity of the fact that the message has not been modified in any way lecturer: Examples of cryptosystems are any things that use encryption technologies are: PGP, BitLocker, TrueCrypt, VeraCrypt, TLS, even BitTorrent, and even 7-Zip which we used to encrypt the file in a
symmetric encryption method.
lecturer: FOR EXAMPLE: In order for us to send our file to Marfa, we can use Marfa’s public key to encrypt files, or to send anything in encrypted form.
lecturer: But first, of course, we need Marfa’s public key, we just need to get it 1 time in some secure way, this is important, and after that we can always send encrypted messages that can only be read by Marfa.
lecturer: PGP - This is a system that we can use for these purposes; it uses technology to encrypt messages, files and other information presented in electronic form
lecturer: DEFINITION: PGP (Pretty Good Privacy) is a computer program, also a library of functions, that allows you to perform encryption and digital signature operations of messages, files and other information presented in electronic form, including transparent encryption of data on storage devices, for example, on hard drive.
lecturer: For these purposes we can use Jabber + PGP or OTR, pay special attention to points 7 and 8.
lecturer: Write it down for homework lecturer: by the way, about the IP who uses it
lecturer: there will be in the article
lecturer: or in general others server they use SDN lecturer: that is, it turns out that the IP address of the resource is hidden behind the SDN, that is, you send a request
lecturer: it goes through the following chain lecturer: YOU - SDN - server IP
lecturer: that is, the SDN is an intermediary and the site is connected when you work with the domain will issue IP SDN lecturer: and there will be no connection with the toad
lecturer: But let's get back to encryption. When it comes to public-private key cryptography or asymmetric encryption, there are both strengths and weaknesses.
lecturer: Asymmetric encryption - public and private keys:
lecturer: 1. BETTER KEYS Marfa
can put her public key directly into her signature and anyone will be able to send her encrypted messages or data that only she can read.
lecturer: 2. Scalability - if you use symmetric keys and want to send your file to Marfa and, say, 10 other people, you will have to transfer your password 10 times. It's not scalable at all.
Asymmetric algorithms have better scalability than symmetric systems. lecturer: 3. Authentication, refusal prevention - this means that if you sent an encrypted message, then later you will not be able to start denying this fact. Since
it was encrypted with your personal private key, your private key
lecturer: 4. Slow - if you look at the length of the message in bits (see screenshot below) after asymmetric algorithms work, you will notice that it is much longer than encryption algorithms with symmetric keys, and this is a testament to how much slower they are.
lecturer: 5. Mathematically intensive - The greater the length in bits, the greater the number of mathematical operations, and, consequently, the greater the load on the system. lecturer: Symmetric encryption - private key:
lecturer: 1. Fast - if you look at the message length in bits (see screenshot below) after symmetric algorithms work, you will notice that it is much smaller than encryption algorithms with asymmetric keys, and this is evidence of how much faster they are. lecturer: 2. Reliable - Look at what was described above about AES-256 where there was a calculation of the number 2^256 and see for yourself, but there are also 384 / 512 / 1024 and more .. lecturer: For a clear demonstration, look at this screenshot below
lecturer : In order to secure the material, let's return to the analogy with the number of locks on the door. With public and private keys, there are many, many locks on the door, so encryption and decryption take much
longer. This is a large amount of mathematical operations for the central processor, which is why there are hybrid systems, or hybrid cryptographic systems.
lecturer: Public and private keys are used to exchange agreement keys, and we use symmetric algorithms like AES to encrypt data, thereby extracting maximum benefits.
HTTPS, which uses the TLS and SSL protocols, is an example of this type of hybrid system, as is PGP.
Encryption part 2
lecturer: Let's now talk in more detail about what encryption consists of in general; we've completed a short introductory course, let's go deeper into what the hash itself is, etc. lecturer: Hashing
lecturer: Hashing is the transformation of an array of input data of arbitrary length into an (output) bit string of a fixed length, performed by a specific algorithm. The function that implements the algorithm and performs the transformation is called a
“hash function” or “convolution function.” The original data is called the input array, "key" or
"message".
The result of the transformation (output) is called
"hash", "hash code", "hash sum", "message summary".
lecturer: Let's look at the image, we see here: lecturer: 1. Input data
lecturer: 2. Algorithm or hashing function
lecturer: 3. Output data The resulting output data, which always has a fixed size. lecturer: The hash function accepts input data of any size. This can be an e-mail, a file, a word, in our case it is the phrase “Hello, carder-club”, and the data is converted using a hash function into the following form: 732b01dfbfc088bf6e958b0d2d6f1482a3c35c7437b798f deb6e77
c78d84ccb1
lecturer: For better assimilation and analysis of the material, let's move away from dry text and make a visual demonstration
lecturer: As we can see from the animated GIF above, our input data is converted using a hashing algorithm, namely SHA-256, into fixed-size output data.
lecturer: Explanation: As we see, when we change our input data by adding “=)”, our output data has a different form, since in the bit equivalent the multiplier has changed. Consequently, the very meaning of the output data has changed. When returning to the original input data, the value again had its original form.
lecturer: You can imagine this as an example: lecturer: 1. "Hello, carder-club" = 5
lecturer: 2. "Hello, carder-club =)" = 7
lecturer: 3. "Hello, carder-club" = 5
lecturer: The hashing algorithm itself is the second arbitrary multiplier, let it be 2, then: lecturer: 1. 2*5=10
lecturer: 2. 2*7=14
lecturer: 3. 2*5=10
lecturer: Same with hash, only the hashing algorithm has more complex mathematical operations than I gave, if you need a specific conversion formula used in the algorithm, look at Wikipedia.
lecturer: An important feature of the hash function is that you cannot convert from a hash back to the original input data. This is a one-way hash function and does not require keys.
lecturer: For example, again look at our gif that I gave earlier
lecturer: Hello, carder-club > SHA-256 > 732b01dfbfc088bf6e9 58b0d2d6f1482a3c35c7437b798fdeb6e77 c78d84ccb1
lecturer: As we can see, we only used input data, not any keys involved and then got the resulting output, which is always a fixed size depending on the kind of function you are using. lecturer: This ensures integrity and allows you to detect unintentional modifications. This does not
provide confidentiality, authentication, or detection of intentional modification.
lecturer: BTW: There are many examples of hash functions: MD2, MD4, MD5, HAVAL, SHA, SHA-1, SHA-256, SHA-384, SHA-
512, Tiger and so on.
lecturer: WHAT TO USE: Nowadays, if you are choosing a cryptographic system, you should use SHA-256 and higher, I mean SHA-384 and SHA-512 and so on.
lecturer: To make it easier to understand the material, let’s move away from the dry text and simulate the situation
lecturer: Let’s say you were given the task of downloading the Windows 7 Home Premium x64bit operating system for training lecturer: We know that this operating system comes from the developer Microsoft, then we go to the search and make the following search query:
lecturer: site:microsoft.com Windows 7 Home Premium hash
lecturer: Site operator: This operator limits the search to a specific domain or site. That is, if we make a request: site:microsoft.com Windows 7 Home Premium hash, then the results will be obtained from pages containing the words
“Windows”, “7”, “Home”, “Premium” and “hash” on the
site “ microsoft.com" and not on other parts of the Internet.
lecturer: This information is also key for searching for shops using operators in search engines; to study in more detail information on how to search using operators in Google, use this article - https://habrahabr.ru/sandbox/46956/
lecturer: As we can see from the GIF above, I easily found the hash sum of the Windows 7 Home Premium 64bit operating system on the official Microsoft website lecturer
: Here it is - SHA1 Hash value: 6C9058389C1E2E5122B7C933275F963EDF1C07B9
lecturer: In general, I would recommend finding hash sums and starting the search from 256 and above, but on the off site there was only this amount, so I’ll take what
the lecturer has: Next, we need to find a file that corresponds to this hash amount, for this we also use the Google search engine and operators like searching with using operators and what it is link above. lecturer: inurl:download "6C9058389C1E2E5122B7C933275F963EDF1C07B9"
lecturer: After you download this file, using our hash sum you can make sure that this file has not been changed, i.e. he has integrity.
lecturer: There are tools that you can download to do this. https://en.wikipedia.org/wiki/Comparison_of_file_verification_s
oftware
lecturer: One of such tools is Quick Hash (https://quickhash-gui.org), and I will show with an example how to verify hash sums and make sure in the integrity of the information received.
lecturer: As we can see, the hash sum of the downloaded file corresponds to the hash sum given to us from the official Microsoft website.
lecturer: I will also attach below information on other hash sums of this file
лектор: MD5: DA319B5826162829C436306BEBEA7F0F
лектор: SHA-1: 6C9058389C1E2E5122B7C933275F963EDF1C07B9
лектор: SHA-256: C10A9DA74A34E3AB57446CDDD7A0F825D526DA78D979 6D442DB5022C33E3CB7F
лектор: SHA-512: E0CB678BF9577C70F33EDDC0221BC44ACD5ABD4938567 B92DC31939B814E72D01FAC882870AB0834395F1A77C2C D5856FD88D2B05FBE1D1D9CCE9713C1D8AB73
лектор: Вы можете заметить, что с увеличением этих цифр в алгоритме хеширования, длина хеша становится все больше, since it is the length in bits. SHA-1 is short, 256, 512 and MD5, which is weak and should not be used at all. So this is a way of confirming that the file you downloaded has maintained its
integrity.
lecturer: Some of you are probably wondering: “What if the file I’m about to download is already compromised?” Let's say we have a website (https://www.veracrypt.fr) for VeraCrypt software (https://ru.wikipedia.org/wiki/VeraCrypt).
lecturer: And I want to download VeraCrypt, the site has hash sums of files encoded SHA-256 and SHA-512
lecturer: SHA-256: 6cff2cce52eb97321b1696f82e9ccefa7c8032 8d91c49bf10b49e38 97677896e VeraCrypt Setup 1. 21.exe lecturer: SHA-512: 5c68a5a14fa22ee30eb51bc7d3fd35207f58e efb8da492f338c6dac 54f68133885c47fa2b172d87836142c75d 838dac782b9faca406a 2ffb885 4cc7d93f8b359 VeraCrypt Setup 1.21.exe
lecturer: However, there is one “BUT”, if the website was compromised, this means that attackers could replace this download file and add something to it, a Trojan or something for surveillance, and they could also replace the checksum as well.
lecturer: Therefore, it turns out that the hash means nothing, that is, it cannot detect intentional modification of the file. And we need something else to make sure that the software actually comes from the developer. That the VeraCrypt website
is the official VeraCrypt website, etc.
lecturer: And here we come to certificates, digital signatures and other means that we will now analyze, but for now let’s touch on the important essence of hashing. lecturer: I don’t want to copy, etc. since here it will be important
to convey everything in color,
the lecturer:
lecturer:
lecturer: Now let's talk about Digital Signatures lecturer: So let's go back again to our VeraCrypt, how to find out that the site is really official and the software comes from the developer. lecturer: A simple and rather tricky way to find
the official website is to find the software in Wikipedia and then follow the link to the official website of the software.
lecturer: However, we can also click on the entire lock and there see the certificate that it was issued lecturer: https://puu.sh/xQAFM/e687c816ce.png
lecturer: A digital signature is a hash value. It is the result of a fixed-size hash function that is encrypted with the sender's private key to create a digital signature or signed message.
lecturer: From a technical point of view, a digital signature is a mark confirming the person who signed the message. This is the issuance of a guarantee for an object that was signed with its help.
lecturer: For clarity, what a digital signature is, open the screenshot (https://puu.sh/xQAFM/e687c816ce.png) and look at Signing
lecturer: Signing: What you can see in the infographic above, but based on our file which
we analyze
the lecturer: Hash algorithm > Hash value ( 6cff2cce5 2eb97321b1696f82e9ccefa7c80328d91c49bf10b49e38 97677896e ) > Private key ( see Asymmetric encryption ) = Digital signature lecturer: If the encryption object is signed with a
digital signature, then authentication is ensured because the object is encrypted using a private key, which is used to encrypt Only the owner of this private key can. This is authentication.
lecturer: It makes it impossible to renounce authorship, since, I repeat, the sender’s private key is used. And it provides integrity because we are hashing.
lecturer: A digital signature can be used, for example, in software. Can
be used for drivers within your operating system. Can be used for certificates and confirm that signed objects originate from the person specified in the certificate, and that the integrity of the data of these objects has been preserved, that is, they have not undergone any changes.
lecturer: How can you make sure that the file really
comes from the developer, in our case VeraCrypt, that is, in case of fraud, etc. you could say with 100% certainty that I used your software, and it was signed with your digital signature.
lecturer: https://puu.sh/xQB20/5166e3d0c8.gif - usually the certificate is checked automatically and you probably have a lecturer: After looking at the gif, open the screenshot ( https://puu.sh/xQB5Y/c840f4670d.png ) lecturer: What do we see here? The certificate was issued: to whom - IDRIX SARL, by whom - GlobalSign. So, GlobalSign is the company whose private key was used to
digitally sign this program. GlobalSign says:
"This software is legitimate and has not been modified." It says: "A certificate is intended to certify that the software comes from the software developer, the software is protected from modification after it is released." To find out
whether this is a valid digital signature or not, we
need to reverse the original process.
lecturer: That is, we open our screenshot again ( https://puu.sh/xQAFM/e687c816ce.png )
lecturer: Check: What you can see in the infographic above, but based on our file, which we parse
lecturer: Signed message > Public key (this is a file in .asc format and usually looks like this - https://www.idrix.fr/VeraCrypt/VeraCrypt_PGP_public_key.asc
, private key looks the same) = Hash value, that is, it should be 6cff2cce52eb97321b1696f8 2e9ccefa7c80328d91c49bf10b 49e38 97677896e
lecturer: After which this hash value will need to be checked with the specified hash, that is, we open the
QuickHash program there, run our file and in the algorithm in which it is presented to us, everything should match, if it does not match, then the file itself has been changed, and there may be a Trojan, or something for wiretapping us, or something else bad
lecturer: SHA-256: 6cff2cce52eb97321b1696f82e9ccefa7c8032 8d91c49bf10b49e38 97677896e VeraCrypt Setup 1.21.exe lecturer: I checked the received hash (https://puu.sh/xQBAz/8905455dd7.png) and as we can see in the screenshot they are identical, therefore the files are legitimate and correspond to the digital signature of the developer, and this file definitely comes from him.
lecturer: And if this software infects your computer with WannaCry or some other bad virus, it will be guilty.
lecturer: For example, this is how you, as a child, would argue that you didn’t eat the candy, and your mother shoves evidence in your face, for example, a video recording and says, I have everything recorded, look here. And no matter how you get away with it, that’s what a digital signature does.
lecturer: Read it several times if you don’t understand, and try to understand this point is really important lecturer: And what we saw directly in this screenshot (https://puu.sh/xQAFM/e687c816ce.png)
lecturer: This is what Windows checks the certificate is authentic, then that such a certificate is really registered with such a number is all that matters.
lecturer: Let's make an analogy to understand what
Windows does when it writes these lines (https://puu.sh/xQBLa/604166ab6c.png) in the certificate lecturer: You came to the bank with counterfeit money, and they check the money through special solutions or devices, and then bam and the paint is washed off, or the watermarks do not show through and you are told that your bills do not match and it is a fake, the same with Windows.
lecturer: That is, if someone else rewrote all
the certificate data and made a copy of the certificate for signing, with such data, then it would not correspond to
reality, well - this is a more complex topic, but actually I think it’s clear.
lecturer: And if verification fails, you usually see this warning (https://puu.sh/xQC61/ef80678f6b.png)
lecturer: This means that the file does not have a digital signature or Windows (remember the employee bank) does not trust this digital signature (and in the case of a bank employee, he does not trust it on your banknote), you can check it using the method I described above (and a bank employee, well, can also check it on his machine or by applying solutions there).
lecturer: In Linux, everything is simple with this, since you can’t just install proprietary software, since all software is usually installed from official repositories, where all checks are carried out. In more detail, what a repository is and other points can be found out here
lecturer: you can take it as homemade task for studying lecturer: etc.
lecturer: take a note for yourself
lecturer: Let's go through this material again, because I'm sure some may find all this quite difficult to understand.
lecturer: https://puu.sh/xQAFM/e687c816ce.png - watch signing
lecturer: So, the hash value (of the program itself, that is, if the guy himself ran it through QuciHash), which was encrypted using the private key (his personal key, his personal fingerprint, so to speak, on the network) of the sender or software release. This is a digital signature. lecturer: This provides authentication,
non-repudiation and integrity. And if you encrypt something and digitally sign it, you can achieve confidentiality along with authentication, non-repudiation and integrity. lecturer: Digital signatures certify that a program
or something else came from a specific person or publisher, and they protect the software or messages from being modified after they have been published or sent.
lecturer: At this point, I think we have figured out digital signatures.
lecturer: Let's now move on to End-to-End encryption (E2EE)
lecturer: End-to-end encryption is that the data is encrypted by the sender and decrypted only by the recipient. If you want to avoid tracking, mass surveillance, hackers, and so on, then this is the type of encryption you need for the transmitted data. lecturer: Examples of end-to-end encryption technology are things like PGP, S/MIME, OTR, which stands for “off the record”, ZRTP, which stands for Z in the RTP protocol , as well as SSL and TLS, implemented correctly, can all be used as
end-to-end encryption.
lecturer: Companies that develop software that uses end-to-end encryption and zero-knowledge systems cannot disclose the details of data exchange to your enemies, even under duress, even if they themselves wanted to. This is the benefit of end-to-end zero-knowledge encryption.
lecturer: End-to-end encryption provides protection during
data transmission, but it is obvious that it cannot protect the data after it is received. Next, you need another protection mechanism. Use end-to-end encryption wherever possible.
lecturer: The use of secure HTTPS on all websites is becoming increasingly necessary, regardless of the types of data being transferred.
lecturer: Let me show you what END-TO-END encryption is using an example with websites
lecturer: This is a digital certificate, the same as a digital signature, there are a number of differences, there are certificate authorities, etc. you usually don’t come across this, I won’t describe it, for those interested, google “Key and HTTPS Certification Authorities” and “Digital Certificates”
lecturer: A green padlock in the URL or HTTPS means that your Internet provider or, say, the government, they can only track the target domain. What does it mean? lecturer: Let’s say there is an attacker between us and Google, similar to the case of transmitting the message in the infographic above. He won't be able to find out what exactly I was looking for, because this is end-to-end encryption between my browser and the server.
lecturer: Let's take a visual example and
see what the provider can find out about us lecturer: To begin with, we will use an example of an unencrypted connection using an HTTP connection.
lecturer: HTTP, HyperText Transfer Protocol is a widely used data transfer protocol, originally intended for transferring hypertext documents
(that is, when you click on a word in an article, go to another web page).
lecturer: By default, the HTTP protocol uses TCP port 80.
lecturer: For the screenshots below, I will use the network traffic analysis program WireShark.
lecturer: For the experiment, I took a site based on the HTTP protocol uznayvse.ru after I click on the link, the request from the site will be displayed in the WireShark program window under the number 1-n, but let's immediately look at what each program window is responsible for for better assimilation of the material .
lecturer: 1. This area is called Packet List - in it you can see with which server data is being exchanged, the protocol that is used and general information about frames.
lecturer: 2. The next area is called Packet Details - it displays the details of the packages that were selected in the Packet List.
lecturer: 3. And the last area is called Packet Bite - it displays the 16th display of this packet, the offset is also displayed in the form of an ask, and also if we right-click on
this area we can see how all this will be smoothed out in bits. lecturer: This is what happens when you click on a link, all traffic data is immediately filtered
lecturer: Let's look at the received packets in more detail and learn clearly about surveillance, analysis, etc.
lecturer: 1. Forwarded packets using our filter lecturer: 2. Target domain, that is, the main page of the site without any heresy after the slash “/” lecturer
: 3. User agent, that is, browser settings, operating system version and other parameters..
lecturer: 4. Referer - indicates from which page we came to this page since we came from a protected page, there were many packets with redirection, in the end we referred to ourselves from the same page, if for example I came from the main page page of the site for this one, the referrer would be the main page of the site. (see the screenshot below with an explanation to fully understand the meaning).
lecturer: 5. Cookies, or session) Here is your password) You can log in under your logged-in session and rummage around) from a logged-in user, that is, you lecturer: BY THE WAY: If you think that this is the
ceiling of what this software can do, then I’m afraid to upset you just the tip of the iceberg
lecturer: 6. Well, this is the final page where we are
lecturer: BY THE WAY: If you think that this is the ceiling of what this
software can do, then I’m afraid to upset you, this is just the tip of the iceberg
lecturer: So that after reading you don’t There were still doubts, I decided to sort out these points by moving from one page of the website to another, and as we can see:
lecturer: 1. Refer - indicates the previous page
that we analyzed, from which we came to this page
lecturer: 2. Which page are we on? We are now lecturer: As we see, the HTTP protocol itself does not
imply the use of encryption for information. However, there is a common extension for HTTP, Mtransmit, which implements the packaging of transmitted data in the cryptographic protocol SSL or TLS. lecturer: The name of this extension is HTTPS (HyperText Transfer Protocol Secure). For HTTPS connections, TCP port 443 is typically used. HTTPS is widely used to protect information from interception, and also typically provides protection against man-in-the-middle attacks - if the certificate is verified on the client, and however, the certificate's private key was not compromised, the user did not confirm the use of an unsigned certificate, and no attacker's CA certificates were injected into the user's computer. lecturer: 1. Google - uses a secure HTTPS connection protocol lecturer: 2. Data request package using a secure HTTPS protocol lecturer: 3. As we see in the details of the package, we only have Encrypted Application Data: 0000000000000016eec0818f25b5eb9bd4690883155a74b6...
lecturer: no other information and information about what is contained on
a web page or where a person is located we do not have
lecturer: 4. Since we have number 2 the IP address with which server packets are exchanged, we look at what kind of IP address it is and Based on the received data, we can conclude that the person is on the Google landing page.
lecturer: Essentially, using HTTPS is safe and as I said earlier that: Companies that develop software that uses end-to-end encryption and zero-knowledge systems cannot disclose the details of the data exchange to your enemies, even under duress, even if they wanted it themselves. This is the benefit of end-to-end zero-knowledge encryption.
lecturer: SSLStrip - HTTPS removal
lecturer: But also based on this, there are attacks to remove SSL, let's quickly figure out what it is??
lecturer: Any attacker who can position himself between the source and destination of traffic, in our case a COMPUTER and a SERVER, then this attacker can perform an attack of the type “Man in the middle” (Russian “Man in the middle”). One such attack, which requires very little skill and resources, is called SSL stripping. The attacker acts as a proxy here and replaces encrypted HTTPS connections with HTTP connections.
lecturer: Let's open the screenshot and see what it
is https://puu.sh/xQFWy/edbaf90d7a.png
lecturer: 1. How we look at the same way as we send a request from http
lecturer: 2. It goes through SSLStrip and does not change,
The lecturer also goes further: 3. The server sees that you came using an insecure protocol without encryption and changes it to a secure one using encryption, that is, HTTPS (that is, a 301 or 302 redirect is made - this is configured on the server) lecturer: 4. SSLStrip
sees that the server sent you a request in HTTPS (see point 3) and automatically also changes it to insecure, that is, to HTTP, thereby removing TLS encryption lecturer
: SSLStrip here proxies the response from the web server, imitating your browser, and sends you back HTTP -
version of the site. The server will never notice the differences. lecturer: Since the server thinks that you are communicating using the secure HTTPS protocol, since it does not see that the attacker ( SSLStrip ) has changed the protocol for you to an insecure one
lecturer: And what you will see is that it will be almost indistinguishable from the genuine site. Let me show you what the website should look like.
lecturer: https://puu.sh/xQHeu/014bf0515b.png
lecturer: 1. We see a secure version, that is, with end-to-end encryption
lecturer: 2. Now I have performed HTTPS-stripping (SSL stripping
- SSLStrip). And this is what the version of the site looks like after the attack. lecturer: As you can see, the difference is that you now do not have HTTPS and most people will not notice this difference. And like I said, the server will never notice that anything is wrong because it's talking to a proxy that behaves exactly the same way you would. lecturer:
lecturer: I advise you to read this with color
lecturer:
— Part 1 MITM. How
is a MITM attack carried out?
lecturer:
— Part 2 MITM.
We attack the network using MITM methods
lecturer: write it down in parts for your homework lecturer: also look at it, etc.
lecturer: you can delve deeper into this issue
lecturer: What can I say as an EPILOGUE
lecturer: I think that we have discussed a lot about encryption, the only thing I did not have time to analyze is what I wrote above, that we did not discuss this option with PGP, OTR , ZRTP, OMAXA, you can read about such protocols on Google or ask me, I will give you information if you need it.
lecturer: Well, with pgp and otr, I think everything is clear
lecturer: for zrpp this is voice communication and Omaha this is a new type of encryption from the OTP series only with its own goodies lecturer: from offline messages, encryption of conference chats, etc.
lecturer: Encryption is a fantastic tool for privacy, security and anonymity, it is a tool that really works and attackers (hackers) will try to avoid it.
lecturer: In simple words... No fool would make a direct attack on encryption.
lecturer: As they say, a smart person won’t climb a mountain, a smart person will go around a mountain. And you should keep this in mind. And all they can do is find weak points.
lecturer: Remember the case with Ross Ulbricht, the creator of
the Silk Road, he was caught in a captcha. That is, on simple trifles, since people forget about the most important thing, namely the simplest things... Basics, so to speak.
lecturer: That is, no one will ever brute your passwords, etc. It’s much easier for them to install a keylogger on your system, or send you a link to a site with an
infected JS script and carry out an attack, or a PDF file, etc.
lecturer: But as I said, no one will ever want to break encryption. Attackers will simply try to bypass the encryption. You should keep this in mind.
lecturer: Security is the so-called weak link phenomenon. She is only as strong as the weakest link in the chain. Strong encryption is often a strong point.
lecturer: We human creatures are usually the weak link. As they say, my tongue is my enemy
Introduction to security based on *unix-like systems
lecturer: Introduction to security
lecturer: I will try to explain in simple language how you can theoretically be hacked. I will do without complex terms for ordinary users of the lecture. I will also give you a colorful idea of hacking an operating system, and more advanced users will read between the lines the technical information.
lecturer: I believe that the user of any operating system, and even more so those who are associated with it at work, need to understand that professional viruses are not an executable file that has been renamed into a document and asks you to run (stiller or warrior). And blocking macros will not always prevent an attacker from executing code on your system.
lecturer: I myself use various operating systems, from
Windows to Linux, and have long been no longer a supporter of such holivars, which I will analyze a little later using the example of MacBooks).
lecturer: I work on Linux, but sometimes I use Windows. Next there will probably be a lot of negativity about Linux, but it is not associated with any fanatical beliefs, I just want to tell you objectively and convince you that it doesn’t matter what operating system you use, you can be hacked anywhere.
lecturer: Remember my words with which I concluded the articles on Encryption, namely in the Epilogue...
lecturer: Security is the so-called weak link phenomenon. She is only as strong as the weakest link in the chain. Strong encryption is often a strong link.
lecturer: We human creatures are usually the weak link. As they say, my tongue is my enemy. lecturer: Your choice of operating system matters for your security, privacy and anonymity.
Different operating systems suit different needs.
lecturer: For example, in order to draw graphics for you, I need to switch from Linux to Windows because I need Photoshop and other graphic editors, we’ll talk about this later. But I think the main message of the information is clear.
lecturer: The purpose of this section is to help you understand this difficult situation. Answer the questions: which operating system suits your requirements based on the risks and what you want to use it for, for a specific situation, for specific requirements. lecturer: It’s like in school, teaching you how to navigate the area, it’s exactly the same here, since your paranoia will not bring you any good. After all, without knowledge you can only make things worse..
lecturer: Message and clarity
lecturer: Let's talk about our choice of operating system and how it affects your security, because the operating system is the real basis of your security.
lecturer: There are many misconceptions when it comes to operating systems and security. You've probably heard, for example, that MacBooks cannot be infected
lecturer: Also, a lot of people constantly discuss how leaky the Windows operating system is, you can talk about for years, but I wonder how safe Linux is?
lecturer: And there are people, let's call them the Linux camp, who believe that Linux is the best operating system. If you ask Linux lovers if you have an antivirus, the answer will only be laughter.
lecturer: The argument is this: Linux was created by professionals, and everything there is protected by default (standard). So we put our beloved dog on Ubuntu and you don’t have to worry about its data.
lecturer: In general, there are two things that are infinite, the universe and fools. Everything is clear with the universe, but what about the latter? Here's how to explain to various Windows users that they can't work without antivirus protection? How can we explain to the creators of MEGA Information Protection Systems (antiviruses in common parlance) that it is impossible to protect against hacking using an access matrix (this is when they block the reading or writing of some files, that is, access control) and that hacking is not always: “Threat detected: Autorun
process .exe is trying
to write to the system registry branch."
lecturer: Your security looks good only in theory. Let's say you are the same Ubuntu user, you install this OS on the PC of your beloved dog Bob. Then many argue the following - if Bob receives a message myDocument.docx by email, then even if it turns out to be an executable file, and he runs it according to the instructions, nothing will happen - after all, for most actions you need the root password (administrator password in the sense). Are you seriously? Are you defending yourself from the invasion of junior school representatives? Or is it from criminals who are members of criminal gangs, control large financial flows and simply mow down the money for their brothers?
lecturer: This is a reference to those users who
use and blindly believe in Information Security Tools (IPS) or those courses that were taught to them in textbooks on Information Security (IS).
lecturer: A long time ago, when Linux was just in its infancy, the majority of its users were professionals. But over time, distribution kits that were convenient for the average user appeared and the number of housewife users began to grow. What does any housewife do? That’s right, he makes online payments, and where the money is, a swarm of various rabble flock there like bees to honey, who want to improve their finances free of charge. 90% of housewives use Windows - and viruses are developed for this operating system, and only 20-30% of housewives switch to Linux, then large amounts of money will immediately be poured into the development of malware. And reports from antivirus companies show a slow but increasing number of such programs.
lecturer: Ok, let's go back to Bob, there is only one reason not to
worry about your security - developing a Trojan for his OS is unprofitable. But this is not economically profitable; the potential income of the attackers will be less than the costs. How long this will continue is a big question.
lecturer: But still, technically, how possible is it that Bob will be hacked and the data will be stolen? If Bob’s security strong point is that no one needs him and viruses have not yet been written for his OS, then this is a game of Russian roulette. lecturer: Alice, Bob's friend, knows that Bob has a tidy sum of coins in his account (BEETHOVEN) ) )), the key is on Pinocchio's PC, and together with Pinocchio they decided to figure it out for two. What they need for this:
a small start-up capital, Pinocchio’s direct hands and a little courage.
lecturer: Alice knows that Bob uses Ubuntu 14 LTS. How does Bob imagine the hacking process? He, like most users, believes that Alice will send him a file with an attachment by email, which he will be asked to run, and since he considers himself a PC specialist and he will not run the file, then of course his data is safe!
lecturer: Multi-step from Pedro
lecturer: Then Alice goes to some nameless and shadow resource and buys from Pedro a vulnerability to Bob’s favorite browser for the Nth amount of evergreens. Pedro not only provides Alice with technical information about the vulnerability, but also sends Buratino (Alice’s accomplice) an example of how to run it.
lecturer:
lecturer: The vulnerability that Alice gets is a zero-day vulnerability in the Google Chrome browser. For example, open holes CVE-2015-1233 or
CVE-2014-3177, CVE-2014-3176, CVE-2013-6658 (see
screenshots above) and how many of them have not yet been closed and are known only in limited circles is a big question . (we'll look at it in more detail a little later).
lecturer: see the link above (screenshots where) lecturer: As can be seen from the description of the vulnerabilities (see
screenshots above), Alice can execute code in the context of a process and it will work not only in Windows, but
also in Linux and Mac OS. The vulnerabilities are taken randomly as examples. Once again, these are BROWSER vulnerabilities.
lecturer: Pinocchio composes a script (JS - Java Script) and writes shell code there (a set of lines that are written on the command line), which should be executed on the target system - Bob's PC. To do this, he needs to somehow pass the link. Alice and Pinocchio immediately rejected the first option with mail - Bob is a cautious user and does not open links from mail. Then they decided to improvise a little. They know that Bob is an ordinary person and does not suffer from paranoia... Okay, in short, it’s not the point, for simplicity Bob, he just followed the link - Alice persuaded him, a gasket was created there, or some other crap is not important
. OM
lecturer: After Bob visited the link, in the context of his browser process, a small code that Pinocchio wrote was executed - literally a few commands, which subsequently downloaded the body of the virus and went into its execution. But how? Bob is sure that Alice is just showing him her photos, no files are loaded onto the disk, there are no warnings, and no one asks for root passwords.
lecturer: Increasing privileges
lecturer: After Pinocchio’s development began executing its first instructions on Bob’s processor, the question became, what to do next? In Bob’s theory, even if an infection occurs, nothing will happen to him; Bob
has set a complex password for root access, and
he will not suddenly enter it at any cost.
lecturer: Buratino and Alice foresaw this question and solved it in advance. The same Pedro told them that he had a couple of zero-day vulnerabilities in the Linux kernel, similar to the recent vulnerabilities in the kernel versions 3.17 and 3.14 - CVE-2014-9322, CVE-2014-3153.
lecturer: After reading the description of the vulnerabilities, Pinocchio realized that they would allow him to execute code in the context of Bob’s OS kernel. And all he needs is for his malicious application to take advantage of these fresh holes and execute the code in ring-0.
lecturer: While unsuspecting Bob is looking at Alice’s photographs, Pinocchio’s code has already seriously invaded the vastness of his system and neither the antivirus (there is simply none) nor anything else can even display a message about the intrusion. Since Pinocchio decided not to stop there, he moved on. Once at the lowest level of Bob's OS, in which only trusted code is supposed to be executed, Pinocchio began searching for the file that is responsible for starting the OS. Once Pinocchio's software finds this file, it modifies it so that when Bob's PC is rebooted, Pinocchio's code will continue to run.
lecturer: Rootkit (in Russian, “rootkit”) is a program or set of programs for hiding traces of the presence of an attacker or malicious program in the system.
lecturer: And so Buratino and Alice got access to Buratino’s PC running Linux OS, but how could they hide their
presence? Bob is not a fool and will check the integrity of the OS system files every 5 minutes. To do this, Pinocchio decided that they would rewrite the code of the operating system itself, which was loaded into the memory of Bob’s PC, but how? After all, if the same actions are carried out on Windows OS, then one small system component will detect this and forcefully restart the PC.
lecturer: Bob is not worried about his safety - after all,
even if the attacker’s code is executed in the kernel, then in the latest versions of the Linux kernel, system memory areas are write-protected. Even if Pinocchio tries to rewrite the OS code into RAM, the processor will generate an error and the PC will reboot.
lecturer: Then Pinocchio opened the documentation for the processor that is on Bob’s PC and began to study... He knows that the architecture of Bob’s processor is x86, but what does this give? After all, the pages it needs in the kernel are write-protected. Then Pinocchio drew attention to the cr0 register - a small memory block that stores the data with which the processor works. What will happen if I set the 16th bit to zero, quickly overwrite the necessary kernel methods and immediately restore the register - Buratino thought. And so he did, as it turned out, if you reset this bit to zero, the write protection can be temporarily disabled.
lecturer: Thus, Pinocchio gained full control over Bob’s OS, and the vulnerability was later found and fixed, but the program code that was embedded in Bob’s OS in this way could no longer be detected. Minute control
integrity shows that not a single file in the system has been changed - the Pinocchio program simply replaces it when reading it. There are no new processes - the malicious process is simply hidden, and while on another OS there are solutions that have been detecting such techniques for a long time, there is no such thing under Bob’s OS.
lecturer: In general, the conclusion is that Alice and Pinocchio took pity on Bob... and deleted all his files. Oh well, seriously, never be so fanatically confident in anything. I tried to present the essence of the problem in a simple manner and without technical terms.
lecturer: Epilogue
lecturer: I wanted to show simple principles with this simple story. As all this happens, it is necessary to clearly separate virtualization and use, because virtualization is another large-scale thing in your security options. We will return to this later. lecturer: That is, do not try to surf any resources on your PC, open suspicious links and download some unnecessary software, and it’s not clear from where, carefully approach your security issues regarding JS and enable it on trusted resources and much more other.
lecturer: But as I promised earlier, I will not give you nightmares.
Typically, such vulnerabilities cost a lot of money, and the fact that you will be hacked decreases, despite the fact that they will be interested in you, the probability is extremely low.
lecturer: Risk assessment
lecturer: In this part of the article, I would like to visually make some kind of risk assessment based on these points, so that you can also do it yourself. without any special skills, purely by your logic. It’s not for nothing that in the previous article we abstracted and analyzed vulnerabilities, penetration modeling and other issues.
lecturer: But why do you ask... Why did I tell you
about this now, because it’s not only security measures that matter. We worry about what our actual risk is in the real world, and to determine that we also need to take into account the history of bugs and security vulnerabilities. Just how weak was this particular operating system? Perhaps you are interested in the question, which operating system will we consider the weakest?
Windows, OS X or various Linux systems, perhaps
the Linux kernel, which has been the most vulnerable in history? lecturer: https://www.cvedetails.comis a free database/source of information about CVE vulnerabilities (This is a generally accepted standard for naming vulnerabilities present in commercial and open-source software products). You can view information about vulnerabilities by CVE number, exploits, links to vulnerabilities, metasploit modules, a complete list of vulnerable products and cvss assessment reports and top vulnerabilities over time and much more.
lecturer: Let's try to work with this site.
To begin, we will go to this page of the site - https://www.cvedetails.com/top-50-products.php - here is the list: “Top 50 products by total number of vulnerable vulnerabilities” (from 1999 to the present) .
lecturer: And as we can see, on the first line we have the Linux Kernel - speaking in Russian. This is the Linux Kernel, as we see it ranks first in quantity.. And you probably ask what the hell? Linux, you should be the standard.
lecturer: Okay, let's figure it out! The numbers shown in the right column are the number of vulnerabilities found in a particular operating system or application.
lecturer:
lecturer:
lecturer: There is a difference of 3 months between the data in the screenshots lecturer: Let's go to the very bottom of the web page. We see there the following “Total number of vulnerabilities in 50 products by manufacturer” (see screenshots above). lecturer: And as we can see, Linux no longer occupies the first line, but you tell me that Windows (Microsoft) is constantly updated, and it has a lot of products on the
Office market and other programs, and Apple has different versions of the operating system and there too its own nuances.. lecturer: Yes, that’s right. You will all be right, but Linux also has a lot of things... Let's take a closer look at the specifics of this use.
lecturer: I want to teach you independent analysis. And
it’s best to teach at least the basics, just so that you start thinking with your own head, and not with the head of some hacker school who are now divorced and who want to sell something without knowing the niche itself and in many ways that follow from it.
lecturer: Okay, let’s not get too abstract, it’s better to look at everything in reality, and then I think you will all understand what I want to tell you about.
lecturer: Go to the page https://www.cvedetails.com/vendor.php?vendor_id=33 - this page shows the Statistics of vulnerabilities in Linux lecturer:
lecturer:
lecturer: Let's first take a look at what you should pay attention to (see screenshots above).
lecturer: 1. Number of vulnerabilities by year lecturer: 2.
Vulnerabilities by type
lecturer: Now we need to figure out what parameters are worth paying attention to:
lecturer: The first thing we should pay attention to is the number of vulnerabilities by year (number 1), as we can see that every year there is a trend towards an increase in the detection of vulnerabilities;
lecturer: The second thing we should pay attention to
is the degree of danger of vulnerabilities (number 2), as we can see, code execution (Execute Code) and buffer overflow (Overflow) are serious here. lecturer: Red and orange
lecturer: • The red column is the execution of code on
the client side without his knowledge, I think there is no need to tell what the consequences are.
lecturer: • The orange column is a buffer overflow, i.e. refers to the phenomenon that occurs when a computer program writes data beyond the allocated buffer in memory. It is fraught with the fact that increasing the level of privileges and a bunch of other things...
You can find out more at https://ru.wikipedia.org/wiki/Buffer_overflow lecturer:
lecturer:
lecturer: And to complete the picture, we can go up a little higher and see a table with trends in vulnerabilities over time (see screenshots above) using
structured data we can easily perform an analysis, since we see the ranking of data by
time cycle (years) and so the same according to the severity of the vulnerabilities (these are columns).
lecturer: As we can see in the first screenshot for October 2017, the following were found: 166 potentially dangerous code execution vulnerabilities (number 1) and 37 potentially dangerous overflow vulnerabilities (number 2);
lecturer: Then, when 2017 ended, we see the following statistics: 169 code execution vulnerabilities and 42 buffer overflows.
lecturer: A small note, I’m just updating the training and for this I can make the following statistics, in fact, you don’t need to wait 3 months, you can compare by year. I just
thought it would be nice to give such statistics and not delete the old ones.
lecturer:
lecturer: lecturer: Detailed statistics on vulnerabilities: 1st code execution and 2nd buffer overflow lecturer: You can also click on these numbers and
see detailed statistics on vulnerabilities (see screenshots above ).
lecturer: Analysis of developers
lecturer: Now we have a small picture of how everything works, we analyzed it based on Linux, but several candidates are required for analysis. Now I will look in a brief, succinct form using the example of 3 main
developers, namely:
lecturer: • Linux lecturer: • Microsoft lecturer: • Apple
lecturer: lecturer: we took this screenshot at the beginning
lecturer: As we can see (see screenshot above) in the general statistics of vulnerabilities for all products: lecturer: • Microsoft - 8938 vulnerabilities; lecturer: • Apple - 5408 vulnerabilities; lecturer: • Linux Kernel - 2000 vulnerabilities. lecturer: lecturer: lecturer: lecturer: from top to bottom: Microsoft, Apple, Linux lecturer: lecturer: To make it easier for you, open and finish reading
lecturer: Otherwise you still won’t understand
lecturer: https://i.imgur.com/6uNE2SP .png lecturer: lecturer:
lecturer: It will be easier here from the screenshot
lecturer: Let's look at some of these beliefs based on facts and statistics, and find out where we're really at when it comes to the security of these operating systems.
lecturer: So, first of all, we will analyze Windows, how leaky the Windows operating system is can be discussed for years. Actually, as I said earlier...
Just look at the statistics described earlier and the same red light should light up in your consciousness, which would signal you.
lecturer: And in general, PAIN is a Windows guru, all questions about Windows should be addressed to him =)
lecturer: But statistics are statistics, but let's figure out why. She had a weak security system from the beginning.. I have to give her credit. In later versions of Microsoft's operating systems, they began to take security issues seriously.
lecturer: And taking into account the latest products, the latest security tools such as: BitLocker, EMET, Device Guard, Windows Hello and Windows trusted apps, there is now a completely serious set of security tools.
lecturer: But is this really so? In general, I agree that the security of operating systems of the Windows family
is gradually improving, but this is not enough, especially for us.
lecturer: In these operating systems, everything is closely interconnected with Microsoft servers, all your actions in the system are reported on the Microsoft servers like threads, Windows also fails, especially in the current version of Windows 10, problems related to surveillance and privacy, this is not particularly related with safety features, but this puts some people off, let alone us.
lecturer: Important point: If you read the license agreement from Microsoft that comes with every operating system of the Windows family, you will see that they will give up your BitLocker encryption key at the first call from law enforcement agencies, and this in turn makes you think, what the hell is Windows ?! Why are you storing my encryption passwords on your servers, what the hell.
lecturer: The fact is that by “checking the box” in the license
agreement with Microsoft, users give the corporation the right to dispose of their data. “We may access, disclose and retain your personal information, including any content, any files on your devices, in your emails and in other personal communications, if we reasonably believe it is necessary to protect our customers or to comply
with terms and conditions governing the use of our services,” reads the license agreement.
lecturer: In other words, everything you say on the Internet, write, save, create or download on your computer or any other device with Win 10, all of this can be remotely deleted or copied from you - if someone at Microsoft decides that they need it. That is, according to the terms of Microsoft’s EULA, even government approval is not required to interfere in the personal lives of clients and control it!
lecturer: All you need is permission when installing the OS from
users who are too lazy to read the entire license agreement.
lecturer: As I said, I will not disassemble Windows, my goal is to provide you with information so that you can see it and make some kind of comparative visual analysis. lecturer: Most likely, I will soon write an article about this, and then I will refer to it... It will be published in my section. If I find time for this... lecturer: Mac OS X
lecturer: Next we have Mac OS X, today, again,
like Windows, it contains reliable security features. Things like randomization of address space distribution, sandbox for launching applications, FileVault 2, privacy settings and Apple's trusted application store (AppStore). All strong security features.
lecturer: But if not for one “BUT” Mac OS X also has privacy problems
lecturer: If you upgraded to Mac OS X Yosemite (10.10), and you use the default settings, every time you start typing Spotlight (to open an application or find a file on your computer), your local search terms and location which are sent to Apple and third parties (including Microsoft) (see screenshot https://puu.sh/xTGkj/dbe1f88d3e.png ) .
lecturer: erase the parenthesis and dot in the address there
lecturer: The Washington Post also published a video demonstration of Yosemite real-time tracking.
lecturer: Let's open it https://www.washingtonpost.com/posttv/business/technology/ho w-apples-os-x-yosemite-tracks-you/2014 /
10/22/66df4386-59f1- 11e4-9d6c- 756a229d8b18_video.html
lecturer: By the way, the other day about the poppy, information also came out about hacking, not very good news, I didn’t prepare the text for it, but it’s time to Google it 2 times lecturer: Let’s look at
this video, and for those who are bad with English, I’ll try to figure it all out those highlights that you have now viewed.
lecturer: 1. For example, the simple search output of Spotlight, a tool for finding files on your operating system, now transmits your location and the names of the files you are looking for to Apple on an ongoing basis. You may notice that your location is being reported to Apple even though you are not shown a notification icon. They decided to hide this notification under the pretext that users would be overwhelmed by too many notification messages. This means that if you agreed to use geolocation services, then you also agreed to the transfer of information about your location to Apple (see screenshot https://puu.sh/xTGyC/11d372083a.jpg )
lecturer: Let's open the .gif animation (
https ://puu.sh/xTGZQ/58a24bfd28.gif ) and let’s analyze it lecturer: You may notice that the data begins to be sent before you type the text, also when you press the keys, that is, as you type, the data
also Send to XxyM) )
ARKET.COM
lecturer: As we see, the author of the video says: “I am looking on my computer for a document called “the secret plans that Obama leaked to me,” and Apple receives information about this along with my location and user ID, which is a unique string from letters and numbers used to identify me. Apple tells us that this value changes every 15 minutes, but we have to trust that the new value is not tied to the previous one.
Again, they receive information about our
location, and as the author shows, he is indeed located at the Washington Post office, based on the coordinates transmitted.
lecturer: Okay, let's quickly talk about how we can disable these things with surveillance
lecturer: To disable these things, first we need to go to System Preferences > Spotlight ( https://puu.sh/xTJ6F/e59027c2cd.png ), we see The screenshot shows all the places where Spotlight looks to search for you. This can be very helpful. However, this can also be a privacy issue, as you may have just seen. I would recommend turning everything off, but if you need something you can of course leave it on.
lecturer: If you use Safari, then you need to
disable the following, click Safari > Preferences > Search and you need to uncheck Include Spotlight Suggestions (see screenshot
https://puu.sh/xTJ2m/dcb32d4c13.png )
lecturer: There is also a good website ( https://fix-macosx.com/ ), it provides a large amount of information about privacy problems in Mac OS
X. Specifically for this problem, the site’s certificate has expired and the project seems to be dying. But if anyone has an old axis, you can deal with this problem, so I think it’s not advisable to write about this lecturer: Well, this is old stuff already, then lecturer: Next
we have Linux-like operating systems, which are actually the basis of our course.
lecturer: In your case, I gave it yesterday
lecturer: But you can also write it down for your homework if you haven’t
read it
lecturer: We probably won’t stop later who wants to read it
lecturer: In general, I would recommend it
lecturer: Linux-like operating systems, Unix-like operating systems. There are a wide variety of them, I group them all into one category. If you are looking for the most secure operating systems, then you will find them here, or rather, it would even be said ONLY here.
lecturer: Things like SELinux are a good example of this, it is an implementation of delimited Mandatory Access Control - MAC, which satisfies the requirements of the government and military. lecturer: Definition: Mandatory access control (MAC) - delimitation of access of subjects to objects, based on assigning a confidentiality label to the information contained in objects, and issuing official permissions (admission) to subjects to access information of this level of confidentiality . Also sometimes translated as Forced Access Control. This is a method that combines protection and restriction of rights applied to computer processes, data and system devices and is designed to prevent their unwanted use.
lecturer: SELinux (SELinux) is a forced access control system implemented at the
kernel level. This is not so important a point for you to focus on this point.
lecturer: We will look at more standard operating systems: Ubuntu, Debian, Fedora, Arch Linux, Tails, etc. - again, they all have fairly reliable security features.
lecturer: When we consider Windows, Mac OS X and Linux, they are all in similar conditions.
lecturer: But when it comes to their existing security tools and functionality. When we add privacy to the security package, we need to start looking at Linux distributions.
lecturer: I would recommend using Linux distributions for security, but you will have to sacrifice interoperability and usability. For example, you won’t be able to use Photoshop or
Microsoft Office, although this can be solved using “wine” - you can see what it is on YouTube, and maybe I’ll look at it in this course. I don’t know, it takes a lot of time to write, catastrophically a lot...
lecturer: In a nutshell, if you don’t know, there are many, many operating systems that have evolved in a certain way since the mid-1960s from an operating system called UNIX ( she was at the head of a paid system for corporations, etc.)
lecturer: I promised to give you a list of operating systems when I said that you should choose systems that have
money for quickly eliminating vulnerabilities, here you can see clearly how many Linux distributions there are and from whom they came:
lecturer: To do this, open: https://upload.wikimedia.org/wikipedia/commons/1/1b/Linux_D istribution_Timeline.svg - plus this link is that it is a *.SVG format, therefore you can search for this family tree via Ctrl+F directly in the browser;
lecturer: Just look at how many operating systems are based on Debian, now you can return to the statistics that we analyzed earlier and look at it from a slightly different angle.
lecturer: and from them everything branches out, in general, look carefully, stick then go read further lecturer: by the way, ctrl + F works there lecturer:
I would recommend using distributions based on Debian - Debian, Kali Linux, Parrot OS, as well as Fedora, Arch Linux
lecturer: At the end there will be a list with a bunch of Debian distributions and there with a small note
lecturer: Let's talk a little about these operating systems lecturer
: As you already noticed when you got acquainted with the
*.SVG infographics in detail above, the 2 main communities are Debian and RedHat, there are a bunch of others too, but as I
said earlier: “if you have a lesser-known Linux or Unix-like operating system, then you may find that patches are released more
slowly because they don't have huge multi-billion dollar corporations behind them, in which the release of all fixes is on stream."
lecturer: This also applies to support from the community and so on...
lecturer: Fedora Linux is a Linux distribution with one of the largest user communities among other distributions. But it is not as popular as Debian.
There is an opinion among users that Fedora is difficult to use and configure.
lecturer: A significant advantage of this system is that Fedora is only free software.
The Linux operating system is very often considered free software. But this is not 100% true. Although most of the software you use is free, some hardware drivers and firmware are closed source. There are also open source components with a limited license, such as media codecs.
lecturer: At the very beginning of the Linux section, I asked you
read the article that described issues with security and proprietary software, just for this reference.
lecturer: Distribution developers determine how often their users will contact proprietary software. They may include media codecs, video card and network adapter drivers, as well as additional modules, for example, Adobe Flash. It will help
users listen to music, play games and browse the web, but it is proprietary software.
lecturer: Fedora takes a principled position on this issue. This helps avoid lawsuits against Red Hat. Proprietary software is simply not allowed in the repository. The distribution kit will not prevent you from installing such programs, but it will not help you either. You will have to use third party repositories such as RPM Fusion. This is one of the reasons why Fedora is considered difficult. But adding a repository to the system takes a few minutes.
lecturer: But articles like this https://habrahabr.ru/post/337290
are, of course, slightly misleading... Since previously, non-commercial products, as far as I remember, were not subject to such bans. The Fedora Project, although sponsored by Red Cap to develop new technologies, is a non-profit structure and does not make any profit from its activities, as far as I understand. This is all strange.
lecturer: Arch Linux is an independently developed
Linux distribution, optimized for i686 and x86/64 architectures, aimed at experienced Linux users.
lecturer: In general, you need to be a competent user to use this system, you need to be aware of it in advance. It uses Pacman, a proprietary package manager from the creator of Arch Linux. Pacman ensures the installation of
current updates with full control of package dependencies, working on a system of rolling releases or rolling releases. Arch can be installed from a disk image or from an FTP server.
lecturer: Let me explain, a package manager/repository is like the App Store or Google Play from where you can download and install the application or program you need in 2 clicks.
lecturer: The default installation process provides a reliable foundation that allows users to create a custom installation. In addition, the Arch Build System (ABS) utility provided the ability to easily build new packages, modify the configuration of stock packages, and share these packages with other users through the Arch User Repository. It is a lightweight Linux distribution.
It runs primarily free
and open source software and software from the community-supported AUR repository.
lecturer: Ubuntu - To dismiss this question, I’ll immediately say that Ubuntu sends your data to third parties without your consent.
lecturer: If you are an Ubuntu user, and you are using the default settings, every time you start typing Dash (to open an application or search for a file on your computer), your search terms are sent to three different parties, some of whom advertise for you
.
lecturer: By the way, you can remember the situation about Windows which decided to distribute WIndows 10 for free, but in the end it collects all the data supposedly for advertising, that is, all your personal information, etc. In general, I don’t want to repeat myself for this reason, since the bias is not more precisely in her direction, I’ve already talked enough about her, I think about her. If you want more information on this system, at least read the WIndows License Agreement. And your eye will start to twitch)
lecturer: Regarding Ubuntu, in order to prevent sending
data to third parties, you need to follow a series of instructions on this site https://fixubuntu.com/ follow the instructions given here, it shows how to change the necessary settings. Previously, we examined a similar situation using the example of Mac OS X.
lecturer: However, I do not recommend Ubuntu in any case, I am just bringing this up for your interest in the event that you happen to be using this system. Ubuntu is better for privacy and anonymity than Windows or Mac OS X. I recommend Ubuntu to people who have no Linux experience and find the above distributions too difficult to learn for them.
lecturer: There are forks of Ubuntu Mate, it seems to be fixed there
lecturer: Debian is an operating system based on Linux, it is a Linux distribution. It consists entirely of free and open source software, most of which is under the
GNU General Public License. lecturer: The Debian distribution contains more than 51,000
packages of compiled programs that are packaged
in a great format for easy installation on your machine. They are all free. It looks like a tower. At the base is the core, above it are the main tools, then all the programs that you run on the computer. At the top of this tower is Debian, carefully organizing and putting it all together so that all the components can work together. lecturer: With this approach, your system will not
knock on Microsoft home servers.
lecturer: Tails is a Linux distribution based on Debian, created to ensure privacy and anonymity. It is a continuation of the development of Incognito OS. All outgoing connections are wrapped in the anonymous Tor network, and all non-anonymous connections are blocked. The system is designed to boot from LiveCD or LiveUSB and leaves no traces on the machine where it was used. The Tor Project is the main sponsor of TAILS. The operating system is recommended for use by the Free Press Foundation and was also used by Edward Snowden to expose PRISM.
lecturer: Use it only for surfing, for example lecturer: Because you fuck with it, Mama, don’t worry, your ass will burn like hell lecturer: For example, they came
somewhere, stuck a flash drive with their OS, surfed, pulled everything out
lecturer: Kali Linux - GNU/ Linux-LiveCD, resulting from
the merger of WHAX and Auditor Security Collection. The project was created by Mati Aharoni and Max Moser. Designed primarily for safety testing.
lecturer: The predecessor of Kali was BackTrack, created on the basis of several Linux distributions. Originally intended for use on the Slackware OS, and then smoothly moved to Ubuntu. Afterwards Debian became the basis.
lecturer: Parrot OS - An increasingly popular security distribution based on Debian-linux. Quite easy to learn, suitable for both beginners and professionals. This distribution is aimed at both penetration testing and anonymous work on the Internet.
lecturer: Quite a lightweight and effective tool, many security specialists have found in it a replacement for the increasingly
“gluttonous” Kali, especially since Parrot uses Kali repositories for updates. Uses MATE graphics environment and LightDM display manager.
lecturer: In terms of functionality, it is similar to Kali Linux; here, too, a huge amount of special software for security testing is supplied with the system.
lecturer: As you can see, all the systems that I mentioned above are mainly based on Debian in one way or another. ( starting from Ubuntu and below
lecturer: How you handle security updates in Linux will depend on the distribution
you use. I'm going to talk about security updates using Debian and Debian-based systems as an example.
lecturer: Look, here https://wiki.debian.org/Derivatives/Census lists all Debian derivative distributions.Many of them are security-critical operating systems such as Kali, Tails, etc. The Debian project does an excellent job of providing security updates for Debian
lecturer: Here you can read about distributions and other
lecturer: Security is a priority for this project and this operating system
lecturer: If you want to find details of the security problems for which patches are released, then take a look at the information page on Security presented by Debian
lecturer: https://www.debian.org/security
lecturer: If you go down below you will see all the updates, you can click on any update and get more information about that particular update. You can go to the Miter CVE directory and find out more about the vulnerability you select. Here are detailed information about this vulnerability. We see even more details here. And from here we can go to various sources for more information, and in principle, we can even find exploit code for a given vulnerability. We looked at this earlier using the example of the site https://www.cvedetails.com .
lecturer: According to the Debian Project, they process all security issues brought to their attention and fix them within a certain reasonable time frame. They also say that many security alerts are coordinated by other free software vendors and published on the same day as a vulnerability is found, and that they have an internal Security Audit team that searches the archives for new or unpatched security bugs. They also believe that security by hiding doesn't work, and that making information public allows security vulnerabilities to be found, and that's cool.
lecturer: All this is good, which is why I recommend
distributions based on Debian as the main reliable operating system for everyday use when it comes to security, privacy and anonymity.
lecturer: I decided not to give an analysis of an installation example, etc. the only thing you need to understand is that you need to write the installation flash drive in ddimage mode via rufus, for example, and Linux users can use the dd command for this.
lecturer: lecturer: This is what dd image is
lecturer: In order not to simply clog up and make a mess in your head, if there are those people/group of people who have decided to master Linux environment. Install the system, you can contact me directly or, as I said earlier, contact me via correspondence QUESTION /
ANSWER.
lecturer: Where everyone will already advise and help with certain issues, in fact the segment of your actions is similar to when working with Windows and what Payne will tell you, so the installation is perhaps a little different, but everything is the same.
lecturer: There are a lot of videos on YouTube showing an example of installing an operating system, partitioning a disk and other points.
lecturer: Linux is an amazing system that you need to learn to work with and it will become your true friend. It’s like with a pet, once you train it, once you master it, it will be so docile and obedient to you.
Security and anonymity on the Internet. Setting up a virtual machine.
lecturer: Good day, ladies and gentlemen! Today I will give a lecture on the topic “Security and anonymity on the network. Setting up a virtual machine”
lecturer: The lecture will be divided into several parts:
• Security
• Virtual machine and related parameters (analysis of a virtual machine for surfing for communication, analysis of a virtual machine for typing in),
• Storage and circulation of funds
lecturer: During the lecture I will explain basic methods and parameters, as well as give useful links and recommendations. Let's start with the first and main-basic part.
lecturer: Security.
Let's start with the fact that it should already be extremely clear to everyone that everyone should accept as a certain “TABOO” and never do that:
lecturer: Don’t wag your tongue, not on the Internet, not in life. You and I are not engaged in freelancing, therefore no one ever needs to know where you are from, what your name is, how many children you have and any other personal information. It doesn’t matter who asks - a friend or an acquaintance, anyone may not be who they claim to be, and even me. lecturer: As they say: “The personal should remain personal, the work should remain work”
lecturer: Nicknames. Do not use nicknames that you took from your VKontakte ID, Steam, email or any
other service or site. Nicknames used in the white sphere
can bring people out of the gray sphere towards you; it has happened that it was enough to simply google a person’s nickname to find out everything about him and his loved ones.
lecturer: Do not register emails and accounts on your phone number; services providing mailbox services will easily provide information upon request.
To receive SMS, you can use online services, for example:
http://sms-area.org/
lecturer: There are many such services, you can just google them for the query “receive SMS for registration”
lecturer: Mailers, such as gmail.com & hotmail.com can register mail without receiving SMS if the IP has not previously been used in their system. For mail.com SMS is not required.
Do not use personal emails when registering on gray
sites and shops, create separate ones for these purposes. lecturer: You should never think that “I’m not such a big fish that they’ll look for me” - often such people then look for money for lawyers, don’t delude yourself, never neglect safety, because it’s better to sleep peacefully.
lecturer: The next TABOO: never work in the Republic of Uzbekistan/CIS/Ukraine and the entire post-Soviet space. Do not go to such shops, do not use such cards and services - nothing, otherwise the secret services will quickly find you. The news often shows those who worked in their own country - a funny observation.
lecturer: Accept parcels only through intermediaries, forwarding services or drops. Don't put your names out there anywhere.
lecturer: It is better to store Jabber and all other communication tools in a virtual machine; if you store it on the main one, it is better to disable saving history and passwords.
If you value your own ass, its coziness, comfort and integrity, it is better to observe these taboos. lecturer: Use Jabber on secure servers that you can trust
lecturer: Never neglect Guarantor Service, even for small amounts, it is better to save your nerves and money, and lose a little time, than vice versa! It doesn’t
matter whether he’s a tuber, a moderator or a friend - he’s the same person as you, regardless of the number and color of ribbons under a nickname, regardless of reputation, anyone can go all out and start cheating on their own/strangers.
There are a lot of precedents, first of all, learn from the experience of others.
lecturer: Let's start analyzing the virtual machine and related parameters.
I recommend using virtualbox or vmware. Don't forget to enable virtualization in your PC's BIOS - otherwise the virtual machine will not be able to work. lecturer: It will be better if you place the image of
the virtual machine in an encrypted flash drive (or ssd) or container TR. We will crypt with the following software:
a) truecrypt 7.1a b) veracrypt
Both options are interchangeable. Use either a or b. lecturer: Option a - only trucrypt version 7.1a,
the rest are unsafe, and veracrypt is a continuation of the trucrypt family, since the trucrypt was abandoned by the developers. I use option b - veracrypt.
https://veracrypt.codeplex.com/
lecturer: We encrypt a flash drive/ssd, or create a container on a PC, and place a virtual machine image inside the container. Now, before starting the virtual machine, you will first need to open the encrypted container using a password. How to encrypt - you can look in
the help of the program itself or Google it, it is not difficult and requires literally pressing a few buttons.
lecturer: There are two alternative options to containers, namely:
• encrypting the entire hard drive on your computer
• creating a hidden OS
lecturer: With regular containers, the encryption key can be pulled out of the hibernation file and removed from RAM, so we disable hibernation on our computers. But when using a hidden OS, you can put all the information and files in it, and even if you are tortured, you can give out the encryption password from a regular white OS, while the hidden one will peacefully
store your files.
ARKET.COM
lecturer: Encrypting the entire hard drive is a long process (it takes me about 6 hours of encryption for a 1TB drive), but it is a reliable means, since from hibernation, even if it is turned on, you can’t get the keys out, and in order to have time to remove them from RAM, you need to be very try, all that remains is brute force, and here we move on to the next security point, namely passwords.
If the OS is hidden or the disk is encrypted, to start
the system you will need to enter a password into the boot-loader, that is, even before the Windows account password, before turning on the system itself
lecturer: On any forum, page on a social network, mail or hidden container, you must follow the MANDATORY points when choosing a password:
1. Length of at least 15 characters, preferably all 30
2. Upper + lower case, numbers and special characters. An example of a good password: sHO&D=633qwvBB!aC{6} - it will take decades, or even centuries, to crack this password. lecturer: 3. For one forum/shop/site - one unique password.
4. Two-factor authentication - use wherever possible.
5. You can store the password, for example, in keepass or head
lecturer: If you use the same passwords, there is a high probability of hacking everything that is possible.
No one is immune from the leak or sale of a database on some Dedik store, for example.
lecturer: Attackers simply get your password, and then go around all the services/forums and take everything they can.
lecturer: But a strong password is not a panacea, because they can be intercepted directly from your system by attaching a stealer, malware or other virus to it. The solution is trivial and simple
: create a separate virtual machine (any virtual machine) specifically for software and dirty, unverified files.
lecturer: And run everything ONLY on this virtual machine, it’s better to let it suffer than your computer. Following basic hygiene rules is much easier than later losing accounts or paying victims, so don’t be lazy and do it, but you’ll sleep peacefully.
lecturer: The purpose of the virtual machine for you will be divided into two points, namely:
• Surfing, communication, everyday use
• Work, typing in
lecturer: Depending on the purpose, the setup will be divided into two types, let's start with the first, here anonymity and security are more important to us , than the state of the system being ready for driving in, however, the first subparagraph is the same in both cases.
lecturer: List of the minimum required base of programs for surfing and communication:
• VPN. - At least one, ideally doubleVPN. We use VPN from third world countries or at least another continent. The VPN service should NOT log.
When connecting to a VPN, your IP should change to the country you enabled. You can check it here: whoer.net
We install VPN on the main machine lecturer: - TOR Browser
https://www.torproject.org/
If the site has mirrors in the onion zone (in the torus), use these features to maintain greater anonymity!
lecturer: - Jabber / ICQ
Judging by the fact that at the moment you are all reading this in Jabber, there is no point in describing this program, but take a couple of recommendations into account:
lecturer: 1. Don’t be a toad! They’ll start being abusive, they’ll start spamming, and this will cause more headaches, and no one needs that.
If you really want to, create a separate jabber account for public display .
lecturer: 2. OTR encryption. In the PSI+ jabber client it is enabled in the plugins, for Pidgin it is downloaded and installed, there should be no problems. Neg - encryption, making the communication space more secure. It is also available for ICQ. I don't recommend using Skype, it's not secure.
lecturer: Also replace your DNS in the system, for example, with Google's http://support.li.ru/google-dns/win7/
You can also register them in the router. For greater effect, you can use DNSCrypt software - take note and familiarize yourself with the functions on the Internet. lecturer: - Browser for surfing (I recommend firefox) - disable webrtc. WebRTC allows third-party users to immediately determine the IP address of a network user, bypassing the software barriers of VPN, TOR, SOCKS and other network defenders
https://whoer.net/blog/article/kak-otklyuchit-webrtc-v-raznyx-brauzerax/
>
lecturer: - If you use socks or tunnels, then proxifer+plinker. We won’t go into details; there is a lot of information on these two programs on the forum.
lecturer: - You can also close the Internet through a firewall so that if the VPN fails on the virtual machine, there is no access to the network and your real IP does not leak. Some VPN clients have this feature, or you can tinker with the firewall.
lecturer: Parameters of the virtual machine for driving in: For driving in, you can use any virtual
machine, it all depends on your needs and shops.
lecturer: But I will still name the necessary software for work and the parameters, let’s get started.
lecturer: 0. VPN, we talked about this earlier.
lecturer: We select IP using an SSH tunnel and SOCKS5.
An SSH tunnel is a tunnel created over an SSH connection and used to encrypt tunneled data. Used to secure data transmission on the Internet
Socks5 allows you to create a chain of several servers, thereby achieving anonymity on the network.
lecturer: 1. Brazury. Firefox with WebRTS substitution, Chrome with WebRTS disabled, and several portable
Chrome/Firefox browsers.
You can replace webrtc using this extension:
If you want to use chrome, install the WebRTC leak prevent extension or replace webrtc in other ways (available on the forum)
lecturer: 2. Software for using tunnels and socks: proxifer and plinker/bitvise
3. Teamviewer (on a virtual machine and on your main machine) (optional)
4. NotePad++ for temporary records
5. If there is and if needed - anti-detect lecturer: Parameters: Let's start with the parameters of the IP address (Dedik/tunnel/Sox) lecturer: Negative parameters:
• Two-way ping and affiliation to the hosting provider
Belonging to the hoster = ip is in the cloud, it is better not to use such IPs in your work.
lecturer: Two-way ping detects tunnels, socks, VPNs by ping, I tried large merch with it, but this is still a negative parameter, the solution is to search the VPN country or put TOR in front of the tunnel, if that doesn’t help, replace the IP.
lecturer: - DNS - not the IP country, rather has a negative effect (but not critical), and there is a lot of information on the forum about this.
lecturer: - Flash, uptime, OS.
If you wish, you can install a flash, but now not all real users have it.
lecturer: Uptime - the time of uninterrupted operation of your IP, it’s strange if your IP has been working without interruption for several months, isn’t it?
lecturer: The system time (timezone) must match the time of the IP address.
lecturer: OS - prevalence, everyday life and trust. For example, most ordinary users use Windows. The same xp will add more fraud for the reason that the system is outdated, so win10 is the opposite, more trust. The golden mean is Win7.
lecturer: Windows and browsers should be in English, it’s all scorched. But if at the same time some program in the system is in Russian, there’s nothing
wrong with that, antifraud will not be able to detect it through the browser. (Flash should be in eng)
lecturer: ProxyScore + Riskscore ip - antifraud systems pay attention to this, so try take with zero or minimal indicators. Some services for selling access (socks/tunnel/dedic) provide this service directly within the service.
lecturer: Open ports (8080, 8081, 3128, 80, 81 and so on): this is not always a negative parameter, since this is a really common misconception, let’s classify it as a neutral parameter.
lecturer: Some anonymity checking sites scan IPs and believe that if some port is open, then the IP is a proxy and reduce its anonymity. But in reality this is not so, most of these IPs are just the web admin of the router. If it were so easy to make proxies through such admin panels, they would be made in the millions, you can check it yourself.
lecturer: Since mass port scanning
is prohibited in many countries, large merchants, instead of port scanning, turn to services such as maxmind, which in turn provides services such as maxmind fraud check & maxmind geo check api, so if any then the service shows open ports at the IP address (for example whoer or 2ip.ru), this in most cases is not a negative indicator. And even if such services show good results, it is not a fact that you will be able to drive something from this IP address later. lecturer: In my practice, large merchants have repeatedly
successfully passed orders from IP addresses, where anonymity checking sites found open ports and thereby identified the IP as a proxy. Based on this, I dare to suggest that open ports are not always bad, and you shouldn’t get hung up on this, especially since without actually owning the IP address, you won’t be able to do anything about it. But if you wish, you can select IP addresses without ports, or with open 80 - it is acceptable in any case, since it is natural.
lecturer: It is better to select the geolocation of the IP address as close as possible to the zip code of the card holder. For example, if the card holder has zip code 85012, you need an IP with zip code 85012 or 8501* - that is, as close as
possible.
lecturer: Before typing in, you can surf on popular sites like youtube/amazon/facebook and others; some serious anti-fraud agents can burn your browser history. It’s strange when a person with an empty browser history rushes off to buy Gifts worth a thousand dollars, isn’t it?
lecturer: AntiFroud can also see tabname - open tabs in the browser at the moment, and determine which site the person came from. (And for what request) lecturer: - Audiofingerprint - audio fingerprint, a relatively serious protection system. We look at various articles on this topic, not everyone uses it.
lecturer: Serious merch can also check sites according to the list on which you are logged in (https://browserleaks.com/social - you can check here,
For example). In practice, if Facebook is logged in, for example, this is a plus, but not critical.
lecturer: To randomize fingerprints (system fingerprints) when entering into one merch/shop, you can do the following:
• Change browsers, change browser versions
• Change fonts in the system, screen resolution lecturer: - Enter or import cookies
• Plugins and extensions in the browser.
• Change the system
lecturer: Speaking of extensions, merch cannot directly see extensions installed in the browser, but they can send a request to the browser like “Is an extension with such and such an id installed.” Thus, merch can detect certain extensions, such as, for example, CanvasDefender.
A way around this is to replace the extension id (Google it) or simply NOT install it in the browser.
lecturer: And of course, we don’t use the same variables for several entries, for example emails. lecturer: When checking your IP location (geolocation), try not to rely on whoer.net - it has an outdated maxmind geo database, use the ip-score and maxmind sites.
lecturer: Several sites of my own to check the system and ip:
whatleaks.com - check everything, including timezone 2ip.ru/privacy - check ports, two-way ping, hosting provider and other things
whoer.net - visit this site less, it’s very nerdy, absolutely all merch of medium and higher levels has an extremely negative attitude towards the cookies of this site + in some cases, visiting this site will drive the Sox/ssh IP into the maxmind fraud check database.
https://www.maxmind.com/en/home?rId=iplocation - IP geolocation directly from maxmind. Of course, the accuracy of the paid and free databases varies, but in my practice, in 75% of cases you should trust this site.
browserleaks.com ip-score.com noc.to Copy this list of sites for yourself
lecturer: Where to store, how to withdraw your earned money?
Of course bSitcToinY!
lecturer: Recommended wallets:
https://blockchain.info/ru/wallet/ bitcoin core
lecturer: Personally, I use the first one. On the forum, in the “Cryptocurrency” section, you can find lists of wallets and independently study and choose what suits you best. You should not keep money in Bitcoin permanently, as the rate can either rise or fall. Therefore, evaluate your risks and desires yourself.
lecturer: Qiwi - not everyone accepts payment, but it is possible as one of the options.
Pros of qiwi: Possibility of direct withdrawal to the card, if you do not show the phone number, it is almost impossible to steal
lecturer: Cons: the wallet can be blocked by the Russian
payment system, which means it will give out any data upon request, therefore I strongly recommend that if you use qiwi, then only in following format:
lecturer: - Left SIM card, possibly virtual
• Left email
• Transfer money if possible with qiwi vouchers (eggs)
lecturer: - Do not use your phone, buy a left one or use a virtual SIM.
• Output only to the drop card.
• Do not use your IP and computer (you can use a virtual one) lecturer: Options for withdrawing money from online to real life, if everything is clear with Qiwi, then with Bitcoin it is more complicated, namely S: TYXMARKET.COM
•
Exchangers
. Through the exchanger you can exchange money from Bitcoin to a card or Qiwi, or bank.
lecturer: - Withdrawal directly to cash. There are exchangers that provide such a service.
• https://localbitcoins.net - a kind of exchanger, you are looking for money changers with good reviews.
lecturer: The fact that Bitcoin is anonymous is a myth and a misconception, all transactions in the blockchain are clear at a glance, they are easy to track, you just don’t need any personal data for registration. Therefore, to maintain the anonymity of funds, I recommend using Bitcoin mixers. (look at the forum, section Cryptocurrency)
lecturer: In addition to online security, there is also offline security, I dare to recommend my article on this topic:
Cards
lecturer: Hello everyone, today is a lecture on CC - let's go lecturer: Each of you has encountered CC in one way or another in your life , but it was in a slightly different “key” lecturer: The first thing a beginner in this business should study is, of course, information about credit cards, in other words, cardboard / CC lecturer: Credit card (CC) is a credit card, cardboard
, potatoes, etc.
lecturer: First of all, we need to find cardboard. The easiest option is to buy it from the seller
lecturer: When purchasing, you will receive cardboard in approximately this format: 4306651004564350 | 10/10 | 826 | Richard Lang | 56 Groveview Cir | Rochester | 14612| NY | USA | 661-298-0881 (The format varies for each seller)
lecturer: 4306651004564350 - Credit card number. 10/10 (10 month / 10 year) - Card expiration date. 826 - Card security code CVV/CVV2
Richard Lang – First and Last Name (Name, Last Name) 56 Groveview Cir – Address
Rochester – City 14612 – Zip code NY (New York) – State USA – Country
661-298-0881 - Telephone
lecturer: BIN - bank Identification Number - the first 6 digits in
the credit card number, the identifier of the bank that issued the card
lecturer: each banking organization has its own unique number. You can find information on each card in the services through a search. We make a request in Google, bin check and then follow the links and enter our first 6 digits
lecturer: For example, card 4306651004564350, where 430665 is the number of the bank that issued the card
lecturer: 10/10 - exp (card expiration date) 09 month 10 year lecturer: 826 - cvv (secret code)
lecturer: Richard Lang - cardholder name
lecturer: 56SGTrovYeviXewMCir A- Ritska street (sEtreTet).lSector: MRochester -
lecturer: NY - state
lecturer: 14612 - zip code ) lecturer: US - country (coutry)
lecturer: 661-298-0881- PHONE NUMBER (Phone) lecturer: You can also add SSN, DL, MMN, DOB to USA CC (you will study this information in other lectures)
lecturer: For additional $ you can enter additional informationOB - date of birth SSN - social security number MMN - Mothers Middle Name (mother's middle name, so to speak)
lecturer: let's talk about the types of SS lecturer: most often used
Visa, MasterCard, American Express, Discover
lecturer: Numbers Visa credit cards start with the number 4,
they have protection called Verified by Visa (VBV) 3-digit CVV code
lecturer: Verified by Visa (VBV) - used to protect Visa card numbers from unauthorized use. Simply put, the holder has a code that he will have to enter when purchasing something
lecturer: MasterCard credit card numbers start with the number 5, they have protection called MasterCard SecureCode (MCSC) 3-digit CVV code
MasterCard SecureCode - the principle of operation is the same as that of VBV
lecturer: American Express starts with the number 3 and already has
a 4-digit CTVVY code
MARKET.COM
lecturer: Discover starts with the number 6 3-digit CVV code lecturer: further we will talk about the types and levels of CC
there are 3 types of cards - credit, debit, prepaid
lecturer: credit card, which can be used to buy on credit, those. not having enough money in the account.
The size of the loan is determined by the issuing bank
lecturer: debit card, which can be used only up to the amount available in the account lecturer: prepaid card with a prepaid amount - a smart card that stores electronic money paid in advance by the card owner
lecturer: the prepaid card is not personalized, that
is, it will not indicate the owner’s first and last name, this is the main advantage of prepaid bank cards;
it can be used to pay both in real and online stores. The card limit is limited only by the amount that is on it
lecturer: Let's go through the card levels, from classic to black. The higher the category of the card, the higher its service cost, and the richer its owners, the more money it can hold lecturer
: There are cards of the classic category, gold, platinum and higher cards, such as MasterCard Black Edition or Visa Black . As the card category increases, the credit limits on it increase. For example, the credit limit on a classic card can be $1k, so on a platinum level credit card the credit limit can be $10k+
lecturer: For work, I advise you to take credit and
debit cards from the gold level and higher, namely the common gold, platinum, signature, world, black The probability of meeting the latter is low. In the USA they are not issued like we have Tinkovs, etc.
lecturer: Each credit company (American Express, MasterCard and Visa) calls their higher-level credit cards a little differently
lecturer: For American Express it’s BLACK| The card is positioned as a symbol of the holder's belonging to the top of society and can only be issued to a person who has the appropriate social
status
with MasterCard - this is World Signia | Credit card of the highest category in the product line from MasterCard with the owner’s personal signature “gold” on the front side
for Visa this is a Black Card - this level has an increased level of security that prevents the possibility of unauthorized access to funds lecturer: the most premium SS, those listed above, are owned by a special caste of people on the planet, they are also “masons” joke, this level has higher credit limits and there are no limits on spending, such cards are very difficult to find and they will be very expensive, they are most likely only for professionals
lecturer: next we’ll talk about how payment is made with SS lecturer
: The process of paying with a credit card on the Internet is not as simple as it seems on the Internet first glance
lecturer: while you press the confirm button, a bunch of processes happen. Responsible for these processes is the bank's processing center lecturer: The processing center is a high-tech system for processing payments on bank cards in the field of e-commerce lecturer: the main task of the processing center is to
provide shops with the opportunity to accept payments by credit cards
lecturer: In addition, the processing center coordinates settlements between the bank -card issuer,
acquiring bank (authorizing transactions), shop and card holder
lecturer: Acquiring bank - a bank that provides the store with services for processing card payments
lecturer: Issuing bank - the bank that issued the card with which the buyer is trying to pay for the goods
lecturer: Process payment for goods/services using a credit card looks like this: you place an order on the shop’s website and select payment using a credit card
lecturer: the shop will redirect the buyer to a secure payment form of the processing center, on the secure payment form you indicate information about the credit card,
the processing center confirms the status and shop parameters in the system
and also checks the generated request for compliance with established requirements and system restrictions and transmits the generated request for authorization to the acquiring bank that
carries out authorization for the payment, having received a request for authorization of the transaction, the acquiring bank sends it to the appropriate payment system (Visa, MasterCard etc.)
lecturer: the payment system determines the issuing bank that issued the credit card, and then sends a request for authorization to the bank’s processing center
lecturer: After the issuing bank has confirmed the authorization of the payment, the processing center sends a positive result to the store authorization
lecturer: and he, in turn, notifies you about the successful
payment of the order. This is a complex process that happens after you click on the pay button
lecturer: What does the shop do in turn when it accepts payment?
lecturer: when all the points described above have been successful and you see that the payment has been accepted, the shop takes the order for processing. Processing
consists of manually checking the order, clarifying the order details of the spike address (not always), when clarifying the details, the shop makes a call to the specified number in the order for confirming the order
lecturer: This is why it is advisable to write a number to which you can receive a call
lecturer: After clarifying all the details, the shop begins to prepare goods for deliveryAvkiRKET.COM lecturer: If you enter Egypt, then delivery is carried out immediately after verification, if you enter stuff, they can send it both on the same day and on the next
lecturer: You should not enter the stuff on Friday, since the transfer of the stuff for delivery will be carried out only on Monday
lecturer: After transferring the stuff for delivery, you will receive a tracking number by mail or in your personal account of the store( tracking number)
lecturer: As a rule, this is a set of letters and numbers by which you can track where your goods are located lecturer
: Next, you simply follow your goods by tracking number and are happy when it is delivered, but it may happen
when the card holder sees that the money has been withdrawn from the card, in this case he calls the bank
lecturer: He, in turn, makes a call to the store and reports that the purchase was made fraudulently
lecturer: In the tracking number in this case it will be written that the sender requested a return of the goods. In this case, don’t be upset and try to enter a new order with a new CC and you will certainly be lucky!
lecturer: next we will talk about what measures the store takes when paying with CC
lecturer: The store also checks the order with an anti-fraud system to exclude all kinds of fraudulent manipulations with bank cards lecturer: ANTI-FRAUDXPRMEDSTAAVRLYAEKT IEZ SETSIMUM which analyzes your actions on the Internet on the subject of fraud
lecturer: over many years he has formed a portrait of fraudulent actions and actions of real cardholders
lecturer: the system begins to analyze you from the very first moment, as soon as you enter the site
lecturer: she looks at whether you logged in from a browser or from a mobile application, looks at what you bought, when you bought it, how often you bought it
lecturer: looks at your IP address, cookies that include the http session identifier, etc.
lecturer: combines all this information and analyzes it with the actions of the holder
Your task is to adapt as much as possible to the card holders, for this you need to warm up the shop, I will talk about this at the next lecture, which will be on Thursday, February 15
lecturer: after warming up the shop, carefully type in all the data, you spend your monthly salary on buying an expensive laptop
lecturer: Vryatli shop will believe that you just came in and spent the monthly salary of an ordinary American
lecturer: As a rule, if you are burned, they will not immediately allow you to pay for the goods. In this case, there is no need to despair and throw away the CC, since the information may not have reached the bank and you will be locked up at UkroevneTsh.ospa OM
lecturer: In this case, we write/call the shop and say that I tried to buy a laptop from you, but something didn’t work out, lecturer : Don’t forget, you are an American who has long wanted to buy a laptop, but they didn’t give it to you.
lecturer: In the shop they will tell you why you can’t place an order. Whether you haven’t gone through the shop’s anti-fraud system, or the bank has blocked your transaction
lecturer: In the first case, you can find out how you can still place an order, you will be offered solutions, you can choose
lecturer: If the bank has blocked it, it’s easier to throw out the ss than to make a call to the bank, since there is a very strict identification process that cannot be passed.
Mediators
lecturer: Hello everyone,
lecturer: Today's lecture will consist of 2 parts: Mediators and drops
lecturer: Part 1 Mediators
lecturer: Mediators is a logistics company that delivers goods from one country to another. Mediator is used in 2 cases: when the store does not have international delivery, and when you just want to consolidate packages.
lecturer: Intermediaries were created not for us carders, but for ordinary people who want to order some kind of product from the USA
lecturer: KSpritmeyrukhveMshchi A iz grepaki OTHER, who
do not have delivery to other countries except the USA.
lecturer: There are also intermediaries in Europe, but they are not used so often.
lecturer: Pack consolidation is the process of combining several parcels into one to reduce delivery costs. Consolidation conditions must be clarified with the intermediaries by reading the relevant sections of the site. lecturer: At the moment, a lot of mediators have been abandoned, so you need to look for your mediator
lecturer: How to find “your mediator” lecturer: You can only find your mediator
experimentally, by sending packs there, and looking at the mediator’s reaction. Here are the main points you need to pay attention to.
1. Drive in stages. We made 1-2 drives,
waited for delivery, and saw how the agent reacted. They sent it to themselves.
2. Use different types of entries for different accounts. That is, on the 1st acc in the middle we drive in from the SS, on the second from the e-gift, on the 3rd acc in the middle we drive in from a stick, and so on. This is done in order to understand what the medium likes and what it doesn’t.
Because some intermediaries calmly accept packs inserted from CC, others can lock your account for this. Some of the mediators are happy to accept packs downloaded from e-gifts, but others are not. Therefore, it is very important to create several accounts at the first stage, and when some of the accounts are blocked, you will know why.
3. Avoid intermediaries that require credit cards or money transfers for payment. Personally, I prefer intermediaries that accept payments from BTS or PayPal. It often happens that when paying an intermediary with “your card”, the stuff must also be made from the same card,
which is impossible. The money transfers are understandable here. This is pale. It is better to avoid such intermediaries immediately. lecturer: 4. Pay special attention to intermediary tariffs (acceptance, storage, forwarding). It happens that acceptance of a pack is free, but the cost for storing the pack begins to accrue the next day. Or vice versa - Acceptance is paid and expensive, and storage is free. The best solution for us is an intermediary where acceptance of the pack is free and the free storage period ranges from 30 to 60 days.
lecturer: 5. Carefully study the mediator’s rules for
accepting packages. Usually they write why they are accepted and why they are not, and what documents are required when receiving and when sending packages.
lecturer: We have found an intermediary that suits the conditions, we proceed to registration and obtaining an address. lecturer: Intermediaries come with or without a personal account.
lecturer: In mediums with a personal account, the package is identified by a personal number, usually it is written in the address and upon delivery you need to write this number. lecturer: Accordingly, the seller sees that these are large numbers, and that this is an intermediary
lecturer: In this case, it would be optimal to write it as an office number, for example.
lecturer: The second type is based on the environment that you don’t want
lecturer: The warehouse address is simply written there without any personal numbers.
lecturer: In this case, the pack is identified by the First and Last Name on the pack.
lecturer: So, how do we register an intermediary? lecturer: The first thing you need, but not necessarily, is to buy a set of documents.
lecturer: I usually don’t do this, because my intermediary never requires it.
lecturer: But it’s better to do it.
lecturer: What is included in the set of documents. lecturer:
Passport, main page and registration page
, SNILS, documents confirming the address of your residence, usually bills for housing and communal services.
lecturer: Finding someone who draws this is quite difficult, but when your pack hangs in the middle, the fart starts to burn
lecturer: Next, again, as a recommendation, create a UPS of the country where the spike will be, and perform all manipulations with the middleware from this Dedik .
lecturer: Again, I don’t do this, I go to the medium directly from VPN Usa, from different IP addresses and everything is fine. lecturer: So, we’ve stepped into the middle, what do we see first?
lecturer: As a rule, intermediaries have several addresses in the USA
lecturer: Warehouses in New Jersey, warehouses in Delaware, sometimes
in California
lecturer: It’s better to send to Delaware.
lecturer: This state is tax-free and you won’t have to pay extra for the goods.
lecturer: We got the address. The address will look like: lecturer: First Name Last Name
600 Markley St. Suite 107451 Port Reading, NJ 07064 lecturer: So, the first line is clear, when placing an order in the online store, we write the name in First Name lecturer: Last name in Last Name lecturer:
In Adress line 1 we write lecturer: 600 Markley St. lecturer: To the address of line 2 we write lecturer: Suite 107451
lecturer: Actually this is my edited address, suite is an office, the numbers after it are a personal identifier on the middle.
lecturer: Port Reading is a city lecturer: NJ - New Jersey state lecturer: last 5 digits are zip
lecturer: Many intermediaries have a button to add an order lecturer: This means that if you received a track from the seller, you can add the pack to your personal account. This will speed up the processing of the pack by the middleware.
lecturer: Further advice on working with intermediaries. lecturer: 1. Do not send a million packs immediately after registering an account
. Leave for a week, preferably 2. Send 1-2 packs per week. And gradually increase the amount. The swing rule works here, as in many other topics. No normal person will send 10 iPhones, 25 Playstations, and the same number of watches to an account in a week. Pay special attention to this. lecturer: 2. Clearly study the rules of operation of intermediaries, this will avoid the loss of packs. Read the FAQ pages or the rules for accepting and sending parcels - most of your questions will immediately disappear and you will save a lot of time.
lecturer: 3. Do not overload the media with expensive packs. It’s better to create several accounts and send a little to each. No normal person will buy 10 iPhones in 10 days. Remember this. This is the same office that we run, so we must behave accordingly.
lecturer: 4. Do not use a medium to drive in expensive equipment, it is better to use a drop. This way you won’t kill your account in case of a charge. According to statistics, middlemen are killed either by a ton of cheap stuff or by expensive stuff.
Accounts that accept mid-priced products live the longest in terms of experience.
lecturer: 5. When entering, indicate the Skype phone number or GV. You should not write the phone number of the agent or holder. That is, in the shipping address column, we write either the GV number (Google Voice) or Skype. This way we reduce the falsity of our actions, and we can always accept a call, or simply find out that there was one.
lecturer: Recommendations for sending goods to yourself: 1. Do not exceed the customs limit (for Russia) 1000 EUR or 1200 USD per month - for one package. That is, if you indicated that the stuff in the pack is worth 1200 bucks, then this month you will no longer be able to send a pack to the same name. He will get stuck at customs, and in the end he will come with a customs
notification; everything over the limit will have to pay 35% of the cost. In connection with recent events, in 80% of cases, to send
packages to RU, intermediaries ask for the recipient’s TIN / SNILS, which is why I talked about purchasing a full set of documents. But since We don’t know how many hands they may be in, the best thing is to agree with your drunk neighbor that he will accept your packs, and take all the documents from him. Trust a bottle of good whiskey - it will do everything)
lecturer: Let's continue
lecturer: 2. Always underestimate the cost of goods for clothes. For example, if you are sending Nike sneakers for 300 bucks, write that the sneakers are NyFi and indicate the cost of 30-40 bucks. I always do this. The same applies to bags,
pants, and, in general, all duffel items. It always rolls. Because no one will bother and set a clear price for a duffel bag. Just don’t write that the clothes are fake or replica, such categories of goods are very strictly regulated for import into the customs union + 90% of intermediaries don’t like this either. Therefore, it is better to write a non-existent brand, or find sneakers on the Internet for this amount and write that it is them.
lecturer: 3. As for the watch, please tear
the box apart and send the watch separately, the box separately. But it’s best to send the watch together with the rest of the stuff. When there are 10-15-20 positions in a pack, in my experience such packs pass through customs much easier than when there are 1-2 positions in a pack.
lecturer: 4. As for jewelry, we write that it is costume jewelry. And you shouldn’t put too much in a pack. It is better to send the chain separately, the ring separately. I recommend sending the jewelry with a bunch of clothes, there is less chance of being burned by customs. Although, precious metals still scorch well with X-rays. so it’s better not to be impudent, don’t send a 15 kilogram package containing 1kg of gold - it will 100% not pass customs)
lecturer: 5. Send equipment 2-3 items per package. For example, 1 iPhone + 1 PSP + 1 video card. There is no need to cram 10 items of all products into 1 pack. Remember that if there are 5 or more identical positions in a pack, you will fall under a commercial batch, and then you will lose the pack. Since they will ask for invoices, account statements, etc. That’s why I always throw sweaters,
jackets, and pants on my equipment. The more bullshit, the better. This is my experience, this may not suit you, but try it anyway.
lecturer: 6. Do not accumulate packs in the middle, especially valuable ones. Your iPhone/iPad/Rolex has arrived, send it right away. It's better to pay an extra 60 bucks for shipping than to lose everything. That is, when entering the middle, look at the delivery date and estimate the approximate time frame. For example, you type in an iPhone, shipping takes 3-5 days, which means next Wednesday it will be in the middle, so today they added a couple more things with the same shipping. The next Wednesday - Thursday the stuff arrived, for example 5 positions of something - that's it, pressed the button to send the pack, paid - we're waiting. There’s no need to pack for months... it won’t lead to anything good.
lecturer: 7. Pay the intermediary only with your own money.
NO CARGE. Don't saw the branch you're sitting on. We made an acc stick or VSS kiwi, threw money into the SS
• paid. From 50-100 bucks, our wallet will not get any thinner, and the account will serve you for a very long time. Personally, my account in the middle has been live for a year and 2 months, and everything is fine, everything is fine.
lecturer: Useful links:
lecturer: I also recommend using drops for receiving packs in ru.
lecturer: There is a paydrop person on the forum, he accepts packages in Rostov-on-Don, and the cost of admission is usually 800-1k rubles
lecturer: Much more reliable, but also more expensive than the drunkard’s neighbor. lecturer: So, we’re done with the middles.
lecturer: Next come the drops
lecturer: Drops are ordinary people who accept your packs. There are 2 types of drops: adjustable and non-adjustable.
lecturer: Fraudulent drops are drops that do not know that they accept parcels. There is always the possibility of missing drops with parcels. Such drops are searched, for example, on job sites or similar offices. Usually they don’t send expensive packs for such drops. The lifespan of such drops is 10-15 days. The cost of accepting parcels in such drops is usually 50-70 bucks. lecturer: Non-adjustable drops are a type of drops that are clearly aware of the risks they are taking. The risk of losing packs is minimized. Such drops receive a good salary and the lifespan of drops is on average 2-3 months. However, they most often have slightly different operating rules. You can learn more about the rules from drop services that provide drop services. The cost of admission is usually 70-100 dollars or% of the cost of the pack. lecturer: Recently, drop services have begun to work stingily, that is, they accept packs and pay you your %. Different drop services have different types of goods accepted and,
accordingly, different percentages. For liquidated Apple equipment they can give up to 55%. By driving the stuff to be stingy, it will save you from the problem of delivering goods to the Republic of Uzbekistan and selling them, and will help you
earn money much faster. However, the amount of earnings will be much lower than if you brought the stuff to yourself and sold it to RU.
lecturer: If you sent the goods for sale, on average a week passes from the moment the pack is sent for drop until payment is received. And if you send the goods to an intermediary and want to sell them in RU, on average it will take 4-5 weeks. Here it’s up to you to decide whether it’s quick and small, or long and big. lecturer: As soon as the drops receive the package, the drop service requires a label to send it to the middleman.
lecturer: A label is something like a postal form. That is
a piece of paper that says who it was sent from, what address it is coming from, who it is addressed to and to what address. Such labels can be ordered on the forum from the relevant sellers. Usually a karzh label costs about 5-10 bucks, if the label is white, the price can reach 500 dollars. Most often, white labels are used to send packs directly to the RU, in order to ensure smooth passage of packs through all authorities.
lecturer: An example of a label can be seen here:
http://prntscr.com/iekzf5 lecturer: 1 – Sender’s full name 2 – Sender’s street
3 – City / State / Sender’s zip code 4 – Recipient’s full name
5 – Recipient’s street
6 - City / State / Zip code recipient 7 – Date of dispatch
8 – Weight of parcel 9 – Date of delivery
10 – Track number of parcel.
Warming up the shops
lecturer: Hello everyone
lecturer: I would like to divide my lecture into 3 main parts:
1. I will tell you about warming up the shops.
2. I’ll tell you about the productions for the series.
3. I’ll tell you a little about reroutes.
lecturer: Let's start by giving a definition of what warming up the shops is. Warming up is a call to the store before ordering, the purpose of which is to win over the subs and accordingly increase the chances of sending the pack. lecturer: warm-ups are carried out mainly in two
ways: 1. Through ringing. 2. Live chat. Well, or the most wooden way, in my opinion, is through email lecturer: let's start with life lecturer
: in general I think that this is not the most effective way, but it still has a place to be
lecturer: firstly, due to the fact that the sapiens do not communicate with you live, they don’t hear you and can’t understand who’s sitting on the other end, so you don’t inspire
much confidence in them
. lecturer: secondly, live chats are usually only available in smaller shops, where your conversation will simply get lost among hundreds of others and you won’t attract any attention to yourself
lecturer: live chat is good when you need to check something in an order, but you can’t call or don’t want to pay money for calling, or if you really want to know something specific about a product, but it’s not very
effective for warming up (at least in my experience it’s hard for me to judge this)
lecturer: in addition, if you do not have a very high level of English, this can play a cruel joke on you, since some subs may pay attention to your writing of the text, your literacy and compliance with the rules of grammar, relatively speaking, if you place an order from some John Jones, and write with phrases like I am don't know, then you will at least confuse the agent
lecturer: so I don’t recommend using Google translator
to compose letters or communicate with saps if you are not confident in your abilities
lecturer: I’ll tell you further about a more effective method of warming up
lecturer: warming up over the phone
lecturer: this also has its own nuances,
let’s say warming up large stores where dozens/hundreds of saps are located, in my opinion is not very effective. in this case, it is better to request a call after
the entry itself, since the sap will be able to make notes that the buyer called and was interested in the status of the order lecturer: if you do this before the order, then the sap simply will have nowhere to make notes lecturer: and this can help you speed
up processing of your order, but you may be asked to call again for verification
lecturer: that is, such a warm-up call does not replace a verification call, if one is required lecturer: next I’ll tell you about warming up small shops lecturer: I usually divide the warm-up of such shops by 2 kind of
lecturer: 1. I pretend to be a hose and ask a bunch of questions to the sub.
lecturer: this is suitable, for example, for calling small shops with electronics/clothes, you can ask about the characteristics of a particular product
lecturer: ask for the availability of characteristics, etc. lecturer: ask questions about delivery speed, etc.
lecturer: roughly speaking, we are just pretending to be typical American consumer
lecturer: this will work especially well in shops where the sap with whom you are talking will be responsible for sending the goods and processing the order
lecturer: 2. The second case is somewhat more complicated lecturer: This case is related to stores selling something specialized, for example musical instruments, professional equipment, auto parts.
lecturer: here it is important to understand the specifics of the product, its
purpose, otherwise warming up will not make sense, otherwise you will fall down
lecturer: If you buy spare parts, it is important to understand what they are for and for what brand.
lecturer: I often call a shop with musical instruments, especially guitars,
since I understand this quite well, this plays a good role, because when communicating with me, the SAP begins to trust and, accordingly, processes the order faster and more willingly. lecturer: I also want to touch on the topic of warming up shops for sending to different ships
lecturer: Americans are very responsive people and you can play on this responsiveness to come up with a legend
for sending different bids/ships
ET.COM
lecturer: Don’t try to push through a legend about that you are sending a package to your mom/dad/brother while you are visiting them, this is all nonsense that will not help you
lecturer: disasters happen very often in the states, mainly in the south
lecturer: this is what you should play on
lecturer: therefore, sometimes to create a legend, I use these events to inspire confidence in myself, for example, regular hurricanes occur in Louisiana, or Florida, or Alabama, or anywhere
lecturer: and let’s say we just have a lecturer from those places: but you need to hiss, for example in Oregon or Washington
lecturer: if you explain to the glander that you, fleeing hurricanes and rainstorms, went to relatives on the other side of the country
and did not take something vital and are now trying to buy it, then your chances of sending the goods increase significantly
lecturer: if let’s say nothing like this is happening in the USA at the moment, you can tell a legend about how termites ate your house, or how you got healthy cockroaches, which you just poisoned and now you can’t return home, since everything there has not yet disappeared this rubbish
lecturer: Americans empathize very much in such cases lecturer: Forget about the legends about: he went to his relatives, to his mother, etc. this is already ineffective, the more complex and hopeless your situation, the greater the chance
lecturer: I’ll sum up the warming up lecturer
: Warming up is still not a panacea, even for small shops, believe me, there is probably not a single shop left in the USA that would not suffer from fraud , therefore, shops take all orders very, very seriously, so don’t be surprised if even after warming up, they refuse to send you, this is a normal process, not all shops do this, but if you approach warming up correctly, you will remain in +, the main thing you to find the ideal scheme according to which you will work
lecturer: Next I would like to tell you about order verification
lecturer: Very often, after entering, you will receive messages - call us to confirm the purchase or something similar
lecturer: some shops, not wanting to send an order, but afraid of
running into a real holder, say that they could not verify the details of the transaction with the bank
lecturer: I’m sure that some shops are stupidly afraid to send your order, for some reason (fraud marked, the IP is far from billing, the IP is in black), but they are afraid of accidentally running into a real person, that’s why they write such nonsense lecturer
: several times I was able to get such packs
lecturer: but 98% of such cases end not in your favor
lecturer: And in some cases the billing really does not match
lecturer: here you can try to call the bank
(first, at least punching ext and ssn, without this don’t even try) and try to resolve the situation with billing
lecturer: but again, it’s very unlikely that you and the bank will be able to solve anything if you don’t know what the real billing is (you can point your finger at the sky by breaking through the bg and look at the last address kh, but this is very expensive and an unjustified risk)
lecturer: but in fact, it’s easier to type in another place and see what happens there
lecturer: Now let’s look at the questions that SAPs ask for verification lecturer
: basically SAPS check the same thing, email, 4 digits ss , billing/shipping address
lecturer: but they may ask tricky questions lecturer
: in many shops they may ask tricky questions, for example, the name and support telephone number of your bank, which is written on the back lecturer: or the nearest street to your address (by the way, I recommend it before every call open the address in Google Maps to be able to respond). in general
, there can be a great many questions with a trick, you can’t provide for everything, however, at a minimum, searching for the address of the kh in Google Maps will allow you to answer many questions that
the lecturer may ask you: 1. Full name. Holder:
2. Em@il Holder:
3. CC data:
4. Billing (holder address): -
5. ShippinSg (TadrYesXdoMstavAkiR): -
KET.COM
6. SSN\DOB\Number of years (if information is available)
7. Website where the order was entered or where the order should be made: -
8. Order number:
9. Date and time of the order:
10. Name of the product (link to the product)
10. (For EGIFT) Recipient name, recipient name (recipient): -
11. Order amount:
12. Number to call:
13. Number to call from ( if a replacement is needed):
14. Name of the bank that issued the card:
15. Bank support phone number (if you need to call the bank, individually)
16. Letter from the office, where and for what reason we are calling
(link to photo): -
17. Reason and purpose of the call, description of your situation: - lecturer: here is the form for calling, save it and fill out the information on it, don’t be lazy, you’ll feel better about it lecturer: they also often ask the
question of what is the best way to call, with substitution or is there no difference?
lecturer: I think it’s better to call with a substitution, it gives you more confidence
lecturer: for some shops this is a mandatory requirement - calling from billing nomea kh
lecturer: Well, in conclusion, I would like to tell you a little about reroute
lecturer: reroute/redirect is a change addresses on the parcel, to the address DROSPAT/WEDMARKET.COM lecturer: I won’t tell you how to do it, but I’ll tell you a little about the technical component
lecturer: I’ll start with the UPS reroute. when rerouting UPS, the request to change the address is visible immediately, within 5-10 minutes the track is repainted yellow and you see the phrase: Request to change the delivery address, but it’s too early to rejoice at this, the shop can quite quickly turn the parcel back and you’re already with You won’t be able to do anything with it (the request for a refund is always higher than others and cannot be cancelled)
lecturer: Fedex reroute is somewhat more complicated
lecturer: in Fed, the request for reroute is displayed only in the city of Kh
lecturer: and there are different types-1. inscription: request
to change the delivery
lecturer: in general everything is clear here, the pack will then turn around and go where it needs to be
lecturer: sometimes the track lights up red and tells you that action is required, for the most part these are features of Fedya and this inscription will disappear in a few hours
lecturer: you will issue a new track
a new track can be displayed as a track for returning goods and hang directly on the website, if you see it, click on it and look at the destination if it coincides with the location of the drop (sometimes it may be a different city, but the same state, then check in Google maps location of cities, it will most likely be the same city or a different part of it)
lecturer: either a new track will come up with a call,
if the pack has not moved for some time, contact the dialer or call your email, you will be given a new track
Anti-detects
Browser-anti-detect of the new generation
We are pleased to present to your attention the most convenient and safe
tool for professional work on the Internet.
lecturer: Greetings to everyone who decided to attend the lecture on Antidetects. Today we will talk about various antidetects that have proven themselves well in our field of work, types of antidetects, we will understand some of the intricacies and features of working with antidetect when driving in and more.
lecturer: First, let’s figure it out with you, what is “Antidetect” in general? Antidetect is a solution (program, browser, browser plugin, etc.) that allows you to bypass various Antifraud systems on the Internet, be it online banking, or an online store, or a client installed on a computer for playing poker. Antidetect allows you to use the same machine for work without changing it, by bypassing different components. MBLAGODARAYAKETEOMTU, A.NSTIOFROMMD the system every time thinks that there is a new user in front of it, or, conversely, the same user, in the event that we need to “mask” someone. The task of modern antidetects is not just to uniquely identify the user, but to give him the opportunity to blend in with the crowd. lecturer: I’ll explain it very simply and clearly: in the first case, if we imagine that Touch ID on an iPhone is an anti-fraud system, and to unlock it you need to put a NEW finger on it every time, then thanks to the anti-detect, we can make a lot, a lot of fingerprints, and pass this defense calmly and successfully every time.
We can say that an anti-detect is like a glove that
allows one finger to leave a huge number of
fingerprints. Secondly, if we imagine that Touch ID on an Iphone is an anti-fraud system, and in order to unlock it you need to apply the same finger every time, which is, in principle, true on an Iphone, then we can “copy” the owner’s finger and successfully bypass the protection (of course, knowing approximately what this fingerprint should look like). lecturer: It should be understood that modern anti-fraud systems do not stand still and are being improved every day - if previously the simplest methods were used for identification, today a number of factors are assessed.
lecturer: In this context, antidetect plays a very
important role, and if used correctly, it will undoubtedly allow you to gain results, but success is not only a fact of its use - you need to correctly and consciously approach work in a specific direction, which will come only through knowledge and experience.
lecturer: You can look at the huge number of factors that modern antifraud takes into account using the example of the very common Threatmetrix system.
As you can see, the browser plays only one of the roles, albeit on the front of events: (Watch the video after the lecture) https://www.youtube.com/watch?v=2PQxoQQOPpY
lecturer: Another excellent example for analyzing AF systems can be specified:
https://developers.seon.io/?shell#request
I advise you to look at this example at your leisure, especially the huge number of parameters related to E-mail, the use of e-mail addresses in other services (Screenshot: http://prntscr.com/isj1yg ), phone number, etc.
lecturer: There are two types of Anti-Detects: Iron Anti-Detects and Browser Anti-Detects. Let's look at each of them in more detail.
Iron antidetect allows you to change the hardware parameters of a computer or virtual machine. As an example, we can cite: substitution of information about the processor, video card, BIOS, network card and various other devices.
An iron antidetect may be necessary when working in the field of poker, casino and other areas that are associated with
the installation of client programs under TW.inCdowOs. M
lecturer: Examples of hardware antidetects include:
1) CCTools 7 (Many have heard about this software, used it, it has long been out of date, but at one time it played a significant role)
2) VirtualBox Hardened Loader - a patch for the hardware antidetect Virtual Box. Vector T13 talks about this in more detail in its webinars “Virtual Machine Anti-Detection” (These webinars can be found on YouTube). It was well relevant at the end of 2016, although this decision still applies today.
lecturer: 3) Also from Vector T13 webinar on the WmWare antidote. Unfortunately, there was only one webinar, there was no continuation. Therefore, the topic is far from completely covered.
4) Antidetect 2018 Pro OpenSource by Vektor T13 – A new free solution in the field of iron antidetect from Vector for Virtual Box. This solution is relevant and supported by the author. Among the features, I would highlight full support for the video card on VirtualBox. The disadvantage of this solution is also its advantage: the solution is free, therefore, you will not receive full support (free) for this solution.
lecturer: 5) Aff combine - essentially the first hardware
VmWare antidetect, a completely up-to-date and ready-made solution in 2018. It also includes a browser-based antidetect based on the Mozilla Firefox browser. Sold on our forum. Price 1000$. 20% discount on tubers.
The ONLY HARD-KNOWLEDGEMENT Actual Qualified.AntiOdetMect on
the forum.
lecturer: Browser antidetect is a program that allows you to emulate a browser based on specified parameters. Simply put, by emulating various parameters, we can simulate any system (Windows, Linux, Android, IOS, MAC OS, Blackberry
) and browser (FireFox, Safari, Chrome, IE, Opera, etc.), as well as even game consoles (Playstation, Xbox).
Browser antidetects come in two types:
Type 1: Antidetect based on a regular browser with
an extension (Chrome) or Addon (Mozilla Firefox) built into it. Basically all antidetects of this type ( Antidetect 7.1, Antidetect from Cert, Antidetect from Good Job, Fraudfox, Antidetect from Vector T_13)
lecturer: Here Antidetects can be divided into two more categories:
A) Antidetects using the physical Firefox browser. This category includes: Antidetect 7.1, Antidetect from Good Job, FraudFox, Antidetect from Vector T_13)
B) Antidetects using the Chromuim physical browser. This category includes: Antidetect from Cert, Byte Antidetect 8.
Antidetect based on the physical Chromium browser is much more complex, more expensive in terms of investment and
requires more knowledge, so the price for such browsers is usually higher.
lecturer: 2nd type: Antidetect, written on the source code of the engine. From the examples that I know, Linken Sphere can be included here.
Anti-detects written directly using the engine source code allow a more in-depth approach to the implementation of substitutions.
More details about existing browser antidetects that are worth our attention:
lecturer: Antidetect from Cert (Cert) - antidetect based on Chromuim. Binds to iron, i.e. Can only be used on 1 system. The author has proven himself well, Cert - one of the very first developers of antidetect in general, and even more so based on the Chromuim browser. Updates are not very frequent, but stable.
Sold on Verifa, costs $5,000. There was a time when I used this antidetect. I don't have it and don't
use it now. In my opinion, the price of the product is unreasonably high. Even if I had $5,000 to spare, I wouldn’t take it. In my opinion, its price is several times lower. Each update is also paid and costs from $50 to $300. Even if you missed some update and didn’t take it, you will have to pay for all previous updates to get the latest version. In my opinion, taking into account the other antidetects available on the market, it is not worth taking for a beginner.
lecturer: Bytovsky antidetect 8 - antidetect based
Chromuim. The author of the product is Byte, the author of Antidecet 5,6,7, which have proven themselves well in their time. Antidetect 8 is an unknown product, only 4 clients. There are no reviews in his thread. Sold on Verifa, price: $3000 + $100 per month subscription fee. In my opinion, taking into account the other antidetects available on the market, it is not worth taking for a beginner. It seems like there is nothing supernatural in comparison with other antidetects on Chromuim, but the product is developing somewhat slowly.
FraudFox, Antidetect from Vector T_13 - singled them out into one
category because FraudFox is essentially an irrelevant antidetect, and Vector T_13 antidetect is not particularly suitable for work, it’s too “crude” and the author has given up on it. The Vector T_13 product is positioned as a means of increased anonymity and is not suitable for work (Vector T_13 itself positions it this way). The product is free, everyone can download and view it on the author’s website.
lecturer: Antidetect from Good Job - antidetect based on Firefox. Binds to iron, i.e. can only be used on 1 system. Infrequent updates, judging by the reviews, the author puts a “male device” on clients and it’s not so easy to reach them, much less get support for the program. Sold on Verif, a full license costs $2250 + subscription fee $200 per month. Didn't even use it. It's not worth taking.
lecturer: Now we come to antidetects that
have excellent price-quality ratio, are suitable for beginners, and are worth having in your “arsenal”:
Linken Sphere (Sphere) is an antidetect written on the source code of the Chromuim engine. Sold on our forum. The advantages include: Excellent support, frequent updates, no connection to the system, replacement of all main fingerprints, built-in functionality for working with ssh, socks and tor, its own unique socks service integrated into Antidetect, the ability to enter from several tabs at once, i.e. To. 1 tab is like a virtual machine, and you can open a lot of such tabs and other advantages.
lecturer: The disadvantages, as for a beginner, will be: a monthly
subscription fee of $95 (5% lifetime discount for VVH users), a shop with configurations is not available, i.e. configs; If you don’t have a PRO subscription (price 475$), there is no way to fully customize windows.navigator parameters. The combination of parameters allows me to recommend it; I also use it myself.
Let me explain right away what a config is. A config is a javascript code that contains information about the browser and
system (browser javascript parameters, WebGL parameters, font set, etc.) Essentially, the config is a snapshot of the system and browser. Using configs further reduces time, because you don’t need to register and come up with all the parameters yourself, you just download the config, edit it if necessary, and you’re done.
lecturer: Configs can be real or generated.
Real ones are those configs that are “copied” from real computers by collecting parameters, and generated configs are those made using a program (generator). The disadvantage of the generated configs is that the parameters may not always be correct and correspond to the OS or browser, or even have values that are not characteristic of the real system.
lecturer: Antidetect 7.1 – antidetect based on Firefox. Sold on our Billy Bones forum. Promotional price for students is $50. Sometimes I use antidetect to this day. The product is completely worth the money. A good option for a beginner. The antidetect is taken forever; there is no subscription fee and no connection to the browser to the system, i.e. You can enter from the main machine, from a virtual machine, or from the system of a friend, neighbor, etc.
Configs can also be purchased immediately, without
the need to fulfill any conditions. Antidetect
7.1 – allows you to fine-tune some parameters, for example in windows.navigator. The disadvantages include that the author (Byte) neglected the software and
there will be no updates, the antidetect does not replace some fingerprints, for example audiofingerprint, webGL, some configs require manual adjustment.
lecturer: Any antidetect reduces the time spent on driving, because no need to worry about clearing cookies in the system, setting up WebRTC in the system, installing browser plugins, fonts in the system, etc.
Also, thanks to antidetects, it is possible to approach the store “from different sides”, i.e. drive into it from OS Windows, Mac, from a mobile device and various browsers.
Sometimes in certain shops or merchs the traffic of any OS or browser is higher.
If you look at the monetary costs of typing, then compared to VNC and Dediks, antidetect also saves money. The config costs $1-3+ sock ($0.2-1) or tunnel ($1-2). A good Dedik will cost from $10 (and it’s not a fact that it was NOT driven into your store, especially if it is popular, and also Dediks often “die” if they are obtained using brute force); VNC price starts from $20. lecturer: BUT! In terms of driving in, antidetect is not a panacea and not a money button. You should not use only antidetects.
There are situations when typing goes better than real
devices (mobile phone for entering, laptop/computer for entering without virtual machines). Therefore, I advise you to “have in your arsenal” configured virtual machines for driving in, a mobile device emulator (Genymotion, Nox), a real mobile device for driving in, several antidetects, etc.
Antidetect, in addition to typing in, can and should be used
for your safety and anonymity on the Internet. Using an antidetect in your security chain complicates your de-anomization with any special ones. services. lecturer: Tips for ensuring your safety with the help of antidetects:
Firstly, use different configs (different OS and different browsers) on different forums, sites
Secondly, periodically (for example, once every 3 weeks) change the OS or Browser on each forum and website.
Thirdly, store the software itself and the browsers that have built-in add-ons and extensions on an encrypted flash drive or hard drive or container.
lecturer: For the anti-detect Linken Sphere (Sphere) you can add S:
A) Do not check the box to remember the password, but store it in your head. This is necessary in order to avoid third parties gaining access to your cookies, sessions, and configs.
B) Use TOR or TOR+SSH TUNNEL in the connection chain. DO NOT uncheck the “Save and encrypt cookies before exit” parameter.
For Antidetect 7.1, you can add that after the generated browser itself is no longer needed for work or typing, it should be deleted immediately, and not accumulate a huge amount, because Each browser takes up about 100 mg, and with a large number of browsers, this all takes a considerable amount of GB, plus each browser contains history and cookies, which will not be a plus when third parties gain access to browsers
.
lecturer: Now let's consider in practice working with 2 antidetects: Antidetect 7.1 and Linken Sphere (Sphere).
lecturer: Antidetect 7.1
After purchasing Antidetect 7.1 and configs for it (ideally, for a beginner, take about 20 configs; for starters, that’s enough, and if you need more, you can always buy more), after installing and launching Antidetect (about purchasing, installing, launching and settings, contact @@Billy Bones) the following window will open in front of you: Screenshot with explanations - https://prnt.sc/h2wovg
lecturer: Let’s go over each item and the settings: Item “1” - This button creates a browser, or rather its Portable version, which has an antidetect Addon built into it.
The browser is not tied to hardware and can be used on any machine and transferred to anyone, be it a partner or a neighbor. In order for the checkbox to light up and be active, you need to select any PHYSICAL browser from the container (Number 5 in the screenshot)
Item “X” - This checkbox determines whether the antidetect addon will be built into the Portable browser or not. If there is no checkmark, then a regular portable Firefox will be created of the version you select from the container (number 5) lecturer:
Point “2” - This checkbox is responsible for the presence of Flash in the browser. From personal experience I will say that it is better to create a browser without Flash, use Flash when it is really necessary and can affect the typing.
Point “3” - Responsible for the physical version of Flash in
the browser. You can select different versions from the list.
The physical version is the one that will be used for substitution; merch and shops do not see the physical version of the browser or Flash, they see the version or the browser that is specified in the config.
Item “4” - Copies the path to the folder of the created browser.
Point “5” - Selecting the physical version of the browser. You can select a Firefox version from 41 to 49. Determines the version of Firefox into which the Antidetect Addon will be embedded. If you don’t check the “X” box, then the regular Firefox Portable browser will be used.
Item “6” - Select a config from the drop-down list. Configs must be uploaded to the “configs” folder, having previously been unpacked from the archives.
Item “7” - Shows brief information about the selected config.
Point “8” - Responsible for WebRTC. When this option is enabled, here you need to enter the IP of the sock, the tunnel from which you are going to drive in.
Item “9” - Allows you to change the config language to the desired one from the list.
Item “10” - Allows you to add additional English. language. When is it needed? For example, if you are trying
to target a holder from Germany whose main system language is German, you can also add English, because Many people have several languages on their computers, for example, English and Russian for residents of the Russian Federation.
Item “11” - Allows you to open the folder of the last created browser.
Item “12” - Allows you to select the time zone and set it in the system with 1 click.
lecturer: About the use of configs and generation. There is no generation of configs in version 7.1, you can use it if you have version 6.5, but there is no particular point in this.
It is better to use all configs except Internet Explorer, because... they can be buggy and non-working. It is best to use the configs with the Firefox browser, i.e. Win XP, 7,8,10, MAC, Android + Firefox Browser.
Now for the settings in the window itself, before creating the browser: the required items where the checkboxes should be:
“X” and “8”.
“9”, “10”, “2” are optional, only if necessary. lecturer: Let's say you selected a config, created a browser, and opened the folder with the browser. Let's talk about some manual settings that you can make in the created browser.
Open the folder with the browser, then open:\ff_Your.Browser version\App\Firefox\browser Example: ff_46.0.1\App\Firefox\browser
There will be two files we need, open Notepad++, then the first file: “jsoverrider.json” . What can be changed there?
lecturer: Firstly, languages can be edited manually as needed, for this you need to change the value of the “Language” and “Languages” parameter (if any) Secondly, you can enable or disable JAVA (DO NOT CONFUSE with JAVASCRIPT!!) To do
this you need to find the “javaEnabled” parameter and change its value from True to False (or vice versa). Example:
“function javaEnabled() {return true;}” to “function javaEnabled() {return false;}”
Thirdly, you can edit the “Useragent” and
“appVersion” parameters, I would even say that this is necessary, because .To. the configs that you will have, be it Firefox, Chrome, Opera, Safari, etc., will already be old according to the browser version. lecturer: Let's take, for example, the Firefox config. There will be, for example, Useragent: “Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1” and appVersion: “5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox /40.1"
Version FiSrefoTx According to this parameter the frame of the steych.acs 4O0.1, Mona is already
outdated, we need to change it to a more modern one, for example, change it to the stable version 48.0. To do this, change the piece in the specified two parameters
“Firefox/40.1” to “Firefox/48.0”. We save the changes, open whoer or another checker and enjoy the changes.
This way you can change any parameter, knowing approximately what it does and means. You can easily learn this yourself by devoting a little time to it. Applies to any blood pressure, not only 7.1.
lecturer: Let's move on to the second file: “jsoverrider.js”. There you can correct WebRTC and the Canvas fingerprint.
Open this file.
Canvas in file: can be changed, can be disabled
replacing Canvas, thereby making the stock (standard) canvas of the Firefox browser.
In order to change the Canvas fingerprint, you need to change the value of the variable “var CanvasWebglRandomParameter”, i.e. put, for example, other numbers in it. (Screenshot: https://prnt.sc/h2y65s ) In order to return the stock (standard) canvas of your browser, you need to delete the line “return context.b_fillText(CanvasWebglRandomParameter, 2, 17);”
Drives may work better with a stock canvas, they may work better
with a substitute canvas, there may be no difference at all, especially if the store is small or simply does not request the canvas parameter of your browser.
lecturer: DSalete WYeXbRTMC. In this file
you can edit all 3 WebRTC (1 external, 2 internal) The variable “ipAddressRemote” contains the external WebRTC.
The "ipAddressLocal" variable contains the internal WebRTC.
I noted another meaning of internal WebRTC in the screenshot under the number “2” Screen: https://prnt.sc/dny2q9 lecturer: Also in this screenshot I showed: Blue areas, the boundaries of the code of each of the 3 WebRTC. This may be needed, for example, to remove one unnecessary internal WebRTC. The red area shows what needs to be removed in order for WebRTC to be completely disabled. Also, external and 1 internal WebRTC can be changed on the fly in the browser itself. (Screenshot: https://prnt.sc/h2yyko )
I would like to add that in the screenshot I indicated what the other columns are for.
It will be useful to read after the lecture for those who are going to take Antidetect 7.1
lecturer: And we move on to the next Antidetect, called “Linken Sphere” (Sphere).
lecturer: After purchasing, installing, and launching the browser (for questions related to purchasing, installing and launching the program, contact @@nevertheless or support), first of all you need to configure the general browser settings. They are located in the “Edit” tab, then from the drop-down list we find “Preferences”.
Screenshot: http://prntscr.com/itjman
In the screenshot I have highlighted the most necessary settings for a beginner. All the rest can be viewed and read in the documentation on the website.
1 item - default search engine, i.e. This parameter sets which search engine will open when you type a query into the address bar of your browser. For typing in, it is more convenient to install the Google PS, for anonymity and security DuckDuckGo.
2nd point – this parameter allows you to specify the site
that will open after creating a session. To enter, it is convenient to indicate any checker, whoer, detect.cc, browserleaks, etc., whichever is more convenient for you.
Point 3 – allows you to set the physical size of the screen, a very important parameter, I advise you to set it every time under the session (config). You can check these parameters (device-width, device-height) here: https://browserleaks.com/css
4th point – determines how the system time will be replaced. Important parameter. There are two options: 1) Through Javascript. 2) The system time will change. It is best to choose the second option, system override, as for me it is 100% not flawless, because In fact, we are not changing the time through Javascript, but as if we are changing it manually in the system.
Points 5 and 6 – I would classify these parameters as security. Ideally, if you are very worried about your safety: put a tick on point 5, not on point 6.
Actually, point 5 allows you to use TOR when logging into antidetect.
Point 6 – allows you to choose whether or not to save the password for your account when logging in.
lecturer: Point 7 – this point allows you to close ports in Web Sockets. Web sockets is a protocol designed to exchange messages between a browser and a web server. In simple terms, using Javascript, a site can check your open/closed Web Sockets ports.
Checker: http://www.andlabs.org/tools/jsrecon.html
According to the checker settings: IP Address – “127.0.0.1”, Start Port, End Port – here we indicate the range of ports (minimum 2), for example Start Port: 5939 ; End Port: 5940. Protocol: WebSockets. After scanning, you will be shown whether these ports are open or closed. In the example I used port
“5939” - it refers to TeamViewer. These ports belong to VNC technology (5900,5901,5902,5903) 3389 – RDP technology, etc.
Regarding setting this item: It is better not to change anything unless necessary.
lecturer: closing ports 80; 8080 in this way will not work right away, I say)
lecturer: The remaining parameters are aimed more at
usability (update design, etc.)
ShriAftRa, size, beskapOy, proxies for
Next, we move on to setting up browser sessions. Each session is essentially a separate system, like a virtual machine, which has its own config.
We'll talk more about free and paid configs and differences in settings during operation a little later; First you need to understand the important browser session settings for beginners.
lecturer: Let's start with an analysis of the first section. (Screenshot: http://prntscr.com/itjucp )
lecturer: 1st point – Select a session (config) from the list.
2 point – This point is needed to create a new session. To do this, you need to enter the session name in this field.
Point 3 – session notes window. A very useful feature.
In order not to get confused in the sessions and to make your life easier when analyzing the entries, I advise you to indicate all useful information in this field (Proxy Score, Risk Score, Which shops were entered into, by what method, the card used, the result of the entry, etc.)
4th point – allows you to set the session color, the session color will be displayed in the browser tabs (screen: http://prntscr.com/h3njn3 )
5th point – allows you to copy the entire session, including prints of canvas, audio, fonts, rects (if necessary).
Point 6 – allows you to change the session name (rename the session).
Point 7 – this point allows you to change the algorithm for replacing the canvas; in other words, this is the second option for replacing it (the first will be discussed below). Which option is better to use? Answer: Both, in different shops there may be different results, so it is better to try 2 options and empirically analyze which is better in your case.
8,9,10 point – allows you to enable/disable HTML 5
Storage, point 9 – allows you to save data and use it even after restarting the browser, point 10 – allows you to save and use data using the large structured data storage standard “IndexedDB”. In short, without delving into the theory. For typing in, both of these points must be enabled (exception: when typing in from a blackberry phone, for everything else, in terms of security, it’s
better to disable points 8,9,10.
lecturer: Let’s move on to a very interesting section for many,
“Fingerprints and other settings” (Screenshot: http://prntscr.com/itkiz7 )
1 item – turns on/off the Canvas substitution. Everyone has already heard about this parameter. Actually, what this substitution does in the field is that it uniqueizes the canvas without significantly changing “its picture”, thanks why it looks more or less natural. You can check the canvas here: https://browserleaks.com/canvas
If you greatly change the picture of the canvas, namely, use popular add-ons for the firefox and chrome browsers to change the canvas, you can 100% easily see the shop. Here's a checker in browserleaks that detects this: https://browserleaks.com/proxy (Option: HTML5 Canvas Protection). Also with fonts, the
“CSS Fonts Protection” parameter). At the moment, the minus of the Canvas uniqueization technology is that the output is 100% unique, and this applies to all antidetects. But, nevertheless, some AF systems react very hostilely to too high uniqueness, so try to periodically disable this function if you suspect that the shop is not working due to this parameter.
Point 2 - turns on/off Audio
fingerprint substitution. The audio print, of course, is not as popular as the canvas print, but over time, more and more banks and shops are introducing it into their anti-fraud
systems. Checker: https://audiofingerprint.openwpm.com/ Antidetect successfully replaces 4 parameters for each session: Fingerprint using DynamicsCompressor (sum of buffer values), Fingerprint using DynamicsCompressor (hash of full buffer), Fingerprint using OscillatorNode, Fingerprint using hybrid of OscillatorNode /DynamicsCompressor method
3 item - turns on/off font substitution.
A very popular detector, it’s easy to replace without an anti-detect, but in addition to replacing a fingerprint, the sphere allows you to customize the list of fonts, which is a definite plus. Checker: https://browserleaks.com/fonts (two “Fingerprint” parameters)
4th item – turns on/off rects substitution. In short, this is a substitution of the browser's coordinate system. The “getClientRects” element allows you to get the exact position and pixel size of the desired element, and depending on the system, or rather the system screen resolution, fonts and many other parameters, the results will be different. The sphere allows you to replace this without changing them too much, which in practice is not covered by Antifraud systems. Checker: https://browserleaks.com/rects (Parameter: “Full Hash”)
5th item – Enables/disables the use of random plugins. This parameter allows you to add a random set of plugins to your session, which allows you to avoid plugin detection. The function is needed for those who have free configs and who are too lazy to manually register plugins. Naturally, a set of plugins is included in paid configs.
Point 6 – enables/disables saving and encryption of cookies after exiting the session. Must be included. An additional security benefit is encryption.
7th point – turns Flash on/off. Here, just like with antidetect 7.1 - don’t turn it on unless you really need to, flash is an additional opportunity to detect you. The technology is currently outdated, all its capabilities have long been available in html5, so due to its absence, few people will no longer look at you askance.
Point 8 – when you enable this point, each time after opening the session will have new fingerprints, which I described to you above. There is no need for this for driving in, but for safety it can be used.
Point 9 – allows you to choose which prints to make, new, random (Canvas, Audio, Plugins, Rects, WebGL, Fonts, Media Devices). Refers to point 8.
Point 10 – this parameter blocks the output of the canvas hash.
It should be used if you are sure that your shop or merch does not respond well to the 100% uniqueness of the canvas. (Screenshot: http://prntscr.com/h3pk3m )
lecturer: Go to the section “Configuring and selecting a connection type” (Screenshot: http://prntscr.com/itkxrv ) lecturer: 1st point – allows you to select the connection type from the drop-down list . Now I will analyze the most necessary things for a beginner to work with.
lecturer: No proxy - this mode allows you to use a direct connection, i.e. Internet is taken from your system. It is necessary if you really want
to work with Proxyfier, Bitvise SSH and other software for using tunnels and socks. As for me, this mode is not needed, because... does not allow you to take advantage of the sphere's advantage of using different sessions at the same time, each of which is configured with a separate sock or tunnel connection, depending on what you like to use. The exception to this situation is the use of a router in which it is possible to connect a sock or tunnel in the router itself, and not on your system. (The forum sells such a configured router)
lecturer: Tor - I recommend using this connection mode for your security chain, when surfing shadow forums and to access forums through Tor, for example the Verified forum.
Socks, SSH Tunnel - combined these modes. The first relates to the use of Socks (Socks 5) and the second to the use of Tunnels (SSH). These modes can and should be used for driving in. For each session, you can configure different connections and use them simultaneously, i.e. in fact, it’s the same as typing in from several systems (virtual machines) at once. Driving from socks or tunnels is just up to your discretion as to who you prefer to work with. I personally use padding socks, LuxSocks. But the problem is that recently they have problems with socks, the number of socks has dropped sharply. Therefore, now I additionally use the “Faceless” sox service.
lecturer: Sphere socks – Socks raised on mobile
devices. These mobile socks are exclusively for clients of the industry; they are integrated directly into the antidetect.
This solution allows you to save even more time and improves the usability and uniqueness of the antidetect, because
The IP data of the socks is from the general pool of mobile operators, therefore, Antifraud systems can treat you more loyally. For better results, I advise you to use the configs of Android devices (Mobile phones + Tablets) with these socks
. Today the socks are at the implementation stage)
lecturer: Point 2 – Field for entering the ip of the sock/tunnel and port. Example of input SOCKS 5: 173.244.217.119:1081
3rd item – this checkbox allows you to disable internal IP. Those. When using this item, only the external webRTC IP will be displayed.
Point 4 – toe/tunnel authorization. Actually, all tunnels have authorization, so you must enter your login and password here, but Socks don’t come with authorization so often, so if you don’t have a login or password, leave the fields blank.
lecturer: point 5 – turns on/off WebRTC substitution. If you turn off substitution, WebRTC will correspond to the WebRTC of your system where the antidetect is installed.
6 point – This checkbox is responsible for External IP WebRTC. You need to disable the checkbox when the IP for connection differs from the IP that is obtained at the output (you can check it on any checker, for example on whoer.net). I’ll give an example from Luxsocks, after buying
a sock I get this iport for connecting
“212.83.165.56:29007”, I check on whoer.net, and there is IP
“97.113.91.76”, therefore, I have to disable this checkbox, and in the field “EXTERNAL IP WEBRTC” for competent substitution, I must write this IP
“97.113.91.76”
lecturer: Point 7 – this point allows you to enable IPv6 substitution. It should be used only if this information is “leaked” on your system. You can check the leak here: https://browserleaks.com/ip
“IPv6 Leak Test”.
Point 8 – disables WebRTC substitution, i.e. When this function is enabled, WebRTC will show that
it is disabled. CheTkeYr: wXhoMer.nAet
RKET.COM
lecturer: 9 point – allows you to set your own DNS. It must be used if your sock or tunnel does not have a DNS or is from a different country, or you need to replace the DNS not for typing, but for your safety. The “check DNS” button checks the functionality of the DNS server you specified.
Please note that working with this parameter is very important - DNS has the same meaning as the IP itself. In addition, it often happens that when you buy a Socs without its own DNS, the system’s DNS is shown (this is what happens by default if this field is not filled in and the Socs does not have its own parameter), and you catch Declines due to suspicious activity.
Point 10 – this “Check Proxy/ Geo” button allows you
to automatically check the connection Sock for functionality when pressed, and also automatically install it based on its geodata (based on MaxMind) and IP: Time Zone, External WebRTC, GPS) lecturer: Let’s move on to section 3 of the program: https://prnt.sc/itkq52
lecturer: 1st area - responsible for UserAgent. By clicking on the
“manage” button, you can edit, add, delete Useragents. Then you can quickly select the desired Useragent from the drop-down list in 2 clicks. The buttons at the top (“Chrome”, “Safari”, “MSIE”, “Other”) allow you to very quickly select by browser type.
I would like to clarify that on the website, in your personal account, there is a
“User Agents” section - there you can select ready-made user agents by OS, Browser and device type for free.
Area 2 – is responsible for the language of the session. You can select a country from the drop-down list, and the language will be entered automatically, or you can enter it manually in the input field, which is located to the right. lecturer: Point 3 – Blocking pop-up windows. This function prohibits the creation of pop-up windows.
Use only when necessary, sometimes a shop or merch will have “necessary” pop-ups.
Point 4 – All a beginner needs to know about it is that if the site loads with errors, or something does not work on the site, which does not allow you to complete the typing, you should enable this function. Do not turn it on unless necessary.
lecturer: Next section - https://prnt.sc/itklmh lecturer:
1) Config manager - in other words, free
configs. We clicked on the button, selected the browser type, selected the OC, clicked generate and the free config was loaded.
2) Setting up WebGL. This section allows you to configure all possible parameters for WebGL 1, WebGL 2, disable WebGL if necessary, and also generate it if you are too lazy to configure it.
3) Advanced settings. (Screenshot: https://prnt.sc/h3q2d0 ) This section allows you to manually register plugins, manually add http headers, manually edit more than 27 Javascript parameters. lecturer:
4) Fonts. This section allows you to edit a set of fonts, i.e. You can create your own list of fonts that will be visible to antifraud systems in addition to replacing the font fingerprint itself.
5) Window resolution emulation. This feature allows you to hide
your real screen resolution, and it will match the user agent data. Useful when working with mobile configurations.
6) Touch screen emulation is simply a MUST HAVE when working from mobile configs. Full touchscreen emulation as on mobile devices. None of the existing antidetects except this one have such a function.
lecturer: 7,8) These two values set the screen resolution. 7 – screen width, 8 – screen height. Example 1920x1080
lecturer: Let's move on, the next small section.
Screenshot: http://prntscr.com/itkmis
lecturer: 1st region - responsible for replacing geoposition. Latitude - geographic latitude, longitude - geographic longitude.
It is not necessary to put the geoposition directly under the ZIP of your tunnel; it will look quite normal and natural if you put the geoposition up to 10 km from your toe.
Example in the screenshot: http://prntscr.com/h3pyv1
The marker in Google maps marks the coordinates of the sock, there is a circle around it - so the area of the circle is a fairly natural geo-position for this sock/tunnel. lecturer: 2nd area – is responsible for changing the time zone, or simply put, setting the time zone and time.
The time can be set either by selecting a state from the drop-down list, or by selecting a time zone from the drop-down list.
Again, I want to clarify that when you click the “check proxy/geo” button, the geoposition and time are set automatically, which saves us precious time.
We've sorted out all the possible sphere settings that may be needed, now let's finally move on to working with this product.
lecturer: Option 1 – you have a PRO account and access to the config shop. How it works - buy the required config in the config shop, add it to the sphere, configure the connection type, WebRTC, DNS if necessary, click the Check proxy/geo button (the time zone and geolocation are automatically configured), then select the checkboxes of those fingerprints that you want to replace and go
ahead drive in In fact, what I described takes about a minute.
lecturer: Option 2 - you do not have access to the config shop, then you can configure it in two ways. The first is installing the required User Agent (choosing from ready-made ones or downloading your own, which is preferable), after which the parameter is generated using the built-in generator.
After generation, you will need to look at, tweak, adjust WebGL parameters, Advanced settings, Fonts, etc. The second option is to use built-in free configs (there are about 50,000 of them) - create a session, click Config manager, select the desired browser and OS, get the config of the real device from the built-in database. You don’t need to do anything additional with it - then it’s no different from the first option: configure the connection type, WebRTC, DNS if necessary, click the Check proxy/geo button (the time zone and geolocation are automatically configured), then select the checkboxes for those fingerprints that you want to replace and drive forward.
lecturer: However, built-in configs tend to
lag because they are used by a fairly large number of people, and their quality is objectively worse than those in the store, and this can negatively affect the result, although they are quite suitable for testing the strength of a beginner
.
It is also possible not to download a free config, but to write it yourself in the field from scratch, but for both the first option and the second, you need to have experience and knowledge of all the parameters. You can read about all the parameters in detail in the product documentation + Google for help.
More useful features in this Antidetect:
lecturer: 1) Antidetect has its own Web Emulator built into it
– this tool allows you to simulate the behavior of a real user by visiting sites automatically. In practice, this is necessary in order to reduce the routine work of collecting site Cookies, site visit history, in other words, “warm up” the system before entering it into the store. You can also configure the emulator so that it imitates the user’s behavior in the store before entering.
lecturer: 2) Entering data when entering is simplified - the antidetect
has its own Vbivotron built into it. The function is convenient, but please note that some sites are very hostile to copying, and even specially configured intervals of humanoid input may fall under antifraud.
Use the function if you are sure from your own experience that the store does not react in any way to such input.
Search for shops, merchandise
lecturer: We will divide the lecture into 2 parts, with a short break, since the volume of material will be large.
lecturer: Part 1 – Search for shops. Part 2 – Analysis of merch. lecturer: And so, let's go. Part 1. Search for shops.
lecturer: I’ll probably start right away with a warning: looking for shops with queries like: buy apple iPhone X, or buy macbook pro, or buy Gucci jeans - there’s no point. Since on the first pages of search engines there will always be giant shops, like BestBuy, Amazon, Seers, etc. You can work with them, but they require a completely different approach and experience.
You won’t be able to take the first SS you come across and drive in 10k dollars
, don’t try.
lecturer: So how to find the right shops? Here are just a few options:
lecturer: 1. You can search for shops using SEO optimization resources on one of the sites on the desired topic. SEO optimization is a set of measures for internal and external optimization of a website to promote it in search engines. Accordingly, the higher the site’s position in the search engine, the greater the traffic, and accordingly, higher-frequency queries are used to promote it.
lecturer: For example: at the request of Gucci jeans, Google produces
the following picture. http://prntscr.com/gpqxsz , let's take the 5th site as an example: http://prntscr.com/gpqxig . We go to the site, find any necessary category (in this case, dinner jeans) and right-click on a free field in the browser field.
lecturer: We need the line View Page Source http://prntscr.com/gpqy48 - click on it, we get this: http://prntscr.com/gpqyez- we see that in the meta name line - the requests for which this page is promoted are written. All we have to do is compile the queries with our own and go searching more specifically, for example: if you make the following query “clothes shop+inurl:super slim jeans” then Google will return http://prntscr.com/gpqzqh and http://prntscr.com /gpqzu9 .
lecturer: 2. Shops can also be searched through “
query operators”, about which you can read in more detail here https://sites.google.com/site/tilromen/poleznoe/kak-pravilno- sostavit-poiskovoj-zapros-google, or even better, study them on SEO forums, you can find a lot of interesting things there. As an example, I will give the following query operator: clothes shop+ inurl:e-gift - will give us a list of shops that have the phrase e-gift in the link, or “clothes totes egift” - Double quotes allow you to find only the expression that they contain.
lecturer: 3. You can also search for shops through eBay, but not
everyone has their own website, you need to search. It’s enough just to go to the product we’re interested in and look at the information about the seller; if it’s a shop, we’ll see that the page is usually colorfully designed, and the seller’s name is something like: freeshippngshoes, bestshoes, goodwatches, etc. Study carefully. Next, all we have to do is enter this data into Google and go to the store’s website, if one exists. However, it is not always possible to immediately bypass
the shop’s anti-fraud system; sometimes it’s easier to drive it into eBay (but more on that in the Brutus lectures).
lecturer: 4. Shops can also be searched through Amazon. We go to amazon.com, enter a query in the search bar, for example SSD. We are interested in the left column http://prntscr.com/dusrr7 , go down below, we need the line “Seller” and click “See More” http://prntscr.com/dussij , we will be redirected to the next page http://prntscr. com/dust0d . This page lists sellers of products in this category. All we have to do is copy their names and paste them into Google, and then continue by analogy with the previous one.
lecturer: 5. Shops can also be searched by parsers, for example
Butterfly. The disadvantage of parsers is that they find a lot of all kinds of garbage, so you have to sort through the sites manually. Although they certainly sometimes help a lot.
lecturer: 6. Shops can also be searched through SQL Dumper, if the roads are compiled correctly, you can find very sweet shops, but the dumper eats a lot of proxies, so you will have to constantly load new ones into it.
In general, it is needed to search for vulnerabilities on websites, but the lecturer can easily adapt to searching for shops: 7. You can also search for shops on thematic forums, for example: a forum for young mothers, or a fishing forum. With the right approach and SI, you will be given a bunch of shops that you will spend a very long time looking for on the Internet.
Thanks to the young mother Michelle - she suggested an excellent
shop with expensive baby strollers and a no-show anti-fraud system. The shop unfortunately closed, and the strollers arrived in RU)
lecturer: 8. Shops can be searched on the website http://www.resellerratings.com
lecturer: At the top there is a drop-down menu store ratings. There we select browse all stores by category and on the left there will be a menu with categories. For example, choose apparel and jewelry. We see “sort by” and click
lecturer: This will display the sites with the lowest ratings on the first page. But there are 468 pages of these sites in the clothing and bizhi section. About 70% of them have a zero rating and about three quarters of those 70% of shops are small, giving well. Sometimes you come across shops that seem to have no ratings on this site at all, but in fact the shop is large and will just send you horseradish.
lecturer: In fact, there are many ways
to find the shops we need, with the right product, but I most often use these methods of work. I recommend that you experiment with query operators, as this is the fastest and most convenient option for searching for shops.
lecturer: In my experience, sometimes large stores send much better than small ones, but this is more an exception and direct hands than just luck). You need to try to break into all the shops you like.
lecturer: Sometimes you come across a scam shop, for example, I came across one where Canada Guz cost 200 bucks,
so it’s better not to swear in such shops, they were created by our colleagues to collect swear words. Study the shop carefully before entering.
lecturer: Part 2. Analysis of merch and their features.
lecturer: Merch is an electronic aggregator for processing incoming payments, in other words, it is a program that directly accepts payments
through the website. There is a huge variety of merch, both large and self-written.
lecturer: To determine merch, I most often use the site http://builtwith.com/ , - if you have the opportunity, you can buy a subscription there for your hard-earned money, it costs 500 bucks a month, don’t try to waste money - it won’t work. We enter the address of the store into the line, and it will give us all the information about the store, in the E-commerce section, there will be the merch we need.
Sometimes the merch is not shown, then you have to look for redirects in the browser or hit at random, this also happens.
lecturer: As for Euro merch, most often they can be seen during checkout, that is, when you are already entering a card, since most Euro shops do not post information about merch on their pages.
lecturer: Below is a list of merch products that are often found in the US:
lecturer: 1.Shopify – it is believed that every month it is more and more difficult to add it, but no. Everything is much simpler, you need to adjust the system to this merch. Merch loves real hardware, and he practically doesn’t care about socks and tunnels, the main hardware and the unique fingerprint
of the system. Fine and competent tuning of the system is very important. In general, merch is burning both grandfathers and IP substitution. Doesn't even bother with order cancellation letters and letters about possible fraud on your part.
The solution is to perfectly configure your driving system. lecturer: I have a separately configured virta for each merch, and accordingly I just change my socks and hit.
To find shops on this engine, we use the following search query: Ecommerce+Software+by+Shopify+dildo
2. WooCommerce is quite an interesting merch. I haven’t seen it that often; in terms of trafficability, it all depends on the shop. That is, what level of security is the merch set to? Some shops ship tons, some can't even get a dollar out of them.
lecturer: BSigCTomYmeXrceM – basically the same as
Shops are searched like this: dildo+ giftcertificates.php – will find all shops with dildo gifts))
4. Magento and its derivatives. My most favorite merch. Easy to work with and not particularly fussy.
Shops are searched for by dildo+ .com/checkout/cart/ - the cart itself, dildo+ .com/customer/account/ - account.
lecturer:
5.Shoprunner – aka merch/engine for many mono-brand stores. Light enough to work with. You can also punch it with a brute force.
6. Zen Cart – also quite common. It beats a little more difficult than the previous ones, but does not cause much trouble.
7. PrestaShop – basically everything is the same. A clean sock +
a well-tuned system and we will be happy with you. lecturer:
8. OpenCart is my least favorite merch. Even with perfect typing, it can send.
And the “f*ck off” messages go away. I still can’t understand him.
9. X-Cart - not so easy to find, but if the shop starts to give, then prepare the trucks
lecturer: Taking into account the peculiarities of setting up an ABC system in shops, it often happens that shops do not see the full address of the holder, but only see spare parts. Therefore, sometimes it is advisable to take a card under the middle/drop zip, and drive a beel=thorn into their address. Such shops can only be found by testing.
lecturer: I also recommend taking a roller (the same credit van) and entering the shops you like for small amounts to the holder’s address in order to see movements on the card.
Some shops write off the money right away, some hold it, some write it off at the moment the pack is sent, so having this information, you can easily choose a checkmate and a method of working with a specific shop lecturer: I will also give examples of euro merch: 1. SagePay (Saga) - BBW
always , each shop likes different types of cards. There is no safekey for Amex. YUK and YUSU eat by reset, but not all the bins. If the card is accepted, they almost always send it. As for air, the same principle applies.
lecturer: Stub Hub + virtual pos terminal – very often found on sites that sell tickets to all kinds of events. It’s quite difficult to push in this merch, VBV always does, I couldn’t
push in Yusa even once, only EU. It scorches everything, right down to the color of the socks you’re wearing, but it’s worth it).
https://prnt.sc/gpr913 - this is what driving in actually looks like. lecturer: 2. BancaSella is one of the wonderful WWW merch products. With a bang, Yusa and Yuk are discarded. A miracle happens and there is no problem. 100% hit if the transition is successful.
3. Adyen is also handsome, all countries climb, there is no safe key, discovery is available in most shops, and this is a sure way to bypass the WWW. However, even with the included card, the shop can get to the bottom of it. As for airlines/hotels - if the card is included, 100% hit. Reservations and tickets are in your pocket. lecturer: 4. Bucharoo - complex Dutch merch. VBV/Safes, You can also drive in with a usa - but extremely rarely - rather an exception. However, there are shops with which, having developed SI, you can drive in a yusu or another eu mat.
5. Wirecard - there is no key safe, just like Amex, practically,
YUSU has been eating great, at least for the last 2 months. It also happens without VBB.
6. Erstes - the same wirecaird.
7. SaferPay - safe deposit box, EU only. Sometimes without vbv.
lecturer: 8. Euro payment service – the reset mate fits perfectly. Yuk mat eats at least 10k, without any complaints
lecturer: PayPal and all its brothers - it’s clear here, I’m not considering it, there will be separate lectures
lecturer: Zerogrey - eats everything as before, just serve fresher beans. There is a 99% chance that the first order will require rendering. If done well (photo and not a scan), then success is guaranteed. I advise you to always create an account
in the store; if the card survives after the first sending, get the most out of it.
Europe and Asia
lecturer: today we are talking about EU and Asia, I would say in general about working around the world. Stop Flood)
lecturer: Working with maps of other regions (other than us) has a number of features, and it is logical, because There are different banking systems from region to region.
lecturer: I would advise you to look at this direction when you either already have a wealth of knowledge (and I’m talking in general about the mechanics of work and setting up the machine), or you have money for tests, but of course the best option is when you have both this and that
.
lecturer: The direction is interesting, but it requires investment, start working on it, keeping statistics, and you will see patterns.
lecturer: The lecture will be more of an overview nature, I’ll tell you the important parameters below
lecturer: And so let’s start, but first I’ll highlight one of the main advantages of the EU and Asia mat - the AVS system is not connected, who forgot the link below
lecturer: And let’s figure out what it is right away 3ds (aka vbv/mcsc)
lecturer: Bin is the first 6 digits of the card, well, I hope you
already know this.
lecturer: We remember that the AVS system is in England (uk), and nearby countries (Ireland, Scotland) because they are sometimes serviced by banks in England. Also, on English banks there is no ABC system. There is also Autovbv, that is, when the fraud likes you, the 3ds code is not requested, it can be configured on the side of the shop or bank.
lecturer: For example, a shop may simply not request a VBB up to a certain amount, let’s say it just has several merch, or the merch has dynamic 3ds disabled.
lecturer: We remember that driving in cards in the cardholder’s country can have consequences in the form of a quick charge.
lecturer: We warm up the shop, make sure to communicate. SI is our main tool. Communication with shops, receiving feedback, all this is important. At a minimum, it saves you money when you find out important information before entering, such as which countries the material is going through. lecturer: Just imagine, you can communicate with shops (tell them your stories, be like a holder), you can call banks and find out the reason for the Declines, etc.
lecturer: If from English. difficult, then use Google translit,
or a plugin for the grammarly.com browser
lecturer: As a rule, around the world (that is, outside of the US), communication with shops/offices is done by mail, less often by phone
lecturer: When entering internationally, get ready for the fact that I may request documents, this is normal, it’s more convenient It will happen
if you draw the docks right away, so that when you request a shop, you don’t have to make them for too long. Is it possible that a specialist can request the docks in order to stall for time until the charge arrives?
lecturer: SS with 3ds code and SS without 3ds, it’s simple.
lecturer: That is, somewhere you know the 3DS code, somewhere you don’t, somewhere it’s simply not installed on the card or is not needed at all for work, or it can be changed like a password in the mail (either easier or unrealistic).
lecturer: As for resetting the 3DS code (like resetting a password)
• it can be changed by knowing additional information on the card, like doba or
ssn, or other data depending on the country and bin.
https://prnSt.scT/fyYheyXl
lecturer: Next, the material and methods of work are divided depending on the countries and methods of receiving VBB (static, in SMS code, 2FA in a bank application)
lecturer: For example, what you can work with: lecturer: USA/Uk cards with 3DS code reset - it
Relatively painlessly it is reset on yuse, on yuk it is reset via dobu, zip, but more and more often it is received by phone via SMS.
lecturer: They drive it in - it climbs all over the world, in Asia, Europe and other regions
lecturer: Yes, using eu/ca/uk/au/usa you can reset the 3DS code and install your own knowing only the ext, but you need to look for bins that will suit you, because It’s becoming less and less common that the code can be changed so easily, and more and more cards are dying after changing the code. But if you have the means, you can try
to collect a database of beans.
lecturer: USA and the rest of the non-3ds countries - here you have to figure out the statistics yourself about what goes where, let’s say USA non-3ds almost doesn’t go into Europe, but it will already get into Asia, it’s also quite difficult to find EU bins without BBW, but in general it’s possible
lecturer: What is worth noting is that in Asia almost everywhere the 3DS code is sent via SMS; in EU you can still find a static code, but less and less often. Also in USA, large banks set up the reception of 3DS code by phone or it comes by mail (but in In general, there are still many banks with easy reset of 3ds by dob or dc). lecturer: The trend in the market is such that it is very difficult or almost impossible to buy a mat with a known code, a more realistic option is to take it for a % of the profit (transaction amount), but that’s a completely different story) lecturer: In the selection of cards you should not always give
preference only bold bins like gold/platina/signature, this is just one of the points when choosing a card, do not forget to look at the issuing bank and country. At least the country is for sure, in India there may be nothing on gold, but in Singapore there may be a lot of money on classics, here we generally use logic, you can google countries and see what the situation is like there. lecturer: To make it clearer, I’ll tell you about driving methods using different mats. (in general, this is all quite logical, and all the methods are based on what - where to hit and what to hit)
lecturer: That is, we look at the CC that we can buy, and
look at the store and where it delivers (don’t forget about the SI, and study the shop)
lecturer: Let's say - you can use USA/YUK mat with reset in EU shops from WWB, and make delivery to any address, or rather, they won’t see it if you specify billing not from the card, there is no avs system.
lecturer: The same as - to beat EU cards in USA, with delivery to Europe, yes they will ask for docks, yes there will be verification, but if the store is medium or larger, and there is delivery, then they will send it. lecturer: If there is material with a known code bbv then
let your imagination tell you where to put it - and this is either the most liquid product, Gifts, and so on, I think when it is in your hands you will be able to understand what to do with it, it does not fall from the sky.
lecturer: Sorting/determining 3DS protection in a shop (availability of merch). This is relevant, since many shops may simply not indicate that they have 3DS protection; there is also the fact that (mainly in Asia) the 3DS icon may be on the store’s website, but in fact it is not there, this is how carders are scared away .
lecturer: You can at least look/add some information on merch here -
lecturer: To determine the presence of a 3DS shop, I usually
take a card that has 3DS on it and I know it for sure, and drive it into the shops if the 3DS window opens (I I posted the screenshot above) then there is 3ds) if not, then no.
lecturer: We pay attention to the lock region, when working with different countries you may encounter it, it does not allow you
to make a transfer in a country/shop different from the country of the cardholder.
lecturer: We also remember about customs limits, naturally all the information is in Google.
lecturer: The WWW page has its own antifraud that you need to go through, as a rule, it’s not difficult except for the already tired Germany. (On the issue of region location, this is one of the ways the bank determines that the ip does not match the strange billing card) lecturer: Yes, for
cards with 3ds there is usually a long charge (except for yuk and usa), and if payment is made, then the fault lies with the holder, the shop itself is not responsible for it, so even if the shop sees a request from the bank, it can send
S.
TYXMARKET.COM
lecturer: Amex has an analogue of vbv, this is sefkey (but shops with support for this protection are not very common) lecturer: In conclusion, I want to say that the trend is that everywhere they try to have the 3ds code via SMS, or 2fa via an application, entering with with a reset code, they either die quickly, or the code simply cannot be reset. Considering that it is difficult to get a mat with a known code, you should either drive it into shops where there is no 3DS protection, or it is not on the card (or autovbv).
Having typed in from A to Z
lecturer: Hello everyone again.
lecturer: What is hammering and what does it consist of?
lecturer: In general, driving in looks like this
:
1. Found a shop
2. Selected materials for driving in (card, sox/tunnel/dedik, address/intermediary)
3. Typed in
4. PROFIT
lecturer: But... when instead of Order Success you start receiving order canceled / decline, you understand that in fact, there are much more details/underwater rocks/devils in the still waters - call it what you want - much more than 3. lecturer
: You may have never thought about this before, but this is precisely what could/may be the reason for your failures. Right now I propose to look at what the beating consists of and what it is eaten with. lecturer: Let's take as a basis calling each detail
a “variable”. Let's call a group of variables that fit one category a block; each block consists of several sub-items and variables inside it, let's proceed to a detailed examination of the blocks and variables inside them:
lecturer: CREDIT CARD block:
• bin (the first 6 digits of the card, determines the issuing bank, country of issue, card level, presence/absence of vbv ) lecturer: A particular bean may have restrictions on payments, limits on spending funds / limits on payments on the Internet, or it may simply be “non-cash”, various types of VBV/MCSC and its reset (reset varies depending on the bean);
lecturer: autovbv bins - when vbv is on the card, but does NOT require entering a password and is processed automatically.
You shouldn’t dwell on this sub-item, but you should at least take note. Therefore, write down each bin that you encounter in your work, as well as the result of working with it.
lecturer: - Card level, card type Card
level, Classic / Platinum / Premier / Gold, etc., as well as Debit / Credit. Based on the level of the card, it can make assumptions about the presence of a balance on it. It is logical that there will be more on platinum credit cards than on
classic debit cards - purely statistically.
lecturer: - validity of the card
Nothing matters: neither the quality of the IP, nor the system settings, if the card is dead. You can be absolutely sure of this only by calling the bank (or if you have an enroll to the card). Checkers often kill cards, so you can’t blindly trust them, and it’s better not to check US cards at all before inserting them.
lecturer: - billing info/address - credit card address (billing address, billing - the cardholder’s residential address), unfortunately, crooked billings appear on cards from time to time, and in the case of a crooked card being inserted into the merch that AVS checks (for example, almost all USA
stores ) such a card will not be included.
lecturer: The reasons contributing to this are the method of obtaining cards; almost always the information about the card that comes to us is the one that the holder entered somewhere HIMSELF. He can order something for work, for his mother-in-law’s house, and so on.
lecturer: There are various methods of dealing with this, I’ll tell you about several that I personally used:
A) By punching the holder’s billing before entering the card
lecturer: B) Searching for information about the holder in publicly available sources, for example, by searching in Google Name + zip (John Woods 18462 ) and checking the correspondence of the address and name on various sites and social networks. networks.
lecturer: C) By driving in certain bins and types of cards. Types of cards include Business Cards (cards for business).
These are work cards that are often registered to a company/organization (so don’t be surprised if suddenly, instead of a name on such a card, you see something like “Mike Stewart Washington Water Restoration”) lecturer: The advantage of entering such cards is that in
billing they are equal in 99% of cases, which other types of cards cannot boast of, due to the fact that the company orders goods or pays for services in relation to its work address, that is, billing. Minus - not all beans will give.
lecturer: - check cards. There are several types of card checks:
A) Authorization and write-off. A random amount of money is authorized on the card (from $0.01 to infinity, but usually no more than $1), using the same principle, a check is entered
somewhere when the amount is written off.
lecturer: B) Pre-authorization and/or cancellation of authorization. During pre-authorization, the amount is not debited due to its quick cancellation; when authorization is cancelled, cancellation (cancellation) occurs after the direct authorization of the amount
C) Calling the bank
lecturer: Each bank and bin has a different attitude towards different types of card checks, but basically this effect is negative (especially when working in the USA) and it happens kills cards (even pre-authorization)
lecturer: The next block is the camouflage block:
The first point will be called the “human factor”. At the moment, many banks automatically analyze the amount of monthly expenses and the type of transactions of the cardholder, and
due to absurd behavior (this is when a 65-year-old lady buys a snowboard), it is possible (I emphasize, possible) that the bank will refuse transactions. lecturer: This point is not critical, but it cannot be ignored. The shop transmits information about the transaction to the bank,
so you need to dial the minimum fraud score to bypass anti-fraud systems - focus on this.
lecturer: There is a sub-item for this item “Mode of behavior”. By this I mean the motivation and purpose of a person buying something at that particular moment in a particular store.
lecturer: Create an image for yourself, become a holder, you are driving in your card, not someone else’s, believe it! Are you a 65-year-old woman and have decided to give your son a laptop?
Talk about this with the store support and ask for advice, read the product description, make a mistake when entering text, your eyes are no longer the same as in your youth!)
lecturer: Sox and the tunnel as a whole can be grouped and called an ip-address block, then the variables in this The block is as follows:
lecturer: - IP purity according to blacklists
• open ports
I talked about this at my security lecture, in short, this is neither a negative nor a positive parameter in most cases.
lecturer: - geolocation of IP addresses using the maxmind database (or another important one)
Whoer.net and a number of other sites have an outdated max-mind geo database, so the consumption of geolocation information from the driven site in comparison with whoer and some similar sites can be very significant and critical, up to another state. lecturer: Certain sites have their own
geo-bases, often on these sites you are offered to automatically fill in a zip code, city and state, so when entering into such shops it is better to focus on the information they provide and select material based on it.
lecturer: - proxy & risk score
• provider, host name, DNS, belonging to the ip hosting provider
Internet provider ip, host name can tell about
the IP belonging to the cloud hoster (see lecture Security and setting up virtual machines)
lecturer: - range zip code ip from zip code cc
Using an example: we own a card with a zip code in billing 97401, which means zip ip should be as close as possible to zip, that is, 97401 / 9740* / 974**, etc. - however, this directly depends on your topic and the place where you drive, for e-gifts you need to select as close as possible, for a duffel bag, depending on the situation: under a drop/media or holder.
lecturer: Dedik, virtual and physical machines are included
in the second group of masking, respectively, they are a separate block and have their own groups of variables, namely:
lecturer: - OS
Version of Windows / Linux, etc.
• browser (Browser, version, WebRTC settings, coockies) lecturer: Serious merch can also request information from the browser about installed plugins (they can only check by requesting the id of a specific plugin(s)), check the sites on the list where you
logged in (https://browserleaks.com/social - you can check here, for example). In practice, with Facebook logged in, for example, this is a plus, but not critical.
lecturer: What is coockie stuffing?
• Stuffing cookies, surfing various sites - imitation of a real user BEFORE typing in. lecturer: It looks strange when a person with a “naked and
empty” browser goes to buy Gifts for a thousand bucks,
doesn’t it? Therefore, we create the image of an ordinary hamster user by first surfing the websites of all sorts of local clinics/restaurants, Amazon, eBay, Facebook, etc., in general, I talked about this in my lecture on setting up the system and security, now I remind you that this is the case.
lecturer: - all kinds of fingerprints (fonts, fingerprint, audiofingerprint and many others)
The set of fingerprints generates your unique impression of the user, which remains in the system, is solved by changing the system (changing Dedik, etc.), replacing a number of point fingerprints (such as fonts, screen resolution , video card frequency, etc.) and/or using antidetect.
lecturer: Block driving process. In my opinion, the typing process itself consists of several things, which, like all variables, can vary and/or modify themselves:
• the method of getting into the store (for example, from Google, or from Facebook/Twitter, other places)
lecturer: Yes , this is also important. Yes, shops see this too! To one degree or another, this also matters. There are several types of transition, I’ll tell you about them, starting from less trustworthy and moving to more trustworthy, respectively: lecturer: A) directly from the link from the browser’s home page, for example, browser > amazon.com B) from search engines, for example, google.com > amazon
lecturer : C) Social networks, affiliate programs, various coupon/cashback services.
The shop keeps track of where you came from, the most advanced methods = the most reliable!
lecturer: - manual text entry or copy-paste - antifraud is scorching, do you copy your name from the clipboard when making purchases from your card? Don't think. lecturer: - warming up the shop
Surfing the shop, CONSCIOUS selection of goods, reading reviews, delivery methods. Removing/adding items to the cart[from], registering an account in the shop (and possible temporary suspension of it), calling in advance or communicating with support.
lecturer: - by dialing / no
Some shops have the ability to order by phone - order by phone. It happens that the holder’s website does not load/is glitchy and then a support operator comes to the rescue, who personally enters your card details, etc. The advantage is that the antifraud actually does not see
your system/IP address, and therefore does not assess the risks based on these factors.
lecturer: - billing = / ≠ shipping
Compliance of the entered billing address with the shipping address, it happens that orders are canceled due to differences. You can fight in the following ways: go through antifraud on all other indicators / warm up the shop (for example, chat in a live chat and say that you want to buy a gift for a friend, etc.) / search for shops that allow you to do this / enter billing = shipping = drop/intermediary (when checking The AVS system will not work in most cases), driving in
illiquid assets that will not be subject to antifraud. lecturer: - shipping
A number of addresses of well-known intermediaries can be blacklisted by many point shops and merch, duplicates are also monitored (whether this address was previously purchased in the same store) lecturer: - email for the
holder and for the recipient (in the case with Gifts)
Mail also has a certain risk-speed. The most trusted are corporate emails like [email protected] . The most fraudulent ones are all those that have a simplified registration process (for example, mail.com, in other words, those where you don’t need to receive SMS during registration) lecturer: Among other things, some merch pay attention to the names in email addresses ( [email protected] ) -
checking the presence of the holder’s first/last name is also not critical, but also an important plus.
lecturer: As you can see for yourself, there are a considerable number of variables. Therefore, when there are offices, think twice about the number of other variables that directly affect the result of the work. An analogy for creating this list can be drawn in any work, be it working with a stick, poker, banks or affiliates.
lecturer: Block of consequences of driving in. There are many
different options for the consequences of your driving, let's look at the main ones:
lecturer: - Decline. Decline. The shop didn't even let you
place an order, this often means that you have problems with the card, so first of all you should pay attention to it and see Block SS. In other cases, the site either has technical problems and the screws are tightened (rarely), or you don’t pass the antifraud (or shop or bank) from the word at all and get burned somewhere, in this case, see the “Disguise” blocks, “ip-address” and “The driving process” lecturer: - Cancel. Kancel. The order was hanged, but after a while (or immediately) an email received a cancellation of the order, reasons: the antifraud did not pass / the shop called the holder / something was wrong with the card and the shop could not write off the money. lecturer: They didn’t pass the antifraud and he didn’t like something
• 2 options for the development of further events:
1 - cancellation directly from the shop’s antifraud system (or the bank did not allow the transaction to take place)
lecturer: 2 - based on the amount of points scored in the fraud indicators, the order was processed manually (this is when the manager manually approves/cancels orders) and the manager canceled it, or called the holder.
lecturer: Otherwise, if everything is clear with the first case, then the rest should be examined in a little more detail. lecturer: The shop called the holder - yes, there are shops that always call, there are also shops that can only call for certain orders (for example, for Egypt) and/or from a specific specified order amount (for example, all orders $500+) lecturer:
Methods The way to combat this is as follows: indicating
your/your phone number so that, if necessary, you can receive a call on it/indicating
the left number (for example, some nearby cafe with a holder) or a non-existent number.
lecturer: However, due to the AVS system in a number of countries, such orders may also suffer. Personally, I never fool around with the holder number, since in my work the AVS match should be 99.99%, so look at your needs and desires/topics.
lecturer: The third and final option is a cancellation due to problems with the card. This means that the holder either managed to burn it down, or your shop does not process orders immediately, but after the buyer left the order, and then he can
even grab a dead card and give you an order, but the money from it,
of course, is not available.
lecturer: - request by the shop for additional verification in the form of a photo of an identifying document (passport/driver's license) or photo of a card. It means that you fell short in antifraud somewhere or your order seemed suspicious. It also occurs in cases where the shop is already quite advanced and requests verification at the slightest suspicion.
lecturer: - request for additional verification by
dialing, they ask you to call to “clarify” some details. Usually they drive on the background (see the lecture on penetration), depending on the shop, it can also mean that the card has crooked billing.
How to fight? Punch, call, draw. If the warrant or tests are worth it. We record the results and draw conclusions.
lecturer: The last point of the lecture is Checklist. Checklists, my method of working on point shops by developing and practicing an approach in relation to them.
lecturer: It is a list of points (usually 10-20) telling how you can break through a specific shop based on tests of entering this shop, various useful notes derived from experience again (for example, how quickly orders/offices arrive) - this is what I need helps in work, a kind of creation of a template that you need to focus on for success.
lecturer: An example of my checklist for one large store: "SHOP *****.COM
• There must be equal billings
• By entering the necessary data, you must modify the M1 IP.
Exception: 2 attempts
• Only manual input and previously non-repeating variables ( a la mail)
• Consider the option of entering from Dediks
• If the anti-fraud has not passed, but the card is clear, the receipt will arrive in the mail within 25 minutes •
When the order is not passed by the anti-fraud system, the merch gives a declaration with the text: Unable to process credit card at this time, processor reported (Authorization Failed)
• If the card has insufficient balance or incorrect billing, the merch gives a declaration with the text: Please double-check your billing address and credit card information
• The following bins were entered: 517805 464018 for such and such amounts ...*
And so on.
lecturer: As you may have noticed, blocks are divided in point and group order, the groups can be classified in order as follows:
Credit Card blocks, Masking (system) - consolidated - preparation for driving in.
lecturer: Blocks The driving process, consequences and checklists are the result of preparation for driving and, in fact, the consequences. It is important to trace the cause-and-effect relationship between preparation and result in order to learn to understand where and when you are to blame, and where the shop or supplier of the material is. lecturer: “Those who devote themselves to practice without knowledge are like a sailor setting off on a journey without a rudder and a compass... practice should always be based on
good knowledge and theory”A.
Self-register Paypal
lecturer: Okay comrades, hello everyone again lecturer: today we are looking at self-regs pp
lecturer: first we’ll look at the theoretical part, then we’ll check the self-regs and then answer questions
lecturer: so PayPal is a stick/ pp. the PayPal account regulated by you - accordingly, self-reg PP
lecturer: I think this is understandable
lecturer: the most important advantage of self-reg is the long (as a rule) charge
lecturer: and if the transit went through, then most likely the goods will be sent
lecturer: and it will arrive without problems.
lecturer: that is, problems like with SS, cancellation of transit, reversal of a pack with self-regs is not present
lecturer: but naturally there are also disadvantages of self-regs lecturer: namely the buildup of akov
lecturer: making a self-reg and immediately driving stuff into it for 1k will not work
lecturer: it is possible, but these are rather exceptions to the rule lecturer: therefore the self-reg needs to be pumped up with small purchases/transactions
lecturer: in order to create a self-reg you need: 1- fulka
2- phone
3- ba
4- ss/vss
lecturer: FULKA is data on a real Amer lecturer: Here is an example of a full
lecturer: Dale S Murray 7955 Colee Cove Road Saint Augustine, FL us 32092
SSN - 593-12-7088
MOB - 904-237-3757 DOB - 09/16/1966
lecturer: Dale S Murray - full name
lecturer: 7955 Colee Cove Road - lecturer address
: Saint Augustine,
FL us 32092 - city/state/zip
lecturer: SSN - 593-12-7088 - social security number lecturer: MOB - 904-237-3757 - lecturer phone: DOB - 09/16/ 1966 - date of birth
lecturer: fulkas are the easiest to buy. a regular fulka costs
$0.5
lecturer: a fulka with a high CS (credit speed) 2-3$
lecturer: the quality of a fulka is much better when you buy a CC on xta and punch a fulka to it
lecturer: and the ideal option is to seal this card and tie it to the PP
lecturer : this option is good and on Novoreg you can immediately pay/send 200-300$
lecturer: 2- PHONE
lecturer: we will need to receive SMS from pp
lecturer: therefore, the phone number in the stick we indicate the one to which we have access
lecturer: namely gv (google voice) or textnow lecturer: 3-BA lecturer: BA can be tied to the stick in two ways lecturer: 1-SinTstoYy chXerMez laog-RPasKET .COM
2- minikami
lecturer: 1- linking insta means that in the stick we select the bank we need, enter the login password for it, then select the desired account and link to the stick.
lecturer: 2-minikami. and each bank account has an account and a routing number. so to link this account to the pp, we enter these numbers and send mini-deposits to them
lecturer: mini-deposits are two charges from pp to this account to $1 which are then written off in one amount lecturer: in the state it looks something like this lecturer: verifing PP john smith +0.10
verifing PP john smit +0.20
-0.30
lecturer: account and routing numbers are sold immediately together with the BA or you can get through the corresponding services on the forum
lecturer: it’s best to take the BA immediately with the numbers
lecturer: this may be useful in the future when drawing states or, if necessary, confirm the BA again
lecturer: the cost of the BA is $1-30 depending on the bank and balance BA
lecturer: when purchasing, be sure to pay attention to the conditions for replacement BA
lecturer: I recommend taking BA 5+ in the initial stages lecturer: 4- SS /VCC
lecturer: according to SS said above, as for everything, use a visa vanilla card
lecturer: enter the card details, confirm it with miniks and the card is linked
lecturer: according to theory, we have finished
Methods of working with self-registration Paypal
lecturer: the topic is actually quite extensive and there is always there is a place to show your creativity
lecturer: we will look at the most common options lecturer: so, the first rule, we behave like a real American lecturer: so here is the
lecturer: if the self-registration did not give a purchase, send, donate, holding, reducing the transaction amount, changing the product helps/ seller/mail/shop
lecturer: I repeat, before working with self-regs, I strongly recommend reading the archives on the stick lecturer: let's look at the slang lecturer: instant-instantly
send - sending money from one aka pp to another mini-mini-deposits
state - statement - statement from the bank
lecturer: in terms of organizing work, as I said, numbers take the cake, and when you accumulate a decent number of self-registers, the issue of maintaining statistics and reporting becomes especially acute. lecturer: therefore, I advise you to immediately create a statistic
in Excel or a similar program, whichever is convenient for
you lecturer: in I usually enter into the stat:
registration date aka linking date date of the last action
which ba is linked (miniatures if any) email and a place for notes
lecturer: I write down transactions there, when it clears and similar information lecturer
: in addition to this, as I said above, I advise you to install thunderbird , mail collector for the convenience of monitoring your self-registrations
lecturer: some options for non-standard registration of a pp account:
lecturer: 1) through payment with CC
lecturer: we are looking for a donation that accepts payment via pp, try to pay with CC for $1-2. enter the data, check the box
lecturer: “Register a PayPal account”
lecturer: pay and get a self-registration with one transaction lecturer: then go to ak, add dob and ssn through ed money
lecturer: if everything is orm then we hook up the gv, then ba and in lay down on 3-7 days
lecturer: I’ll explain right away, laying down, this is when we don’t log into the account at all after a successful transaction
lecturer: 2) we issue an invoice for empty soap lecturer: “empty soap” is mail for which a PayPal account has not yet been registered
lecturer: s samorega pp we issue an invoice for empty soap, a letter with an invoice arrives at this mail, follow the link from it and pay for the invoice in vanilla (up to $100 is fine) lecturer: simultaneously download
two of our accounts lecturer: 3) send for empty soap from a trust account pp
lecturer: a trust account can be either our well-developed self-registration or a real amera’s pp account with many successful transactions
lecturer: in the second case you will have to be creative, for example, buy game keys and sell them to amers on the forum with payment via pp for empty soap
lecturer: The point of this method is that such a self-registration will initially have a higher credibility and it will be much easier to merge it
lecturer: further
lecturer: types of payment in self-registration pp: 1- with ss/vss
2- with ba (e-check and insta)
3- from balance pp 4- bml
lecturer: I’ll explain about payment from BA lecturer: it comes in two types:
1) by e-check
2) instant
lecturer: payment by e-check takes 3-5 banking days/days lecturer: in simple words, this is a banking operation of debiting funds from a bank linked to the PP and transferring them to another account PP
lecturer: payment by instant is the same e-check but with one difference
lecturer: in the case of insta, the stick trusts our account PP and sends money immediately, as if lending to us, and
then itself waits for the flow of money to be cleared and cleared ERCHECK
ET.COM
lecturer: the day when the transfer of funds from BA to PP is completed and is called the day of purification (clear Echeka)
lecturer: let's sort out the refs (refunds)
lecturer: a ref is a cancellation of the purchase and a refund of the money lecturer: as a rule, stick insects use refs in order to pour money into the balik pp
lecturer: what are the features and pitfalls lecturer: if the payment was made with the ss-to when a referral is made, the funds are returned to the SS
lecturer: if with a BA a check that has been cleared, it falls to the balance of the pp
lecturer: if with a BA check, the funds are debited from the BA but the transaction itself is in the pending - after 3-5 business days it will fall to the balance lecturer: if from a BA instant - after 3-5 business days it will fall
to the balance
lecturer: from bml ref will fall back to bml lecturer: options for draining balance pp lecturer: 1- cash out
2- drain to stuff
lecturer: cash out options:
lecturer: 1) send from balik to output ak pp and withdrawal from it to visa (about 3 business days)
lecturer: 2) withdrawal a ba on the same self-registration
lecturer: the simplest and most effective method in my opinion lecturer: paid, refunded, cashed
lecturer: drain to stuff
lecturer: sometimes It’s easier to merge into stuff than to dump
lecturer: but there is less percentage if you drive in stingy and
wait longer YproXfiMt esAliRslaKtEsebTe.stSafOM
lecturer: for this we register ak ebay, pp to ebay we don’t link lecturer: we download it in small transfers from balika lecturer: yes, we regist ak ebay for data media
lecturer: we fill in 5 feedbacks little things
lecturer: and you can start hitting on media iPhones, MacBooks from the badence of our self-registers
lecturer: further
lecturer: it happens that an ak with a balik went into the limit for 180 days lecturer: it’s okay, we postpone such an ak, after 180 days we tie up our withdrawal account and merge the balik lecturer: yes, I’ll add it on eBay, it’s better to transfer our ak ebay into a business ak
lecturer
: this way it will be a little easier to flow lecturer: if the self-registration does not allow:
lecturer: helps to lay down lecturer: 3-7 days
lecturer: or reducing the amount of driving in, changing the seller, shop lecturer: do not make many attempts of the same type of actions
lecturer: at least get an all-around activity lecturer: in the worst case, limit
lecturer: this is called wanking the ac
lecturer: make 3 attempts, it is no longer advisable lecturer: links for working with self-regs pp lecturer: 1) 1virta = 1 self-reg + toons/soxes lecturer
: 2) base+ antique + toons/soxes lecturer: 3) grandfathers homework with hidden accounting
lecturer: 4) virtual machine + portable for everyone + toons/socks
lecturer: 5) basis+ sphere+ socks
lecturer: 6) rega aka base+ sphere+ socks. typing in aka with hvnc lecturer: limits:
lecturer: 1) easy - receive SMS, password change, secret, binding/confirmation ba
lecturer: 2) medium - you need to draw a passport, iD, state SS/BA, proof of address. consideration of two business days lecturer: if during this time they have not removed it, then you need to call the stick
lecturer: 3) heavy - all of the above plus an explanation of transactions
lecturer: the percentage that such a limit will be lifted is extremely small lecturer: it’s easier to drive it to 180
lecturer: that’s probably it All.
Brutus Paypal
lecturer: Good evening everyone! Today I am your lecturer and the topic of our conversation is driving
in signed accounts of the Paypal payment system or in short - brut pp.
lecturer: I will give you basic information on working with this area of carding and answer questions that you may have during the lecture. Go! lecturer: Let's start with a short introduction
lecturer: I have been working with a stick since registering on the forum and completing training.
lecturer: I was attracted to this direction primarily by its simplicity and accessibility for me at that time.
lecturer: Because To work, you just need a Dedik, the accounts themselves and the address where to send them. Everything else is a matter of technology. lecturer: During this time, the stick tightened its antifraud many times and the work became more and more difficult and expensive.
But we didn’t stand still and learned something new every time.
lecturer: So that you understand how antifraud has changed over these 2 years in working with brute pp, I’ll give an example.
lecturer: Previously, when I was just starting, it was possible to do this.
lecturer: You go to any store with liquid goods (iPhones, etc.). You try to drive a stick in there, and when we entered the log pass, I simply added the address of the intermediary, the stick ate this address and some real phone was on its way to my warehouse.
Perhaps you still don’t understand what’s going on here. But if you start working in this direction and then
re-read this lecture, you will understand that it is almost impossible to do this now, or it would be a lot of luck. lecturer: now directly about working with Brutus pp lecturer: Let's start with purchasing accounts for work.
lecturer: Due to the fact that sellers have different checkers, the type of account itself that you buy may change from time to time, but in general the information written there is the same.
lecturer: For example:
lecturer: =========================
[email protected] :Sklo5151 Holder name - shellie klotovich Address - shellie klotovich| Po box 160||CROCKETT|CA|94525 Primary e-mail: [email protected]
Limited: - False Country - US
Phone - 1S925T38Y158X11MARKET.COM
Card - CC 5805|11/17
Bank 8134|JP MORGAN CHASE BANK, NA
Transactions :
85.05 USD-Bank account 06/30/2017
85.05 USD-Jennifer Nicolini 06/10/2017
233.00 USD-Bank account 05/29/2017
210.00 USD-Jennifer Nicolini 05/29/2017
========= ====
lecturer: In general, everything should be clear here even without knowledge of English
lecturer: But I’ll explain briefly
lecturer: At the beginning there is a login and password for the stick itself. Next, full name (Holder name), address (Address), mail,
telephone, limit/unlimited, account country, telephone, balance, credit card, bank (BA) and transactions that were made by the owner from this account.
lecturer: Before purchasing, it is advisable to decide which country you will be targeting.
lecturer: These are mainly the following directions: USA, EU (Europe) and exotic (essentially all other countries). lecturer: I can’t say which country to beat better. Personally, I started my journey with US accounts, but I would advise you to start with EU accounts, because... According to my observations, orders work better there.
lecturer: Guys, is everything clear from what was written above? Are there any questions or not?
lecturer: let's move on, we've just started
lecturer: At the moment, all accounts being sold can be divided into 2 categories - with transactions (1) and without transactions (2).
lecturer: The second type of accounts is also called zero-level accounts lecturer: What’s good about type 1 accounts is that KH is active there, there are purchases in various shops or services, and the percentage of your typing will go through is of course much higher lecturer: I use zero-level ones most
often to hijack an account and then attach a BA and leak it to shops/services.
lecturer: Now let's move on to the topic "Where to drive in." lecturer: 1. Dedicated servers (dedicated servers) Most often, sellers have the following types: Home \ Servers \ Amazon (Amazon) lecturer:
2. SSH (tunnels) \ socks (socks) \ proxy (proxy)
lecturer : I can’t say what you need to enter to get 100%, I think you understand
the lecturer: But, focusing on the fact that you are just starting your path, and at least some positive result is important to you more than anyone else, I would advise starting with Dedikov.
lecturer: Just don’t take homework for 10 bucks at once lecturer: even though sellers say that they are the best and cleanest, we don’t need that yet lecturer: you’ll
spend more on the material and go broke lecturer
: Take homework - servers up to 300-400 rubles lecturer : I loved and love to use Amazon Dediks, they cost on average 64 rubles
lecturer: For those who are a little more sophisticated, I advise you to use the “virtual + tunnels” scheme.
lecturer: You can also find sellers of all these riches in the corresponding sections on the forum.
lecturer: To work with Dediks, use the program - mRemoteNG.
lecturer: Now let's imagine that you bought Brute stick accounts and decided on the device from which you will
hit.
lecturer: Now it remains to understand: where to drive and for what purpose? According to the old scheme, I will divide what we can drive into 2 categories
lecturer: 1. Physical goods 2. Electronic goods
lecturer: You can sell the first category of goods either to an intermediary, with subsequent transportation to you, or to a drop, with delivery of the goods for a percentage.
lecturer: You probably guessed about the second category; it includes various gift items
from stores that can also be given to thrifts/sold/brought
into the middle by yourself.
lecturer: Be very careful when choosing an intermediary, because Sometimes you come across very unpleasant companies that examine parcels under a microscope, and any discrepancy leads to an account ban.
lecturer: A few more important points. After New Year's Eve 2018,
the antifraud policy has noticeably tightened up, and now even just logging into your account can be problematic.
lecturer: How can we do this? We take any shop with any kind of illiquid goods and through an instant checkout we try to buy some small thing at KH (as cheap as possible).
lecturer: Next, write paypal.com in the address bar and look at the result. If you're logged in, great. If not, take another one and repeat the movement.
lecturer: even if you are in the middle, this does not mean that you will not be able to get into your personal account. If the account pops up, try writing paypal.com, you won’t lose much time, but somewhere you can and the
lecturer will re-pin you in the personal account: there you can already look at the shops and try to enter them, it’s already good
lecturer: Security check lecturer: Champions League - personal account
lecturer : Most of the shops can be divided into 2 categories according to the method of driving. The first one is, so to speak, “classic”. When you found a shop - put the goods in the cart - clicked the checkout button - entered the billing/shipping address - selected the PayPal payment method - you were transferred to the stick website where you entered the log pass - the shop entered the address in the stick • you paid for the order
.
lecturer: The second category breaks through a quick checkout, through which we try to get into PayPal’s personal account at the beginning. What does he look like? You found a store, put any item in the cart, and there you will immediately see a button - Check out with PayPal. This is the quick checkout button. When you click on it and enter the log file, you will see the KH address during review. Here is an example of a shop, so you understand, with such a checkout - shop.lego.com.
lecturer: Shops only break through with such a checkout.
lecturer: At the beginning, you take a shop of the 1st category, you get to the review, when the shop has entered the address you need, you DO NOT pay for the purchase, but leave the account to sit for a day or two.
lecturer: Be sure to save cookies in sendspace.com
if this is a grandfather and he can die
lecturer: Then you go to a shop with a quick checkout (category 2), and already there, when you click the
Check out with PayPal button, you will see your address, to which you can easily place an order.
lecturer: be sure to learn how to save cookies
lecturer: This is very important when working with a stick. Dedik may die, and all your efforts to recover from the illness will be in vain. We were able to get into your account - this is already a reason to save cookies.
lecturer: If this is a Dedik, then immediately download the portable software (up to version 55) and install the extension for working with cookies, I personally use the advanced cookie manager, but you can look for something of your own.
lecturer: I would also like to point out a big mistake of beginners. When you try to beat a stick, take small amounts, about $50-100
lecturer: because The main thing for you now is to get at least some result. Don't beat ebay.
Although, if you really want to, you can try, but the main thing is not for large sums!
lecturer: Any material, whether it’s Dedik or Sox, you always select it
according to the state if it’s USA, and according to the country if it’s EU (Europe). lecturer: Save any results. I've always worked with Excel. If you entered it successfully, write down everything that may be useful - the shop, the mail where you entered it, the log of the stick itself, where you entered it from (Dedik, Soks), if there is an order, write down its number, etc.
lecturer: I would also like to note this very important point. The stick works with a floating antifraud, and if you work today and according to your method make a couple of orders in an hour, this does not mean at all that tomorrow you will get the same thing.
lecturer: So that you know when the stick has “tweaked” the antifraud and other nuances a little, Working with Brutus accounts
lecturer: Well, let’s probably start. If anyone is late,
the lecturer will catch up with the logs: Today we will talk about brut. This is the most profitable direction in carding in terms of financial costs; the only downside to it is the opposite of costs - time. Let's remember what Brute
lecturer is: Brute is the process of searching through the loginassword strings from the database, using software to determine the validity of the service you need
lecturer: What do we need for this:
lecturer: 1. Database
lecturer: 2. Proxy
lecturer: 3. Server
lecturer: 4. Soft
lecturer: Now about everything in order
lecturer: 1. Basics. What is it and where do you get it? The database is a leaked dump of a hacked site where user credentials are stored in the form of loginassword. Not always in the form of loginassword, there may be hashes, but mostly
they sell it in its pure form
. lecturer: Databases have several characteristics. lecturer: This is privacy - the ratio of the number of
unique loginassword combinations to the ratio of those combinations that have long been gathering dust in the public
lecturer: This is valid - the ratio of the number of loginassword lines with which we can get to the holder’s mail
lecturer: Well, the topic with geography
lecturer: 2. Proxy. You choose a proxy individually, and if you have found your ideal, do not tell anyone about it. This is the same “bread” as the mediating and giving themes. If you need to hack the accounts of some weakly protected service, like a small shop with clothes, you can take the first ones you come across. If you need to brute Amazon, Ebay,
PP, then you will have to look for
a lecturer: 3. Server. It is needed only to ensure normal operating conditions for the software, to increase your safety and to ensure that your brute-force machine works without interruptions. You should approach the choice of a service based on your financial status, there are enough offers for such requests for exploits, the price tag ranges from 10 bucks and above, tens of times higher
lecturer: I’ll immediately answer a possible question, is it possible to
brute force on your computer/virtual. It’s possible, only in the case of virtual software the efficiency will be low (system requirements), and I don’t recommend running ANYTHING bought on our topic forums on its basis.
Today the software is normal, and tomorrow with an update your cue balls will go to the developer of the software
lecturer: 4. Software. The most important thing is that without it you won’t be able to brute. Purchased for the site you need on VVH, Exploit and BHF (oh, in vain). Look carefully at the reviews and how long ago this coder went public.
Quite often, coders cut out good stuff, and then give up on updates. Updates will be made only by people who are strongly motivated by the accumulated turnips and finances
lecturer: Software is also written to order, on the same forums.
lecturer: There is also such a thing as “harvesters”, these are software where the brute force is assembled for many different sites at once. I don’t recommend you take them, because at the beginning of sales it works fine, but then everything starts to fall off and coders often leak. At the beginning of the journey I stumbled twice
lecturer: You can find a site for working with other accounts on your own, even though the niche has already been taken into all the cracks, there are still unoccupied holes. To begin with, you need to evaluate how often people use this site, it is clear that on Ebay and Amazon the number of “buzzes” will be many times higher than on an unpopular site with clothes, but the work on these services will be very different.
A virgin store that has not yet been raked out will
give you an easy and relaxed experience, but to work with giants you will have to shell out a hefty amount of money for tests
lecturer: Also, you should check whether the site stores your credit card. To do this, we take 2 grandfathers (2 virtuals + proxies, or
antique casts), take one CC, mail on mail.com and go to enter from the first grandfather. We save payment information when paying. Then, having only a login and password in hand, we go to the same shop from the second grandfather, try to log into the account and make a second order
lecturer: If it worked, it doesn’t ask you for CVV or any other data that you don’t have, that means in the shop you can work from brute
lecturer: Assess whether it will be liquid to brute, order software and go into battle. A clean shop is always a pleasure
lecturer: There is another feature that I often mentioned before. Feel free to use Google, it knows everything. Just because you think a shop is virgin doesn't mean it is. Try typing carding into the query www.nameshop.com , carding, it’s quite possible that it will pop up somewhere among our brothers in the black list lecturer: Now let’s go through exactly how we can type in lecturer
: We have several options. We either package it all
in the middle, in a barbaric way, or we package it for drops in the same barbaric way, we can send it to the KH address if the shop sends it by mail, which can be redirected, picked up, etc. lecturer: A little more detailed
lecturer: 1. Direct to the middle or drop. We simply log into the account, change the shipping address to our own, without affecting billing (relevant for Yusa) and hit. It worked
• we’re shaking and waiting for confirmation, if it didn’t work, we’ll shovel the accounts further
lecturer: Here it’s better to hit the drops anyway. In all the shops there are people, managers, they know the addresses of the intermediaries very well, they know how to use Google
lecturer: By the way, about Google. Punch your drops from the admin panel
lecturer: They can be “hot”, the arrival of goods to such an address is like a holiday, usually if it is on the black list, the store will immediately block the account
lecturer: Also, try not to touch the holder’s name. If John Wick changed his address, this is acceptable, but if he suddenly also changed his name, especially to Vasya Pupkin, then your chances drop to zero. If you use intermediaries, then register them with non-Slavic data, some kind of Dzhamshuts and we have enough lecturer there too
: Regarding the pickup, I can only say that your chances of driving in are about the same, because the amounts should be large, but getting a picked up The product is a pain in the ass. Here the drop can be accepted and he can hide it himself, and the DS wants to eat, he can lose your pack
lecturer: Also, I can advise you to carefully study the shop where you are going to work, read thoroughly. They often have some kind of promotions, chips, which, with imagination and the proper level of skill, provide freedom for action.
lecturer: As an example, in one shop you could hit with a brute, do a reset to the balance until the stuff was sent, and then stock up on the balik there liquid gifts. Another example - the balance was also returned, but it could be
transferred to the store’s partners; the goods stolen from such a bank were “clean” for all anti-fraud agents and the work went well. There are actually a lot of examples, so don’t be lazy to read for 15 minutes. Carding and in particular brute force is not a stupid search of accounts, but also work with the head lecturer: Now regarding the brute accounts themselves, they come not only with cards. There are also linked
PayPal accounts, and there are enough for other payments as well. The easiest to learn and work with is account + CC, everything is the old fashioned way, only the shop’s anti-fraud is stopping you, and the bank’s anti-fraud usually doesn’t have the same effect on driving. But with PP you get the whole headache of the stick with its PMS. In addition to the fact that the shop itself can shave, the stick will also sprinkle MF, SM,
etc.
lecturer: PP is good for “seeing” how it works, accounts cost pennies
lecturer: But I don’t recommend it for work if you are not close friends with the stick
lecturer: You still drove in your product, the order is in pending. What can we do to increase the likelihood that this stuff will be sent to you?
lecturer: We can only influence how information about this purchase will be available to the account holder lecturer: First, we understand the account. We change the email, password and phone number to ours there
lecturer: Register your mail after a successful entry under the name of the holder, you can register it on mail.com, it’s done quickly, you
don’t need to receive SMS there
lecturer: If the order is small, put the number from your head,
if it’s big, then put your Skype or dial-in number lecturer: This will only help if the holder has already forgotten about this shop and has not received an SMS from the bank lecturer: Unfortunately, in the field of online payments, the development has gone far and often among the
holders there are push notifications on the phone and SMS and the shops themselves call
the lecturer: But if KH is a slob, then for the first few days he may not notice, and then he won’t be able to do anything
lecturer: For prevention, if the order is large, we can load spam email to him. But this is just an option and is only needed as a safety net if the order is very important. Rather, the holder learns about the spending by SMS or notification on the phone
lecturer: Also, look at the contact details of KH not only in the information about shipping, but also in billing, there is often a duplicate phone number and it is quite possible that the data on the PP account, where mail can be another
Brutus Ebay + Paypal
lecturer: Hello everyone. Today we’ll talk about brut ebay+pp (PayPal), we’ll figure out what it is and what it’s used with. lecturer: I personally have been working in this direction for about a year, I have seen both good times and not so much, for example, like now.
lecturer: I’ll note right away that I didn’t earn millions, but if you take into account that it took a minimum of costs and time, then I consider this a good and affordable way to earn money.
lecturer: Today we will learn how to drive in brute accounts from eBay and throughout the lecture we will try to get to know this giant in more detail - Ebay.
lecturer: Let's start first with the advantages that await us:
lecturer: This is easily accessible material, I think if you leafed through the shops a little, then in almost everyone you saw ebay+pp, ebay+cc, completely different countries
lecturer: In fact, now with ebay accounts are not very good, because they die within a few hours, since the authorization method used to check accounts has broken down.
lecturer: The main countries of eBay accounts are USA and UK, which stand out, but there are also IT, DE, CA, too, as far as I know, but now most sellers sell this as a mix or under a different name in different countries.
All these accounts have a variation with either pp or ss, respectively, with a linked PayPal account or card.
lecturer: Actually, this is what the account log looks like: lecturer: [email protected] :neil1976 / Access Email: NoCheck /
UserID: neil132011 / FeedbackScore: 17 / Orders in the last 60 days: No / CC: No / PP: Yes / Country - GB / State - Scotland / City - Aberdeen / Street - 1 lossie place / Zip - ab166tj / Phone
- 07927 938797 / Seller: No
lecturer: Let's look at hodler soap in order / access to soap (not all shops have this and it costs a couple of times more)
/ user ID on ebay, aka login (most often you go through UseRide rather than email)/Number of reviews (the more the better for us, but in fact, if there are a lot of reviews, then the account owner will quickly notice our purchase from his account)/purchases over the last 60 days (most often tells us about the activity of the account, most often you don’t buy from such people, by the way, but the holder can forget about his account altogether)/linked card/linked PayPal/country/state/city/address/zip/telephone/seller or not, but I think that’s where you You’ll figure it out for yourself, that’s just me. lecturer: Actually the price for these same accounts. Ebay accounts are cheap, if my memory serves me right, then for 1 account we pay from 20 to 30 rubles, this is for USA, UK accounts, a mix of countries will be cheaper, you probably understand why lecturer: Work environment, for example your grandfather,
sox , VNS,
tunnel and everything, everything you can think of to work. Personally, I used to work on Dedik and processed more than 100 accounts from one Dedik, this is at a minimum, I think that it should also work with the same VNS, but I haven’t personally tested it, since previously it was quite expensive to take a VNS and sometimes VNS lasts much less than Dedik, but recently I changed direction, but more on that later.
lecturer: As far as I know, it works best from a real phone, but I personally don’t use it, because I simply don’t know how to configure a phone and it would be advisable for us to purchase a patched router if we decide to work well from a phone.
lecturer: Holidays. As in all shops, fraud is weakening, we can enthusiastically try amounts that we could not try before.
This is where the pros end, now let’s move on to the cons, there are about the same number of them.
lecturer: Actually, the disadvantages:
lecturer: Easily accessible does not mean good, namely, I often hear questions like “tell me the seller’s account, store, topic, forum and everything, everything, everything” there is no ideal shop, just test everything if you need I will give a list of shops with accounts that I know, some of which I use, but time passes and I cannot say or more accurately call any of the shops good.
lecturer: Now this problem is especially relevant, because
accounts die quickly.
lecturer: For example, this is what a bad account looks like , that is, it is already locked and you will not be able to access it.
lecturer: Each seller has its own rules, that is, one has a replacement within 3 hours, and another 6, and one even 12, but if the seller is decent, then he must make a replacement. Just some advice, if you bought accounts, then immediately go work them out. I honestly don’t know how eBay is saying that the account is closed, but after a while it can be blocked. They worked quickly, they entered what they wanted or didn’t enter, but the account was processed for both you and the seller, there are no problems. Never put off your accounts!!!
lecturer: Now it seems there is no guarantee at all for many accounts (for the reason stated above)
lecturer: It will be difficult for us to find undamaged SOX Deds, tunnels (especially them), unless the VNS is usually clean. This is a brute, it is publicly available, so get used to the fact that the sox is jacked off, the dedik is killed. Finding crystal clear materials is very difficult now, but it is possible. Personally, based on the Dediks, I can say that there are no good Dediks on the forum. There are normal ones, but not good at all, so get used to the fact that you will still need to put socks on them, but I haven’t tried all the services that we have, so maybe I’m wrong about the dirtiness. Private shops with grandfathers are not bad.
We cannot check Riskscor and Proxyscor, when
the seller sells to us, they personally assure me that the best one they have, and in private ones it will most likely be built in, but of course you have to take for the money the lower the indicators, the better.
lecturer: For example, here is a screenshot of one of the private services with Dediks lecturer: I’ll immediately warn you that for those who plan to work with Dediks. We only buy homework, skip the server ones. You and I don’t have a server at home from which we make purchases, right?
lecturer: The very nerdiness of ebay. We can't do anything about this at all. Ebays have peculiar periods, just like sticks. Most often this occurs at the end of the month. Basically from the 25th to the end of the month + - it’s better not to climb during this time for a couple of days.
lecturer: Let's move on directly to the driving itself. I will divide the directions into 3 parts.
lecturer: By typing in kh followed by rerouting. Here it gives
quite a lot of money and mostly it’s USA, because there are drops, reroutes, stingy, in general, everything is good there, but I personally don’t work in this area, because with USA it’s getting worse and worse, but no one forbids you to work on UK, but as far as I know, rerouting is difficult there. There may be difficulties with mail.
lecturer: In USA there are 3 main mails - fedex, usps, ups lecturer: fedex with a ban - they reroute, usps with a ban also reroute, ups with a ban - consider it lost
lecturer: But if you buy from some private seller on ebay, then the likelihood that he has a ban on rerouting is small
lecturer: although there are some sellers who monitor the track directly and will turn it back if you reroute it. I've come across a couple of people like this, but there's no way to escape from it, but if you do come across one, just write down his login so you don't fall for the same rake later.
lecturer: Entering with a change of address. The amounts here are not large. On average up to 150 pounds (200 bucks), but this is a small thing, but nice. The country of operation is South Caucasus (different countries will also work), because in my experience the address here changes much better, but as a plus, we can ship directly to the CIS, or any other country to our drop, the middleman, Uncle Vasya. I strongly advise against hissing yourself!!! Many people say that the amount is small, but don’t be afraid, but you don’t need to burn your name. Drop services are quite expensive for us, but if we work on a duffel bag, as I wrote above, up to 150 pounds, so Uncle
Petya from the next door, I think, will not refuse to go for a parcel for Magarych, again, the chance that they will come for you is minimal, but There is always some % risk in any business.
lecturer: Digital direction, they are also digital goods, if in our business, then gift cards. All these gift cards, vouchers, games, game currency. The list is simply huge, but it’s better to look through the hoarding topics, there you will find %, as well as a complete list of what they buy, but if you didn’t find your gift in the hoarding list, then don’t be upset, maybe they will take it too, but it’s better to check before buying the gift itself, whether it is needed sparingly or not, so as not to incur losses in case of unprofitability.
lecturer: Ebay is probably the easiest way to get
gift cards, which is, and yes, the country of this direction is USA. There are also a few in the UK, but mostly all Gifts are USA. Amers with Gifts just have a disease.
lecturer: The most I bought here was a Victoria's Secret gift for $500, I have never seen a higher price. Here the goods are divided into two types. There are Egyptians, and there are paper ones, if you can call them that, but that’s not what we’re looking at.
lecturer: We need the seller to send the card number and pin code, it most often looks like this
lecturer: card number: 006493300605817195 Pin: 4234 lecturer: Or a game gift card/key, a certain number of symbols for example AAAA-AAAA-AAAA-AAAA , everyone has a different number
lecturer: Using this data we can check the balance
cards, we will then hand them over sparingly. So, we are only satisfied with sending an ebay message, or via email linked to our PayPal account, but for the latter we need to buy an ebay account with access to mail. This is quite rare, but you can find it, although the price will vary. I saw about 150 rubles per account in one store. But remember that gift cards and games are not the only things you can find in the digital direction. It all depends on your imagination, because the eBay search does not work very smartly, so some things are generally better to search through Google, for example “buy dildo on ebay”.
lecturer: And so, having entered, you will decide what to enter from
yourself, some use mobile devices, but XMARKET.COM is quite difficult to set up and, as a rule, working with them is slower than with anything else, but also more profitable.
lecturer: Dedik is quite expensive to start with, so let’s start, or I advise you to start with a virtual machine + Sox. There are a lot of resources where you can buy socks, but I personally take them on VIPs, but if you want to make serious amounts, namely higher than those announced earlier, then I recommend abandoning them, and if you want to work in America, then it’s better to forget about VIPs, and Europe is still will do. After we have pulled on the sock, we go to the entrance and the anonymity scale should reach 90 at least, but better than 100.
The most common problem that I constantly
encounter is that Sox has a DNS from another country. Here we are powerless, but since we took it, we will try. I
personally always try this brut, after all, it’s brut that comes from quantity, not quality. We use either Mozilla or Chrome browser. We will also need to download an extension to clean our browser after each account. Google it here, there are a lot of them for every taste and color, but I personally use portable mozilla, which after a restart everything is deleted.
lecturer: Vip72 socks are more for just
trying. They are cheap, but the quality is so good. There are many good resources for Sox, such as LuxSox, Faceless, SoxClub (it seems there are even mobile Sox). But everything except the last one went private and for the account of the same suites you need to pay greens, faceless is cheaper in this regard. I don’t know if the registrar is open there now, but a month ago registration was $50, which will be credited to your balance.
lecturer: Let’s go to ebay.com, it’s better to do this from Google, but if we are doing YUSU for rerouting, or digital goods we use the .com domain, small goods with a change of address we use ebay.co.uk.
lecturer: By clicking on Sign in we go to this page , here we log in with our userid and password, I recommend trying to log in immediately with the userid, because it often doesn’t want to log in from email.
lecturer: The first drive we always do is warm-up, or as they call it, warm-up, and this is an inexpensive product, I usually buy some kind of ball for up to 10 bucks or some other garbage. For example, we choose one of these three products here, whatever your heart desires,
because this is just a warm-up, but if we work in the South Caucasus and we need to change the address, then we should pay attention to delivery, that is Is there delivery to our country and how much does it cost?
lecturer: In the last month I often came across the fact that I wanted to buy crosses that cost 50 pounds, but delivery to my country cost the same, so don’t be lazy, look for a seller who sends by cheap post, no matter what post you send from England, then it will come to you at Ukrposhta, if in UA and to the Russian post office, if in RU, that’s why I don’t recommend breakable goods, so as not to ruin your mood) you yourself know what kind of mail we have lecturer: We see this beauty
where something in the middle of the page
• https://imSguTr.coYm/XvwhM8QAvmR , and for the country we need - 16 pounds is normal delivery. Again, if we are under redirect in USA, then we skip all these points, we just look at what kind of mail the seller sends, because some cannot be redirected, and some goods may generally be prohibited from redirecting, but this is most often on the road, to us It’s still too early for this
lecturer: Digital we don’t touch anything either, we just buy our warm-up product.
lecturer: In the UK, before purchasing, we change the address, as an example, here we see one delivery address , but often there are many, if there is only one address, then we change it to the desired one right there, if There are a lot of them, for example 3 or more, then we try to
add our own, just don’t forget to check the “make this addresse primary” checkbox.
lecturer: This is what a full changed address looks like, we indicate a fake phone number, just the country you need - https://imgur.com/a/HVV57 .
If allowed to change, the blue payment button lights up again https://imgur.com/a/o320F, if not, then you will see an error, you can forget about this account after we were not allowed to change the address, but before that, go and delete the address that you wrote before in the account settings. lecturer: Then the sweetest part is again the search for goods. Let's move on to the search, I advise you to buy something illiquid, that is, don't rush there to try to buy airpods, video cards and all that stuff, but gear, illiquid
electronics, because Aso RsmeKnoyev Td.ugsuyuOstmanu does not
give particularly large sums.
lecturer: I always post Listings buy it now in order to weed out unnecessary auctions that are just an eyesore. lecturer: I always change Sort from Best Match to Newly listed, so that it shows products that were recently posted. lecturer: It’s also worth paying attention to the seller who sells. Do not choose a seller with a reputation of 0-50, the most optimal is 100-200, but also giants, they often sizzle quickly, it’s easy to buy from them.
lecturer: It’s better to skip the first search page altogether
and start with 2-3, by the way, some sellers need to be bombed, so it’s better to write them down, as in general it’s better to record all actions, but honestly, I found some kind of pattern on ebay - it didn’t let me stop watching lately
, but the list of sellers on ebay will really help you, you don’t need to write much, just a login or a link to it and a few words, for example: PR0$3LL3R228 - sent a brick instead of an iPhone.
PussyEater99 - quickly hissed, quickly added a track.
This is of course in a humorous form, but I hope you understand me.
We move to the stage that the order has already been made, now we need to cover our tracks and wait for our track/gift card, if you do not reroute, but ship somewhere to a certain place, as for example in my case in the CIS, then just once every 2 weeks
send your person to the post office to check, if the track still hasn’t arrived
lecturer: But in the case of a reroute, the track is required for us, as is the name of the person, and the address where the pack goes to us.
lecturer: We can change absolutely all the data in your ebay account without any confirmation, so you can do this, but as I noticed, this does not really
help, since everything is restored very quickly. lecturer: Alternatively, there is always mail flooding, but also
it often doesn’t help when KH just has the Paypal application and it shows him that the money has gone, but don’t be upset, if the account has been restored, the goods can still be sent, since we enterprisingly press the More actions>Hide order button in orders, Now there may be a chance that KH simply will not notice our order, and I’ll tell you how to get a track from a dead account further. lecturer: There are many services that offer this
function for free, oddly enough, that is, there is always a chance that the big hand of a bigger brother will get to your pack, but neither I nor my friends have encountered this yet.
lecturer: https://imgur.com/a/exkmJ click as in the screenshot and a link will be displayed in the address bar. Next, we see a couple of parameters in the link - itemid and transid. It is in my link that itemid is 173009293376, and transid is 1801961736007, so we need to save them.
lecturer: In the case of digital goods, we simply monitor either personal messages on the account while it is available to us, or mail, if we decide to fork out. That's all there is to it
.
Pickup, Interception
lecturer: Hello everyone again
lecturer: Today the topic of the lecture is Pickup/Interception
lecturer: I will ask you right away, if anyone has questions during the lecture, ask them when I inform you that you can ask questions. If, based on the information that we have currently gone through, a question arises, we write it down in a notepad and then quickly copy it, I answer and continue.
lecturer: Let's figure out what it is and how to work in this direction.
lecturer: In terms of pickup, I advise persistent people who don’t mind spending money on tests to work.
lecturer: For example, people beat ebay, stick, etc.
lecturer: They have, God forbid, $300-400 from one successful operation, and on top of everything, it can take much more time.
lecturer: Everything is different in a pickup truck. if you find a giving store, then from one order the profit will be 1k+
lecturer: For work, it is advisable to know English, or have a dialer on your salary, as you will have to make a lot of calls, requests for drawings are not so common.
lecturer: As I already said, tests require a decent amount of money. Now it’s not like before, you took the ss, entered it into the first store you came across and wait for the goods, this is not only in a pickup truck but also in all other topics. Right now everything is very complicated and
it’s difficult to find something that gives. You need to work hard. lecturer: I think 1-1.5k$ is enough for tests
lecturer: This money includes the cost of the SS, and preferably it should be a roller. Only the essence of the video is not to change the telephone address, etc., that is, we are not jerking off the bank, we are not gaining fraud points, and the video is just to know the balance, accept minis in rare shops.
The second cost item is grandfathers. The price of good Dediks reaches $25. And one Dedik can be used in one shop. So consider it. 1k bucks for roughly 30 samples. lecturer: But there is a bright side
lecturer: They invested and paid it off in a couple of orders. I think it's not bad.
lecturer: Now to the specifics.
lecturer: Take a clean Dedik homework (from socks and tunnels you have to sweat to get it), you can use Antique (the Linken
Sphere browser is also suitable), go buy a CC for the pickup area, go to the store, choose the stuff and hit it.
lecturer: In principle, everything is simple
lecturer: But as in other directions, there are many pitfalls.
lecturer: I’ll tell you about all the pitfalls during the lecture.
lecturer: There are 2 types of pickup.
lecturer: This is a pickup for fake documents of the card owner (kh)
lecturer: And a pickup in the name of the drop.
lecturer: I don’t think you need to contact a pickup truck in the name of a drop, because this has not been practiced for a long time.
lecturer: ВS95T% Occasionally there are Tpic.ASP noa fake
lecturer: The term Fake ID - fake documents. lecturer: Pickup services are not stable. At the moment there are a couple of working ones on the forum, sometimes there are no services at all, sometimes you can’t choose from their abundance.
lecturer: Here are a couple of services as an example.
lecturer: There you will see the conditions, the coverage map, the goods being purchased.
lecturer: You can write to the support team and chat, they are usually sociable.
lecturer: Now let's talk about types of work.
lecturer: Previously, there were 3 types of work in services. lecturer: Work 50/50, work on a stingy basis, work on a transfer basis
lecturer: At the moment, the services for the most part only have work on a stingy basis lecturer
: But you can try to come to an agreement, and I think it will be possible to establish relationships and work on other types.
lecturer: Now about each type in order. lecturer: Work 50/50
lecturer: This means
lecturer: For example, you installed a MacBook with a touchbar
lecturer: and suddenly you want one of these, you write to the service, I want this laptop, he says let’s do 50/50
lecturer: in this case you make another such MacBook (the pickup service can offer something else similar in amount)
lecturer: And in the end one the MacBook is sent to you, another service takes it for itself, thereby covering the costs lecturer: Working under the stingy lecturer:
everything is simple here, you bought a MacBook with a touchbar for 2k lecturer: it arrived, and the service pays you a percentage. All services have different percentages. let it be 35% for Apple
lecturer: The goods were picked up as a drop, the stingy one pays you $700
lecturer: Everyone is happy.
lecturer: The last type of work, work for shipment.
lecturer: This species is very rare, and it’s not very good.
lecturer: You made a MacBook with a touchbar, you say you switched, but you refuse 50/50
lecturer: in this case, the service tells you, cover the costs and send it. As a rule, covering expenses is 35% lecturer: You pay the service $700 + delivery of 30-40 bucks and it sends the MacBook to you in the middle, no one sends it to RU.
lecturer: + from an intermediary to ru delivery of bucks 50-100 depending on the intermediary
lecturer: By type of work all
lecturer: After entering you have 2 options
lecturer: 1 you see red letters that you are a fraudster and
go to work fromTayte nXa factory
lecturer: 2 thanks for We will send your order, order number, information by email.
lecturer: Let's look at the first option
lecturer: no need to give up, real Americans also suffer from all this.
lecturer: What are we doing? We take and call the store manager
lecturer: swear
lecturer: We say that we spent 40 minutes choosing and decorating
lecturer: and they sent us lecturer: we ask you to figure it out lecturer: The manager can tell you that let me try to carry out the operation over the phone
lecturer: or they send you lecturer in the fraud department
: If they tell you that we can do it over the phone, provide all the information. and there is a possibility that the order will still go through (this means that they screwed up the system setup and the anti-fraud shop did not allow the transaction)
lecturer: If it doesn’t go through, it’s the bank’s mistake lecturer: and they also send you to the fraud department, where the evil uncle tells you let’s have a conference with the bank and
Then they ask you for all possible information that you don’t know, it could be anything, questions about loans, cars, houses, and so on.
lecturer: In general, here we just hang up and throw away the message, she died
lecturer: Nothing can be done, you can try to use it in instant checkmate for the future)
lecturer: Now the second option after placing an order. lecturer: There are stores that do not immediately write off money from the card, but after some time
lecturer: they write to you that thank you for the order, etc. lecturer: And after 2-3 hours you notice at the post office that the order has been canceled or frozen.
lecturer: If it’s frozen, they usually ask you to call to clarify the information, here everything is according to the old scenario. you call, and the manager can either simply clarify the address, or redirect you to the fraud department, to which you are unable to say anything.
lecturer: If everything worked out for you, and after specifying the address, you receive information with a tracking number and everything is fine.
lecturer: But even now you shouldn’t be happy) lecturer: All these are
rootstocks
lecturer: Now we need the pack not to go home to the card owner
lecturer: but stay at the post office lecturer: Popularly called hold lecturer
: so when everything is fine in the track status it is written Hold for pickup
lecturer: what do we do, take the track and call the transport company (UPS, Fedex)
lecturer: And there we say not to deliver the parcel to the owner’s address, but leave it and we’ll pick it up ourselves
lecturer: it’s the same here 2 outcomes of events
lecturer: The first says that everything is fine and after 5 minutes checking the track you see the inscription Requested to leave the package at the post office
lecturer: Here we wait and the next day, as a rule, the request is approved and the parcel lies waiting for it to be picked up
lecturer: The parcel lies for 5 days, If it is not picked up within 5 days, then it is returned back to the store, the money is on the card.
lecturer: Now the second outcome of events
lecturer: They tell you that it is impossible to do a hold. lecturer:
Let's use a trick
lecturer: Where we bought the goods, we look for the name and surname of the manager
lecturer: and we call the transport company on behalf of the store manager
lecturer: We say that the client has contacted and asks to leave
the package at the post office
lecturer: Usually they don’t refuse
lecturer: But about a year ago they introduced such a thing as a program hold on actions
lecturer: This means
lecturer: that you called on behalf of a manager, a company employee wants to do a hold, but the program in which he does this gives an error that the hold is impossible
lecturer : in this case we forget the store because there is no way to do a hold at all.
lecturer: let's go look for a new one.
lecturer: After a successful hold, when you have done everything lecturer: transfer the information to the service and sit and wait
until they take away the PXOSYLK from
RKET.COM
lecturer: we check the track, it happens that it is turned around, and the package goes back
lecturer: When we see the word Delivered we begin to rejoice, this means that the service was taken away by the pack lecturer: but not always))
lecturer: Sometimes the hold is not placed for some reason
lecturer: and the delivery man picks up and delivers the pack to the delivery address lecturer: maybe it’s the delivery guy’s mistake lecturer: most likely it is lecturer: yes,
if you checked track and it says Out for delivery
lecturer: you should sound the alarm and call the transport company to swear
lecturer: so that the delivery man brings the pack back to the post office lecturer: you don’t always have time and then the pack is wasted lecturer:
such cases happen but rarely
lecturer: If your pack is delivered and drop service says that they took it
lecturer: we’re just waiting for payment lecturer: Now about reporting lecturer: I advise you to create a sign where we will enter information
lecturer: for convenience and so as not to hit one store that does not give 10 times
lecturer: I’ll drop the table view right now
lecturer: Date / Shop ss / Shop goods / Country ss / card type / bin ss / bank ss / warming up the shop / device / Alexa / tel kx or skype / order amount / delivery method / primary result / track / full explanation lecturer: I also do not
recommend working alone, too much cost, time and money
lecturer: We gathered in a team of 2-3 people
lecturer: and testing different stores, sending statistics to the dorm
lecturer: Much easier.
lecturer: It is very important to pick up the phone when the store calls back.
lecturer: There was a case where I bought a laptop for 3k
lecturer: the shop calls back just to clarify the address
lecturer: and the manager’s joy was endless when I picked up the phone
lecturer: he was happy to speed up my delivery.
lecturer: very often people screw up calls and so on
lecturer: this is their important mistake.
Working on Android
lecturer: So guys, let's start the lecture on Android (bucket) lecturer: everyone can set up Android for typing. resembles setting up virtual reality only with its own characteristics)
lecturer: I would highlight 2 types of working with android lecturer: 1) a simple option, without deep settings - this is by typing in from the browser
lecturer: 2) deep setting by typing in from the application lecturer: But in any case it is necessary get root rights on the device (not to be confused with admin rights, this is completely
different, it is necessary to perform a number of other functions, this is for general development, some people think that root = admin rights)
lecturer: I always do this through kingo root (Google), download apk file on the phone and install . the easiest way to get root rights
lecturer: now I’ll throw off the list of programs and go through them lecturer: kingo rooT
xposed installer (framework) device id changer Pro Proxy droid xprivacy ccleaner root cloak
location cheater
lecturer: and so, what are they for
lecturer: Fundamentals For driving from applications on the bucket, this is the xposed framework. This is a system program for changing firmware settings (OS versions). We will also
touch on this in the analysis of typing in from the application
lecturer: device id changer pro changes data about your phone’s hardware (imei) and other parameters. This is the xposed framework module
lecturer: Proxy droid - we install socks through it. I don’t work with tunnels and I don’t recommend it
lecturer: DNS Forwarder - in a proxy droid sometimes the DNS connection from Sox doesn’t work correctly (the Internet just doesn’t work on the phone) to replace it we use this application
lecturer: ccleaner I think it knows everything, it’s convenient to clean garbage on the phone
lecturer: location cheater is used to replace location data
lecturer: roSot TcloaYk (framework module) is used to hide from other applications that the phone has root rights
lecturer: xprivacy This is a program that replaces a SIM card and more, it either allows or denies all applications to see certain information. In addition to it, I recommend the sim card application, on it you can hone in on what to prohibit and what to allow applications to see, so that they display the correct information about devices lecturer
: All applications above (except for the cleaner) do not
work without root rights
lecturer: Let's start the analysis settings for working with applications
lecturer: install xposed installer after you have received root
rights, and install the framework through it. I’ll say right away that here we will encounter the difficulty of installing the framework, we need an Android on version 4.4.4 (it’s easiest to install this program on it), on versions higher it is extremely problematic to do this, but if you know how to install custom recovery and flash archives, you can try. Otherwise, I advise those who have higher firmware to roll back the bucket to 4.4.4 themselves or take it to a service center and they will flash it for you, it’s not expensive. Plus, it’s much more convenient
to work on 4.4.4 than on higher versions.
lecturer: And here is a link to 4pda there you will find an installer for 4.4.4. (and versions higher)
lecturer: https://4pda.ru/forum/index.php?showtopic=425052 lecturer: After installing the xposed framework, install the following programs
lecturer: device id changer Pro name Pro Proxy Droid DNS Forwarder ccleaner Location cheater
lecturer: all these programs are downloaded in the play market lecturer: xprivacy
root cloak
lecturer: these programs are downloaded by xposed installer. go to the download section and look for them in the search and install
lecturer: Well, an important note. apkpure.com immediately bookmark the site, and download the sim card applications (green SIM card on the label)
lecturer: When you have installed all the above programs, you need to go to the xposed installer, modules section and check the boxes on all modules (device id ch/root
cloak/ xprivacy)
lecturer: Then go to the framework section and press quick reboot so that the modules are installed; if this is not done, the modules will not work correctly
lecturer: At this stage, our device is almost ready for insertion
lecturer: Now I’ll tell you a little about the xprivacy module, a very useful thing when you work with serious shops, banks, etc., I personally use it to replace a SIM card, in fact it has more capabilities, go into it and go to the parameters section, touch only those values what is connected with the SIM card
lecturer: and this is
lecturer: phone number lecturer: MCC
lecturer: MNC lecturer: country code lecturer: operator lecturer:
ICC ID lecturer: subscription ID
lecturer: Let's take the number 4356681778 as a basis, if someone adapts to the holder and needs to break through operator
, go here http://www.whitepages.com
lecturer: What is MCC, you can find it here https://m.wikipedia.org/wiki/Mobile_Country_Code , from the same page you can take the value for our parameter in the program
lecturer : MNC is the operator code, you can also look up the code of the desired operator (the desired country) here https://en.wikipedia.org/wiki/Mobile_country_code
lecturer: the country and operator are all clear here
lecturer: Now what is icc id and id subscriptions, and how to register it
lecturer: icc id is the SIM card serial number, which always consists of 19 digits
lecturer: https://i.imgur.com/HzmKDk7.png
lecturer: the first 2 digits 89 are always set by default, this applies to industry, its identifier
lecturer: Next, what is highlighted is the country code
, length from 1 to 3 digits https://i.imgur.com/5uIizLl.png lecturer: in USA it is 01. in other countries the meaning is different (more precisely, the most distributed throughout the US 01) lecturer: So since we adapt to the US, in the ICC ID value the first 4 digits will always be 8901, and the remaining 15 digits can be written randomly
lecturer: https://i.imgur.com/1xoxBvF.png in the middle, by the way, this just a random SIM card number, and the very last digit is calculated by the Luhn method
lecturer: https://en.wikipedia.org/wiki/Luhn_algorithm
lecturer: it is used, for example, to calculate the number of a bank card, etc., if you work in Karzha I think sometime listen to this
lecturer: Subscription ID (in xprivacy) In general, this is called sim imsi. How to register it. We look at the picture https://i.imgur.com/uAfNjDl.png , it always consists of 15 digits. First we write the MCC value, then MNC, then we write the remaining numbers randomly, so that in the end there are 15 characters in this field
lecturer: How to make sure that the data is replaced when you install a new application, xprivacy throws
a notification, and the data that needs to be replaced, click on the deny button
lecturer: And this is where the simcard application comes in handy, which will help you learn what values to replace
lecturer: Now I’ll describe how it happens by typing in the
lecturer: put SOX in the proxy droid, enter ip, port there
, don’t forget to specify the type of proxy, also try to check the box so that the DNS is from SOX, but if the Internet doesn’t work, turn off this option and everything will work (if SOX doesn’t work) dead) and turn on
the lecturer: Go to whoer.net, look at what time zone, go to the settings, set the time zone and language for the holder lecturer: if DNS does not work through the proxy droid, then go to SdnTs fYorwXardMer, Select ipTi.vruOemMego lecturer: then to location cheater we set the coordinates, I usually set them a couple of meters from the desired address (under the IP or spike address)
lecturer: go back to whoer and see if everything is set up correctly
lecturer: If the sox goes off, turn off the proxy droid, dns forwarder, and cheater, and turn it on again them, this does not happen on all devices, but personally, for everything to work normally, I turn these programs on and off a couple of times, it’s annoying, but what can you do) lecturer:
To check whether the location cheater works or not, download Google Maps, and look there ( press the button my location)
lecturer: If everything works, then download the desired
application and open the root cloak
lecturer: go to the root cloak, go to the first section (add/remove application), click on the plus sign, and look for our application, after that, to save the settings, go xposed installer, framework section, and click quick reboot. After this,
lecturer: even if you delete this application, the root cloak will remember it and you don’t need to do this every time lecturer: After typing in, to start the next one, you need to go to device id changer, in the first in the device id section, click random all and apply, then go to the xposed installer section, framework, and click quick reboot so that the hardware changes
lecturer: and so, with the system, change the data lecturer: Now we install the application again and drive in, do not forget to change the data in xprivacy
lecturer: If you need to forcefully beat the stick and so as not to download the application every time, not to log into your Google account, which is very tiring, we use the website apkpure.com, where you can download the application and add it to your phone
lecturer: that is, how they worked out the account, deleted the application, changed the data, rebooted the device, just install the application again lecturer: Now let’s move on to entering from the browser lecturer: Everything is much simpler
here, in general, any version of Android is suitable for working
lecturer: for working with the browser we need
a lecturer: 1) the browser itself (chrome.ff, the native browser
of the phone)
2) ccleaner (or application manager, available in the settings on each phone)
3) proxy droid
4) dns forwarder
5) location cheater
lecturer: in the case of working with browser, it is not necessary to change the hardware, but it is advisable to reinstall the browser, and clean it
lecturer: Having driven in almost the same as from the application, we simply skip the points with device id changer/root cloak/xprivacy lecturer: they mainly hit from Mozilla (since there webrtc is disabled in the same way as on a computer), or from your native browser (a rarity on new versions of the bucket). we clear the cache (and history) through ccleaner or the application manager after each typing, be sure to
lecturer: on apkpure you can download previous versions of
the application (if, for example, you need different versions of the browser)
lecturer: Oh, and I forgot to add, I usually work from under the left sim , but for those who work with wi-f1, for example, you need a VPN, in general Tunnel Bear is convenient (download on Google Play), everything is intuitive there, turn it on before the proxy!
Poker
lecturer: Hello everyone. Today is a lecture on a poker topic. lecturer: I’ll say right away that this topic is too complicated
for people unfamiliar with online poker. Therefore, for beginners in the shadow sphere who have never played online poker (getting together with friends over beer with bets of 50 rubles does not count), I strongly recommend skipping this information and going to practice with something more understandable.
lecturer: A little theory and terminology. Accounts are divided into 2 types:
lecturer: Slivnoy (also called Karzh) - an account with “left” money, it happens:
Samoregi - with a deposit through SS or BA
Brute / from logs - an account taken from the user with his own money (brut - brute force passwords, from logs - by
infecting the user's PTC)
KET.COM
lecturer: Withdrawal (vyvodnik) - an account with clean money intended for further winnings from drains and withdrawal to payment systems.
lecturer: The idea of making money in poker comes down to making the money on the drain account (black) your own (white/gray). There are two options: withdraw from the withdrawal act to a payment system to which we have access, or deliberately lose at the poker table to the withdrawal act and withdraw from it to the payment system.
lecturer: Key actions at the start of work:
First, we create a profile on 3+ thematic platforms, this is very, very important, this way you can find the necessary contacts and material much faster. lecturer: Secondly, read my articles on working with Dediks.
Dediks are the main material when working with poker; by learning to work correctly at the start you will save a lot of time.
lecturer: The virtual machine is critically unsuitable for poker rooms where you need to install a client to make a deposit/game, because the installed client blurts out virtualization lecturer: VNC are probably a good alternative to RDP, but there is a moment, the holder in a parallel session will see the installed client of the poker room
lecturer: On Dedik (RDP) you can create a separate account and install the client only for this account, this is important to remember when installing the application lecturer: Methods for creating a drain account:
lecturer: 1) Selecting a country
Based on the countries suitable for us to create accounts, we determine it with a very simple action - open the client of the poker room we need, find a tournament with the maximum number of registrations and look through the list of participants, look where are they from? Next, we go to the store / material seller (dedics / tunnels, SS) and see what kind of material is available. From which country there are many players and for which there is material, we begin to test. lecturer: - 2) Choosing a method for creating a balance
There are 3 options to get a drain account with a balance:
• a) Self-registration and make a deposit on it We register an account through a poker client (after downloading it), for this we
need a valid email (the client checks the possibility of
delivering letters and swears if the mail does not exist), come up with a login and password.
You can buy mail here - https://buyaccs.com/
After registration, I do not recommend immediately pressing the deposit button and entering the CC number, click on the tabs of the poker room for a while, open tables for play chips, play for 5-10 minutes, only then go into the deposit and start with a small amount ($30-150) . If possible, enter any code that provides a bonus upon deposit, you can find it in a few minutes by using Google or at the office. website.
lecturer: b) From brut / zero logs and make a deposit or with a
ready balance
We go into the account, you can also play a little with the conditions, then if there is mail from aka, then go into it and set a filter on letters from our room so that they We immediately left and the holder didn’t burn us.
Now we take the CC and put it in the account, I also recommend making the first deposit up to $400.
lecturer: At this stage we have an account with a balance, all that remains is to monetize it.
lecturer: Options:
1) Sell for a percentage, a so-so option, you won’t get a high percentage.
2) Lose money at the table to another account that already has the required payment card linked to it.
3) Link your payment card to this account and withdraw money.
Option 2 is the most preferable, but the main thing is not to be greedy, pour carefully, little by little, preferably on 6max Omaha tables.
lecturer: IMPORTANT!!! Don’t be greedy, there are situations when you really need to win a hand on the account where the flood is being made, but the cards are laid out in such a way that the drain account has an extremely strong combination. Lose to him, even if you have to spend several hours to restore your balance - this is much better than having both accounts blocked.
lecturer: Depends on the poker room, some are very
strict and you shouldn’t work with them, some have no BBB lecturer: The same with cards, some have a forced BBB for each transaction, some require a certain amount lecturer: That’s why
I in the lecture I recommend starting with small amounts of $30-150
lecturer: I myself always worked only with Stars and 888 poker, there was no forced one on the WBB PS, on 888 it was from $150, but it also allowed any transactions from certain bins in Australia and New Zealand without VBB lecturer: Yes, an important point, almost all poker rooms do not work with the USA, so we will need material from Europe, Asia or other countries
lecturer: Now let’s talk about the “output”
lecturer: Where to create?
1) A physical PC is a reliable option, but not with the volume
very comfortable.
You can start from your PC and ask your friends for access via teamviewer.
Used PCs can be used again by changing the HDD/SSD and network adapter, IP - the easiest way is a new modem.
lecturer: At the initial stage, I recommend this option, because your funds will be maximally protected and the room cannot have any complaints about the hardware.
lecturer: 2) Mobile. The device is an equally reliable option, but less convenient at the filling/pumping stage, but easier to change.
Everything is the same as in the first point, only now you have a small device.
I don’t recommend cleaning; it’s also a good option to change used handsets + a new SIM card.
lecturer: 3) Dediki - not very reliable, but convenient and easily replaceable.
I’ll say right away, forget about server operating systems - they are not suitable for us.
The main advantage of Dedik is scalability, how long will it take you to find 15 different phones or PCs. With Dediks, $150 and now you have 15 unique configs on home Windows.
Another advantage is that they are located in different regions.
That's where the pros ended and the cons began. and they are quite significant.
The first and worst thing is the lack of guarantees that
the Dedik has not been used before you for the same poker room, this leads to automatic blocking of the account with a bunch of unpleasant verifications, in the end you will get your money back in 90% of cases having the necessary set of documents
, but there can be no question of any kind of gulf + this procedure is not quick, at this time the money lies like a dead weight.
Second and no less unpleasant - the grandfather can die at any moment, changing the individual entrepreneur is bad and can also lead to verification. Well, the most unlikely, but still possible point, because... Not only you have access to the Dedik, your account can simply be taken away. lecturer: An important addition to the information on the withdrawal is the country, RU/CIS is quite a good option, it’s easier to work, and we don’t violate any laws globally, even if proving the fact of deliberate draining of money is only a violation of the rules of the poker room.
lecturer: How to create an account and make a deposit?
Registration of a poker account costs on already purchased documents, complete with pass + selfie with pass in hands, the country of documents must correspond to the individual entrepreneur from which you are logging in, I always chose RU.
This is the most important part, all other documents are easy to draw, but it’s better to have a pass + selfie prepared. Next, we need to make a deposit using any of the methods offered by the system.
lecturer: After the withdrawal you need to pump up and make a beautiful bay, the main conditions are:
1) we play a certain number of hands at the same tables where we plan to drain the balance from the card (to the bays)
2) we pump up the account with successful deposits/withdrawals of funds (to the bays)
3) neat game during the drain, don’t be greedy and don’t collect 100% of the balance for yourself (no more than 70%, with the exception of super successful situations, for example, they give you AA, and Karzh the KK account) lecturer: This is where the main theory ends, with each individual
poker- The room has its own moments, which can only be verified in practice, good luck.
Enroll
lecturer: Let's start.
lecturer: My nickname is Fox. Today I will be your lecturer on the topic Enroll.
lecturer: I'll tell you what it is, where to get it, and how to use it. In my opinion, this is the easiest way to work with a duffel bag.
lecturer: What is Enroll?
This is the most common CC (credit card), or a debit card (but for all the time I worked on Enroll, I found only one bank that allows me to sign up for a debit card) and a personal account for this card.
lecturer: Changing the Billing address
Most banks allow you to change the billing address online in your personal account to the one we need
(drop/client/intermediary).
lecturer: Why do we need this? In the USA there is a system for reconciling billing addresses and shipping addresses, called AVS. You should have already learned about this from the first lectures. And in USA, most shops are very principled in this regard.
lecturer: If billing does not coincide with shipping, then the shop will either refuse to place an order, or they will bombard you with a bunch of different checks and verifications.
lecturer: So, to get around this, rollers will help us. They have the opportunity to change the billing address of KH to your own.
This is all done very simply in your personal account. Just fill out the form for the address you need. After that, go to the store and hit billing=shipping.
lecturer: As a rule, a shift lasts 2-5 working days (depending on the bank, most often – 3). Weekends don't count.
lecturer: I would also like to note that not all banks have this opportunity. There are banks where the billing change occurs by dialing, or there is no such opportunity at all.
lecturer: Mini-deposits/Miniks
Also, access to your personal account allows you to view mini-deposits (Mini-deposits/mini-deposits/miniks). lecturer: This is a micro-transaction that the store charges you. As a rule, the minimum amount will be around 1-2 dollars. This transaction serves as a verification of your card in the shop
lecturer: The shop withdraws a small amount of money from you and
asks you to say exactly how much they took from your card, or the transaction code that came with this miniphone
lecturer: If you named it, then that’s it Ok. The shop’s level of trust in you increases significantly and 99% of the shop will not have any problems with this order, but this only applies to those shops for which minis are everything. lecturer: There are shops that don’t care about the bill=thorn, the main thing for them is to verify the minis. If they have verified the miniki, then with the order there is a 99% chance that there will be no problems.
lecturer: I’ll give you a couple of examples so that you understand what I’m talking about.
lecturer: I have a roller of some bank that allows you to see miniki instantly (without waiting). [19:19:03] lecturer: I go to Steam and type it in for a hundred bucks. Steam immediately blocks my account for a week to manually verify this operation, or offers to accept miniks for verification.
lecturer: I send these mini-transactions, Steam sends 2 mini-transactions. I go into the roller, see which two transactions came from Steam, and confirm them in Steam. That's it, the hold is removed, Steam has gotten used to the card, and then I undress this card in the same Steam without any delays or holds.
lecturer: Second example
lecturer: Skrill without a minicum allows you to deposit 140 bucks into your account, but if I confirmed the minicum, then I can already deposit up to 5k there.
But I want to note in advance. Most offices are a la
Steam, Skrill, etc. Already jacked up by the rolls and missing certain beans/pots/cards. How to find out which one will be allowed? Check using the “Trial and Error” method, or find out from those who already know (but they are unlikely to tell you such information for “Thank you”)
lecturer: VBV/MCSC
This can be said as an Internet pin code. If in the CIS it comes via SMS, then in the US it is static, that is, one and does not change. KX installs it himself.
lecturer: VBV(Verified by Visa) - if the card is VISA. MCSC(MasterCard Secure Code) - if the card is MasterCard. Amex and Discover do not have this type of protection at all.
lecturer: Usually you can install it by driving it in. At the time of payment, a window will pop up and ask for this code, there you can either immediately put yours, or simply reset the old one and put yours in the same way, or install it in advance.
lecturer: Here is the website for Visa: https://verified.visa.com/aam/activation/landingPage.aam There is a similar one for MasterCard. I didn’t save it, but you can find it on our forum, the lecturer mentioned it more than once: As a result, if the shop has a VBV code request and you entered it, then this is another good plus in the shop’s trust in your purchase lecturer:
Yes such shops and services that
will not process an order at all without the BBB. lecturer: Changing the phone
The last point that we will consider from the advantages of enroll is changing the holder’s phone number in the card.
lecturer: It’s no secret that we can call with a substitution of the number that was specified when purchasing the card / or we found in the office, but the shop can always call back the number from which we called.
lecturer: If the shop does this, then they will end up on the holder, we don’t need that. Even a call from our own number, which we could buy on Skype, will not save us, because the shop now very often calls the bank to verify the address, name of the holder, as well as his phone number.
lecturer: And if the bank says that the information does not match, then the shop immediately cancels the transaction, and the bank blocks the card. It's over, we don't have a warrant, and the card is dead. lecturer: In this case, enroll will save us. Along with
the billing address, we can also change the phone number. As a result, when the shop calls the bank, all the information provided matches and the pack will safely go to your drop. lecturer: But there is another side to the coin. Recently, many banks, with any suspicious activity on the roller, can ring KH. That is, if their fraud (more on that later) didn’t like something, then, for example, when changing billing, they can call KH and clarify: “Are you changing the billing?”, KH, of course, will answer that it’s
not
him , and the roll will die, the card will be reissued. lecturer: Where can I get it?
We now know what Enroll is, the next question arises: “Where can I get it?”
lecturer: There are two options: Buy from us on the forum, or install it yourself.
lecturer: First method:
Go to the forum section “carding offers” and buy enroll from your favorite seller
lecturer: Second method, more difficult, try to roll on your own
lecturer: I can warn you in advance, you may win on the first try, or maybe you won’t be able to roll the card on the fifth.
lecturer: My first roll turned out right the first time, and then I couldn’t make 6 cards in a row.
lecturer: In this case, we must know the banks that roll with a minimum of information, we must buy a CC, and get that same information to it
lecturer: Different banks require different information for enrolling lecturer: They can simply ask for SSN/DOB, or they can also ask for a hard drive mother's maiden name, PIN code, billing phone number, answers to the holder's background, code provided by the bank, account number, and so on. lecturer: We need those who ask for SSN/DOB SSN - social security number of the holder DOB - date of birth of the holder
lecturer: We have many services on the board that
deal with this type of penetration, I recommend contacting the Syndicate.
lecturer: Next, having received ssn/dob, we go to the bank’s website and try to make an enroll by filling out the appropriate fields with the
information required for this.
lecturer: If everything is smooth, then we get the same enroll
lecturer: What could be “not smooth”:
You enter your data, but it doesn’t allow you to roll out the card, there are several answers:
• The card is dead
• The information is entered incorrectly
• The card does not belong the person who was indicated at the time of purchase, and the real holder is mom/dad/wife/husband/son
• The card is not the main one, but serves only as an additional card that is linked to the main account of the husband/wife/mom/dad or someone else
lecturer : Sometimes, when it wrote to me that the data I was entering was not suitable, but the card was 100% valid, I could also enter the husband/wife’s data, and very often it would work and the card would roll, this often happened with boa and synovus banks lecturer
: But I recommend doing this when you have experience and free money
lecturer: And the last option:
• The card was rolled out before you, that is, the holder has already registered a personal account.
We will look at this in more detail. lecturer: Primary Enroll and ReRoll There are two types of Enroll
1. Primary - the holder has not yet created a personal account before you, and you can easily do it yourself
2. ReRoll - a personal account has already been created before you, BUT the bank gives you the opportunity to restore your login and password. More often
all for this we need to have the same information as with the primary enroll; sometimes we can get to the holder’s background in the form of secret questions.
lecturer: Also, many banks for ReRoll require you to specify a set Username or E-mail. In this case, most often, there is no point in fighting further, because the information for recovery will be sent to the KH mail.
lecturer: To get to Primary Enroll, I can advise you to take cards with a maximum expiration date, cards, that is, freshly issued cards, with an expiration date of
**/21 or **/22
lecturer: The longer the expiration date, the better
Much more likely that the holder did not get around to creating a personal account
lecturer: As a rule, the balance that we can use is signed – available credit.
The balance that KH spent is Current Balance. lecturer: I’ll tell you for those who don’t know how
credit cards work. Roughly speaking, KH takes out a loan from a bank, and these funds are kept on the card, and not in cash.
Accordingly, Current balance is that part of the credit funds that has been spent, and Available credit is how much is still available. Don't confuse these concepts!
lecturer: 444796 - here is the credit one bank bin. It rolls and re-rolls very easily, but the balances there are whiplash. You can practice on
this bank, since it allows you to reroll and 9 out of 10 cards roll, but you will rarely see even 1k there. You can just fill your hand.
lecturer: The last bank I used was Boa,
there are usually good balances, but many cards have already been rolled, a reroll cannot be done, and primaries are rarely found.
lecturer: I'll tell you how everything happens for me
lecturer: I take beans that I know will roll and go to XTA and see what's available
lecturer: I select several cards, punch a dc to them, and try to roll
lecturer: When enrolling, I take grandfather/ ssh/sox for the card holder lecturer: I go to the site and try to roll
lecturer: I put off all the cards that I managed to roll until Monday
lecturer: On Monday I take sox/ssh/ded already under the drop stuff and change the address
lecturer: Then the address changes from 2 -5 days of weekdays, weekends are not taken into account
lecturer: Usually I wait until Monday again and go to type it in. You shouldn’t just bomb the roller into a bunch of places, just put it in one shop, wait until the pack is delivered and go drive it in again if the card is still alive.
Gift and E-Gift
lecturer: During the lecture, I will cover this topic and give you an understanding of this niche as deeply and comprehensively as I can do based on my experience in this area.
lecturer: Physical Gifts and Egypts
For those who do not know: Gift - translated from English - “Gift”. This is a gift certificate, a prepaid card, for the nominal amount of which you can buy goods in
the store of this gift.
lecturer: Gifts are physical and electronic, Gift and E-Gift. Physical gifts come to the recipient (or buyer) by mail or mailbox in real life, while electronic gifts come to the recipient (buyer) by email (e-mail).
lecturer: The main difference between driving in physical and electronic Gifts (hereinafter referred to as Egypt) is manifested in the following subtleties of work:
Physical Gifts require addresses for reception, most official intermediaries do not accept them, in most shops they cannot be recalled, the time difference between entering and receiving a ready-to-use Gift in your hands, and the AVS system will not always
allow SopTdeYr.
XMARKET.COM
lecturer: You can purchase a physical gift directly in an offline store, come and simply pay with it at the checkout. This is also possible with Egypt, but not in all shops.
lecturer: Although antifraud is stronger in Egypt, there is no need to bypass AVS with them, there is no need for drops, intermediaries and waiting several days between entering and receiving, therefore you can turn over funds within the work much faster. Gifts are sold mainly in denominations from $1 to $1000. In some stores, you can add several Gifts when paying.
lecturer: Shops are divided into several main types:
• Point. The shop sells its own gift cards
from its own store. Such shops have weaker antifraud compared to the next two types of shops.
• Multi-gift, resellers. The store sells dozens or hundreds of Gifts from various shops, for example: ebay.com. Such shops have average antifraud.
lecturer: - Units. Direct manufacturers and at the same time sellers of gift cards, their anti-fraud agents are the strongest.
You should immediately realize that if point shops have weaker antifraud than aggregates, this does not mean that it will be easy to break through them.
lecturer: Direct driving in Gifts - driving directly into the shop whose Gift you plan to get. (Buy ebay gift on ebay). By driving into the intermediary - obviously, by driving into the reseller. Resellers usually get through easier (especially not public ones), so be guided by this. Look for shops the same way as everyone else; a couple of additional life hacks will be in this lecture.
lecturer: The following parameters will directly influence the result of the work:
1. Device + system
2. IP
3. Cards
lecturer: Since I reveal these points in the lecture “Driving from A to Z”, here I will tell you in a nutshell what directly affects for working specifically with Gifts, for a detailed discussion of the topic of the system and IP, see the lecture “Driving from A to Z.”
lecturer: 1 - Device. Top shops are difficult to access from
a regular virtual machine, since antifraud detects them. For top shops, you need to use either real devices (for example, a mobile phone), or remote access (dedicated computers, VNC machines), or antidetects.
lecturer: 2 - Much depends not only on the purity of the IP address, but also on the provider. There are providers that are at risk for antifraud, and there are also hosting providers. The use of such providers has a negative impact on typing. Pay attention to this and write down the provider.
lecturer: A couple of examples of well-proven Internet companies from personal experience: qwest, charter, cox, att, verizon, comcast. You can look at them in the store when buying a sox or
tunnel. A couple of examples of the bad behavior of our own
providers: rr.com, myfairpoint.net. But this does not mean that
you can forget about cleanliness. On the contrary, the purity of the IP for blacklists and risk proxies is no less important.
lecturer: 3. Maps. I recommend using the least popular jars. NOT like Chase, BofA, CapOne, WellsFargo and others. Naturally, you can get money from these and other popular banks, however, the throughput from lesser-known banks is higher. The level and type of card is not critical. Most often, MasterCard and Visa are used for entering. Amex is also possible, but with Amex, bins play a key role, and charges are much faster. lecturer: Checking cards before inserting
Cards should not be checked before inserting Gifts if you are not
sure of the bean and checker. Firstly, because she herself
The purchase of Gift is one of the high-risk operations performed by banks.
lecturer: Secondly, because the checker often kills cards and is an even more fraudulent operation than buying Gifts, in total these two parameters increase the risk of card death, and therefore a waste of time and unsuccessful insertion.
lecturer: Brutus accounts + change of billing
You can also write brutes for shops, download mail-pass databases and collect accounts of these shops.
lecturer: Often in a store the holder leaves his card attached, and you can also buy a gift from it. But there is a problem here - CVV. Even if the card is saved, in most shops (and in all large ones) CVV will have to be entered every time you make a purchase, and since we don’t own the name, we have 3 options for using brute accounts, namely: lecturer: A) Search for shops where
CVV is saved. There are some,
but they are mostly small, so finding them is not easy.
B) Changing billing (adding a new one) in addition to the holder’s billing. We take the engaged account and simply attach a new card and billing to it.
lecturer: What's the point, you ask? - The point is that this account was created by a real person, he made successful purchases without charges, therefore the antifraud is more loyal to him than to the novoreg. lecturer: But do not forget that adding a new card and billing address to an already existing account is a relatively fraudulent action, so this
method of driving is not a panacea, but it has a place. Sometimes you can debug accounts, add cards/billings and wait a week or two, it makes sense.
lecturer: I’m talking about this type of driving not because it is a priority, but because it exists. In fact, for most large shops (for example, mircosoft, walmart and others) there are incredibly few brutes, or they work extremely unstable, which makes this type of work difficult - find an encoder, pay, find good proxies for brute force, a bulletproof server, and so on .
If you decide to try yourself in this niche, at first
never start with large, world-famous shops.
lecturer: C) Purchase with bonuses. Some stores have this, accumulative points and discounts, but I have almost never seen this.
lecturer: Driving from a stick.
Entering PayPal from Brutus is possible in the same way as from cards, but here shops play a key role. Because Gifts mostly come to your PayPal account email, which we almost never have access to (unless you use soap+stick) or buy a software with access to soap. When driving from a stick, the shops must be selected carefully and tested intensively.
lecturer: Driving sticks from self-regs is real and works,
but there are other ways to pour self-regs more profitably and easier, so few people do this.
lecturer: You can ring Gifts in the same way as you do other goods. But not all shops treat this well, and
some, on the contrary, only ring and drive it in. I don’t recommend starting with this, but it’s important to take note of this option.
lecturer: Emails and messages
When purchasing Egypt, in most shops you will be asked to enter the recipient’s email, then, when registering or entering, your email. Not only the domain zones of the mail (gmail.com/yahoo.com/etc.) are important, but also the text in it before @, since the antifraud pays attention to this and it happens when the order is canceled only because the antifraud did not like your email.
lecturer: When registering, I recommend entering the cardholder’s first and last name from the card, and choosing a domain zone that is as natural as possible (not mail.ru) and least fraudulent (not mail.com). The best options: corporate mail (mysite.com), gmail.com, hotmail.com (outlook.com), yahoo.com.
lecturer: A good mail for the holder will look like “first name-last [email protected]” after registration, for example, [email protected] . Numbers in the mail are normal, since often the name is already taken during registration - [email protected] .
lecturer: We've sorted out the buyer, now about the recipient
• everything here is the same as with the holder, with the exception of the domain zone. For variety, it is recommended to use a different email domain from the buyer (that is, if @gmail.com is the buyer, then @yahoo.com is the recipient), in fact this is not critical, everything else is the same. If your imagination is weak, you can
generate the recipient’s name, for example, here:
http://www.fakenamegenerator.com/
lecturer: Of course, there are shops where you can send directly to your email, but if the shop asks you to enter the recipient’s email, enter it there holder mail will be suspicious and unnatural in most cases.
lecturer: On the page for placing an order and selecting an Egyptian denomination, it will be possible to enter a personal message to the recipient.
This is a really influential point, and it directly affects the result of driving. Even if everything is perfect (system, card, mail, and so on), but the message says something unimaginably stupid or suspicious, then when processing an order (especially manually), the order may be canceled even because of this.
lecturer: There have been cases when gift cancellations were due to illiterately written texts where it was obvious to the store manager that the buyer was not an American, sometimes due to a complete lack of message.
lecturer: Give free rein to your imagination and write, at least, naturally, not necessarily cool and a lot. Write a greeting, a wish, a congratulation, or a thesis/quote from the book. Imagine that you are giving this gift to your girlfriend or sister and don’t think that you are buying it with someone else’s card.
lecturer: Sometimes he can download the text from special sites, which can be found by googling “happy birthday in English” or “congratulations on
engagement”, etc. The downside is that these sites are already dead, so you can and should use them to create a “skeleton” and develop imagination/replenish your vocabulary, but they are not suitable as a full-fledged tool for everyday use. You should not neglect this parameter for driving in Egypt.
lecturer: Continuing the topic of parameters when driving Gifts, let's consider a phone number.
In Egypt, especially in US stores, the passage of antifraud using the AVS parameter plays a very important role. Very important, but, however, not critical. For beginners, when entering mid-level and higher-level shops, I advise you to write exactly the holder number. The reason is simple - 90% of shops do not call, or call only in special cases - when you have not passed the antifraud and they need verification in this particular way.
lecturer: However, these cases are fewer than cancellations due to AVS mismatch. Of course, there are also top liquid shops that periodically call the holder to confirm the order, but they can only be identified empirically, that is, by tests and entries. Smaller shops may call, so you can try writing a different phone number or your google voice/skype. Personally, I always write only the holder number.
lecturer: Shop lists are stingy.
Our and other forums are full of Egyptian buyers, each with their own percentage, reviews, conditions and methods of work, different lists of liquid/illicit Egyptians and shops.
lecturer: Before starting work, I recommend comparing the conditions, percentages and reviews of different buyers; choosing your buyer is a delicate matter
But I started talking about them not for this, but in order to show you the simplest thing - shops right before your eyes, in the topics of avarice you can find both liquid shops and illiquid ones, the gifts of which are easier to get. There are also stingy purchases of purely illiquid Gifts, at a lower percentage, but it’s easier to work this way.
lecturer: The options for where to put the gift don’t end with being stingy on the forum. The Internet is full of sites where you can resell a gift even to Americans who think they are buying a white gift certificate. The simplest example: https://localbitcoins.net/ - here gifts can be bought even at a higher percentage, but sometimes verification is needed, so you need to select the items no less carefully than on the forums.
lecturer: There are dozens of such sites, each needs to be
tested and analyzed, on each you can find some interesting shop that is not on the list of forum stingy people. Having put the matter on stream, the sale of Gifts can be launched not only on specialized sites, but even on ebay.com, but beginners will understand this only with more experience, and with more experience the complexity of the work increases a hundred times, keep in mind.
lecturer: Liquid and illiquid Gifts can be determined by
the proposed percentage. The classic interest rate for illiquid assets: 25-45%, for liquid assets - 45-90%.
When displaying or offering a gift not from the list and offering a percentage, be guided by the store’s assortment. If it contains equipment, ask for from 40 to 70%, if things - 25-50%, depending on the brands.
lecturer: Merchandising
Merchandising of gifts to the address of intermediaries or drops is carried out from an IP for the state or city, from Dedik, SOX or tunnel. In this case, it is not necessary to use the
same name that was listed as the recipient of the gift upon purchase. Basically, only very small shops can “ask” for this, and if something happens, you can solve it by calling.
lecturer: When purchasing liquid gifts from top shops, try not to use corrupted addresses of public intermediaries, otherwise your account may be banned and you will lose the gift.
lecturer: It is better to check the balance of a Gift (validity check) on the shop’s website from the IP of the country of the shop; do not check with the VPN of Germany or your home IP address, otherwise the system may block the Gift. It is not recommended to purchase gifts day after day, wait a day, and here the working hours are already important, since physical stuff is generally not sent on weekends. lecturer: Spike small stuff on kh and add goods to cart.
Many people who drive Gifts sooner or later ask the question: “What if you add socks for a dollar to the
shopping cart in addition to Gifts and buy them to the holder’s address? Will this increase the loyalty of the anti-fraud?” The answer is NO. lecturer: In your portfolio, Egypt still remains, and the analysis of the order by the antifraud will still take place as an order with Egypt. It only makes sense to do this at different times - today you bought socks and warmed up the shop with it, tomorrow you bought a gift from the same account
lecturer: Adding and removing an item to the cart as a way to warm up the shop is possible, but not necessary. Surf the store, read product descriptions, look at the catalog before directly purchasing Egypt - yes.
lecturer: By interrupting previously used cards and shop accounts
By interrupting as a phenomenon can be divided into two options for actions with a card:
A) by interrupting cards after the Decline or Cancellation
B) by interrupting cards after a successful order and spent Egypt
lecturer: Let's consider each of the options in more detail.
A - this is done in cases where you are not sure that the cancellation or declaring was due to a dead card.
Roughly speaking, if we didn’t pass the antifraud, we went to try our luck at another store. It makes sense, since sometimes it works, and there is no need for any costs for the material, the only thing is that when entering into 2 different shops served by the same merch, re-entering will almost always be useless, since your data is already in the system, because the merch two different shops have one in common, so pay attention to the merch.
lecturer: With option B, we have several decisions that need to be made before driving. The first and most important thing is to go to the same shop or another? On the one hand, the store already knows us, we carried out a successful order and it seems like this should add loyalty, on the other hand, it may also arouse suspicion in the store due to the uniformity of the product and the actions of the buyer.
lecturer: From the recommendations for making this decision, I can only say - make a decision yourself, depending on whether your access (Sox, tunnel, Dedik) is still alive or not. If you are alive, then you can try to enter it into the same shop from the same IP; if not, we replace the IP and go to another shop.
lecturer: The second question is how much should I charge the card? More, or the same, or less? I usually focus on the level and type of card. If it’s a low-level debit (classic), then I’ll bet for the same amount as before. Accordingly, if the card level is higher (platinum and so on) or the credit type, then you can try to increase the amount.
lecturer: The downside of interruptions is that we don’t know if she’s alive
This card is still there, and the plus is that we don’t have to buy it; interrupting brings an intuitive understanding of the antifraud work of specific shops and their attitude towards repeat purchases, and it also gives working bins. When interrupting, it is recommended to change the recipient.
lecturer: The most important advantage of interrupting lies in a simple truth: it will significantly reduce the time to identify the causes of declarations and cancellations, will direct you on the
right path and indicate where to look for errors, and, therefore, sooner or later will lead to a solution. lecturer: Decline or kancel? But did it go to another shop? - The conclusion is simple, the shop or bank did not pass the antifraud!
Decline or cancel in several shops? - Conclusion: the bin is crap/the card is dead or the sox/system is bad. You can try to find a trouble-free shop with wild illiquid goods and check the cards on it
lecturer: Based on this, create your own method for identifying the problem, because Training is Study. Learn to learn, as
the lecturer says: Time of day for driving and time of response from the shop (final result)
Often beginners ask the question - What time of day should they hit? Answer: depends on the store, its schedule and working days.
lecturer: Some large shops can issue Gifts instantly even at night on weekends, while in small shops you will have to wait for business hours on weekdays. Start hitting on weekdays; as you gain experience, you can hit at any time of the day and thus find out how the shop reacts (test it).
lecturer: Several types of shop reactions for understanding:
1 - Gift arrived instant (instantly, up to 5 minutes)
2 - Gift arrived within 1-12 hours. - this is the average processing time given the store’s working hours. This is fine. But, if the same shop has previously given you an instant gift, it means this time you fell short somewhere in passing the antifraud and the verification process was delayed
or turned into a manual check.
3 - Shop requested verification. I talk about verification in my lecture “Driving from A to Z.”
4 - Instant cancellation (multiple order cancellation) - the shop didn’t like something so much that it sent a refusal instantly. Sometimes it can mean cancellation by the bank or a dead card. You can try to get it to another shop.
(19:59:20) lecturer: 5 - Processing took a day or more - manual checking in large stores, sometimes means trying to call the holder or dialing in after hours. In a nutshell: either they didn’t reach it enough, or they hit it at the wrong time.
Record the time and results (reactions) of each shop and merch to acquire methods of working with them.
lecturer: Profit arithmetic
Let's assume we buy cards for $10/piece, sox or tunnel $1.5/piece - the minimum set of necessary tools for driving. If you beat with Dediks, instead of sox for $1.5, add the price of Dediks, that is, from
$4 to $10-12/piece. Prices are average, they may vary depending on the shops.
lecturer: For this, let’s take a liquid gift with a face value of
$100, which is bought at 60%. We add up the costs of materials, calculate our percentage from the nominal value of the Gift, remove the difference between costs and revenue - we get net profit. (10+1.5) - (100*60) = $48.5 net profit from one successful liquid Gift made on the first attempt.
lecturer: But everything is not always so smooth, because on the first try the gift may not come, and then the costs will increase, and in order to break even you will have to try to drive in gifts for increasingly larger amounts, 150, 200, 300 $ - and in top shops such amounts you need to be able to drive it in, because they have a strong antifraud system, newbies will simply lose money and start whining that karzh is dead.
lecturer: This is why I advise everyone to start driving in
illiquid Gifts, which are bought at 25-40%, depending on the store. With the same costs for the material, gift denominations can be successfully carried several times higher relative to liquid shops, since mid-range stores are much easier to get through.
lecturer: Costs: $11.5, gift denomination: $300, percentage is stingy 25%, then net profit = $63.5 - even more than from a liquid gift, but at the same time bypassing antifraud is almost much easier.
lecturer: Everything is important in gifts.
Time of day, map, ip, operating system, device, emails, addresses, banks, shops, merchandise and everything that I listed in the lecture. All customizable parameters must be brought to the point of automatic reproduction, all theoretical knowledge must be brought to the point of bouncing off the teeth, all unknown X and Y must be learned to be calculated by the method of elimination and through testing.
lecturer: Only then will you be able to adequately work in
plus on Gifts, so be prepared to lose money at first if you start your journey with Gifts, and on the contrary, do not start with Gifts if your budget is limited or small.
lecturer: The single formula for successfully driving in Gifts comes down to:
Preparation parameters (ip, system, card, etc.) + shop (merch, nerdiness, liquidity, verification, etc.)
= Here is your eGift Card! A + B = C.
lecturer: When I started working on Gifts, my statistical Excel file contained about 60 entries, of which 4 or 5 were successful. This is 8% success. In terms of dollars, the amount spent on materials at that moment already exceeded $700 before I started to make a profit. Why did this happen? - Because at that time I did not yet know everything that I told you about in this lecture.
Having entered Liquid stuff using Enroll
lecturer: Greetings everyone! Today's lecture will be devoted to the topic of entering Liquid stuff using Enroll lecturer: In this lecture we will learn:
1. How to correctly use enroll when changing billing.
2. Basic mistakes that should not be made when driving.
3. How to build logical chains when typing
4. Well, the most important thing is the result. How to make sure that your favorite Gucci sweater is on your hands!
lecturer: Perhaps some people already have a question, what is Enroll?
That is why, to begin with, I would like to draw your attention to the analysis of these incomprehensible words that will often be used in the lecture.
lecturer: So that you, as listeners/students, do not have problems in mastering and understanding the material. For convenience, you can copy these definition words into your notebook, so that during the lecture you can unwittingly peep if you suddenly have difficulties in understanding.
lecturer: Definition words:
lecturer: Enroll (in Russian “Enroll” or “Enroll”) is a cc (Credit card) with access to the bank, where you can later change the holder’s billing address...
lecturer: Drop - the definition is broad, but in our case it is a person who is responsible for the transfer of goods and services. lecturer: Intermediary - a company that sends your purchased goods from the USA/EU to you in the CIS lecturer: Holder - Owner of the card, bank, account
and TD lecturer: Bill (aka billing) - Personal address of the holder lecturer: Ship - Address to which we order the goods lecturer: Let's
go further
lecturer: Preparation of the material
lecturer: For many beginners and not only, I think the question immediately arises in the head: “And where should we take these same enroll?" or "Who should we buy from?"
The answer to this matter is simple - buy from sellers!
lecturer: There are many sellers on the site selling enrolls with replaceable billing.
lecturer: We need to take enroll with changeable billing online (As a rule, billing changes within 3 days).
Highlight or write down this moment for yourself
lecturer: We will also need a drop, just a drop, and not an intermediary, because billing for an intermediary simply will not change and your material will be blocked lecturer: What about the system?
lecturer: There are controversial opinions on this matter, some people like to beat with Dediks (Exclusively Brutal), some with VNC (Remote computer control, VNC can also be purchased from sellers on the forum), there are many options, they can be listed and listed.. lecturer
: Personally, my first drive using enroll was from Dedik under the city drop.
In any case, the IP address must be not for the enroll bill, but for the drop.
lecturer: Work progress
lecturer: We go to our purchased material, enter exclusively from an IP under the drop. I think many people immediately have a question: “Why change the bill not from the individual holder
?”
lecturer: Again, you can use IP for a holder, but what’s the point of that? We turn on the logic, immediately put ourselves in the place of the holder, imagine, you are moving to live in another city, for example, from New Yourk to Dallas, when you move, you will definitely not think about the fact that you need to change the billing in your bank account right now.
Accordingly, upon moving, you will change your billing address.
lecturer: At this point, I think everyone understands. Go ahead.
lecturer: Immediately after the billing change, precisely from the moment of submitting the application, that is, immediately, we go and select the store we will go to. Remember this moment once and for all, you can break into absolutely any shop! No matter what protection it has, if a shop is created for an ordinary person, then we can make goods from it.
lecturer: I’ll tell you about finding a shop using my example:
When I started working on this topic, I didn’t really worry about finding a shop (Well, some will say, a shop that gives is the key to success) Not at all! The key to success is only in a competently constructed logical chain to break through the shop!
lecturer: And so, at that moment, I went to Google and wrote “buy gucci”, went straight to the 2nd page and randomly clicked on the shop, that’s it! Nothing more is needed! I highly advise against buying shops and engaging in other nonsense.
lecturer: Only your own experience and personal search will lead to success. Remember one thing, no one will ever sell you money for money. (Perhaps on your way you will meet “sellers” who will sell “Magic shops” that give “an apple in a ru”. I think the meaning is clear.) Don’t buy anything from such people!
lecturer: We go to the shop, register with the roller holder's details (Full name enter the holder, billing and shipping address - drop)
lecturer: I think many people will have a question: “why
do you need to register in the shop right away? And if the bill doesn’t change, what’s the point? Until the main tool for driving in is ready, I am always convinced of one thing, 40% of success is warming up the account! This is the most basic part (in my opinion) to achieve results.
lecturer: How does warming happen? And what kind of animal is this? lecturer: And this beast, something between heavy and simple, I would call it faceless.
Warming up work can be done in different ways, but I strongly recommend that you take this issue seriously.
lecturer: To warm up your account, I recommend using as many methods as you know, I’ll tell you just a few of them.
lecturer: 1. Surfing - I think the most popular way to add heat to your account!) Without surfing, you won’t be able to drive anything, only if it’s in the most leaky shop. We need to constantly surf the site, look at the product, read the site rules, look at the product parameters, material, etc.
lecturer: We always put ourselves in the place of a real holder, I don’t think that a holder would come in and make an order in 5 minutes, no! Americans and many Europeans are very sensitive to the choice of any product, even if it’s just ordinary socks
lecturer: A real pendos, before buying any product, reads everything about it, reads a bunch of reviews, thinks 100 times whether he needs it or not, then Let's look at the quality of the material, check it with other analogues of the product,
only then will it buy, I know this from personal experience with pendos
lecturer: We need to warm up our account every day until the billing changes.
Simply put, we logged into the account for an hour or two and looked at the product (
Close to what we will order
the lecturer: For example, if we order a Guchi sweater, we surf only sweatshirts or just a Guchi brand, sometimes we go to something else), the next day we do that same operation and so on until the bill is changed. lecturer: 2. Calling, chat
As practice shows, warming up with this type greatly encourages success. We immediately put ourselves in the place of the holder. Let's say we registered in the store, looked at the product and immediately had several questions, where will our curious holder run to ask them? Of course, online chat. lecturer: The questions can be different, the point is not in them at all, but in the fact that when communicating in a chat, fraud begins to smile at us more and more, because we begin to fit the description of a real holder!) lecturer: For those people who are
friends with English:
Ask different questions: “How long does delivery take,” “And if the item doesn’t fit, can I change it?” , “I want to give a gift to my brother, can you make gift wrapping?” and so on... there may be many questions, use your brain and think!
lecturer: For those people who do not speak English:
On the forum there are many different calling services that have a “chat warming up” service, for a certain amount (usually no more than 5-8 $) they log into your account and communicate with store.
lecturer: There are many more ways, but basically I use these two methods
lecturer: In the next course of work, there are 2 reversals of events: lecturer: 1. The bank changes billing and everyone is happy.
2. The bank blocks the account. What to do in this case? We contact callers, the chance of unblocking your account is approximately 30-40 percent. It all depends on the bank and how much information you have on the holder. lecturer: How much money to buy goods.
lecturer: The question is very delicate, here again, it all depends on the bank and the limit on the holder’s card. How to find out the limit?
Again we turn to the callers.
lecturer: The meaning of the conversation with the bank should be such that the holder wants to make a purchase on the Internet (Suppose you enter in the amount of $1,500) and find out whether the payment will go through normally? I mean, won't there be any problems?
lecturer: There are 2 options:
lecturer: 1. Your future purchase meets the limits and the bank says “Everything is fine, you can make a purchase”
2. Or “Your card limit for online transactions is $1000, we can increase your limit
lecturer: 2 The second option is the most common. We do this not only to find out the limit at the bank, but also to warm up the transaction, what does this mean? And the fact that we have now directly notified the bank that we will be placing an order for $1,500! And the bank already knows about it! What could be better?
lecturer: Always remember. If you have any problems with your order, contact the callers immediately, a good caller can help you out with a lot.
lecturer: If the shop’s problems cannot be solved, the problem is with you, not with the shop! Always check your system carefully to make sure everything is configured correctly. When driving, you need to take into account a lot of factors, not everything is as simple as it seems, with each driving you will become more and more experienced. lecturer: Let's talk a little about the construction of logical circuits and what factors need to be taken into account when driving.
lecturer: This information may, of course, seem obvious to experienced people, but many beginners do not know about it. I will tell you briefly about the main factors.
lecturer: - Set up machine for driving
in Once again, for everything to go smoothly, be sure to use a replacement IP for the drop! Why? I described above.
lecturer: In general, for convenient work and better quality driving, I advise you to buy a sphere, you can read it in more detail and buy it in this topic: lecturer:
Personally, I’ve been using it for 3 months, driving in and other work goes much better than with the same ones Dedikov. And in terms of money, it will be much more profitable for you, the price for a home garden is 8-10 dollars, the price for a sphere is 100 dollars a month, so do the math! Sox cost pennies
lecturer: Also, working with VNC is much better than working with Dedik. When choosing a machine for typing, there is an individual approach from the lecturer: -Mail
Here it is better to use the gmail domain. Also, if the holder’s name is “Leen Helson”, for example, then I advise you to do mail something like this: “ [email protected] ”, whoever deals with email databases will understand that mostly amers use first name, last name or just last name for mail login , the most common type.
lecturer: -CTR+C CTR+V
A mistake many beginners make! Write any data by hand! And only with your hands! You never need to copy and paste anything, be it login, password, billing, and so on...
90 percent of the antifraud system looks at this, because a real holder will definitely not copy and paste his address or card data!
lecturer: - Entries from different entrepreneurs
Very often it happens that in the process of 3 days of
driving, a sock dies or a grandfather who has been at work for a long time, I think they know this unpleasant situation well. If this happens to you, don’t even think about taking the first Dedik or Sox you come across and going into your account, be it a bank or an account in a shop!
lecturer: In such a situation, select the most similar IP to what you had, try to find the same zip if there is no zip in the city. If this is not done, from the shop side it will look like this. Go through registration
You are from Texas, you spend a day looking at the product, 3 hours later you come in from Las Vegas, isn’t it strange?
lecturer: We immediately remember about the fraud glasses, which we don’t really need, and the fraud’s smile immediately begins to subside.
If this happens, even from the same city, but from different addresses, it’s okay, let’s say you came to a friend’s house and sat with him. We registered, climbed with him, looked at the goods, then came home and went to the site again. The situation is simple. lecturer: I think this is clear.
lecturer: There are very, very many factors, every little thing can and will affect progress! Always imagine yourself in the holder's place! After all, you are an ordinary American who wants to place an order.
lecturer: - Time for driving
In no case, I do not recommend driving in on Friday, Saturday and Sunday! You do this only from Monday to Thursday! Because they send the goods on these days, if you enter on a weekend, your goods will be sent on Monday and the chance that by this time the transaction will be canceled is very high! lecturer: Let's move on to the driving itself!
lecturer: Everything is simple here, you don’t need to invent anything. Selected a product, read reviews (if any), looked at the quality of the material, and added to cart!
lecturer: If there are several products, we go further to look at various products, at least 15 minutes, did you find it?! Well done! Add the product to the cart!
lecturer: Under no circumstances follow the links to the product. Let's say you ordered 3 Guchi sweaters, you send the client a website where to look for these sweaters, the client sent you 3 links, open them strictly on another machine, you can use the main one, and search for this product in the store manually, otherwise they will come again evil fraud glasses!
lecturer: Let's move on to paying for the goods!
lecturer: In the Billing address we enter the bank holder's name, surname + address of the drop (when he changed at the bank) lecturer: In shipping, the name and surname of the drop, the address accordingly too, the differences in billing and shipping are only in full hiring
lecturer: Many people will immediately ask the question: “How will the shop react if the names are different, this immediately arouses suspicion?” Does it arouse suspicion?! I would not say. lecturer: Over the hill this is a very common occurrence when holders order goods for their brother, mother, father, sister and so on, as a rule they live together! Why and why? Many are very busy in order to pick up a parcel, for example with work, Study, and a mother who always sits at home can easily cope with this, or when they give a gift to someone lecturer: A common
occurrence, here the shop will not bother too much, because in fact, in there is nothing like that.
lecturer: Press confirm! If you did everything correctly, you will see a nice green sign. lecturer: What to do if a channel appears?
lecturer: First of all, calm down! Yes, it’s not a very pleasant sight, because you tried so hard, and then there’s an instant cancellation! But don’t be afraid, first of all, double-check that you entered all the data correctly, SS number, exp, bill! If not, correct it and try again!
lecturer: If yes, press confirm again anyway, because a regular holder would do just that. If it’s the same song again, call the store right away and anxiously find out what happened and why it happened, because your brother’s birthday is in 2 days and you really need these things!
Usually they help and enter the card either over the phone, or you do it again and everything goes through.
lecturer: Next, I recommend calling the shop or writing to the life chat! Say something like this: “I made an order, is everything okay and when will it be delivered?” And again, you need these things so urgently!)
lecturer: In normal practice, everything goes with a bang, they send the goods! But there are pitfalls here too, the cansl also really likes to fly to the post office, but if you see this sign, we’ll immediately call the store and find out what’s going on. In
such cases, if we do everything correctly, often the bank simply cancels the transaction, the reason for this in 90 percent of cases is the holder calling and canceling the payment.
lecturer: We immediately write to the dialer and try to pull out the transaction, if not, then alas! In every business, there are unpleasant things. Here we do not despair and move on. lecturer: Let's summarize. lecturer: Today we learned:
lecturer: - Correctly set up logical circuits when typing in lecturer: - Studied the main factors of working with enroll lecturer: - Understood how important it is to use the dialing service, that without it we won’t go far
lecturer: - Do the correct account warming up! We realized that this is an obligatory part of driving in!
lecturer: Well, I hope in the future that you will make and continue to make goods using enroll!
lecturer: Homework:
lecturer: Assignment #1 Write down in a notebook, journal, notebook, wherever it is more convenient for you, those things that you did not know before this lecture and constantly try to repeat it so that it sticks in your head, after making one slightest mistake , you can simply lose the goods, money for the material, and most importantly, time, because it is priceless. You can earn money, but you won’t get your time back, use it wisely
lecturer: Task #2 Everyone make at least 2 attempts at
this type of driving! Write out the entire work algorithm for yourself! Example of an algorithm:
1. shop - www dwdwd. com (EXAMPLE!)
2 Bank roll + bin (First 6 digits of the card)
3. Description of the full method of work:
What calls were there and how many + Call results Warming up methods
Shop behavior (Letters from him, etc.)
Try to write down all the factors that were in process!
4. RESULT!) (I hope it will be positive for you
)
lecturer: Unsuccessful algorithms or problematic ones (in the process), you can send me a PM, I will help and correct them. We will try to get out the problematic ones
Hotels
lecturer: welcome everyone, today we will talk about this area of work such as booking and rental
lecturer: and more specifically hotels, cars, excursions lecturer: tomorrow we will discuss air tickets, and also tomorrow we will work in the form of a question and answer
lecturer: just not today sense on questions since tomorrow there will still be information that will probably give all the answers
lecturer: there are several ways to make a hotel reservation at someone else's expense:
lecturer: payment using an authorization form - Payment via an agent - Payment through BOOKING - Payment with rewards
lecturer: let's talk now in detail on each of these topics lecturer: 1) Option for the authorization form
lecturer: And so what is it all about:
lecturer: Download http://rghost.ru/6BsVFb7Jn and watch carefully!!!
lecturer: The authorization form is a questionnaire in which all the payer’s data, period of stay and card details are indicated; with this form, KH confirms its consent to write off funds
lecturer: then the hotel employee enters the card data into the POS terminal and makes the payment
lecturer: Now everything is in order:
lecturer: Let's go to http://www.booking.com/
lecturer: choose a hotel, make a reservation for the one we will check in ,It is possible to deal with MtisA and RbeKz boEokTing..cComOa immediately lecturer: we call the hotel and, introducing ourselves as an agent, request an authorization form to pay for the reservation
lecturer: An approximate dialogue looks like this:
lecturer: - Hello, I’m from the travel agency “XXXXX”, we want to book a room for our client. Is it possible to pay through the authorization form?
lecturer: - Yes, of course
lecturer: - Very good, send the form to [email protected]
lecturer: Fill out the authorization form:
lecturer: Credit Card Holder's Name enter KH or a fictitious name
lecturer: Hotel Guest Name enter the person we will accommodate
lecturer: We indicate telephone numbers Skype with an answering machine lecturer: We make a rendering, there is an important nuance, it is better to do the drawing not in the form of scans, but in the form of photographs in hand lecturer: We send
all this to the email specified in the form, they often ask to send it by fax, here you need to call and ask for an email address
lecturer: We receive a slip check (a check confirming a completed transaction)
lecturer: Never accommodate anyone without this check!!!!
lecturer: It is necessary to observe the maximum limits for one transaction
lecturer: Do not make more than 2-3k$, since very often for large amounts there is a restriction on making payments
lecturer: What to do if the cost of the reservation is 4k for 10 days? lecturer: We split the reservations into two: the first for 2k 5 days and the second for 2k 5 days
lecturer: The scheme looks like this:
lecturer: We go to http://www.booking.com/ make reservations for the one who will stay (you can do it at least for month before check-in)
lecturer: 2-3 days before check-in we call the hotel, get an authorization form - pay
lecturer: Checked in
lecturer: 1-2 days before the start of the second reservation call the hotel from the same number, get an authorization form -
pay
lecturer : The best cards for making payments are: Malaysia, Singapore, South Africa, Germany, we value the maximum period for the charge
lecturer: We need to approach ringing and drawing as seriously as possible!!!
lecturer: The quality must be high, hotel workers should not have any doubts!!!
lecturer: 2) Option of driving into an agent
lecturer: There are a huge number of agents who are intermediaries between the hotel and the person who needs this hotel
lecturer: The main difference here is that the agent has his own merch for accepting payment for the hotel
lecturer: PSazbTerYem Xna MpriAmerRe EKxpEediTa.c. oCm OM
lecturer: We hit from the grandfather or the tunnel, the selection of tunnels and grandfathers is a very serious thing!!!
lecturer: agents have very strict antifraud, so we do everything as clearly as possible!!!
lecturer: we also select the mat carefully, the zip of the tunnel/grandfather must coincide with the zip of the SS if you hit with the same
lecturer: there is no mat for the zip, which means we don’t take this tunnel/grandfather, because even if the payment goes through, the reservation will not be given, and even if gives, then there will be a cancellation, it has been checked many times!!!
lecturer: there is still one nuance that increases the chances lecturer: You can enter the KH in the residing room, then he may simply not come, or even better, call the hotel on behalf of the agent through whom the reservation was made and ask to change the First and Last Name of the KH to the one we need lecturer:
we
need understand that Expedia.com is very popular, and it gives very reluctantly, but there are a lot of agents and you just need to look for a
lecturer: I will say right away that finding an agent is an expensive and time-consuming task, here you need to approach it systematically - try different mats, different schemes, etc.
lecturer: be sure to record all your actions during the tests, so that later you can understand exactly how to enter, etc.
lecturer: accordingly, for these experiments you need to have free funds lecturer
: the main disadvantage of such input is a terrible anti-fraud, it often requires dialing and drawing, and so on
lecturer: but all this pays off RPLKYUSEOMT: re.dsko
Cancel reservations during your stay. This is due to the fact that the cost of fraud merch is borne by itself)
lecturer: What you should pay attention to: lecturer
: Very often merch companies check the phone number from the SS data, and they often call - at the slightest suspicion, here we can initially check for ourselves whether it is active KX has a number, and if it is turned on and KX picks up the phone, then you need to flood him to death so that he turns off the phone, or buy an SS where the number is not active
lecturer: And accordingly, when they can’t get through from the merch, they will write to the soap, and you will have to call them yourself
lecturer: Also pay attention to the hotel itself that you choose, if it is new or not popular they can be
blocked on suspicion of a gulf lecturer: 3) By typing at booking.com
lecturer: Booking.com is one of the largest companies in the online travel market lecturer
: Everything is very simple for them - hotels display their properties, users select the appropriate ones and pay the hotels, which pay Booking a commission once a month
lecturer: THAT is Booking does not charge at all and does not have its own merch!!!
lecturer: When you enter your data on the website, CC booking sends your data to the hotel via a secure channel lecturer: And the hotel debits money from you at some point in time at its discretion lecturer: It can write off immediately, maybe in a month, or maybe not at all
and ask you to pay on the spot lecturer: The debiting of payment is an absolutely unpredictable thing, and it is determined solely by the hotel owner, but not by Booking.com
lecturer: And here you need to be prepared for many questions like: show the card, pay in cash, and so on
lecturer: We must understand that when you or your clients move in, all these questions may arise, and they will not speak to you in Russian, and a situation may also arise when there is no stuff who can generally help with payment issues, lecturer: hammered in, then it is very advisable to control the debiting of funds
, by calling the bank on a robot or if they beat you from a roller, then you need to look at
the transactions online
lecturer: If you beat the euro, then depending on the circumstances, most often you won’t find out anything there...
lecturer: But in a situation where the hotel could not write off the funds from the card, they can write to soap and then you can put another SS
lecturer: BUT OFTEN THEY DON'T DO THIS!!!
lecturer: Then we wait for a while and call the hotel and tell
the lecturer: “Hello, I’m Vasya Pupkin, I just paid for the room through booking. Please check if everything has been paid for and if you need any additional expenses from me.” Well, it’s advisable to just talk a little: ask about the weather, about prices in the bar, ask how many taxis. There is a lecturer standing in the city
: You must look like a real tourist!!!
lecturer: If everything is in order, then you can move in
lecturer: Booking and services like it, for example, have a very serious disadvantage in that a charge often arrives during your stay. In such a situation, you have to pay in cash yourself. And if the KH gets boiling, then you can talk with the local police)))
lecturer: Accordingly, you should NEVER swear at the country where the tourist is traveling!!!
lecturer: An important aspect: HOW TO GENERALLY DISTINGUISH AN AGENT FROM A PSEUDO AGENT
lecturer: that is, when searching for merch, we must understand the principles of its operation and, based on this, decide for
ourselves whether it is suitable for you or not
lecturer: Initially, we read Google, reviews about the service, so called how it work, respectively, we hit foreign services and also read not on RU sites))))
lecturer: Next, we enter a test from the roller and look in transactions who writes off the money, if the hotel itself writes off, then it’s not an agent but a service like booking, if he writes off the merch of the site where they hit it, which means it’s an agent
lecturer: Please pay attention to the fact that even if you enter into an agent, there are no guarantees that the reservation will not be lost during your stay!!!
lecturer: 4) Brutal rewards accounts
lecturer: You can get the coveted reservation using various loyalty programs
lecturer: There are two types:
lecturer: Loyalty programs of SS issuer banks, I think everyone knows about this
lecturer: KH when he pays with a card for every spent dollar receives: miles / points / rewards on a virtual account
lecturer: And they can be spent on hotels/air/cars or something else
lecturer: And the second type is loyalty programs of hotel chains / large travel agencies / large stores, etc. lecturer: Working with them is of course not so easy, and experiments require quite a lot of money, you need to be prepared for this
lecturer: Initially, information is collected about existing loyalty programs, then you need to
write software for the brute force, find accounts and try to make a reservation
lecturer: There are a lot of nuances there and each such program has its own features... you can understand them only by trying the lecturer: The main problem: will it allow you to make a reservation not for the holder aka but for the left Vasya?
lecturer: It’s not hard to guess that most often it won’t work))) lecturer: Here you can do this: lecturer
: Try to change the guests’ data in the merch itself by calling, but here you need to be prepared for the fact that they will try to dial the holder and the question of the number’s activity arises
lecturer: You can call the hotel and say “Hello, Vasya and his wife will come instead of me.”
lecturer: Another option using a scan (drawing): upon check-in, the reservation is shown, and if the question arises: “Where is the person for whom the room is reserved”
lecturer: we answer : “He’s not there yet, he’ll be later”
lecturer: and we show a photocopy of his passport, which we had previously drawn and printed
lecturer: Just like we brute ourselves, you can also buy from lairs, and sometimes sellers sell something, but most often it’s not worth anything will sell))))
lecturer: There are also options to combine, for example, take an account and link a new card to it, and pay for it
lecturer: CAR rental
lecturer: there are two options for booking cars lecturer: payment in full through an agent (our option)
lecturer: payment parts from the card are usually 30-50%, and the rest through the cash register directly (this does not suit us) lecturer: having entered the standard one, it makes no sense to describe everything lecturer: and so the entering was successful, and you go to get the car, then you will have to make a deposit for the car from your card which has your name on it!!!
lecturer: http://prntscr.com/gwsw9a
lecturer: the card is used to block a certain amount as insurance and after returning the car, the amount is unfrozen after 3-5 days
lecturer: what you need to pay attention to:
lecturer: be sure to read the rules for using the service
lecturer: Make sure you pay 100% of the rent and no additional payments will be required!!!
lecturer: Be sure to look at the minimum age of the driver, often they don’t pay attention to this and simply don’t issue a car!
lecturer: we always have money with us to pay for the meeting! lecturer: The card you leave should not be important to you, that is, if you use such a service, you need to make a card to lock it after the rental, since the money can be withdrawn even after a few months!!!
lecturer: Excursions
lecturer: one of them is viator.com, the entries here are standard, there is no point in describing them, I will dwell on some of the nuances
lecturer: antifraud is most often also a very serious lecturer: just like with booking, you come across services that
do not charge themselves, they are rare, but such are found, so what you need to pay attention to when testing
lecturer: when filling out the data, we indicate the data for the transfer, that is, the hotel from where to pick up and telephone number lecturer: You can indicate the hotel next door and just go there, but you don’t need to be late so that the driver does not call the hotel to your room lecturer: If you
leave telephone number, also look at who it is registered to
lecturer: Also, you should not swear at the country where the excursion is taking place)
lecturer: Next I want to tell you the mandatory rules when using karzh hotels:
lecturer: Before checking in, always call the hotel and confirm that the reservation is ok!!
lecturer: ALWAYS have money in cash, so that during the meeting you can pay for everything!!!
lecturer: Don't spend more money than you have!!!!
lecturer: When paying with a form, always wait until you receive a
“slip check”, because even when you call they can tell you that everything is in order, but after checking in it turns out that it is not, and you will have to pay your own lecturer: NEVER give your
card, I can ask for it for deposit or anything else, if asked, leave cash!!!
lecturer: THE PERIOD OF STAY should not be more than 14 days, you must understand for yourself - the shorter the better!!! lecturer: NEVER tell ANYONE where the reservation is from, etc., no one should know about karzh!!!
lecturer: I don’t recommend staying in RU hotels because of Karzh!!! In Russia, when you check in, you will be asked for a passport, all the data is there, it won’t be difficult to find you!!!
Air
lecturer: Good evening, today we’ll talk about perhaps one of the most profitable topics in Karzh - air tickets lecturer: First I’ll tell you about the different options for obtaining tickets, lecturer: then we’ll talk about the safety of
this whole event,
lecturer: and only then I I’ll answer your questions lecturer: So, what are the options:
lecturer: AGENTYY-XFORMMAA-RREKVERDTY.-SVBOIVMV AK
lecturer: an agent is an intermediary, for example, bravofly.com, between a huge number of airlines and the passenger, payment in this case goes to the agent
lecturer: this option is safe for the one who flies, since during the meeting all questions go to the intermediary who issued the ticket
lecturer: most often agents are sites with merch with payment from VBV
lecturer: that is, we have three options here:
lecturer: SS + VBV = the armor holds up best, but the mat is very expensive and very difficult to find
lecturer: In the euro merch mat yusa+vbv used to climb normally
- now it doesn’t climb very well either)))
lecturer: SS nouvbv bins here a rally is possible at any
time, it very much depends on the country SS on the merch itself and on a lot of other things
lecturer: SS amex – SS Amex themselves do not have VBB as such, now they have done something like that, and some time ago there were merch that Amex sold, and if you hit Australia or New Zealand with Amex, they gave you a lecturer: now this method is less effective, since everyone has lost sight of it and they started fraud
lecturer: there are also merch products without VBB, but there are very few of them and they are very tough)))
lecturer: I have been dealing with tickets for quite a long time, and I will give some advice:
lecturer: if you decide to try yourself in this field - make sure that you know how to drive in, without experience with stuff, gifts, etc., you don’t need to start at all, since here you will need experience in understanding how antifraud works, and in setting up the machine for driving in and in drawings and ringing lecturer:
no start searching for airline merch without good capital - which you can easily drain lecturer: learn to work systematically
lecturer: that is, when you have found some merch that in your opinion should give, you must develop a system for testing it
lecturer: you need to try different math
lecturer: It is necessary test different directions, if the Russian Federation did not give it, this does not mean that it will not give something else
lecturer: Different booking deadlines, etc., many do not give it if there is little time before departure
lecturer: Different amounts of tickets purchased, cheap ones are given and expensive ones are not
lecturer: Before you fly yourself or send clients, you must be 100% convinced that your method is reliable!!!
lecturer: Today, the topic of aviation is very much beaten, and even a checkmate with a vbv does not give any guarantees of success
lecturer: Depending on the airline and the direction, passengers may be asked to draw the CC at the counter, for example, you should know all the nuances in advance
lecturer: Very often payment It goes well, tickets are given, but a meeting occurs, most often this is an additional verification of payment or something else. Here you need to call and understand the reasons for working
lecturer: When working with the VBV mat, it’s worth considering driving in in more detail:
lecturer: We set up the virtual machine, everything should be perfect, after driving in we clean it, if we use Antique, we clean it too
lecturer: We buy a sock or a tunnel, it is important that it is fast and clean, we select it as close as possible to the KX IP
lecturer: We receive data on the CH IP and the KX user agent from the seller SS+VBV
lecturer: We go to the agent’s website, if we beat VBV then we need 100% know that it is there), choose a ticket, pay for
the lecturer: Using the example of CC+VBV Nemtsev, I will describe what
the lecturer is like: CC DE FULL INFO CLASSIC (these are classic bins), the price for such CC is up to 50 euros (limit guarantee in average 500 euros)
lecturer: CC DE FULL INFO HIGH (these are bins from premium to corporate), the price of such CCs is up to 75 euros. CC HIGH come with a limit guarantee of up to 750 euros
lecturer: CC DE FULL INFO BUISNESS (business and corporate card bins, etc.), the price for such CC is up to 90 euros. Limit guarantee up to 1300-1500 euros
lecturer: it is clear that the Vestma numbers are average, and the limit guarantee and price can differ significantly
lecturer: also today there are sellers who do not give a guarantee limit at all
lecturer: they take advantage of the fact that such swearing is rare and the lecturer is in great demand: we never buy full cards - SPARKASSEN (name of the bank), firstly they are petty, secondly there is a powerful anti-fraud system, thirdly, there are no replacements for them lecturer:
Naturally, if the card is not valid, a replacement is also made
lecturer: Replacement of the SS all sellers do it strictly when providing a video by driving
in the lecturer: The video should start from the moment the CC is opened from the seller in private, then show that your sock/tunnel is read (check2ip.com) and end with either a successful drive in or problems resetting the VBB, etc.)
lecturer: I’ll give you a link to the program for recording
lecturer: http://rutracker.org/forum/viewtopic.php?t=5022971
lecturer: The format of the issued SS is normal, but plus this is included in the full DE
lecturer: Gaberstatum (in short, DOB) lecturer: Kontonummer (account number from 7-10 digits)
lecturer: Servicenummer (not for all CC) bank number where to call, but it is rarely required
lecturer: Bankleitzahl (bank number for other banks, usually does not ask for it, since it is the only one in bank) lecturer: SC respectively Security code, for us it is
known as VBV, but a very big BUT, it is not needed in 70% of cases, since in German banks the SC is reset automatically every 30 days
lecturer: it turns out that we activate the IC every time using Kontonummer (account number), Haberstatum (ext), Gultigkeit (escapation date) and Prufsiffer (svv2 code - three-digit code) lecturer: We
enter the passenger data, enter the card data, change the VBV and if everything works out , then we rejoice. If the card is invalid, there are not enough funds up to the agreed limit, the VBV does not allow changing, we put Bandikam on stop, upload it to sendspace, send it to the seller and wait for a replacement
lecturer: and here is another very important nuance
lecturer: Yesterday in a lecture on hotels I spoke in detail about services like booking.com
lecturer: Let me remind you of these services that do not have their own merch and simply transfer your data to AK and the airline processes it
lecturer: At the same time, you may not see this yourself
lecturer: That is, when you make a reservation through an aggregator like skyscanner, then you you see that when paying, you went to another site
lecturer: And when you book on vayama, you don’t go anywhere, but the money is withdrawn by the airline whose flight you are booking!!!
lecturer: In fact, this is a direct drive in with all the ensuing consequences
lecturer: How to figure it out:
lecturer: there are two methods here - drive tests from the roller and see who wrote off the money
lecturer: You can also call AK and, under the guise of making some changes, find out everything, but This method is not 100% often the case, so the airline company says “contact the agent
who signed up for XbilMet.” Although
the airline company made the list!!!
lecturer: If you made a ticket through such merch, then it is advisable to make the client a fake document for the ticket and be sure to warn about possible problems lecturer: When entering in this way, NEVER swear at the country where you are flying!!!
lecturer: There have been cases when they are removed during a transfer and they begin to torment me very much!!!
lecturer: The next way is to enter the payment form into the agent lecturer: It’s the same as with hotels
lecturer: We just call the agent, come up with a story why we can’t pay via the Internet, request the form, make a drawing, call and make a ticket
lecturer: I’ll say right away, very few agents now accept payment by form, and of course making tickets for small amounts is not interesting here since the cost is high
lecturer: The next topic is rewards
lecturer: It’s the same as for hotels, I told a lot yesterday
lecturer: Let me note an important thing - most often loyalty programs allow you to do hotels/airlines/cars, that is, everything for a tourist
lecturer: There is very little left - to find)))
lecturer: Miles from airline companies are also a very working topic, although large airline companies everything has already been reduced, and here I want to point out an important nuance
lecturer: When we pay for a ticket with miles, we often need to pay additional taxes and fees in money, here we enter the CC, but we also need to find the CC so that the charge is as long as possible
lecturer: The amount of taxes and additional payments is usually not more than 20-100 bucks per passenger
lecturer: Sometimes you can pay taxes with a virtual card like QIWI or YAD, but almost everywhere it doesn’t work anymore lecturer: The most beaten AKs are British, Delta, Lufthansa... they behave very strangely, they can and get off the flight during a transfer, it happens that they cancel the flight and don’t let you on the plane)))
lecturer: I’m writing all this to the fact that before sending someone off, it’s important to test everything
lecturer: Phone activity is very important, I talked about this at last lecture on hotels, if someone was not there yesterday, re-read the logs
lecturer: There are also miles not of any specific AK but of associations, such as SkyTeam, and in some it is possible to enter by code-sharing, that is, you have airline miles A and you use them for a flight of company B
lecturer: Here is the advice, do not use miles of Russian airlines, and do not use miles of Western AKs for flights of Russian AKs
lecturer: We can get accounts in the following ways: lecturer: We bring it ourselves – We buy from logs – We buy in AK shops
lecturer: THE FOLLOWING WAY I DO NOT RECOMMEND TO USE
lecturer: Directly driving into ak, there are no problems, there is no vbv there, and the fraud is not so fierce, all this because ak can always take money from you through the court) lecturer: By driving directly, the case is criminal and very dangerous, there are a lot of cases when AKs seize all the money, so I don’t recommend doing this)))
lecturer: Air safety
lecturer: So, if you want to use such a service, choose sellers with good reviews, use a guarantor for transactions
lecturer: ALWAYS have money to pay for the ticket in cash!!!!
lecturer: Never tell anyone about the origin of your tickets
lecturer: NEVER carry electronic traces with you on your laptop, phone, etc., always encrypt everything!!! lecturer: No need to jump above your ass!!!
lecturer: That is, if you don’t have a cache just in case, then you don’t need to buy tickets for business class
lecturer: If you open a service:
lecturer: Make sure 100% that your scheme works lecturer: Don’t work without payment
lecturer: Don’t take orders that you cannot fulfill lecturer: Always be careful about orders where there are a lot of people with children
lecturer: Never hit AK and RU merch directly
lecturer: Always negotiate everything on the shore
Contents:
- Encryption part 1
- Encryption part 2
- Introduction to security based on *unix-like systems
- Security and anonymity on the Internet. Setting up a virtual machine
- Cards
- Mediators
- Warming up the shops
- Antidetects
- Search for shops, merch
- Europe and Asia
- Typing from A to Z
- Self-register Paypal
- Methods of working with Paypal self-regs
- Brutus Paypal
- Working with Brutus accounts
- Brutus Ebay + Paypal
- Pickup, Interception
- Working on Android
- Poker
- Enroll
- Gift and E-Gift
- By driving in Liquid stuff using Enroll
- Hotels
- Air
Encryption part 1
lecturer: Hello everyone, today's lecture will be devoted to encryption, so we will look at all the main aspects, and also talk about encryption in general. lecturer: I would like to discuss and analyze the fundamental principles of encryption, we will study symmetric and asymmetric encryption, and also lightly touch upon concepts such as hashes, SSL, TLS, certificates, data interception using the SSLStrip utility and weaknesses associated with encryption. This is the fundamental knowledge needed to select appropriate security controls to reduce risks.
lecturer: Many of you, if you dig deeper, do not have the slightest idea about your security and privacy. They can only blindly object based on other people's opinions.
lecturer: But when it comes to security and your privacy. Only you can act as a guarantor of your safety, and no one else.
lecturer: But surely some smart guys will already ask the question: “How can I act as a guarantor of my safety if I don’t know anything about it?” lecturer: One of the principles that you must master is the principle of planning. All your actions must be clearly planned.
lecturer: But in order to plan something, you need to understand this area, and answer your questions: what is it and what is it for?!
lecturer: In general, encryption consists of two components - encryption and decryption. lecturer: With the help of encryption, 3 states of information security are ensured:
lecturer: 2. Integrity - encryption is used to prevent changes in information during transmission or storage.
lecturer: 1. Confidentiality - encryption is used to hide information from unauthorized users during transmission or storage.
lecturer: 2. Integrity - encryption is used to prevent information from being changed during transmission or storage.
lecturer: 3. Identifiability - encryption is used to authenticate the source of information and prevent the sender of information from denying the fact that the data was sent by him.
lecturer: In order to read encrypted information, the receiving side needs a key and a decoder (a device that implements the decryption algorithm).
lecturer: BTW: The idea of encryption is that an attacker, having intercepted encrypted data and not having a key to it, can neither read nor change the transmitted information.
lecturer: Let's imagine a locked door, in order to find out what is on the other side of the door we need to open it with the key to this lock.
lecturer: The same is true in the case of data encryption. Only instead of a lock we have a data encryption algorithm, and instead of a key, a secret key (password) for decrypting the data.
lecturer: Purposes of encryption
lecturer: The main purpose of encryption is used to store important information in encrypted form. lecturer: In general, encryption is used to store important information in unreliable sources and transmit it over unsecured communication channels. Such data transfer consists of two mutually inverse processes:
lecturer: 1. Before sending data over a communication line or
before storing it, it is encrypted.
lecturer: 2. To restore the original data from the encrypted ones, a decryption procedure is applied to it.
lecturer: Encryption was initially used only for the transfer of confidential information. However, subsequently they began to encrypt information in order to store it in unreliable sources. Encryption of information for the purpose of storing it is still used today, this avoids the need for physical secure storage (usb, ssd drives).
lecturer: BTW: We will look at examples of encryption methods and will clearly see the whole point, so don’t worry about it. (tomorrow)
lecturer: What encryption methods are available:
lecturer: 1. Symmetric encryption - uses the same key for both encryption and decryption.
lecturer: 2. Asymmetric encryption - uses 2 different keys: one for encryption (which is also called public), the other for decryption (called private) or vice versa.
lecturer: These methods solve certain problems and have both advantages and disadvantages.
The specific choice of the method used depends on the purposes for which the information is encrypted. lecturer: In order to make the right choice in the encryption approach, which encryption method to use where, and answer other related questions, you will need to understand what encryption is, as I said earlier.
lecturer: Based on the infographics above (link), we can clearly understand the principle of how encryption works
lecturer: — The sender sends an encrypted message: “Hello, Marfa”
lecturer: — Attackers intercept this message, but since they do not have a decryption key, they only see a set of characters: “%#&$!”
lecturer: — The recipient, having the decryption key,
can easily read the message sent by the sender in encrypted form, and he already sees the sender’s text in its original form: “Hello, Marfa” lecturer: It is not an exaggeration to say that encryption is the best tool , which is the only thing we have in our arsenal to protect against hackers and surveillance.
lecturer: According to definitions by the way
lecturer: Encryption is a method of converting data that is readable by a person, this is called plaintext, into a form that a person cannot read, and this is called ciphertext. This allows data to be stored or transmitted in unreadable form, thereby keeping it
confidential and private.
lecturer: Decryption is a method of converting ciphertext back into human-readable text. If you do a simple Google search, you will see that it says HTTPS and has a green padlock icon, which means that all content on web pages is not readable by people who monitor data transfers over the network.
lecturer: Simply put, or symmetric encryption (the encryption method means 1 out of 2 things to say) lecturer: there are two main components of encryption: lecturer: 1. The encryption algorithm is publicly known and many, many people have carefully studied it in an attempt to determine whether the algorithm is strong.
lecturer: 2. Secret key - you can imagine that the secret key is a password and it must be kept secret.
lecturer: The algorithm can be thought of as a lock, and the secret key is the key to this lock (see the infographic link above).
lecturer: In symmetric cryptosystems, the same key is used for encryption and decryption. lecturer: Based on the infographics above, let's look at an example, I want to send Marfa some file, but I don’t want any third parties to be able to view it. For clarity and ease of use, I decided to encrypt the data.
lecturer: Sectors/disks are encrypted using the same similar structure in VeraCrypt, TrueCrypt, let’s take the same as an example.
lecturer: Let's look at the screenshot above:
lecturer: 1. An encryption algorithm is a mathematical process of converting information into a string of data that looks like a random set of symbols and letters. lecturer: 2. A hash function is a transformation of input data, in our case carder-club, into an output bit string. The purpose of the function is to ensure integrity and allow unintentional modifications to be detected. lecturer: 3. AES-256 – indicates which algorithm is used (AES) and what block size (256), as we see in 7-Zip there is no possibility of detailed configuration than in VeraCrypt.
lecturer: 4. Using the entered password, your key will be generated for the selected encryption algorithm (in our case AES-256), for decryption you will need to indicate the decryption algorithm if available and enter the password in our case again carder-club lecturer: At the exit we we get an encrypted archive, which in order to unpack and obtain the information that is inside, you must enter the decryption key, in simple terms a password.
lecturer: You may have noticed that a symmetric block encryption algorithm was used for encryption - Advanced Encryption Standard (AES). lecturer: This algorithm uses only 1 key, the key is created using our password (see point 4 for clarity of the conversion)
lecturer: You can also choose what block size will be used 128 / 256 / 512 / 1024 bits, in our In this case, there were only 256 bit and 512 bit options.
lecturer: BY THE WAY: Imagine a door and many locks on it. It will take you a long time to open or close this door. Also with algorithms, the higher the bitrate, the stronger the algorithm, but the slower it encrypts and decrypts, you can consider this the strength of the algorithm.
lecturer: 256 / 512 bits is also the volume of the key space, that is, a figure indicating the total number of possible different keys that you can obtain using this encryption algorithm.
lecturer: BTW: To crack a symmetric cipher, you need to try 2^N combinations, where N is the key length. lecturer: To break symmetric encryption with a key length of 256 bits, you can create the following number of combinations, that is, possible keys: 2^256 = 1.1579209e+77 or if you expand 1.1579209e * 10^77 when calculating, you get the following number of possible variations (this is 78- digit number).
lecturer: 2^256 = 1157920892373161954235709850086879078
53269984665640
564039457584007913129639936
lecturer: If you can check this number yourself here http://kalkulyatoronlajn.ru/
lecturer: Thus, for everyone who doubts the safety of the chances of a collision of 2^256, there is a number: there is a probability that the collision will have 1 out of more than 1.1579209e*10^7= 78-bit number (the number that above)
lecturer: All this means that the key is extremely difficult to guess, even with the help of very powerful computers, but provided that you used a long and random password when generating the key. (we’ll talk about passwords in detail tomorrow)
lecturer: BTW: We’ll talk about the password separately, which one
to use, etc. Along with programs and why. In order not to clutter your brain with unnecessary information at this stage, so fill your head, now we’ll talk about everything...
lecturer: People and governments are constantly trying to crack encryption algorithms. In this article, I will give you a list of algorithms that are good and which are not, which ones are hackable, and which ones are currently unhackable.
lecturer: Symmetric encryption algorithms
lecturer: 1. Data Encryption Standard (DES) - an algorithm for symmetric encryption developed by IBM and approved by the US government in 1977 as the official US government (AFIPRS 4K6-3E). Block for DES
lecturer: 2. Triple-DES (3DES) is a symmetric block cipher created in 1978 based on the DES algorithm in order to eliminate the main drawback of the latter short key length (56 bits), which can be cracked by brute force. key
lecturer: 3. Blowfish - a cryptographic algorithm that implements block symmetric encryption with a variable key length
lecturer: 4. RC4 - stream cipher, widely used in various information security systems in computer networks (for example, in the SSL and TLS protocols, wireless network security algorithms WEP and WPA).
lecturer: 5. RC5 is a block cipher developed by Ron
Rivest from RSA Security Inc. with a variable number of rounds, block length and key length. This expands the scope of use and simplifies the transition to a stronger version of the algorithm.
lecturer: 6. RC6 is a symmetric block cryptographic algorithm, derived from the RC5 algorithm.
lecturer: 7. Advanced Encryption Standard (AES) – a symmetric block encryption algorithm (block size 128 bits, key 128/192/256 bits), adopted as an encryption standard by the US government based on the results of the AES competition. This algorithm has been well analyzed and is now widely used, as
was its predecessor KDEES.
T.COM
lecturer: Symmetric algorithms are used in most encryption systems that you use every day: HTTPS, Full disk encryption (TrueCrypt, VeraCrypt and others), File encryption (7-Zip, WinZip and others), Tor, VPN. Symmetric encryption is used almost everywhere
lecturer: BTW: Advanced Encryption Standard (AES) is a generally accepted standard for symmetric encryption. For maximum security, use AES-256 where possible. AES is fast and today it is impossible to hack it (Provided that your password is strong, this will be discussed below).
lecturer: 2nd type or method for whomever is more convenient lecturer:
Asymmetric encryption
lecturer: Very smart people invented this encryption using
public and private keys and algorithms based on the complexity of certain mathematical problems. I won't go into mathematical detail because understanding it is not necessary for your protection.
lecturer: To choose the right means of protection, you only need to have a basic understanding of algorithms and the strength of algorithms, as well as the cryptographic systems that you are going to use.
lecturer: As we know, in the symmetric encryption method one secret key is used, while in asymmetric encryption methods (or public key cryptography) one key (public) is used to encrypt information, and another (secret) is used to decrypt it
. These keys are different and cannot be derived from one another. lecturer: Let's immediately consolidate this material lecturer: The symmetric encryption method is 1-key, uses the same key for both encryption and decryption.
lecturer: Asymmetric encryption method - 2 keys open (public from the English Public) and closed (private from the English Private)
lecturer: So, we have a file for Marfa, which if you remember in the symmetric encryption section (see
Screenshot above) was encrypted using 7-Zip using the AES-256 encryption algorithm and a strong password, but how do we get the password to Marfa so she can decrypt the file?
lecturer: BY THE WAY: The best way to convey something and be sure of the delivery of information to the specified addressee is in person.
lecturer: But this is not a very good idea, since we may simply not know where the addressee is, or he may be so far away that delivering something “personally” becomes problematic, or maybe we simply need anonymity.
lecturer: Asymmetric algorithms (using public and private keys):
lecturer: 1. RSA (Rivest-Shamir-Adleman) - a cryptographic algorithm with a public key. This algorithm is very popular, one of the most common asymmetric algorithms you will see, and I will show you where to generally look for them and how to use them.
lecturer: Definition: The cryptographic strength of this algorithm is based on the complexity of factorization or decomposition of large numbers into a product of prime factors. lecturer: 2. ECC (Elliptic curve cryptosystem) is a common and increasingly popular algorithm. This is an elliptic curve cryptographic system, or ECC. The robustness of this algorithm relies on the problem of computing discrete logarithms on elliptic curves.
lecturer: 3. DH (Diffie-Hellman) – Its strength is based on the discrete logarithm problem in a finite field. Diffie-Hellman is becoming increasingly popular because it has a property called forward secrecy, which we will discuss later.
lecturer: 4. ElGamal is the El-Gamal scheme, and the cryptographic strength of this algorithm is also based on the complexity of the discrete logarithm problem in a finite field.
lecturer: DEFINITION: Cryptographic strength (the ability of a cryptographic algorithm to withstand cryptanalysis) - this algorithm is based on the complexity of factorization or decomposition of large numbers of the product of prime factors lecturer
: CSkoStilYs oXpreMdelAenRiemKsoEryaTn.COM lecturer: These asymmetric algorithms help solve the problem of key exchange or
agreement, and also allow you to create such called electronic digital signatures. So we could potentially use the public and private keys to send Marfa our private key in a secure manner, without the contents being intercepted. lecturer: BTW: Let me note again that in algorithms using public and private keys, two keys are used, and not one, as in symmetric encryption. lecturer: The difference is that in asymmetric encryption there is a public key, which is created to be known to any person, that is, it is a public key, and there is a private key, which must always kept secret and private. These keys are mathematically related and they are both generated at the same time. They must be generated simultaneously because they are mathematically related to each other. lecturer: Any website using HTTPS has a public and private key, which are used to exchange a symmetric session key to send you encrypted data. It's a bit like the Zip file we saw. They use these public/private keys and then they need to send another key, like the key we use for a Zip file, in order to perform encryption (end-to-end will be discussed later) lecturer: REMEMBER AS
OUR FATHER AND UNDERSTAND
lecturer: If You encrypt using a private key, you need a public key to decrypt
lecturer: If you encrypt using a public key, you need a private key to decrypt
lecturer: In asymmetric encryption, if a message is encrypted with the 1st key, then a 2nd key is needed to deciphering this message. If you encrypt with a private key, then you need a public key to decrypt.
lecturer: If you encrypt using a public key, then to decrypt you need a private key.
It is impossible to encrypt and decrypt with the same key, and this is extremely important. To encrypt or decrypt, you always need related keys.
lecturer: But why encrypt using a public or private key? Who cares? What's the point in using them? Why not use just one of them?
lecturer: Especially for you, I drew an infographic to simply and easily explain the usefulness of these keys and how they can be used.
lecturer: BTW: This infographic discusses
2 directions of encryption, first we will look at the green arrows, and then the red ones.
lecturer: Method 1 (green arrows)
lecturer: The method with green arrows shows that the sender encrypts using the open (public) key of the recipient, Marfa, this means that you need anonymity and confidentiality so that no one can read the message except recipient.
lecturer: IMPORTANT: Let's say you encrypt a file using the recipient's public key. The message can only be decrypted by a person who has the appropriate private key, that is, Martha's private key.
lecturer: Since we know that these keys are interconnected, we encrypt with one and decrypt with the other and nothing else.
lecturer: The recipient (Martha) cannot identify the sender of this message. Since the open
(public) key is open, it is usually posted in the public domain, and anyone can use Marfa’s open (public) key for encryption. lecturer: When the sender encrypts using the recipient's public key, the message is confidential and it can only be read by the recipient who has the private key to decrypt the message, but as I said earlier, there is no possibility of identifying the sender, unless, of course, you send it yourself any data for subsequent identification of you lecturer: 2nd method (red arrows)
lecturer: All of the above results in the 2nd method
of using open (public) and private (private) keys.
lecturer: If you encrypt with your own private key, then this means that you are interested in authentication. In this case, it is important for you that the recipient knows that it was you who sent the encrypted message. To do this, you encrypt using your private key. This gives the recipient confidence that the only person who could encrypt this data is the person who owns this private key, your private key.
lecturer: EXAMPLE: You are the creator of some software, but the government is indignant and in every possible way interferes with your activities. Let's simulate the following situation:
lecturer: Let's say I want to download this software, the hash amount of this file is indicated here, however, if the website is compromised, this means that attackers could replace this download file and add a Trojan to it or what -to spy on me, and they could also replace the checksum. lecturer: so, this hash doesn’t mean anything. It will not help detect intentional file modification. We need something else to verify that this site is, in fact, the official site of the software.
lecturer: And here we come to certificates, digital signatures and other means. All these documents are obtained as a result of cryptographic transformation of information using a private signature key and make it possible to verify the absence of distortion of information in an electronic document from the moment the signature is formed (integrity), the ownership of the signature by the owner of the signature key certificate (authorship), and in case of successful verification, confirm the fact of signing electronic document (non-repudiation)
lecturer: We'll talk about this later.. lecturer: I think tomorrow
lecturer: Encrypting data using the sender's private key is called the open message format, because anyone who has a copy of the corresponding open (public) key can decrypt the message.
lecturer: You can think of it as if you officially posted something on the Internet for public access, and
since you encrypted it with your private key, anyone can verify that it was you who left this message. Confidentiality or anonymity is not ensured in this case, but the authentication of the sender, that is, you, is ensured.
lecturer: Next. When different encryption technologies are used in combination, such as the ones we talked about earlier, since they can all be used in combination and cannot be used individually, then they are called a cryptographic system, and cryptosystems can provide you with a range of security features.
lecturer: A cryptographic system can provide you with a number of security features. Among these means: lecturer: 1. Confidentiality – the need to prevent leakage (disclosure) of any information.
lecturer: 2. Authentication is a procedure for verifying authenticity, that is, we know that Marfa is really Marfa and no one else.
lecturer: 3. Rejection prevention - which means that if you sent an encrypted message, then later you will not be able to begin to deny this fact
lecturer: 4. Reliability - the authenticity of the fact that the message has not been modified in any way lecturer: Examples of cryptosystems are any things that use encryption technologies are: PGP, BitLocker, TrueCrypt, VeraCrypt, TLS, even BitTorrent, and even 7-Zip which we used to encrypt the file in a
symmetric encryption method.
lecturer: FOR EXAMPLE: In order for us to send our file to Marfa, we can use Marfa’s public key to encrypt files, or to send anything in encrypted form.
lecturer: But first, of course, we need Marfa’s public key, we just need to get it 1 time in some secure way, this is important, and after that we can always send encrypted messages that can only be read by Marfa.
lecturer: PGP - This is a system that we can use for these purposes; it uses technology to encrypt messages, files and other information presented in electronic form
lecturer: DEFINITION: PGP (Pretty Good Privacy) is a computer program, also a library of functions, that allows you to perform encryption and digital signature operations of messages, files and other information presented in electronic form, including transparent encryption of data on storage devices, for example, on hard drive.
lecturer: For these purposes we can use Jabber + PGP or OTR, pay special attention to points 7 and 8.
lecturer: Write it down for homework lecturer: by the way, about the IP who uses it
lecturer: there will be in the article
lecturer: or in general others server they use SDN lecturer: that is, it turns out that the IP address of the resource is hidden behind the SDN, that is, you send a request
lecturer: it goes through the following chain lecturer: YOU - SDN - server IP
lecturer: that is, the SDN is an intermediary and the site is connected when you work with the domain will issue IP SDN lecturer: and there will be no connection with the toad
lecturer: But let's get back to encryption. When it comes to public-private key cryptography or asymmetric encryption, there are both strengths and weaknesses.
lecturer: Asymmetric encryption - public and private keys:
lecturer: 1. BETTER KEYS Marfa
can put her public key directly into her signature and anyone will be able to send her encrypted messages or data that only she can read.
lecturer: 2. Scalability - if you use symmetric keys and want to send your file to Marfa and, say, 10 other people, you will have to transfer your password 10 times. It's not scalable at all.
Asymmetric algorithms have better scalability than symmetric systems. lecturer: 3. Authentication, refusal prevention - this means that if you sent an encrypted message, then later you will not be able to start denying this fact. Since
it was encrypted with your personal private key, your private key
lecturer: 4. Slow - if you look at the length of the message in bits (see screenshot below) after asymmetric algorithms work, you will notice that it is much longer than encryption algorithms with symmetric keys, and this is a testament to how much slower they are.
lecturer: 5. Mathematically intensive - The greater the length in bits, the greater the number of mathematical operations, and, consequently, the greater the load on the system. lecturer: Symmetric encryption - private key:
lecturer: 1. Fast - if you look at the message length in bits (see screenshot below) after symmetric algorithms work, you will notice that it is much smaller than encryption algorithms with asymmetric keys, and this is evidence of how much faster they are. lecturer: 2. Reliable - Look at what was described above about AES-256 where there was a calculation of the number 2^256 and see for yourself, but there are also 384 / 512 / 1024 and more .. lecturer: For a clear demonstration, look at this screenshot below
lecturer : In order to secure the material, let's return to the analogy with the number of locks on the door. With public and private keys, there are many, many locks on the door, so encryption and decryption take much
longer. This is a large amount of mathematical operations for the central processor, which is why there are hybrid systems, or hybrid cryptographic systems.
lecturer: Public and private keys are used to exchange agreement keys, and we use symmetric algorithms like AES to encrypt data, thereby extracting maximum benefits.
HTTPS, which uses the TLS and SSL protocols, is an example of this type of hybrid system, as is PGP.
Encryption part 2
lecturer: Let's now talk in more detail about what encryption consists of in general; we've completed a short introductory course, let's go deeper into what the hash itself is, etc. lecturer: Hashing
lecturer: Hashing is the transformation of an array of input data of arbitrary length into an (output) bit string of a fixed length, performed by a specific algorithm. The function that implements the algorithm and performs the transformation is called a
“hash function” or “convolution function.” The original data is called the input array, "key" or
"message".
The result of the transformation (output) is called
"hash", "hash code", "hash sum", "message summary".
lecturer: Let's look at the image, we see here: lecturer: 1. Input data
lecturer: 2. Algorithm or hashing function
lecturer: 3. Output data The resulting output data, which always has a fixed size. lecturer: The hash function accepts input data of any size. This can be an e-mail, a file, a word, in our case it is the phrase “Hello, carder-club”, and the data is converted using a hash function into the following form: 732b01dfbfc088bf6e958b0d2d6f1482a3c35c7437b798f deb6e77
c78d84ccb1
lecturer: For better assimilation and analysis of the material, let's move away from dry text and make a visual demonstration
lecturer: As we can see from the animated GIF above, our input data is converted using a hashing algorithm, namely SHA-256, into fixed-size output data.
lecturer: Explanation: As we see, when we change our input data by adding “=)”, our output data has a different form, since in the bit equivalent the multiplier has changed. Consequently, the very meaning of the output data has changed. When returning to the original input data, the value again had its original form.
lecturer: You can imagine this as an example: lecturer: 1. "Hello, carder-club" = 5
lecturer: 2. "Hello, carder-club =)" = 7
lecturer: 3. "Hello, carder-club" = 5
lecturer: The hashing algorithm itself is the second arbitrary multiplier, let it be 2, then: lecturer: 1. 2*5=10
lecturer: 2. 2*7=14
lecturer: 3. 2*5=10
lecturer: Same with hash, only the hashing algorithm has more complex mathematical operations than I gave, if you need a specific conversion formula used in the algorithm, look at Wikipedia.
lecturer: An important feature of the hash function is that you cannot convert from a hash back to the original input data. This is a one-way hash function and does not require keys.
lecturer: For example, again look at our gif that I gave earlier
lecturer: Hello, carder-club > SHA-256 > 732b01dfbfc088bf6e9 58b0d2d6f1482a3c35c7437b798fdeb6e77 c78d84ccb1
lecturer: As we can see, we only used input data, not any keys involved and then got the resulting output, which is always a fixed size depending on the kind of function you are using. lecturer: This ensures integrity and allows you to detect unintentional modifications. This does not
provide confidentiality, authentication, or detection of intentional modification.
lecturer: BTW: There are many examples of hash functions: MD2, MD4, MD5, HAVAL, SHA, SHA-1, SHA-256, SHA-384, SHA-
512, Tiger and so on.
lecturer: WHAT TO USE: Nowadays, if you are choosing a cryptographic system, you should use SHA-256 and higher, I mean SHA-384 and SHA-512 and so on.
lecturer: To make it easier to understand the material, let’s move away from the dry text and simulate the situation
lecturer: Let’s say you were given the task of downloading the Windows 7 Home Premium x64bit operating system for training lecturer: We know that this operating system comes from the developer Microsoft, then we go to the search and make the following search query:
lecturer: site:microsoft.com Windows 7 Home Premium hash
lecturer: Site operator: This operator limits the search to a specific domain or site. That is, if we make a request: site:microsoft.com Windows 7 Home Premium hash, then the results will be obtained from pages containing the words
“Windows”, “7”, “Home”, “Premium” and “hash” on the
site “ microsoft.com" and not on other parts of the Internet.
lecturer: This information is also key for searching for shops using operators in search engines; to study in more detail information on how to search using operators in Google, use this article - https://habrahabr.ru/sandbox/46956/
lecturer: As we can see from the GIF above, I easily found the hash sum of the Windows 7 Home Premium 64bit operating system on the official Microsoft website lecturer
: Here it is - SHA1 Hash value: 6C9058389C1E2E5122B7C933275F963EDF1C07B9
lecturer: In general, I would recommend finding hash sums and starting the search from 256 and above, but on the off site there was only this amount, so I’ll take what
the lecturer has: Next, we need to find a file that corresponds to this hash amount, for this we also use the Google search engine and operators like searching with using operators and what it is link above. lecturer: inurl:download "6C9058389C1E2E5122B7C933275F963EDF1C07B9"
lecturer: After you download this file, using our hash sum you can make sure that this file has not been changed, i.e. he has integrity.
lecturer: There are tools that you can download to do this. https://en.wikipedia.org/wiki/Comparison_of_file_verification_s
oftware
lecturer: One of such tools is Quick Hash (https://quickhash-gui.org), and I will show with an example how to verify hash sums and make sure in the integrity of the information received.
lecturer: As we can see, the hash sum of the downloaded file corresponds to the hash sum given to us from the official Microsoft website.
lecturer: I will also attach below information on other hash sums of this file
лектор: MD5: DA319B5826162829C436306BEBEA7F0F
лектор: SHA-1: 6C9058389C1E2E5122B7C933275F963EDF1C07B9
лектор: SHA-256: C10A9DA74A34E3AB57446CDDD7A0F825D526DA78D979 6D442DB5022C33E3CB7F
лектор: SHA-512: E0CB678BF9577C70F33EDDC0221BC44ACD5ABD4938567 B92DC31939B814E72D01FAC882870AB0834395F1A77C2C D5856FD88D2B05FBE1D1D9CCE9713C1D8AB73
лектор: Вы можете заметить, что с увеличением этих цифр в алгоритме хеширования, длина хеша становится все больше, since it is the length in bits. SHA-1 is short, 256, 512 and MD5, which is weak and should not be used at all. So this is a way of confirming that the file you downloaded has maintained its
integrity.
lecturer: Some of you are probably wondering: “What if the file I’m about to download is already compromised?” Let's say we have a website (https://www.veracrypt.fr) for VeraCrypt software (https://ru.wikipedia.org/wiki/VeraCrypt).
lecturer: And I want to download VeraCrypt, the site has hash sums of files encoded SHA-256 and SHA-512
lecturer: SHA-256: 6cff2cce52eb97321b1696f82e9ccefa7c8032 8d91c49bf10b49e38 97677896e VeraCrypt Setup 1. 21.exe lecturer: SHA-512: 5c68a5a14fa22ee30eb51bc7d3fd35207f58e efb8da492f338c6dac 54f68133885c47fa2b172d87836142c75d 838dac782b9faca406a 2ffb885 4cc7d93f8b359 VeraCrypt Setup 1.21.exe
lecturer: However, there is one “BUT”, if the website was compromised, this means that attackers could replace this download file and add something to it, a Trojan or something for surveillance, and they could also replace the checksum as well.
lecturer: Therefore, it turns out that the hash means nothing, that is, it cannot detect intentional modification of the file. And we need something else to make sure that the software actually comes from the developer. That the VeraCrypt website
is the official VeraCrypt website, etc.
lecturer: And here we come to certificates, digital signatures and other means that we will now analyze, but for now let’s touch on the important essence of hashing. lecturer: I don’t want to copy, etc. since here it will be important
to convey everything in color,
the lecturer:
lecturer:
lecturer: Now let's talk about Digital Signatures lecturer: So let's go back again to our VeraCrypt, how to find out that the site is really official and the software comes from the developer. lecturer: A simple and rather tricky way to find
the official website is to find the software in Wikipedia and then follow the link to the official website of the software.
lecturer: However, we can also click on the entire lock and there see the certificate that it was issued lecturer: https://puu.sh/xQAFM/e687c816ce.png
lecturer: A digital signature is a hash value. It is the result of a fixed-size hash function that is encrypted with the sender's private key to create a digital signature or signed message.
lecturer: From a technical point of view, a digital signature is a mark confirming the person who signed the message. This is the issuance of a guarantee for an object that was signed with its help.
lecturer: For clarity, what a digital signature is, open the screenshot (https://puu.sh/xQAFM/e687c816ce.png) and look at Signing
lecturer: Signing: What you can see in the infographic above, but based on our file which
we analyze
the lecturer: Hash algorithm > Hash value ( 6cff2cce5 2eb97321b1696f82e9ccefa7c80328d91c49bf10b49e38 97677896e ) > Private key ( see Asymmetric encryption ) = Digital signature lecturer: If the encryption object is signed with a
digital signature, then authentication is ensured because the object is encrypted using a private key, which is used to encrypt Only the owner of this private key can. This is authentication.
lecturer: It makes it impossible to renounce authorship, since, I repeat, the sender’s private key is used. And it provides integrity because we are hashing.
lecturer: A digital signature can be used, for example, in software. Can
be used for drivers within your operating system. Can be used for certificates and confirm that signed objects originate from the person specified in the certificate, and that the integrity of the data of these objects has been preserved, that is, they have not undergone any changes.
lecturer: How can you make sure that the file really
comes from the developer, in our case VeraCrypt, that is, in case of fraud, etc. you could say with 100% certainty that I used your software, and it was signed with your digital signature.
lecturer: https://puu.sh/xQB20/5166e3d0c8.gif - usually the certificate is checked automatically and you probably have a lecturer: After looking at the gif, open the screenshot ( https://puu.sh/xQB5Y/c840f4670d.png ) lecturer: What do we see here? The certificate was issued: to whom - IDRIX SARL, by whom - GlobalSign. So, GlobalSign is the company whose private key was used to
digitally sign this program. GlobalSign says:
"This software is legitimate and has not been modified." It says: "A certificate is intended to certify that the software comes from the software developer, the software is protected from modification after it is released." To find out
whether this is a valid digital signature or not, we
need to reverse the original process.
lecturer: That is, we open our screenshot again ( https://puu.sh/xQAFM/e687c816ce.png )
lecturer: Check: What you can see in the infographic above, but based on our file, which we parse
lecturer: Signed message > Public key (this is a file in .asc format and usually looks like this - https://www.idrix.fr/VeraCrypt/VeraCrypt_PGP_public_key.asc
, private key looks the same) = Hash value, that is, it should be 6cff2cce52eb97321b1696f8 2e9ccefa7c80328d91c49bf10b 49e38 97677896e
lecturer: After which this hash value will need to be checked with the specified hash, that is, we open the
QuickHash program there, run our file and in the algorithm in which it is presented to us, everything should match, if it does not match, then the file itself has been changed, and there may be a Trojan, or something for wiretapping us, or something else bad
lecturer: SHA-256: 6cff2cce52eb97321b1696f82e9ccefa7c8032 8d91c49bf10b49e38 97677896e VeraCrypt Setup 1.21.exe lecturer: I checked the received hash (https://puu.sh/xQBAz/8905455dd7.png) and as we can see in the screenshot they are identical, therefore the files are legitimate and correspond to the digital signature of the developer, and this file definitely comes from him.
lecturer: And if this software infects your computer with WannaCry or some other bad virus, it will be guilty.
lecturer: For example, this is how you, as a child, would argue that you didn’t eat the candy, and your mother shoves evidence in your face, for example, a video recording and says, I have everything recorded, look here. And no matter how you get away with it, that’s what a digital signature does.
lecturer: Read it several times if you don’t understand, and try to understand this point is really important lecturer: And what we saw directly in this screenshot (https://puu.sh/xQAFM/e687c816ce.png)
lecturer: This is what Windows checks the certificate is authentic, then that such a certificate is really registered with such a number is all that matters.
lecturer: Let's make an analogy to understand what
Windows does when it writes these lines (https://puu.sh/xQBLa/604166ab6c.png) in the certificate lecturer: You came to the bank with counterfeit money, and they check the money through special solutions or devices, and then bam and the paint is washed off, or the watermarks do not show through and you are told that your bills do not match and it is a fake, the same with Windows.
lecturer: That is, if someone else rewrote all
the certificate data and made a copy of the certificate for signing, with such data, then it would not correspond to
reality, well - this is a more complex topic, but actually I think it’s clear.
lecturer: And if verification fails, you usually see this warning (https://puu.sh/xQC61/ef80678f6b.png)
lecturer: This means that the file does not have a digital signature or Windows (remember the employee bank) does not trust this digital signature (and in the case of a bank employee, he does not trust it on your banknote), you can check it using the method I described above (and a bank employee, well, can also check it on his machine or by applying solutions there).
lecturer: In Linux, everything is simple with this, since you can’t just install proprietary software, since all software is usually installed from official repositories, where all checks are carried out. In more detail, what a repository is and other points can be found out here
lecturer: you can take it as homemade task for studying lecturer: etc.
lecturer: take a note for yourself
lecturer: Let's go through this material again, because I'm sure some may find all this quite difficult to understand.
lecturer: https://puu.sh/xQAFM/e687c816ce.png - watch signing
lecturer: So, the hash value (of the program itself, that is, if the guy himself ran it through QuciHash), which was encrypted using the private key (his personal key, his personal fingerprint, so to speak, on the network) of the sender or software release. This is a digital signature. lecturer: This provides authentication,
non-repudiation and integrity. And if you encrypt something and digitally sign it, you can achieve confidentiality along with authentication, non-repudiation and integrity. lecturer: Digital signatures certify that a program
or something else came from a specific person or publisher, and they protect the software or messages from being modified after they have been published or sent.
lecturer: At this point, I think we have figured out digital signatures.
lecturer: Let's now move on to End-to-End encryption (E2EE)
lecturer: End-to-end encryption is that the data is encrypted by the sender and decrypted only by the recipient. If you want to avoid tracking, mass surveillance, hackers, and so on, then this is the type of encryption you need for the transmitted data. lecturer: Examples of end-to-end encryption technology are things like PGP, S/MIME, OTR, which stands for “off the record”, ZRTP, which stands for Z in the RTP protocol , as well as SSL and TLS, implemented correctly, can all be used as
end-to-end encryption.
lecturer: Companies that develop software that uses end-to-end encryption and zero-knowledge systems cannot disclose the details of data exchange to your enemies, even under duress, even if they themselves wanted to. This is the benefit of end-to-end zero-knowledge encryption.
lecturer: End-to-end encryption provides protection during
data transmission, but it is obvious that it cannot protect the data after it is received. Next, you need another protection mechanism. Use end-to-end encryption wherever possible.
lecturer: The use of secure HTTPS on all websites is becoming increasingly necessary, regardless of the types of data being transferred.
lecturer: Let me show you what END-TO-END encryption is using an example with websites
lecturer: This is a digital certificate, the same as a digital signature, there are a number of differences, there are certificate authorities, etc. you usually don’t come across this, I won’t describe it, for those interested, google “Key and HTTPS Certification Authorities” and “Digital Certificates”
lecturer: A green padlock in the URL or HTTPS means that your Internet provider or, say, the government, they can only track the target domain. What does it mean? lecturer: Let’s say there is an attacker between us and Google, similar to the case of transmitting the message in the infographic above. He won't be able to find out what exactly I was looking for, because this is end-to-end encryption between my browser and the server.
lecturer: Let's take a visual example and
see what the provider can find out about us lecturer: To begin with, we will use an example of an unencrypted connection using an HTTP connection.
lecturer: HTTP, HyperText Transfer Protocol is a widely used data transfer protocol, originally intended for transferring hypertext documents
(that is, when you click on a word in an article, go to another web page).
lecturer: By default, the HTTP protocol uses TCP port 80.
lecturer: For the screenshots below, I will use the network traffic analysis program WireShark.
lecturer: For the experiment, I took a site based on the HTTP protocol uznayvse.ru after I click on the link, the request from the site will be displayed in the WireShark program window under the number 1-n, but let's immediately look at what each program window is responsible for for better assimilation of the material .
lecturer: 1. This area is called Packet List - in it you can see with which server data is being exchanged, the protocol that is used and general information about frames.
lecturer: 2. The next area is called Packet Details - it displays the details of the packages that were selected in the Packet List.
lecturer: 3. And the last area is called Packet Bite - it displays the 16th display of this packet, the offset is also displayed in the form of an ask, and also if we right-click on
this area we can see how all this will be smoothed out in bits. lecturer: This is what happens when you click on a link, all traffic data is immediately filtered
lecturer: Let's look at the received packets in more detail and learn clearly about surveillance, analysis, etc.
lecturer: 1. Forwarded packets using our filter lecturer: 2. Target domain, that is, the main page of the site without any heresy after the slash “/” lecturer
: 3. User agent, that is, browser settings, operating system version and other parameters..
lecturer: 4. Referer - indicates from which page we came to this page since we came from a protected page, there were many packets with redirection, in the end we referred to ourselves from the same page, if for example I came from the main page page of the site for this one, the referrer would be the main page of the site. (see the screenshot below with an explanation to fully understand the meaning).
lecturer: 5. Cookies, or session) Here is your password) You can log in under your logged-in session and rummage around) from a logged-in user, that is, you lecturer: BY THE WAY: If you think that this is the
ceiling of what this software can do, then I’m afraid to upset you just the tip of the iceberg
lecturer: 6. Well, this is the final page where we are
lecturer: BY THE WAY: If you think that this is the ceiling of what this
software can do, then I’m afraid to upset you, this is just the tip of the iceberg
lecturer: So that after reading you don’t There were still doubts, I decided to sort out these points by moving from one page of the website to another, and as we can see:
lecturer: 1. Refer - indicates the previous page
that we analyzed, from which we came to this page
lecturer: 2. Which page are we on? We are now lecturer: As we see, the HTTP protocol itself does not
imply the use of encryption for information. However, there is a common extension for HTTP, Mtransmit, which implements the packaging of transmitted data in the cryptographic protocol SSL or TLS. lecturer: The name of this extension is HTTPS (HyperText Transfer Protocol Secure). For HTTPS connections, TCP port 443 is typically used. HTTPS is widely used to protect information from interception, and also typically provides protection against man-in-the-middle attacks - if the certificate is verified on the client, and however, the certificate's private key was not compromised, the user did not confirm the use of an unsigned certificate, and no attacker's CA certificates were injected into the user's computer. lecturer: 1. Google - uses a secure HTTPS connection protocol lecturer: 2. Data request package using a secure HTTPS protocol lecturer: 3. As we see in the details of the package, we only have Encrypted Application Data: 0000000000000016eec0818f25b5eb9bd4690883155a74b6...
lecturer: no other information and information about what is contained on
a web page or where a person is located we do not have
lecturer: 4. Since we have number 2 the IP address with which server packets are exchanged, we look at what kind of IP address it is and Based on the received data, we can conclude that the person is on the Google landing page.
lecturer: Essentially, using HTTPS is safe and as I said earlier that: Companies that develop software that uses end-to-end encryption and zero-knowledge systems cannot disclose the details of the data exchange to your enemies, even under duress, even if they wanted it themselves. This is the benefit of end-to-end zero-knowledge encryption.
lecturer: SSLStrip - HTTPS removal
lecturer: But also based on this, there are attacks to remove SSL, let's quickly figure out what it is??
lecturer: Any attacker who can position himself between the source and destination of traffic, in our case a COMPUTER and a SERVER, then this attacker can perform an attack of the type “Man in the middle” (Russian “Man in the middle”). One such attack, which requires very little skill and resources, is called SSL stripping. The attacker acts as a proxy here and replaces encrypted HTTPS connections with HTTP connections.
lecturer: Let's open the screenshot and see what it
is https://puu.sh/xQFWy/edbaf90d7a.png
lecturer: 1. How we look at the same way as we send a request from http
lecturer: 2. It goes through SSLStrip and does not change,
The lecturer also goes further: 3. The server sees that you came using an insecure protocol without encryption and changes it to a secure one using encryption, that is, HTTPS (that is, a 301 or 302 redirect is made - this is configured on the server) lecturer: 4. SSLStrip
sees that the server sent you a request in HTTPS (see point 3) and automatically also changes it to insecure, that is, to HTTP, thereby removing TLS encryption lecturer
: SSLStrip here proxies the response from the web server, imitating your browser, and sends you back HTTP -
version of the site. The server will never notice the differences. lecturer: Since the server thinks that you are communicating using the secure HTTPS protocol, since it does not see that the attacker ( SSLStrip ) has changed the protocol for you to an insecure one
lecturer: And what you will see is that it will be almost indistinguishable from the genuine site. Let me show you what the website should look like.
lecturer: https://puu.sh/xQHeu/014bf0515b.png
lecturer: 1. We see a secure version, that is, with end-to-end encryption
lecturer: 2. Now I have performed HTTPS-stripping (SSL stripping
- SSLStrip). And this is what the version of the site looks like after the attack. lecturer: As you can see, the difference is that you now do not have HTTPS and most people will not notice this difference. And like I said, the server will never notice that anything is wrong because it's talking to a proxy that behaves exactly the same way you would. lecturer:
lecturer: I advise you to read this with color
lecturer:
— Part 1 MITM. How
is a MITM attack carried out?
lecturer:
— Part 2 MITM.
We attack the network using MITM methods
lecturer: write it down in parts for your homework lecturer: also look at it, etc.
lecturer: you can delve deeper into this issue
lecturer: What can I say as an EPILOGUE
lecturer: I think that we have discussed a lot about encryption, the only thing I did not have time to analyze is what I wrote above, that we did not discuss this option with PGP, OTR , ZRTP, OMAXA, you can read about such protocols on Google or ask me, I will give you information if you need it.
lecturer: Well, with pgp and otr, I think everything is clear
lecturer: for zrpp this is voice communication and Omaha this is a new type of encryption from the OTP series only with its own goodies lecturer: from offline messages, encryption of conference chats, etc.
lecturer: Encryption is a fantastic tool for privacy, security and anonymity, it is a tool that really works and attackers (hackers) will try to avoid it.
lecturer: In simple words... No fool would make a direct attack on encryption.
lecturer: As they say, a smart person won’t climb a mountain, a smart person will go around a mountain. And you should keep this in mind. And all they can do is find weak points.
lecturer: Remember the case with Ross Ulbricht, the creator of
the Silk Road, he was caught in a captcha. That is, on simple trifles, since people forget about the most important thing, namely the simplest things... Basics, so to speak.
lecturer: That is, no one will ever brute your passwords, etc. It’s much easier for them to install a keylogger on your system, or send you a link to a site with an
infected JS script and carry out an attack, or a PDF file, etc.
lecturer: But as I said, no one will ever want to break encryption. Attackers will simply try to bypass the encryption. You should keep this in mind.
lecturer: Security is the so-called weak link phenomenon. She is only as strong as the weakest link in the chain. Strong encryption is often a strong point.
lecturer: We human creatures are usually the weak link. As they say, my tongue is my enemy
Introduction to security based on *unix-like systems
lecturer: Introduction to security
lecturer: I will try to explain in simple language how you can theoretically be hacked. I will do without complex terms for ordinary users of the lecture. I will also give you a colorful idea of hacking an operating system, and more advanced users will read between the lines the technical information.
lecturer: I believe that the user of any operating system, and even more so those who are associated with it at work, need to understand that professional viruses are not an executable file that has been renamed into a document and asks you to run (stiller or warrior). And blocking macros will not always prevent an attacker from executing code on your system.
lecturer: I myself use various operating systems, from
Windows to Linux, and have long been no longer a supporter of such holivars, which I will analyze a little later using the example of MacBooks).
lecturer: I work on Linux, but sometimes I use Windows. Next there will probably be a lot of negativity about Linux, but it is not associated with any fanatical beliefs, I just want to tell you objectively and convince you that it doesn’t matter what operating system you use, you can be hacked anywhere.
lecturer: Remember my words with which I concluded the articles on Encryption, namely in the Epilogue...
lecturer: Security is the so-called weak link phenomenon. She is only as strong as the weakest link in the chain. Strong encryption is often a strong link.
lecturer: We human creatures are usually the weak link. As they say, my tongue is my enemy. lecturer: Your choice of operating system matters for your security, privacy and anonymity.
Different operating systems suit different needs.
lecturer: For example, in order to draw graphics for you, I need to switch from Linux to Windows because I need Photoshop and other graphic editors, we’ll talk about this later. But I think the main message of the information is clear.
lecturer: The purpose of this section is to help you understand this difficult situation. Answer the questions: which operating system suits your requirements based on the risks and what you want to use it for, for a specific situation, for specific requirements. lecturer: It’s like in school, teaching you how to navigate the area, it’s exactly the same here, since your paranoia will not bring you any good. After all, without knowledge you can only make things worse..
lecturer: Message and clarity
lecturer: Let's talk about our choice of operating system and how it affects your security, because the operating system is the real basis of your security.
lecturer: There are many misconceptions when it comes to operating systems and security. You've probably heard, for example, that MacBooks cannot be infected
lecturer: Also, a lot of people constantly discuss how leaky the Windows operating system is, you can talk about for years, but I wonder how safe Linux is?
lecturer: And there are people, let's call them the Linux camp, who believe that Linux is the best operating system. If you ask Linux lovers if you have an antivirus, the answer will only be laughter.
lecturer: The argument is this: Linux was created by professionals, and everything there is protected by default (standard). So we put our beloved dog on Ubuntu and you don’t have to worry about its data.
lecturer: In general, there are two things that are infinite, the universe and fools. Everything is clear with the universe, but what about the latter? Here's how to explain to various Windows users that they can't work without antivirus protection? How can we explain to the creators of MEGA Information Protection Systems (antiviruses in common parlance) that it is impossible to protect against hacking using an access matrix (this is when they block the reading or writing of some files, that is, access control) and that hacking is not always: “Threat detected: Autorun
process .exe is trying
to write to the system registry branch."
lecturer: Your security looks good only in theory. Let's say you are the same Ubuntu user, you install this OS on the PC of your beloved dog Bob. Then many argue the following - if Bob receives a message myDocument.docx by email, then even if it turns out to be an executable file, and he runs it according to the instructions, nothing will happen - after all, for most actions you need the root password (administrator password in the sense). Are you seriously? Are you defending yourself from the invasion of junior school representatives? Or is it from criminals who are members of criminal gangs, control large financial flows and simply mow down the money for their brothers?
lecturer: This is a reference to those users who
use and blindly believe in Information Security Tools (IPS) or those courses that were taught to them in textbooks on Information Security (IS).
lecturer: A long time ago, when Linux was just in its infancy, the majority of its users were professionals. But over time, distribution kits that were convenient for the average user appeared and the number of housewife users began to grow. What does any housewife do? That’s right, he makes online payments, and where the money is, a swarm of various rabble flock there like bees to honey, who want to improve their finances free of charge. 90% of housewives use Windows - and viruses are developed for this operating system, and only 20-30% of housewives switch to Linux, then large amounts of money will immediately be poured into the development of malware. And reports from antivirus companies show a slow but increasing number of such programs.
lecturer: Ok, let's go back to Bob, there is only one reason not to
worry about your security - developing a Trojan for his OS is unprofitable. But this is not economically profitable; the potential income of the attackers will be less than the costs. How long this will continue is a big question.
lecturer: But still, technically, how possible is it that Bob will be hacked and the data will be stolen? If Bob’s security strong point is that no one needs him and viruses have not yet been written for his OS, then this is a game of Russian roulette. lecturer: Alice, Bob's friend, knows that Bob has a tidy sum of coins in his account (BEETHOVEN) ) )), the key is on Pinocchio's PC, and together with Pinocchio they decided to figure it out for two. What they need for this:
a small start-up capital, Pinocchio’s direct hands and a little courage.
lecturer: Alice knows that Bob uses Ubuntu 14 LTS. How does Bob imagine the hacking process? He, like most users, believes that Alice will send him a file with an attachment by email, which he will be asked to run, and since he considers himself a PC specialist and he will not run the file, then of course his data is safe!
lecturer: Multi-step from Pedro
lecturer: Then Alice goes to some nameless and shadow resource and buys from Pedro a vulnerability to Bob’s favorite browser for the Nth amount of evergreens. Pedro not only provides Alice with technical information about the vulnerability, but also sends Buratino (Alice’s accomplice) an example of how to run it.
lecturer:
lecturer: The vulnerability that Alice gets is a zero-day vulnerability in the Google Chrome browser. For example, open holes CVE-2015-1233 or
CVE-2014-3177, CVE-2014-3176, CVE-2013-6658 (see
screenshots above) and how many of them have not yet been closed and are known only in limited circles is a big question . (we'll look at it in more detail a little later).
lecturer: see the link above (screenshots where) lecturer: As can be seen from the description of the vulnerabilities (see
screenshots above), Alice can execute code in the context of a process and it will work not only in Windows, but
also in Linux and Mac OS. The vulnerabilities are taken randomly as examples. Once again, these are BROWSER vulnerabilities.
lecturer: Pinocchio composes a script (JS - Java Script) and writes shell code there (a set of lines that are written on the command line), which should be executed on the target system - Bob's PC. To do this, he needs to somehow pass the link. Alice and Pinocchio immediately rejected the first option with mail - Bob is a cautious user and does not open links from mail. Then they decided to improvise a little. They know that Bob is an ordinary person and does not suffer from paranoia... Okay, in short, it’s not the point, for simplicity Bob, he just followed the link - Alice persuaded him, a gasket was created there, or some other crap is not important
. OM
lecturer: After Bob visited the link, in the context of his browser process, a small code that Pinocchio wrote was executed - literally a few commands, which subsequently downloaded the body of the virus and went into its execution. But how? Bob is sure that Alice is just showing him her photos, no files are loaded onto the disk, there are no warnings, and no one asks for root passwords.
lecturer: Increasing privileges
lecturer: After Pinocchio’s development began executing its first instructions on Bob’s processor, the question became, what to do next? In Bob’s theory, even if an infection occurs, nothing will happen to him; Bob
has set a complex password for root access, and
he will not suddenly enter it at any cost.
lecturer: Buratino and Alice foresaw this question and solved it in advance. The same Pedro told them that he had a couple of zero-day vulnerabilities in the Linux kernel, similar to the recent vulnerabilities in the kernel versions 3.17 and 3.14 - CVE-2014-9322, CVE-2014-3153.
lecturer: After reading the description of the vulnerabilities, Pinocchio realized that they would allow him to execute code in the context of Bob’s OS kernel. And all he needs is for his malicious application to take advantage of these fresh holes and execute the code in ring-0.
lecturer: While unsuspecting Bob is looking at Alice’s photographs, Pinocchio’s code has already seriously invaded the vastness of his system and neither the antivirus (there is simply none) nor anything else can even display a message about the intrusion. Since Pinocchio decided not to stop there, he moved on. Once at the lowest level of Bob's OS, in which only trusted code is supposed to be executed, Pinocchio began searching for the file that is responsible for starting the OS. Once Pinocchio's software finds this file, it modifies it so that when Bob's PC is rebooted, Pinocchio's code will continue to run.
lecturer: Rootkit (in Russian, “rootkit”) is a program or set of programs for hiding traces of the presence of an attacker or malicious program in the system.
lecturer: And so Buratino and Alice got access to Buratino’s PC running Linux OS, but how could they hide their
presence? Bob is not a fool and will check the integrity of the OS system files every 5 minutes. To do this, Pinocchio decided that they would rewrite the code of the operating system itself, which was loaded into the memory of Bob’s PC, but how? After all, if the same actions are carried out on Windows OS, then one small system component will detect this and forcefully restart the PC.
lecturer: Bob is not worried about his safety - after all,
even if the attacker’s code is executed in the kernel, then in the latest versions of the Linux kernel, system memory areas are write-protected. Even if Pinocchio tries to rewrite the OS code into RAM, the processor will generate an error and the PC will reboot.
lecturer: Then Pinocchio opened the documentation for the processor that is on Bob’s PC and began to study... He knows that the architecture of Bob’s processor is x86, but what does this give? After all, the pages it needs in the kernel are write-protected. Then Pinocchio drew attention to the cr0 register - a small memory block that stores the data with which the processor works. What will happen if I set the 16th bit to zero, quickly overwrite the necessary kernel methods and immediately restore the register - Buratino thought. And so he did, as it turned out, if you reset this bit to zero, the write protection can be temporarily disabled.
lecturer: Thus, Pinocchio gained full control over Bob’s OS, and the vulnerability was later found and fixed, but the program code that was embedded in Bob’s OS in this way could no longer be detected. Minute control
integrity shows that not a single file in the system has been changed - the Pinocchio program simply replaces it when reading it. There are no new processes - the malicious process is simply hidden, and while on another OS there are solutions that have been detecting such techniques for a long time, there is no such thing under Bob’s OS.
lecturer: In general, the conclusion is that Alice and Pinocchio took pity on Bob... and deleted all his files. Oh well, seriously, never be so fanatically confident in anything. I tried to present the essence of the problem in a simple manner and without technical terms.
lecturer: Epilogue
lecturer: I wanted to show simple principles with this simple story. As all this happens, it is necessary to clearly separate virtualization and use, because virtualization is another large-scale thing in your security options. We will return to this later. lecturer: That is, do not try to surf any resources on your PC, open suspicious links and download some unnecessary software, and it’s not clear from where, carefully approach your security issues regarding JS and enable it on trusted resources and much more other.
lecturer: But as I promised earlier, I will not give you nightmares.
Typically, such vulnerabilities cost a lot of money, and the fact that you will be hacked decreases, despite the fact that they will be interested in you, the probability is extremely low.
lecturer: Risk assessment
lecturer: In this part of the article, I would like to visually make some kind of risk assessment based on these points, so that you can also do it yourself. without any special skills, purely by your logic. It’s not for nothing that in the previous article we abstracted and analyzed vulnerabilities, penetration modeling and other issues.
lecturer: But why do you ask... Why did I tell you
about this now, because it’s not only security measures that matter. We worry about what our actual risk is in the real world, and to determine that we also need to take into account the history of bugs and security vulnerabilities. Just how weak was this particular operating system? Perhaps you are interested in the question, which operating system will we consider the weakest?
Windows, OS X or various Linux systems, perhaps
the Linux kernel, which has been the most vulnerable in history? lecturer: https://www.cvedetails.comis a free database/source of information about CVE vulnerabilities (This is a generally accepted standard for naming vulnerabilities present in commercial and open-source software products). You can view information about vulnerabilities by CVE number, exploits, links to vulnerabilities, metasploit modules, a complete list of vulnerable products and cvss assessment reports and top vulnerabilities over time and much more.
lecturer: Let's try to work with this site.
To begin, we will go to this page of the site - https://www.cvedetails.com/top-50-products.php - here is the list: “Top 50 products by total number of vulnerable vulnerabilities” (from 1999 to the present) .
lecturer: And as we can see, on the first line we have the Linux Kernel - speaking in Russian. This is the Linux Kernel, as we see it ranks first in quantity.. And you probably ask what the hell? Linux, you should be the standard.
lecturer: Okay, let's figure it out! The numbers shown in the right column are the number of vulnerabilities found in a particular operating system or application.
lecturer:
lecturer:
lecturer: There is a difference of 3 months between the data in the screenshots lecturer: Let's go to the very bottom of the web page. We see there the following “Total number of vulnerabilities in 50 products by manufacturer” (see screenshots above). lecturer: And as we can see, Linux no longer occupies the first line, but you tell me that Windows (Microsoft) is constantly updated, and it has a lot of products on the
Office market and other programs, and Apple has different versions of the operating system and there too its own nuances.. lecturer: Yes, that’s right. You will all be right, but Linux also has a lot of things... Let's take a closer look at the specifics of this use.
lecturer: I want to teach you independent analysis. And
it’s best to teach at least the basics, just so that you start thinking with your own head, and not with the head of some hacker school who are now divorced and who want to sell something without knowing the niche itself and in many ways that follow from it.
lecturer: Okay, let’s not get too abstract, it’s better to look at everything in reality, and then I think you will all understand what I want to tell you about.
lecturer: Go to the page https://www.cvedetails.com/vendor.php?vendor_id=33 - this page shows the Statistics of vulnerabilities in Linux lecturer:
lecturer:
lecturer: Let's first take a look at what you should pay attention to (see screenshots above).
lecturer: 1. Number of vulnerabilities by year lecturer: 2.
Vulnerabilities by type
lecturer: Now we need to figure out what parameters are worth paying attention to:
lecturer: The first thing we should pay attention to is the number of vulnerabilities by year (number 1), as we can see that every year there is a trend towards an increase in the detection of vulnerabilities;
lecturer: The second thing we should pay attention to
is the degree of danger of vulnerabilities (number 2), as we can see, code execution (Execute Code) and buffer overflow (Overflow) are serious here. lecturer: Red and orange
lecturer: • The red column is the execution of code on
the client side without his knowledge, I think there is no need to tell what the consequences are.
lecturer: • The orange column is a buffer overflow, i.e. refers to the phenomenon that occurs when a computer program writes data beyond the allocated buffer in memory. It is fraught with the fact that increasing the level of privileges and a bunch of other things...
You can find out more at https://ru.wikipedia.org/wiki/Buffer_overflow lecturer:
lecturer:
lecturer: And to complete the picture, we can go up a little higher and see a table with trends in vulnerabilities over time (see screenshots above) using
structured data we can easily perform an analysis, since we see the ranking of data by
time cycle (years) and so the same according to the severity of the vulnerabilities (these are columns).
lecturer: As we can see in the first screenshot for October 2017, the following were found: 166 potentially dangerous code execution vulnerabilities (number 1) and 37 potentially dangerous overflow vulnerabilities (number 2);
lecturer: Then, when 2017 ended, we see the following statistics: 169 code execution vulnerabilities and 42 buffer overflows.
lecturer: A small note, I’m just updating the training and for this I can make the following statistics, in fact, you don’t need to wait 3 months, you can compare by year. I just
thought it would be nice to give such statistics and not delete the old ones.
lecturer:
lecturer: lecturer: Detailed statistics on vulnerabilities: 1st code execution and 2nd buffer overflow lecturer: You can also click on these numbers and
see detailed statistics on vulnerabilities (see screenshots above ).
lecturer: Analysis of developers
lecturer: Now we have a small picture of how everything works, we analyzed it based on Linux, but several candidates are required for analysis. Now I will look in a brief, succinct form using the example of 3 main
developers, namely:
lecturer: • Linux lecturer: • Microsoft lecturer: • Apple
lecturer: lecturer: we took this screenshot at the beginning
lecturer: As we can see (see screenshot above) in the general statistics of vulnerabilities for all products: lecturer: • Microsoft - 8938 vulnerabilities; lecturer: • Apple - 5408 vulnerabilities; lecturer: • Linux Kernel - 2000 vulnerabilities. lecturer: lecturer: lecturer: lecturer: from top to bottom: Microsoft, Apple, Linux lecturer: lecturer: To make it easier for you, open and finish reading
lecturer: Otherwise you still won’t understand
lecturer: https://i.imgur.com/6uNE2SP .png lecturer: lecturer:
lecturer: It will be easier here from the screenshot
lecturer: Let's look at some of these beliefs based on facts and statistics, and find out where we're really at when it comes to the security of these operating systems.
lecturer: So, first of all, we will analyze Windows, how leaky the Windows operating system is can be discussed for years. Actually, as I said earlier...
Just look at the statistics described earlier and the same red light should light up in your consciousness, which would signal you.
lecturer: And in general, PAIN is a Windows guru, all questions about Windows should be addressed to him =)
lecturer: But statistics are statistics, but let's figure out why. She had a weak security system from the beginning.. I have to give her credit. In later versions of Microsoft's operating systems, they began to take security issues seriously.
lecturer: And taking into account the latest products, the latest security tools such as: BitLocker, EMET, Device Guard, Windows Hello and Windows trusted apps, there is now a completely serious set of security tools.
lecturer: But is this really so? In general, I agree that the security of operating systems of the Windows family
is gradually improving, but this is not enough, especially for us.
lecturer: In these operating systems, everything is closely interconnected with Microsoft servers, all your actions in the system are reported on the Microsoft servers like threads, Windows also fails, especially in the current version of Windows 10, problems related to surveillance and privacy, this is not particularly related with safety features, but this puts some people off, let alone us.
lecturer: Important point: If you read the license agreement from Microsoft that comes with every operating system of the Windows family, you will see that they will give up your BitLocker encryption key at the first call from law enforcement agencies, and this in turn makes you think, what the hell is Windows ?! Why are you storing my encryption passwords on your servers, what the hell.
lecturer: The fact is that by “checking the box” in the license
agreement with Microsoft, users give the corporation the right to dispose of their data. “We may access, disclose and retain your personal information, including any content, any files on your devices, in your emails and in other personal communications, if we reasonably believe it is necessary to protect our customers or to comply
with terms and conditions governing the use of our services,” reads the license agreement.
lecturer: In other words, everything you say on the Internet, write, save, create or download on your computer or any other device with Win 10, all of this can be remotely deleted or copied from you - if someone at Microsoft decides that they need it. That is, according to the terms of Microsoft’s EULA, even government approval is not required to interfere in the personal lives of clients and control it!
lecturer: All you need is permission when installing the OS from
users who are too lazy to read the entire license agreement.
lecturer: As I said, I will not disassemble Windows, my goal is to provide you with information so that you can see it and make some kind of comparative visual analysis. lecturer: Most likely, I will soon write an article about this, and then I will refer to it... It will be published in my section. If I find time for this... lecturer: Mac OS X
lecturer: Next we have Mac OS X, today, again,
like Windows, it contains reliable security features. Things like randomization of address space distribution, sandbox for launching applications, FileVault 2, privacy settings and Apple's trusted application store (AppStore). All strong security features.
lecturer: But if not for one “BUT” Mac OS X also has privacy problems
lecturer: If you upgraded to Mac OS X Yosemite (10.10), and you use the default settings, every time you start typing Spotlight (to open an application or find a file on your computer), your local search terms and location which are sent to Apple and third parties (including Microsoft) (see screenshot https://puu.sh/xTGkj/dbe1f88d3e.png ) .
lecturer: erase the parenthesis and dot in the address there
lecturer: The Washington Post also published a video demonstration of Yosemite real-time tracking.
lecturer: Let's open it https://www.washingtonpost.com/posttv/business/technology/ho w-apples-os-x-yosemite-tracks-you/2014 /
10/22/66df4386-59f1- 11e4-9d6c- 756a229d8b18_video.html
lecturer: By the way, the other day about the poppy, information also came out about hacking, not very good news, I didn’t prepare the text for it, but it’s time to Google it 2 times lecturer: Let’s look at
this video, and for those who are bad with English, I’ll try to figure it all out those highlights that you have now viewed.
lecturer: 1. For example, the simple search output of Spotlight, a tool for finding files on your operating system, now transmits your location and the names of the files you are looking for to Apple on an ongoing basis. You may notice that your location is being reported to Apple even though you are not shown a notification icon. They decided to hide this notification under the pretext that users would be overwhelmed by too many notification messages. This means that if you agreed to use geolocation services, then you also agreed to the transfer of information about your location to Apple (see screenshot https://puu.sh/xTGyC/11d372083a.jpg )
lecturer: Let's open the .gif animation (
https ://puu.sh/xTGZQ/58a24bfd28.gif ) and let’s analyze it lecturer: You may notice that the data begins to be sent before you type the text, also when you press the keys, that is, as you type, the data
also Send to XxyM) )
ARKET.COM
lecturer: As we see, the author of the video says: “I am looking on my computer for a document called “the secret plans that Obama leaked to me,” and Apple receives information about this along with my location and user ID, which is a unique string from letters and numbers used to identify me. Apple tells us that this value changes every 15 minutes, but we have to trust that the new value is not tied to the previous one.
Again, they receive information about our
location, and as the author shows, he is indeed located at the Washington Post office, based on the coordinates transmitted.
lecturer: Okay, let's quickly talk about how we can disable these things with surveillance
lecturer: To disable these things, first we need to go to System Preferences > Spotlight ( https://puu.sh/xTJ6F/e59027c2cd.png ), we see The screenshot shows all the places where Spotlight looks to search for you. This can be very helpful. However, this can also be a privacy issue, as you may have just seen. I would recommend turning everything off, but if you need something you can of course leave it on.
lecturer: If you use Safari, then you need to
disable the following, click Safari > Preferences > Search and you need to uncheck Include Spotlight Suggestions (see screenshot
https://puu.sh/xTJ2m/dcb32d4c13.png )
lecturer: There is also a good website ( https://fix-macosx.com/ ), it provides a large amount of information about privacy problems in Mac OS
X. Specifically for this problem, the site’s certificate has expired and the project seems to be dying. But if anyone has an old axis, you can deal with this problem, so I think it’s not advisable to write about this lecturer: Well, this is old stuff already, then lecturer: Next
we have Linux-like operating systems, which are actually the basis of our course.
lecturer: In your case, I gave it yesterday
lecturer: But you can also write it down for your homework if you haven’t
read it
lecturer: We probably won’t stop later who wants to read it
lecturer: In general, I would recommend it
lecturer: Linux-like operating systems, Unix-like operating systems. There are a wide variety of them, I group them all into one category. If you are looking for the most secure operating systems, then you will find them here, or rather, it would even be said ONLY here.
lecturer: Things like SELinux are a good example of this, it is an implementation of delimited Mandatory Access Control - MAC, which satisfies the requirements of the government and military. lecturer: Definition: Mandatory access control (MAC) - delimitation of access of subjects to objects, based on assigning a confidentiality label to the information contained in objects, and issuing official permissions (admission) to subjects to access information of this level of confidentiality . Also sometimes translated as Forced Access Control. This is a method that combines protection and restriction of rights applied to computer processes, data and system devices and is designed to prevent their unwanted use.
lecturer: SELinux (SELinux) is a forced access control system implemented at the
kernel level. This is not so important a point for you to focus on this point.
lecturer: We will look at more standard operating systems: Ubuntu, Debian, Fedora, Arch Linux, Tails, etc. - again, they all have fairly reliable security features.
lecturer: When we consider Windows, Mac OS X and Linux, they are all in similar conditions.
lecturer: But when it comes to their existing security tools and functionality. When we add privacy to the security package, we need to start looking at Linux distributions.
lecturer: I would recommend using Linux distributions for security, but you will have to sacrifice interoperability and usability. For example, you won’t be able to use Photoshop or
Microsoft Office, although this can be solved using “wine” - you can see what it is on YouTube, and maybe I’ll look at it in this course. I don’t know, it takes a lot of time to write, catastrophically a lot...
lecturer: In a nutshell, if you don’t know, there are many, many operating systems that have evolved in a certain way since the mid-1960s from an operating system called UNIX ( she was at the head of a paid system for corporations, etc.)
lecturer: I promised to give you a list of operating systems when I said that you should choose systems that have
money for quickly eliminating vulnerabilities, here you can see clearly how many Linux distributions there are and from whom they came:
lecturer: To do this, open: https://upload.wikimedia.org/wikipedia/commons/1/1b/Linux_D istribution_Timeline.svg - plus this link is that it is a *.SVG format, therefore you can search for this family tree via Ctrl+F directly in the browser;
lecturer: Just look at how many operating systems are based on Debian, now you can return to the statistics that we analyzed earlier and look at it from a slightly different angle.
lecturer: and from them everything branches out, in general, look carefully, stick then go read further lecturer: by the way, ctrl + F works there lecturer:
I would recommend using distributions based on Debian - Debian, Kali Linux, Parrot OS, as well as Fedora, Arch Linux
lecturer: At the end there will be a list with a bunch of Debian distributions and there with a small note
lecturer: Let's talk a little about these operating systems lecturer
: As you already noticed when you got acquainted with the
*.SVG infographics in detail above, the 2 main communities are Debian and RedHat, there are a bunch of others too, but as I
said earlier: “if you have a lesser-known Linux or Unix-like operating system, then you may find that patches are released more
slowly because they don't have huge multi-billion dollar corporations behind them, in which the release of all fixes is on stream."
lecturer: This also applies to support from the community and so on...
lecturer: Fedora Linux is a Linux distribution with one of the largest user communities among other distributions. But it is not as popular as Debian.
There is an opinion among users that Fedora is difficult to use and configure.
lecturer: A significant advantage of this system is that Fedora is only free software.
The Linux operating system is very often considered free software. But this is not 100% true. Although most of the software you use is free, some hardware drivers and firmware are closed source. There are also open source components with a limited license, such as media codecs.
lecturer: At the very beginning of the Linux section, I asked you
read the article that described issues with security and proprietary software, just for this reference.
lecturer: Distribution developers determine how often their users will contact proprietary software. They may include media codecs, video card and network adapter drivers, as well as additional modules, for example, Adobe Flash. It will help
users listen to music, play games and browse the web, but it is proprietary software.
lecturer: Fedora takes a principled position on this issue. This helps avoid lawsuits against Red Hat. Proprietary software is simply not allowed in the repository. The distribution kit will not prevent you from installing such programs, but it will not help you either. You will have to use third party repositories such as RPM Fusion. This is one of the reasons why Fedora is considered difficult. But adding a repository to the system takes a few minutes.
lecturer: But articles like this https://habrahabr.ru/post/337290
are, of course, slightly misleading... Since previously, non-commercial products, as far as I remember, were not subject to such bans. The Fedora Project, although sponsored by Red Cap to develop new technologies, is a non-profit structure and does not make any profit from its activities, as far as I understand. This is all strange.
lecturer: Arch Linux is an independently developed
Linux distribution, optimized for i686 and x86/64 architectures, aimed at experienced Linux users.
lecturer: In general, you need to be a competent user to use this system, you need to be aware of it in advance. It uses Pacman, a proprietary package manager from the creator of Arch Linux. Pacman ensures the installation of
current updates with full control of package dependencies, working on a system of rolling releases or rolling releases. Arch can be installed from a disk image or from an FTP server.
lecturer: Let me explain, a package manager/repository is like the App Store or Google Play from where you can download and install the application or program you need in 2 clicks.
lecturer: The default installation process provides a reliable foundation that allows users to create a custom installation. In addition, the Arch Build System (ABS) utility provided the ability to easily build new packages, modify the configuration of stock packages, and share these packages with other users through the Arch User Repository. It is a lightweight Linux distribution.
It runs primarily free
and open source software and software from the community-supported AUR repository.
lecturer: Ubuntu - To dismiss this question, I’ll immediately say that Ubuntu sends your data to third parties without your consent.
lecturer: If you are an Ubuntu user, and you are using the default settings, every time you start typing Dash (to open an application or search for a file on your computer), your search terms are sent to three different parties, some of whom advertise for you
.
lecturer: By the way, you can remember the situation about Windows which decided to distribute WIndows 10 for free, but in the end it collects all the data supposedly for advertising, that is, all your personal information, etc. In general, I don’t want to repeat myself for this reason, since the bias is not more precisely in her direction, I’ve already talked enough about her, I think about her. If you want more information on this system, at least read the WIndows License Agreement. And your eye will start to twitch)
lecturer: Regarding Ubuntu, in order to prevent sending
data to third parties, you need to follow a series of instructions on this site https://fixubuntu.com/ follow the instructions given here, it shows how to change the necessary settings. Previously, we examined a similar situation using the example of Mac OS X.
lecturer: However, I do not recommend Ubuntu in any case, I am just bringing this up for your interest in the event that you happen to be using this system. Ubuntu is better for privacy and anonymity than Windows or Mac OS X. I recommend Ubuntu to people who have no Linux experience and find the above distributions too difficult to learn for them.
lecturer: There are forks of Ubuntu Mate, it seems to be fixed there
lecturer: Debian is an operating system based on Linux, it is a Linux distribution. It consists entirely of free and open source software, most of which is under the
GNU General Public License. lecturer: The Debian distribution contains more than 51,000
packages of compiled programs that are packaged
in a great format for easy installation on your machine. They are all free. It looks like a tower. At the base is the core, above it are the main tools, then all the programs that you run on the computer. At the top of this tower is Debian, carefully organizing and putting it all together so that all the components can work together. lecturer: With this approach, your system will not
knock on Microsoft home servers.
lecturer: Tails is a Linux distribution based on Debian, created to ensure privacy and anonymity. It is a continuation of the development of Incognito OS. All outgoing connections are wrapped in the anonymous Tor network, and all non-anonymous connections are blocked. The system is designed to boot from LiveCD or LiveUSB and leaves no traces on the machine where it was used. The Tor Project is the main sponsor of TAILS. The operating system is recommended for use by the Free Press Foundation and was also used by Edward Snowden to expose PRISM.
lecturer: Use it only for surfing, for example lecturer: Because you fuck with it, Mama, don’t worry, your ass will burn like hell lecturer: For example, they came
somewhere, stuck a flash drive with their OS, surfed, pulled everything out
lecturer: Kali Linux - GNU/ Linux-LiveCD, resulting from
the merger of WHAX and Auditor Security Collection. The project was created by Mati Aharoni and Max Moser. Designed primarily for safety testing.
lecturer: The predecessor of Kali was BackTrack, created on the basis of several Linux distributions. Originally intended for use on the Slackware OS, and then smoothly moved to Ubuntu. Afterwards Debian became the basis.
lecturer: Parrot OS - An increasingly popular security distribution based on Debian-linux. Quite easy to learn, suitable for both beginners and professionals. This distribution is aimed at both penetration testing and anonymous work on the Internet.
lecturer: Quite a lightweight and effective tool, many security specialists have found in it a replacement for the increasingly
“gluttonous” Kali, especially since Parrot uses Kali repositories for updates. Uses MATE graphics environment and LightDM display manager.
lecturer: In terms of functionality, it is similar to Kali Linux; here, too, a huge amount of special software for security testing is supplied with the system.
lecturer: As you can see, all the systems that I mentioned above are mainly based on Debian in one way or another. ( starting from Ubuntu and below
lecturer: How you handle security updates in Linux will depend on the distribution
you use. I'm going to talk about security updates using Debian and Debian-based systems as an example.
lecturer: Look, here https://wiki.debian.org/Derivatives/Census lists all Debian derivative distributions.Many of them are security-critical operating systems such as Kali, Tails, etc. The Debian project does an excellent job of providing security updates for Debian
lecturer: Here you can read about distributions and other
lecturer: Security is a priority for this project and this operating system
lecturer: If you want to find details of the security problems for which patches are released, then take a look at the information page on Security presented by Debian
lecturer: https://www.debian.org/security
lecturer: If you go down below you will see all the updates, you can click on any update and get more information about that particular update. You can go to the Miter CVE directory and find out more about the vulnerability you select. Here are detailed information about this vulnerability. We see even more details here. And from here we can go to various sources for more information, and in principle, we can even find exploit code for a given vulnerability. We looked at this earlier using the example of the site https://www.cvedetails.com .
lecturer: According to the Debian Project, they process all security issues brought to their attention and fix them within a certain reasonable time frame. They also say that many security alerts are coordinated by other free software vendors and published on the same day as a vulnerability is found, and that they have an internal Security Audit team that searches the archives for new or unpatched security bugs. They also believe that security by hiding doesn't work, and that making information public allows security vulnerabilities to be found, and that's cool.
lecturer: All this is good, which is why I recommend
distributions based on Debian as the main reliable operating system for everyday use when it comes to security, privacy and anonymity.
lecturer: I decided not to give an analysis of an installation example, etc. the only thing you need to understand is that you need to write the installation flash drive in ddimage mode via rufus, for example, and Linux users can use the dd command for this.
lecturer: lecturer: This is what dd image is
lecturer: In order not to simply clog up and make a mess in your head, if there are those people/group of people who have decided to master Linux environment. Install the system, you can contact me directly or, as I said earlier, contact me via correspondence QUESTION /
ANSWER.
lecturer: Where everyone will already advise and help with certain issues, in fact the segment of your actions is similar to when working with Windows and what Payne will tell you, so the installation is perhaps a little different, but everything is the same.
lecturer: There are a lot of videos on YouTube showing an example of installing an operating system, partitioning a disk and other points.
lecturer: Linux is an amazing system that you need to learn to work with and it will become your true friend. It’s like with a pet, once you train it, once you master it, it will be so docile and obedient to you.
Security and anonymity on the Internet. Setting up a virtual machine.
lecturer: Good day, ladies and gentlemen! Today I will give a lecture on the topic “Security and anonymity on the network. Setting up a virtual machine”
lecturer: The lecture will be divided into several parts:
• Security
• Virtual machine and related parameters (analysis of a virtual machine for surfing for communication, analysis of a virtual machine for typing in),
• Storage and circulation of funds
lecturer: During the lecture I will explain basic methods and parameters, as well as give useful links and recommendations. Let's start with the first and main-basic part.
lecturer: Security.
Let's start with the fact that it should already be extremely clear to everyone that everyone should accept as a certain “TABOO” and never do that:
lecturer: Don’t wag your tongue, not on the Internet, not in life. You and I are not engaged in freelancing, therefore no one ever needs to know where you are from, what your name is, how many children you have and any other personal information. It doesn’t matter who asks - a friend or an acquaintance, anyone may not be who they claim to be, and even me. lecturer: As they say: “The personal should remain personal, the work should remain work”
lecturer: Nicknames. Do not use nicknames that you took from your VKontakte ID, Steam, email or any
other service or site. Nicknames used in the white sphere
can bring people out of the gray sphere towards you; it has happened that it was enough to simply google a person’s nickname to find out everything about him and his loved ones.
lecturer: Do not register emails and accounts on your phone number; services providing mailbox services will easily provide information upon request.
To receive SMS, you can use online services, for example:
http://sms-area.org/
lecturer: There are many such services, you can just google them for the query “receive SMS for registration”
lecturer: Mailers, such as gmail.com & hotmail.com can register mail without receiving SMS if the IP has not previously been used in their system. For mail.com SMS is not required.
Do not use personal emails when registering on gray
sites and shops, create separate ones for these purposes. lecturer: You should never think that “I’m not such a big fish that they’ll look for me” - often such people then look for money for lawyers, don’t delude yourself, never neglect safety, because it’s better to sleep peacefully.
lecturer: The next TABOO: never work in the Republic of Uzbekistan/CIS/Ukraine and the entire post-Soviet space. Do not go to such shops, do not use such cards and services - nothing, otherwise the secret services will quickly find you. The news often shows those who worked in their own country - a funny observation.
lecturer: Accept parcels only through intermediaries, forwarding services or drops. Don't put your names out there anywhere.
lecturer: It is better to store Jabber and all other communication tools in a virtual machine; if you store it on the main one, it is better to disable saving history and passwords.
If you value your own ass, its coziness, comfort and integrity, it is better to observe these taboos. lecturer: Use Jabber on secure servers that you can trust
lecturer: Never neglect Guarantor Service, even for small amounts, it is better to save your nerves and money, and lose a little time, than vice versa! It doesn’t
matter whether he’s a tuber, a moderator or a friend - he’s the same person as you, regardless of the number and color of ribbons under a nickname, regardless of reputation, anyone can go all out and start cheating on their own/strangers.
There are a lot of precedents, first of all, learn from the experience of others.
lecturer: Let's start analyzing the virtual machine and related parameters.
I recommend using virtualbox or vmware. Don't forget to enable virtualization in your PC's BIOS - otherwise the virtual machine will not be able to work. lecturer: It will be better if you place the image of
the virtual machine in an encrypted flash drive (or ssd) or container TR. We will crypt with the following software:
a) truecrypt 7.1a b) veracrypt
Both options are interchangeable. Use either a or b. lecturer: Option a - only trucrypt version 7.1a,
the rest are unsafe, and veracrypt is a continuation of the trucrypt family, since the trucrypt was abandoned by the developers. I use option b - veracrypt.
https://veracrypt.codeplex.com/
lecturer: We encrypt a flash drive/ssd, or create a container on a PC, and place a virtual machine image inside the container. Now, before starting the virtual machine, you will first need to open the encrypted container using a password. How to encrypt - you can look in
the help of the program itself or Google it, it is not difficult and requires literally pressing a few buttons.
lecturer: There are two alternative options to containers, namely:
• encrypting the entire hard drive on your computer
• creating a hidden OS
lecturer: With regular containers, the encryption key can be pulled out of the hibernation file and removed from RAM, so we disable hibernation on our computers. But when using a hidden OS, you can put all the information and files in it, and even if you are tortured, you can give out the encryption password from a regular white OS, while the hidden one will peacefully
store your files.
ARKET.COM
lecturer: Encrypting the entire hard drive is a long process (it takes me about 6 hours of encryption for a 1TB drive), but it is a reliable means, since from hibernation, even if it is turned on, you can’t get the keys out, and in order to have time to remove them from RAM, you need to be very try, all that remains is brute force, and here we move on to the next security point, namely passwords.
If the OS is hidden or the disk is encrypted, to start
the system you will need to enter a password into the boot-loader, that is, even before the Windows account password, before turning on the system itself
lecturer: On any forum, page on a social network, mail or hidden container, you must follow the MANDATORY points when choosing a password:
1. Length of at least 15 characters, preferably all 30
2. Upper + lower case, numbers and special characters. An example of a good password: sHO&D=633qwvBB!aC{6} - it will take decades, or even centuries, to crack this password. lecturer: 3. For one forum/shop/site - one unique password.
4. Two-factor authentication - use wherever possible.
5. You can store the password, for example, in keepass or head
lecturer: If you use the same passwords, there is a high probability of hacking everything that is possible.
No one is immune from the leak or sale of a database on some Dedik store, for example.
lecturer: Attackers simply get your password, and then go around all the services/forums and take everything they can.
lecturer: But a strong password is not a panacea, because they can be intercepted directly from your system by attaching a stealer, malware or other virus to it. The solution is trivial and simple
: create a separate virtual machine (any virtual machine) specifically for software and dirty, unverified files.
lecturer: And run everything ONLY on this virtual machine, it’s better to let it suffer than your computer. Following basic hygiene rules is much easier than later losing accounts or paying victims, so don’t be lazy and do it, but you’ll sleep peacefully.
lecturer: The purpose of the virtual machine for you will be divided into two points, namely:
• Surfing, communication, everyday use
• Work, typing in
lecturer: Depending on the purpose, the setup will be divided into two types, let's start with the first, here anonymity and security are more important to us , than the state of the system being ready for driving in, however, the first subparagraph is the same in both cases.
lecturer: List of the minimum required base of programs for surfing and communication:
• VPN. - At least one, ideally doubleVPN. We use VPN from third world countries or at least another continent. The VPN service should NOT log.
When connecting to a VPN, your IP should change to the country you enabled. You can check it here: whoer.net
We install VPN on the main machine lecturer: - TOR Browser
https://www.torproject.org/
If the site has mirrors in the onion zone (in the torus), use these features to maintain greater anonymity!
lecturer: - Jabber / ICQ
Judging by the fact that at the moment you are all reading this in Jabber, there is no point in describing this program, but take a couple of recommendations into account:
lecturer: 1. Don’t be a toad! They’ll start being abusive, they’ll start spamming, and this will cause more headaches, and no one needs that.
If you really want to, create a separate jabber account for public display .
lecturer: 2. OTR encryption. In the PSI+ jabber client it is enabled in the plugins, for Pidgin it is downloaded and installed, there should be no problems. Neg - encryption, making the communication space more secure. It is also available for ICQ. I don't recommend using Skype, it's not secure.
lecturer: Also replace your DNS in the system, for example, with Google's http://support.li.ru/google-dns/win7/
You can also register them in the router. For greater effect, you can use DNSCrypt software - take note and familiarize yourself with the functions on the Internet. lecturer: - Browser for surfing (I recommend firefox) - disable webrtc. WebRTC allows third-party users to immediately determine the IP address of a network user, bypassing the software barriers of VPN, TOR, SOCKS and other network defenders
https://whoer.net/blog/article/kak-otklyuchit-webrtc-v-raznyx-brauzerax/
>
lecturer: - If you use socks or tunnels, then proxifer+plinker. We won’t go into details; there is a lot of information on these two programs on the forum.
lecturer: - You can also close the Internet through a firewall so that if the VPN fails on the virtual machine, there is no access to the network and your real IP does not leak. Some VPN clients have this feature, or you can tinker with the firewall.
lecturer: Parameters of the virtual machine for driving in: For driving in, you can use any virtual
machine, it all depends on your needs and shops.
lecturer: But I will still name the necessary software for work and the parameters, let’s get started.
lecturer: 0. VPN, we talked about this earlier.
lecturer: We select IP using an SSH tunnel and SOCKS5.
An SSH tunnel is a tunnel created over an SSH connection and used to encrypt tunneled data. Used to secure data transmission on the Internet
Socks5 allows you to create a chain of several servers, thereby achieving anonymity on the network.
lecturer: 1. Brazury. Firefox with WebRTS substitution, Chrome with WebRTS disabled, and several portable
Chrome/Firefox browsers.
You can replace webrtc using this extension:
If you want to use chrome, install the WebRTC leak prevent extension or replace webrtc in other ways (available on the forum)
lecturer: 2. Software for using tunnels and socks: proxifer and plinker/bitvise
3. Teamviewer (on a virtual machine and on your main machine) (optional)
4. NotePad++ for temporary records
5. If there is and if needed - anti-detect lecturer: Parameters: Let's start with the parameters of the IP address (Dedik/tunnel/Sox) lecturer: Negative parameters:
• Two-way ping and affiliation to the hosting provider
Belonging to the hoster = ip is in the cloud, it is better not to use such IPs in your work.
lecturer: Two-way ping detects tunnels, socks, VPNs by ping, I tried large merch with it, but this is still a negative parameter, the solution is to search the VPN country or put TOR in front of the tunnel, if that doesn’t help, replace the IP.
lecturer: - DNS - not the IP country, rather has a negative effect (but not critical), and there is a lot of information on the forum about this.
lecturer: - Flash, uptime, OS.
If you wish, you can install a flash, but now not all real users have it.
lecturer: Uptime - the time of uninterrupted operation of your IP, it’s strange if your IP has been working without interruption for several months, isn’t it?
lecturer: The system time (timezone) must match the time of the IP address.
lecturer: OS - prevalence, everyday life and trust. For example, most ordinary users use Windows. The same xp will add more fraud for the reason that the system is outdated, so win10 is the opposite, more trust. The golden mean is Win7.
lecturer: Windows and browsers should be in English, it’s all scorched. But if at the same time some program in the system is in Russian, there’s nothing
wrong with that, antifraud will not be able to detect it through the browser. (Flash should be in eng)
lecturer: ProxyScore + Riskscore ip - antifraud systems pay attention to this, so try take with zero or minimal indicators. Some services for selling access (socks/tunnel/dedic) provide this service directly within the service.
lecturer: Open ports (8080, 8081, 3128, 80, 81 and so on): this is not always a negative parameter, since this is a really common misconception, let’s classify it as a neutral parameter.
lecturer: Some anonymity checking sites scan IPs and believe that if some port is open, then the IP is a proxy and reduce its anonymity. But in reality this is not so, most of these IPs are just the web admin of the router. If it were so easy to make proxies through such admin panels, they would be made in the millions, you can check it yourself.
lecturer: Since mass port scanning
is prohibited in many countries, large merchants, instead of port scanning, turn to services such as maxmind, which in turn provides services such as maxmind fraud check & maxmind geo check api, so if any then the service shows open ports at the IP address (for example whoer or 2ip.ru), this in most cases is not a negative indicator. And even if such services show good results, it is not a fact that you will be able to drive something from this IP address later. lecturer: In my practice, large merchants have repeatedly
successfully passed orders from IP addresses, where anonymity checking sites found open ports and thereby identified the IP as a proxy. Based on this, I dare to suggest that open ports are not always bad, and you shouldn’t get hung up on this, especially since without actually owning the IP address, you won’t be able to do anything about it. But if you wish, you can select IP addresses without ports, or with open 80 - it is acceptable in any case, since it is natural.
lecturer: It is better to select the geolocation of the IP address as close as possible to the zip code of the card holder. For example, if the card holder has zip code 85012, you need an IP with zip code 85012 or 8501* - that is, as close as
possible.
lecturer: Before typing in, you can surf on popular sites like youtube/amazon/facebook and others; some serious anti-fraud agents can burn your browser history. It’s strange when a person with an empty browser history rushes off to buy Gifts worth a thousand dollars, isn’t it?
lecturer: AntiFroud can also see tabname - open tabs in the browser at the moment, and determine which site the person came from. (And for what request) lecturer: - Audiofingerprint - audio fingerprint, a relatively serious protection system. We look at various articles on this topic, not everyone uses it.
lecturer: Serious merch can also check sites according to the list on which you are logged in (https://browserleaks.com/social - you can check here,
For example). In practice, if Facebook is logged in, for example, this is a plus, but not critical.
lecturer: To randomize fingerprints (system fingerprints) when entering into one merch/shop, you can do the following:
• Change browsers, change browser versions
• Change fonts in the system, screen resolution lecturer: - Enter or import cookies
• Plugins and extensions in the browser.
• Change the system
lecturer: Speaking of extensions, merch cannot directly see extensions installed in the browser, but they can send a request to the browser like “Is an extension with such and such an id installed.” Thus, merch can detect certain extensions, such as, for example, CanvasDefender.
A way around this is to replace the extension id (Google it) or simply NOT install it in the browser.
lecturer: And of course, we don’t use the same variables for several entries, for example emails. lecturer: When checking your IP location (geolocation), try not to rely on whoer.net - it has an outdated maxmind geo database, use the ip-score and maxmind sites.
lecturer: Several sites of my own to check the system and ip:
whatleaks.com - check everything, including timezone 2ip.ru/privacy - check ports, two-way ping, hosting provider and other things
whoer.net - visit this site less, it’s very nerdy, absolutely all merch of medium and higher levels has an extremely negative attitude towards the cookies of this site + in some cases, visiting this site will drive the Sox/ssh IP into the maxmind fraud check database.
https://www.maxmind.com/en/home?rId=iplocation - IP geolocation directly from maxmind. Of course, the accuracy of the paid and free databases varies, but in my practice, in 75% of cases you should trust this site.
browserleaks.com ip-score.com noc.to Copy this list of sites for yourself
lecturer: Where to store, how to withdraw your earned money?
Of course bSitcToinY!
lecturer: Recommended wallets:
https://blockchain.info/ru/wallet/ bitcoin core
lecturer: Personally, I use the first one. On the forum, in the “Cryptocurrency” section, you can find lists of wallets and independently study and choose what suits you best. You should not keep money in Bitcoin permanently, as the rate can either rise or fall. Therefore, evaluate your risks and desires yourself.
lecturer: Qiwi - not everyone accepts payment, but it is possible as one of the options.
Pros of qiwi: Possibility of direct withdrawal to the card, if you do not show the phone number, it is almost impossible to steal
lecturer: Cons: the wallet can be blocked by the Russian
payment system, which means it will give out any data upon request, therefore I strongly recommend that if you use qiwi, then only in following format:
lecturer: - Left SIM card, possibly virtual
• Left email
• Transfer money if possible with qiwi vouchers (eggs)
lecturer: - Do not use your phone, buy a left one or use a virtual SIM.
• Output only to the drop card.
• Do not use your IP and computer (you can use a virtual one) lecturer: Options for withdrawing money from online to real life, if everything is clear with Qiwi, then with Bitcoin it is more complicated, namely S: TYXMARKET.COM
•
Exchangers
. Through the exchanger you can exchange money from Bitcoin to a card or Qiwi, or bank.
lecturer: - Withdrawal directly to cash. There are exchangers that provide such a service.
• https://localbitcoins.net - a kind of exchanger, you are looking for money changers with good reviews.
lecturer: The fact that Bitcoin is anonymous is a myth and a misconception, all transactions in the blockchain are clear at a glance, they are easy to track, you just don’t need any personal data for registration. Therefore, to maintain the anonymity of funds, I recommend using Bitcoin mixers. (look at the forum, section Cryptocurrency)
lecturer: In addition to online security, there is also offline security, I dare to recommend my article on this topic:
Cards
lecturer: Hello everyone, today is a lecture on CC - let's go lecturer: Each of you has encountered CC in one way or another in your life , but it was in a slightly different “key” lecturer: The first thing a beginner in this business should study is, of course, information about credit cards, in other words, cardboard / CC lecturer: Credit card (CC) is a credit card, cardboard
, potatoes, etc.
lecturer: First of all, we need to find cardboard. The easiest option is to buy it from the seller
lecturer: When purchasing, you will receive cardboard in approximately this format: 4306651004564350 | 10/10 | 826 | Richard Lang | 56 Groveview Cir | Rochester | 14612| NY | USA | 661-298-0881 (The format varies for each seller)
lecturer: 4306651004564350 - Credit card number. 10/10 (10 month / 10 year) - Card expiration date. 826 - Card security code CVV/CVV2
Richard Lang – First and Last Name (Name, Last Name) 56 Groveview Cir – Address
Rochester – City 14612 – Zip code NY (New York) – State USA – Country
661-298-0881 - Telephone
lecturer: BIN - bank Identification Number - the first 6 digits in
the credit card number, the identifier of the bank that issued the card
lecturer: each banking organization has its own unique number. You can find information on each card in the services through a search. We make a request in Google, bin check and then follow the links and enter our first 6 digits
lecturer: For example, card 4306651004564350, where 430665 is the number of the bank that issued the card
lecturer: 10/10 - exp (card expiration date) 09 month 10 year lecturer: 826 - cvv (secret code)
lecturer: Richard Lang - cardholder name
lecturer: 56SGTrovYeviXewMCir A- Ritska street (sEtreTet).lSector: MRochester -
lecturer: NY - state
lecturer: 14612 - zip code ) lecturer: US - country (coutry)
lecturer: 661-298-0881- PHONE NUMBER (Phone) lecturer: You can also add SSN, DL, MMN, DOB to USA CC (you will study this information in other lectures)
lecturer: For additional $ you can enter additional information
OB - date of birth SSN - social security number MMN - Mothers Middle Name (mother's middle name, so to speak)lecturer: let's talk about the types of SS lecturer: most often used
Visa, MasterCard, American Express, Discover
lecturer: Numbers Visa credit cards start with the number 4,
they have protection called Verified by Visa (VBV) 3-digit CVV code
lecturer: Verified by Visa (VBV) - used to protect Visa card numbers from unauthorized use. Simply put, the holder has a code that he will have to enter when purchasing something
lecturer: MasterCard credit card numbers start with the number 5, they have protection called MasterCard SecureCode (MCSC) 3-digit CVV code
MasterCard SecureCode - the principle of operation is the same as that of VBV
lecturer: American Express starts with the number 3 and already has
a 4-digit CTVVY code
MARKET.COM
lecturer: Discover starts with the number 6 3-digit CVV code lecturer: further we will talk about the types and levels of CC
there are 3 types of cards - credit, debit, prepaid
lecturer: credit card, which can be used to buy on credit, those. not having enough money in the account.
The size of the loan is determined by the issuing bank
lecturer: debit card, which can be used only up to the amount available in the account lecturer: prepaid card with a prepaid amount - a smart card that stores electronic money paid in advance by the card owner
lecturer: the prepaid card is not personalized, that
is, it will not indicate the owner’s first and last name, this is the main advantage of prepaid bank cards;
it can be used to pay both in real and online stores. The card limit is limited only by the amount that is on it
lecturer: Let's go through the card levels, from classic to black. The higher the category of the card, the higher its service cost, and the richer its owners, the more money it can hold lecturer
: There are cards of the classic category, gold, platinum and higher cards, such as MasterCard Black Edition or Visa Black . As the card category increases, the credit limits on it increase. For example, the credit limit on a classic card can be $1k, so on a platinum level credit card the credit limit can be $10k+
lecturer: For work, I advise you to take credit and
debit cards from the gold level and higher, namely the common gold, platinum, signature, world, black The probability of meeting the latter is low. In the USA they are not issued like we have Tinkovs, etc.
lecturer: Each credit company (American Express, MasterCard and Visa) calls their higher-level credit cards a little differently
lecturer: For American Express it’s BLACK| The card is positioned as a symbol of the holder's belonging to the top of society and can only be issued to a person who has the appropriate social
status
with MasterCard - this is World Signia | Credit card of the highest category in the product line from MasterCard with the owner’s personal signature “gold” on the front side
for Visa this is a Black Card - this level has an increased level of security that prevents the possibility of unauthorized access to funds lecturer: the most premium SS, those listed above, are owned by a special caste of people on the planet, they are also “masons” joke, this level has higher credit limits and there are no limits on spending, such cards are very difficult to find and they will be very expensive, they are most likely only for professionals
lecturer: next we’ll talk about how payment is made with SS lecturer
: The process of paying with a credit card on the Internet is not as simple as it seems on the Internet first glance
lecturer: while you press the confirm button, a bunch of processes happen. Responsible for these processes is the bank's processing center lecturer: The processing center is a high-tech system for processing payments on bank cards in the field of e-commerce lecturer: the main task of the processing center is to
provide shops with the opportunity to accept payments by credit cards
lecturer: In addition, the processing center coordinates settlements between the bank -card issuer,
acquiring bank (authorizing transactions), shop and card holder
lecturer: Acquiring bank - a bank that provides the store with services for processing card payments
lecturer: Issuing bank - the bank that issued the card with which the buyer is trying to pay for the goods
lecturer: Process payment for goods/services using a credit card looks like this: you place an order on the shop’s website and select payment using a credit card
lecturer: the shop will redirect the buyer to a secure payment form of the processing center, on the secure payment form you indicate information about the credit card,
the processing center confirms the status and shop parameters in the system
and also checks the generated request for compliance with established requirements and system restrictions and transmits the generated request for authorization to the acquiring bank that
carries out authorization for the payment, having received a request for authorization of the transaction, the acquiring bank sends it to the appropriate payment system (Visa, MasterCard etc.)
lecturer: the payment system determines the issuing bank that issued the credit card, and then sends a request for authorization to the bank’s processing center
lecturer: After the issuing bank has confirmed the authorization of the payment, the processing center sends a positive result to the store authorization
lecturer: and he, in turn, notifies you about the successful
payment of the order. This is a complex process that happens after you click on the pay button
lecturer: What does the shop do in turn when it accepts payment?
lecturer: when all the points described above have been successful and you see that the payment has been accepted, the shop takes the order for processing. Processing
consists of manually checking the order, clarifying the order details of the spike address (not always), when clarifying the details, the shop makes a call to the specified number in the order for confirming the order
lecturer: This is why it is advisable to write a number to which you can receive a call
lecturer: After clarifying all the details, the shop begins to prepare goods for deliveryAvkiRKET.COM lecturer: If you enter Egypt, then delivery is carried out immediately after verification, if you enter stuff, they can send it both on the same day and on the next
lecturer: You should not enter the stuff on Friday, since the transfer of the stuff for delivery will be carried out only on Monday
lecturer: After transferring the stuff for delivery, you will receive a tracking number by mail or in your personal account of the store( tracking number)
lecturer: As a rule, this is a set of letters and numbers by which you can track where your goods are located lecturer
: Next, you simply follow your goods by tracking number and are happy when it is delivered, but it may happen
when the card holder sees that the money has been withdrawn from the card, in this case he calls the bank
lecturer: He, in turn, makes a call to the store and reports that the purchase was made fraudulently
lecturer: In the tracking number in this case it will be written that the sender requested a return of the goods. In this case, don’t be upset and try to enter a new order with a new CC and you will certainly be lucky!
lecturer: next we will talk about what measures the store takes when paying with CC
lecturer: The store also checks the order with an anti-fraud system to exclude all kinds of fraudulent manipulations with bank cards lecturer: ANTI-FRAUDXPRMEDSTAAVRLYAEKT IEZ SETSIMUM which analyzes your actions on the Internet on the subject of fraud
lecturer: over many years he has formed a portrait of fraudulent actions and actions of real cardholders
lecturer: the system begins to analyze you from the very first moment, as soon as you enter the site
lecturer: she looks at whether you logged in from a browser or from a mobile application, looks at what you bought, when you bought it, how often you bought it
lecturer: looks at your IP address, cookies that include the http session identifier, etc.
lecturer: combines all this information and analyzes it with the actions of the holder
Your task is to adapt as much as possible to the card holders, for this you need to warm up the shop, I will talk about this at the next lecture, which will be on Thursday, February 15
lecturer: after warming up the shop, carefully type in all the data, you spend your monthly salary on buying an expensive laptop
lecturer: Vryatli shop will believe that you just came in and spent the monthly salary of an ordinary American
lecturer: As a rule, if you are burned, they will not immediately allow you to pay for the goods. In this case, there is no need to despair and throw away the CC, since the information may not have reached the bank and you will be locked up at UkroevneTsh.ospa OM
lecturer: In this case, we write/call the shop and say that I tried to buy a laptop from you, but something didn’t work out, lecturer : Don’t forget, you are an American who has long wanted to buy a laptop, but they didn’t give it to you.
lecturer: In the shop they will tell you why you can’t place an order. Whether you haven’t gone through the shop’s anti-fraud system, or the bank has blocked your transaction
lecturer: In the first case, you can find out how you can still place an order, you will be offered solutions, you can choose
lecturer: If the bank has blocked it, it’s easier to throw out the ss than to make a call to the bank, since there is a very strict identification process that cannot be passed.
Mediators
lecturer: Hello everyone,
lecturer: Today's lecture will consist of 2 parts: Mediators and drops
lecturer: Part 1 Mediators
lecturer: Mediators is a logistics company that delivers goods from one country to another. Mediator is used in 2 cases: when the store does not have international delivery, and when you just want to consolidate packages.
lecturer: Intermediaries were created not for us carders, but for ordinary people who want to order some kind of product from the USA
lecturer: KSpritmeyrukhveMshchi A iz grepaki OTHER, who
do not have delivery to other countries except the USA.
lecturer: There are also intermediaries in Europe, but they are not used so often.
lecturer: Pack consolidation is the process of combining several parcels into one to reduce delivery costs. Consolidation conditions must be clarified with the intermediaries by reading the relevant sections of the site. lecturer: At the moment, a lot of mediators have been abandoned, so you need to look for your mediator
lecturer: How to find “your mediator” lecturer: You can only find your mediator
experimentally, by sending packs there, and looking at the mediator’s reaction. Here are the main points you need to pay attention to.
1. Drive in stages. We made 1-2 drives,
waited for delivery, and saw how the agent reacted. They sent it to themselves.
2. Use different types of entries for different accounts. That is, on the 1st acc in the middle we drive in from the SS, on the second from the e-gift, on the 3rd acc in the middle we drive in from a stick, and so on. This is done in order to understand what the medium likes and what it doesn’t.
Because some intermediaries calmly accept packs inserted from CC, others can lock your account for this. Some of the mediators are happy to accept packs downloaded from e-gifts, but others are not. Therefore, it is very important to create several accounts at the first stage, and when some of the accounts are blocked, you will know why.
3. Avoid intermediaries that require credit cards or money transfers for payment. Personally, I prefer intermediaries that accept payments from BTS or PayPal. It often happens that when paying an intermediary with “your card”, the stuff must also be made from the same card,
which is impossible. The money transfers are understandable here. This is pale. It is better to avoid such intermediaries immediately. lecturer: 4. Pay special attention to intermediary tariffs (acceptance, storage, forwarding). It happens that acceptance of a pack is free, but the cost for storing the pack begins to accrue the next day. Or vice versa - Acceptance is paid and expensive, and storage is free. The best solution for us is an intermediary where acceptance of the pack is free and the free storage period ranges from 30 to 60 days.
lecturer: 5. Carefully study the mediator’s rules for
accepting packages. Usually they write why they are accepted and why they are not, and what documents are required when receiving and when sending packages.
lecturer: We have found an intermediary that suits the conditions, we proceed to registration and obtaining an address. lecturer: Intermediaries come with or without a personal account.
lecturer: In mediums with a personal account, the package is identified by a personal number, usually it is written in the address and upon delivery you need to write this number. lecturer: Accordingly, the seller sees that these are large numbers, and that this is an intermediary
lecturer: In this case, it would be optimal to write it as an office number, for example.
lecturer: The second type is based on the environment that you don’t want
lecturer: The warehouse address is simply written there without any personal numbers.
lecturer: In this case, the pack is identified by the First and Last Name on the pack.
lecturer: So, how do we register an intermediary? lecturer: The first thing you need, but not necessarily, is to buy a set of documents.
lecturer: I usually don’t do this, because my intermediary never requires it.
lecturer: But it’s better to do it.
lecturer: What is included in the set of documents. lecturer:
Passport, main page and registration page
, SNILS, documents confirming the address of your residence, usually bills for housing and communal services.
lecturer: Finding someone who draws this is quite difficult, but when your pack hangs in the middle, the fart starts to burn
lecturer: Next, again, as a recommendation, create a UPS of the country where the spike will be, and perform all manipulations with the middleware from this Dedik .
lecturer: Again, I don’t do this, I go to the medium directly from VPN Usa, from different IP addresses and everything is fine. lecturer: So, we’ve stepped into the middle, what do we see first?
lecturer: As a rule, intermediaries have several addresses in the USA
lecturer: Warehouses in New Jersey, warehouses in Delaware, sometimes
in California
lecturer: It’s better to send to Delaware.
lecturer: This state is tax-free and you won’t have to pay extra for the goods.
lecturer: We got the address. The address will look like: lecturer: First Name Last Name
600 Markley St. Suite 107451 Port Reading, NJ 07064 lecturer: So, the first line is clear, when placing an order in the online store, we write the name in First Name lecturer: Last name in Last Name lecturer:
In Adress line 1 we write lecturer: 600 Markley St. lecturer: To the address of line 2 we write lecturer: Suite 107451
lecturer: Actually this is my edited address, suite is an office, the numbers after it are a personal identifier on the middle.
lecturer: Port Reading is a city lecturer: NJ - New Jersey state lecturer: last 5 digits are zip
lecturer: Many intermediaries have a button to add an order lecturer: This means that if you received a track from the seller, you can add the pack to your personal account. This will speed up the processing of the pack by the middleware.
lecturer: Further advice on working with intermediaries. lecturer: 1. Do not send a million packs immediately after registering an account
. Leave for a week, preferably 2. Send 1-2 packs per week. And gradually increase the amount. The swing rule works here, as in many other topics. No normal person will send 10 iPhones, 25 Playstations, and the same number of watches to an account in a week. Pay special attention to this. lecturer: 2. Clearly study the rules of operation of intermediaries, this will avoid the loss of packs. Read the FAQ pages or the rules for accepting and sending parcels - most of your questions will immediately disappear and you will save a lot of time.
lecturer: 3. Do not overload the media with expensive packs. It’s better to create several accounts and send a little to each. No normal person will buy 10 iPhones in 10 days. Remember this. This is the same office that we run, so we must behave accordingly.
lecturer: 4. Do not use a medium to drive in expensive equipment, it is better to use a drop. This way you won’t kill your account in case of a charge. According to statistics, middlemen are killed either by a ton of cheap stuff or by expensive stuff.
Accounts that accept mid-priced products live the longest in terms of experience.
lecturer: 5. When entering, indicate the Skype phone number or GV. You should not write the phone number of the agent or holder. That is, in the shipping address column, we write either the GV number (Google Voice) or Skype. This way we reduce the falsity of our actions, and we can always accept a call, or simply find out that there was one.
lecturer: Recommendations for sending goods to yourself: 1. Do not exceed the customs limit (for Russia) 1000 EUR or 1200 USD per month - for one package. That is, if you indicated that the stuff in the pack is worth 1200 bucks, then this month you will no longer be able to send a pack to the same name. He will get stuck at customs, and in the end he will come with a customs
notification; everything over the limit will have to pay 35% of the cost. In connection with recent events, in 80% of cases, to send
packages to RU, intermediaries ask for the recipient’s TIN / SNILS, which is why I talked about purchasing a full set of documents. But since We don’t know how many hands they may be in, the best thing is to agree with your drunk neighbor that he will accept your packs, and take all the documents from him. Trust a bottle of good whiskey - it will do everything)
lecturer: Let's continue
lecturer: 2. Always underestimate the cost of goods for clothes. For example, if you are sending Nike sneakers for 300 bucks, write that the sneakers are NyFi and indicate the cost of 30-40 bucks. I always do this. The same applies to bags,
pants, and, in general, all duffel items. It always rolls. Because no one will bother and set a clear price for a duffel bag. Just don’t write that the clothes are fake or replica, such categories of goods are very strictly regulated for import into the customs union + 90% of intermediaries don’t like this either. Therefore, it is better to write a non-existent brand, or find sneakers on the Internet for this amount and write that it is them.
lecturer: 3. As for the watch, please tear
the box apart and send the watch separately, the box separately. But it’s best to send the watch together with the rest of the stuff. When there are 10-15-20 positions in a pack, in my experience such packs pass through customs much easier than when there are 1-2 positions in a pack.
lecturer: 4. As for jewelry, we write that it is costume jewelry. And you shouldn’t put too much in a pack. It is better to send the chain separately, the ring separately. I recommend sending the jewelry with a bunch of clothes, there is less chance of being burned by customs. Although, precious metals still scorch well with X-rays. so it’s better not to be impudent, don’t send a 15 kilogram package containing 1kg of gold - it will 100% not pass customs)
lecturer: 5. Send equipment 2-3 items per package. For example, 1 iPhone + 1 PSP + 1 video card. There is no need to cram 10 items of all products into 1 pack. Remember that if there are 5 or more identical positions in a pack, you will fall under a commercial batch, and then you will lose the pack. Since they will ask for invoices, account statements, etc. That’s why I always throw sweaters,
jackets, and pants on my equipment. The more bullshit, the better. This is my experience, this may not suit you, but try it anyway.
lecturer: 6. Do not accumulate packs in the middle, especially valuable ones. Your iPhone/iPad/Rolex has arrived, send it right away. It's better to pay an extra 60 bucks for shipping than to lose everything. That is, when entering the middle, look at the delivery date and estimate the approximate time frame. For example, you type in an iPhone, shipping takes 3-5 days, which means next Wednesday it will be in the middle, so today they added a couple more things with the same shipping. The next Wednesday - Thursday the stuff arrived, for example 5 positions of something - that's it, pressed the button to send the pack, paid - we're waiting. There’s no need to pack for months... it won’t lead to anything good.
lecturer: 7. Pay the intermediary only with your own money.
NO CARGE. Don't saw the branch you're sitting on. We made an acc stick or VSS kiwi, threw money into the SS
• paid. From 50-100 bucks, our wallet will not get any thinner, and the account will serve you for a very long time. Personally, my account in the middle has been live for a year and 2 months, and everything is fine, everything is fine.
lecturer: Useful links:
lecturer: I also recommend using drops for receiving packs in ru.
lecturer: There is a paydrop person on the forum, he accepts packages in Rostov-on-Don, and the cost of admission is usually 800-1k rubles
lecturer: Much more reliable, but also more expensive than the drunkard’s neighbor. lecturer: So, we’re done with the middles.
lecturer: Next come the drops
lecturer: Drops are ordinary people who accept your packs. There are 2 types of drops: adjustable and non-adjustable.
lecturer: Fraudulent drops are drops that do not know that they accept parcels. There is always the possibility of missing drops with parcels. Such drops are searched, for example, on job sites or similar offices. Usually they don’t send expensive packs for such drops. The lifespan of such drops is 10-15 days. The cost of accepting parcels in such drops is usually 50-70 bucks. lecturer: Non-adjustable drops are a type of drops that are clearly aware of the risks they are taking. The risk of losing packs is minimized. Such drops receive a good salary and the lifespan of drops is on average 2-3 months. However, they most often have slightly different operating rules. You can learn more about the rules from drop services that provide drop services. The cost of admission is usually 70-100 dollars or% of the cost of the pack. lecturer: Recently, drop services have begun to work stingily, that is, they accept packs and pay you your %. Different drop services have different types of goods accepted and,
accordingly, different percentages. For liquidated Apple equipment they can give up to 55%. By driving the stuff to be stingy, it will save you from the problem of delivering goods to the Republic of Uzbekistan and selling them, and will help you
earn money much faster. However, the amount of earnings will be much lower than if you brought the stuff to yourself and sold it to RU.
lecturer: If you sent the goods for sale, on average a week passes from the moment the pack is sent for drop until payment is received. And if you send the goods to an intermediary and want to sell them in RU, on average it will take 4-5 weeks. Here it’s up to you to decide whether it’s quick and small, or long and big. lecturer: As soon as the drops receive the package, the drop service requires a label to send it to the middleman.
lecturer: A label is something like a postal form. That is
a piece of paper that says who it was sent from, what address it is coming from, who it is addressed to and to what address. Such labels can be ordered on the forum from the relevant sellers. Usually a karzh label costs about 5-10 bucks, if the label is white, the price can reach 500 dollars. Most often, white labels are used to send packs directly to the RU, in order to ensure smooth passage of packs through all authorities.
lecturer: An example of a label can be seen here:
http://prntscr.com/iekzf5 lecturer: 1 – Sender’s full name 2 – Sender’s street
3 – City / State / Sender’s zip code 4 – Recipient’s full name
5 – Recipient’s street
6 - City / State / Zip code recipient 7 – Date of dispatch
8 – Weight of parcel 9 – Date of delivery
10 – Track number of parcel.
Warming up the shops
lecturer: Hello everyone
lecturer: I would like to divide my lecture into 3 main parts:
1. I will tell you about warming up the shops.
2. I’ll tell you about the productions for the series.
3. I’ll tell you a little about reroutes.
lecturer: Let's start by giving a definition of what warming up the shops is. Warming up is a call to the store before ordering, the purpose of which is to win over the subs and accordingly increase the chances of sending the pack. lecturer: warm-ups are carried out mainly in two
ways: 1. Through ringing. 2. Live chat. Well, or the most wooden way, in my opinion, is through email lecturer: let's start with life lecturer
: in general I think that this is not the most effective way, but it still has a place to be
lecturer: firstly, due to the fact that the sapiens do not communicate with you live, they don’t hear you and can’t understand who’s sitting on the other end, so you don’t inspire
much confidence in them
. lecturer: secondly, live chats are usually only available in smaller shops, where your conversation will simply get lost among hundreds of others and you won’t attract any attention to yourself
lecturer: live chat is good when you need to check something in an order, but you can’t call or don’t want to pay money for calling, or if you really want to know something specific about a product, but it’s not very
effective for warming up (at least in my experience it’s hard for me to judge this)
lecturer: in addition, if you do not have a very high level of English, this can play a cruel joke on you, since some subs may pay attention to your writing of the text, your literacy and compliance with the rules of grammar, relatively speaking, if you place an order from some John Jones, and write with phrases like I am don't know, then you will at least confuse the agent
lecturer: so I don’t recommend using Google translator
to compose letters or communicate with saps if you are not confident in your abilities
lecturer: I’ll tell you further about a more effective method of warming up
lecturer: warming up over the phone
lecturer: this also has its own nuances,
let’s say warming up large stores where dozens/hundreds of saps are located, in my opinion is not very effective. in this case, it is better to request a call after
the entry itself, since the sap will be able to make notes that the buyer called and was interested in the status of the order lecturer: if you do this before the order, then the sap simply will have nowhere to make notes lecturer: and this can help you speed
up processing of your order, but you may be asked to call again for verification
lecturer: that is, such a warm-up call does not replace a verification call, if one is required lecturer: next I’ll tell you about warming up small shops lecturer: I usually divide the warm-up of such shops by 2 kind of
lecturer: 1. I pretend to be a hose and ask a bunch of questions to the sub.
lecturer: this is suitable, for example, for calling small shops with electronics/clothes, you can ask about the characteristics of a particular product
lecturer: ask for the availability of characteristics, etc. lecturer: ask questions about delivery speed, etc.
lecturer: roughly speaking, we are just pretending to be typical American consumer
lecturer: this will work especially well in shops where the sap with whom you are talking will be responsible for sending the goods and processing the order
lecturer: 2. The second case is somewhat more complicated lecturer: This case is related to stores selling something specialized, for example musical instruments, professional equipment, auto parts.
lecturer: here it is important to understand the specifics of the product, its
purpose, otherwise warming up will not make sense, otherwise you will fall down
lecturer: If you buy spare parts, it is important to understand what they are for and for what brand.
lecturer: I often call a shop with musical instruments, especially guitars,
since I understand this quite well, this plays a good role, because when communicating with me, the SAP begins to trust and, accordingly, processes the order faster and more willingly. lecturer: I also want to touch on the topic of warming up shops for sending to different ships
lecturer: Americans are very responsive people and you can play on this responsiveness to come up with a legend
for sending different bids/ships
ET.COM
lecturer: Don’t try to push through a legend about that you are sending a package to your mom/dad/brother while you are visiting them, this is all nonsense that will not help you
lecturer: disasters happen very often in the states, mainly in the south
lecturer: this is what you should play on
lecturer: therefore, sometimes to create a legend, I use these events to inspire confidence in myself, for example, regular hurricanes occur in Louisiana, or Florida, or Alabama, or anywhere
lecturer: and let’s say we just have a lecturer from those places: but you need to hiss, for example in Oregon or Washington
lecturer: if you explain to the glander that you, fleeing hurricanes and rainstorms, went to relatives on the other side of the country
and did not take something vital and are now trying to buy it, then your chances of sending the goods increase significantly
lecturer: if let’s say nothing like this is happening in the USA at the moment, you can tell a legend about how termites ate your house, or how you got healthy cockroaches, which you just poisoned and now you can’t return home, since everything there has not yet disappeared this rubbish
lecturer: Americans empathize very much in such cases lecturer: Forget about the legends about: he went to his relatives, to his mother, etc. this is already ineffective, the more complex and hopeless your situation, the greater the chance
lecturer: I’ll sum up the warming up lecturer
: Warming up is still not a panacea, even for small shops, believe me, there is probably not a single shop left in the USA that would not suffer from fraud , therefore, shops take all orders very, very seriously, so don’t be surprised if even after warming up, they refuse to send you, this is a normal process, not all shops do this, but if you approach warming up correctly, you will remain in +, the main thing you to find the ideal scheme according to which you will work
lecturer: Next I would like to tell you about order verification
lecturer: Very often, after entering, you will receive messages - call us to confirm the purchase or something similar
lecturer: some shops, not wanting to send an order, but afraid of
running into a real holder, say that they could not verify the details of the transaction with the bank
lecturer: I’m sure that some shops are stupidly afraid to send your order, for some reason (fraud marked, the IP is far from billing, the IP is in black), but they are afraid of accidentally running into a real person, that’s why they write such nonsense lecturer
: several times I was able to get such packs
lecturer: but 98% of such cases end not in your favor
lecturer: And in some cases the billing really does not match
lecturer: here you can try to call the bank
(first, at least punching ext and ssn, without this don’t even try) and try to resolve the situation with billing
lecturer: but again, it’s very unlikely that you and the bank will be able to solve anything if you don’t know what the real billing is (you can point your finger at the sky by breaking through the bg and look at the last address kh, but this is very expensive and an unjustified risk)
lecturer: but in fact, it’s easier to type in another place and see what happens there
lecturer: Now let’s look at the questions that SAPs ask for verification lecturer
: basically SAPS check the same thing, email, 4 digits ss , billing/shipping address
lecturer: but they may ask tricky questions lecturer
: in many shops they may ask tricky questions, for example, the name and support telephone number of your bank, which is written on the back lecturer: or the nearest street to your address (by the way, I recommend it before every call open the address in Google Maps to be able to respond). in general
, there can be a great many questions with a trick, you can’t provide for everything, however, at a minimum, searching for the address of the kh in Google Maps will allow you to answer many questions that
the lecturer may ask you: 1. Full name. Holder:
2. Em@il Holder:
3. CC data:
4. Billing (holder address): -
5. ShippinSg (TadrYesXdoMstavAkiR): -
KET.COM
6. SSN\DOB\Number of years (if information is available)
7. Website where the order was entered or where the order should be made: -
8. Order number:
9. Date and time of the order:
10. Name of the product (link to the product)
10. (For EGIFT) Recipient name, recipient name (recipient): -
11. Order amount:
12. Number to call:
13. Number to call from ( if a replacement is needed):
14. Name of the bank that issued the card:
15. Bank support phone number (if you need to call the bank, individually)
16. Letter from the office, where and for what reason we are calling
(link to photo): -
17. Reason and purpose of the call, description of your situation: - lecturer: here is the form for calling, save it and fill out the information on it, don’t be lazy, you’ll feel better about it lecturer: they also often ask the
question of what is the best way to call, with substitution or is there no difference?
lecturer: I think it’s better to call with a substitution, it gives you more confidence
lecturer: for some shops this is a mandatory requirement - calling from billing nomea kh
lecturer: Well, in conclusion, I would like to tell you a little about reroute
lecturer: reroute/redirect is a change addresses on the parcel, to the address DROSPAT/WEDMARKET.COM lecturer: I won’t tell you how to do it, but I’ll tell you a little about the technical component
lecturer: I’ll start with the UPS reroute. when rerouting UPS, the request to change the address is visible immediately, within 5-10 minutes the track is repainted yellow and you see the phrase: Request to change the delivery address, but it’s too early to rejoice at this, the shop can quite quickly turn the parcel back and you’re already with You won’t be able to do anything with it (the request for a refund is always higher than others and cannot be cancelled)
lecturer: Fedex reroute is somewhat more complicated
lecturer: in Fed, the request for reroute is displayed only in the city of Kh
lecturer: and there are different types-1. inscription: request
to change the delivery
lecturer: in general everything is clear here, the pack will then turn around and go where it needs to be
lecturer: sometimes the track lights up red and tells you that action is required, for the most part these are features of Fedya and this inscription will disappear in a few hours
lecturer: you will issue a new track
a new track can be displayed as a track for returning goods and hang directly on the website, if you see it, click on it and look at the destination if it coincides with the location of the drop (sometimes it may be a different city, but the same state, then check in Google maps location of cities, it will most likely be the same city or a different part of it)
lecturer: either a new track will come up with a call,
if the pack has not moved for some time, contact the dialer or call your email, you will be given a new track
Anti-detects
Browser-anti-detect of the new generation
We are pleased to present to your attention the most convenient and safe
tool for professional work on the Internet.
lecturer: Greetings to everyone who decided to attend the lecture on Antidetects. Today we will talk about various antidetects that have proven themselves well in our field of work, types of antidetects, we will understand some of the intricacies and features of working with antidetect when driving in and more.
lecturer: First, let’s figure it out with you, what is “Antidetect” in general? Antidetect is a solution (program, browser, browser plugin, etc.) that allows you to bypass various Antifraud systems on the Internet, be it online banking, or an online store, or a client installed on a computer for playing poker. Antidetect allows you to use the same machine for work without changing it, by bypassing different components. MBLAGODARAYAKETEOMTU, A.NSTIOFROMMD the system every time thinks that there is a new user in front of it, or, conversely, the same user, in the event that we need to “mask” someone. The task of modern antidetects is not just to uniquely identify the user, but to give him the opportunity to blend in with the crowd. lecturer: I’ll explain it very simply and clearly: in the first case, if we imagine that Touch ID on an iPhone is an anti-fraud system, and to unlock it you need to put a NEW finger on it every time, then thanks to the anti-detect, we can make a lot, a lot of fingerprints, and pass this defense calmly and successfully every time.
We can say that an anti-detect is like a glove that
allows one finger to leave a huge number of
fingerprints. Secondly, if we imagine that Touch ID on an Iphone is an anti-fraud system, and in order to unlock it you need to apply the same finger every time, which is, in principle, true on an Iphone, then we can “copy” the owner’s finger and successfully bypass the protection (of course, knowing approximately what this fingerprint should look like). lecturer: It should be understood that modern anti-fraud systems do not stand still and are being improved every day - if previously the simplest methods were used for identification, today a number of factors are assessed.
lecturer: In this context, antidetect plays a very
important role, and if used correctly, it will undoubtedly allow you to gain results, but success is not only a fact of its use - you need to correctly and consciously approach work in a specific direction, which will come only through knowledge and experience.
lecturer: You can look at the huge number of factors that modern antifraud takes into account using the example of the very common Threatmetrix system.
As you can see, the browser plays only one of the roles, albeit on the front of events: (Watch the video after the lecture) https://www.youtube.com/watch?v=2PQxoQQOPpY
lecturer: Another excellent example for analyzing AF systems can be specified:
https://developers.seon.io/?shell#request
I advise you to look at this example at your leisure, especially the huge number of parameters related to E-mail, the use of e-mail addresses in other services (Screenshot: http://prntscr.com/isj1yg ), phone number, etc.
lecturer: There are two types of Anti-Detects: Iron Anti-Detects and Browser Anti-Detects. Let's look at each of them in more detail.
Iron antidetect allows you to change the hardware parameters of a computer or virtual machine. As an example, we can cite: substitution of information about the processor, video card, BIOS, network card and various other devices.
An iron antidetect may be necessary when working in the field of poker, casino and other areas that are associated with
the installation of client programs under TW.inCdowOs. M
lecturer: Examples of hardware antidetects include:
1) CCTools 7 (Many have heard about this software, used it, it has long been out of date, but at one time it played a significant role)
2) VirtualBox Hardened Loader - a patch for the hardware antidetect Virtual Box. Vector T13 talks about this in more detail in its webinars “Virtual Machine Anti-Detection” (These webinars can be found on YouTube). It was well relevant at the end of 2016, although this decision still applies today.
lecturer: 3) Also from Vector T13 webinar on the WmWare antidote. Unfortunately, there was only one webinar, there was no continuation. Therefore, the topic is far from completely covered.
4) Antidetect 2018 Pro OpenSource by Vektor T13 – A new free solution in the field of iron antidetect from Vector for Virtual Box. This solution is relevant and supported by the author. Among the features, I would highlight full support for the video card on VirtualBox. The disadvantage of this solution is also its advantage: the solution is free, therefore, you will not receive full support (free) for this solution.
lecturer: 5) Aff combine - essentially the first hardware
VmWare antidetect, a completely up-to-date and ready-made solution in 2018. It also includes a browser-based antidetect based on the Mozilla Firefox browser. Sold on our forum. Price 1000$. 20% discount on tubers.
The ONLY HARD-KNOWLEDGEMENT Actual Qualified.AntiOdetMect on
the forum.
lecturer: Browser antidetect is a program that allows you to emulate a browser based on specified parameters. Simply put, by emulating various parameters, we can simulate any system (Windows, Linux, Android, IOS, MAC OS, Blackberry
) and browser (FireFox, Safari, Chrome, IE, Opera, etc.), as well as even game consoles (Playstation, Xbox).
Browser antidetects come in two types:
Type 1: Antidetect based on a regular browser with
an extension (Chrome) or Addon (Mozilla Firefox) built into it. Basically all antidetects of this type ( Antidetect 7.1, Antidetect from Cert, Antidetect from Good Job, Fraudfox, Antidetect from Vector T_13)
lecturer: Here Antidetects can be divided into two more categories:
A) Antidetects using the physical Firefox browser. This category includes: Antidetect 7.1, Antidetect from Good Job, FraudFox, Antidetect from Vector T_13)
B) Antidetects using the Chromuim physical browser. This category includes: Antidetect from Cert, Byte Antidetect 8.
Antidetect based on the physical Chromium browser is much more complex, more expensive in terms of investment and
requires more knowledge, so the price for such browsers is usually higher.
lecturer: 2nd type: Antidetect, written on the source code of the engine. From the examples that I know, Linken Sphere can be included here.
Anti-detects written directly using the engine source code allow a more in-depth approach to the implementation of substitutions.
More details about existing browser antidetects that are worth our attention:
lecturer: Antidetect from Cert (Cert) - antidetect based on Chromuim. Binds to iron, i.e. Can only be used on 1 system. The author has proven himself well, Cert - one of the very first developers of antidetect in general, and even more so based on the Chromuim browser. Updates are not very frequent, but stable.
Sold on Verifa, costs $5,000. There was a time when I used this antidetect. I don't have it and don't
use it now. In my opinion, the price of the product is unreasonably high. Even if I had $5,000 to spare, I wouldn’t take it. In my opinion, its price is several times lower. Each update is also paid and costs from $50 to $300. Even if you missed some update and didn’t take it, you will have to pay for all previous updates to get the latest version. In my opinion, taking into account the other antidetects available on the market, it is not worth taking for a beginner.
lecturer: Bytovsky antidetect 8 - antidetect based
Chromuim. The author of the product is Byte, the author of Antidecet 5,6,7, which have proven themselves well in their time. Antidetect 8 is an unknown product, only 4 clients. There are no reviews in his thread. Sold on Verifa, price: $3000 + $100 per month subscription fee. In my opinion, taking into account the other antidetects available on the market, it is not worth taking for a beginner. It seems like there is nothing supernatural in comparison with other antidetects on Chromuim, but the product is developing somewhat slowly.
FraudFox, Antidetect from Vector T_13 - singled them out into one
category because FraudFox is essentially an irrelevant antidetect, and Vector T_13 antidetect is not particularly suitable for work, it’s too “crude” and the author has given up on it. The Vector T_13 product is positioned as a means of increased anonymity and is not suitable for work (Vector T_13 itself positions it this way). The product is free, everyone can download and view it on the author’s website.
lecturer: Antidetect from Good Job - antidetect based on Firefox. Binds to iron, i.e. can only be used on 1 system. Infrequent updates, judging by the reviews, the author puts a “male device” on clients and it’s not so easy to reach them, much less get support for the program. Sold on Verif, a full license costs $2250 + subscription fee $200 per month. Didn't even use it. It's not worth taking.
lecturer: Now we come to antidetects that
have excellent price-quality ratio, are suitable for beginners, and are worth having in your “arsenal”:
Linken Sphere (Sphere) is an antidetect written on the source code of the Chromuim engine. Sold on our forum. The advantages include: Excellent support, frequent updates, no connection to the system, replacement of all main fingerprints, built-in functionality for working with ssh, socks and tor, its own unique socks service integrated into Antidetect, the ability to enter from several tabs at once, i.e. To. 1 tab is like a virtual machine, and you can open a lot of such tabs and other advantages.
lecturer: The disadvantages, as for a beginner, will be: a monthly
subscription fee of $95 (5% lifetime discount for VVH users), a shop with configurations is not available, i.e. configs; If you don’t have a PRO subscription (price 475$), there is no way to fully customize windows.navigator parameters. The combination of parameters allows me to recommend it; I also use it myself.
Let me explain right away what a config is. A config is a javascript code that contains information about the browser and
system (browser javascript parameters, WebGL parameters, font set, etc.) Essentially, the config is a snapshot of the system and browser. Using configs further reduces time, because you don’t need to register and come up with all the parameters yourself, you just download the config, edit it if necessary, and you’re done.
lecturer: Configs can be real or generated.
Real ones are those configs that are “copied” from real computers by collecting parameters, and generated configs are those made using a program (generator). The disadvantage of the generated configs is that the parameters may not always be correct and correspond to the OS or browser, or even have values that are not characteristic of the real system.
lecturer: Antidetect 7.1 – antidetect based on Firefox. Sold on our Billy Bones forum. Promotional price for students is $50. Sometimes I use antidetect to this day. The product is completely worth the money. A good option for a beginner. The antidetect is taken forever; there is no subscription fee and no connection to the browser to the system, i.e. You can enter from the main machine, from a virtual machine, or from the system of a friend, neighbor, etc.
Configs can also be purchased immediately, without
the need to fulfill any conditions. Antidetect
7.1 – allows you to fine-tune some parameters, for example in windows.navigator. The disadvantages include that the author (Byte) neglected the software and
there will be no updates, the antidetect does not replace some fingerprints, for example audiofingerprint, webGL, some configs require manual adjustment.
lecturer: Any antidetect reduces the time spent on driving, because no need to worry about clearing cookies in the system, setting up WebRTC in the system, installing browser plugins, fonts in the system, etc.
Also, thanks to antidetects, it is possible to approach the store “from different sides”, i.e. drive into it from OS Windows, Mac, from a mobile device and various browsers.
Sometimes in certain shops or merchs the traffic of any OS or browser is higher.
If you look at the monetary costs of typing, then compared to VNC and Dediks, antidetect also saves money. The config costs $1-3+ sock ($0.2-1) or tunnel ($1-2). A good Dedik will cost from $10 (and it’s not a fact that it was NOT driven into your store, especially if it is popular, and also Dediks often “die” if they are obtained using brute force); VNC price starts from $20. lecturer: BUT! In terms of driving in, antidetect is not a panacea and not a money button. You should not use only antidetects.
There are situations when typing goes better than real
devices (mobile phone for entering, laptop/computer for entering without virtual machines). Therefore, I advise you to “have in your arsenal” configured virtual machines for driving in, a mobile device emulator (Genymotion, Nox), a real mobile device for driving in, several antidetects, etc.
Antidetect, in addition to typing in, can and should be used
for your safety and anonymity on the Internet. Using an antidetect in your security chain complicates your de-anomization with any special ones. services. lecturer: Tips for ensuring your safety with the help of antidetects:
Firstly, use different configs (different OS and different browsers) on different forums, sites
Secondly, periodically (for example, once every 3 weeks) change the OS or Browser on each forum and website.
Thirdly, store the software itself and the browsers that have built-in add-ons and extensions on an encrypted flash drive or hard drive or container.
lecturer: For the anti-detect Linken Sphere (Sphere) you can add S:
A) Do not check the box to remember the password, but store it in your head. This is necessary in order to avoid third parties gaining access to your cookies, sessions, and configs.
B) Use TOR or TOR+SSH TUNNEL in the connection chain. DO NOT uncheck the “Save and encrypt cookies before exit” parameter.
For Antidetect 7.1, you can add that after the generated browser itself is no longer needed for work or typing, it should be deleted immediately, and not accumulate a huge amount, because Each browser takes up about 100 mg, and with a large number of browsers, this all takes a considerable amount of GB, plus each browser contains history and cookies, which will not be a plus when third parties gain access to browsers
.
lecturer: Now let's consider in practice working with 2 antidetects: Antidetect 7.1 and Linken Sphere (Sphere).
lecturer: Antidetect 7.1
After purchasing Antidetect 7.1 and configs for it (ideally, for a beginner, take about 20 configs; for starters, that’s enough, and if you need more, you can always buy more), after installing and launching Antidetect (about purchasing, installing, launching and settings, contact @@Billy Bones) the following window will open in front of you: Screenshot with explanations - https://prnt.sc/h2wovg
lecturer: Let’s go over each item and the settings: Item “1” - This button creates a browser, or rather its Portable version, which has an antidetect Addon built into it.
The browser is not tied to hardware and can be used on any machine and transferred to anyone, be it a partner or a neighbor. In order for the checkbox to light up and be active, you need to select any PHYSICAL browser from the container (Number 5 in the screenshot)
Item “X” - This checkbox determines whether the antidetect addon will be built into the Portable browser or not. If there is no checkmark, then a regular portable Firefox will be created of the version you select from the container (number 5) lecturer:
Point “2” - This checkbox is responsible for the presence of Flash in the browser. From personal experience I will say that it is better to create a browser without Flash, use Flash when it is really necessary and can affect the typing.
Point “3” - Responsible for the physical version of Flash in
the browser. You can select different versions from the list.
The physical version is the one that will be used for substitution; merch and shops do not see the physical version of the browser or Flash, they see the version or the browser that is specified in the config.
Item “4” - Copies the path to the folder of the created browser.
Point “5” - Selecting the physical version of the browser. You can select a Firefox version from 41 to 49. Determines the version of Firefox into which the Antidetect Addon will be embedded. If you don’t check the “X” box, then the regular Firefox Portable browser will be used.
Item “6” - Select a config from the drop-down list. Configs must be uploaded to the “configs” folder, having previously been unpacked from the archives.
Item “7” - Shows brief information about the selected config.
Point “8” - Responsible for WebRTC. When this option is enabled, here you need to enter the IP of the sock, the tunnel from which you are going to drive in.
Item “9” - Allows you to change the config language to the desired one from the list.
Item “10” - Allows you to add additional English. language. When is it needed? For example, if you are trying
to target a holder from Germany whose main system language is German, you can also add English, because Many people have several languages on their computers, for example, English and Russian for residents of the Russian Federation.
Item “11” - Allows you to open the folder of the last created browser.
Item “12” - Allows you to select the time zone and set it in the system with 1 click.
lecturer: About the use of configs and generation. There is no generation of configs in version 7.1, you can use it if you have version 6.5, but there is no particular point in this.
It is better to use all configs except Internet Explorer, because... they can be buggy and non-working. It is best to use the configs with the Firefox browser, i.e. Win XP, 7,8,10, MAC, Android + Firefox Browser.
Now for the settings in the window itself, before creating the browser: the required items where the checkboxes should be:
“X” and “8”.
“9”, “10”, “2” are optional, only if necessary. lecturer: Let's say you selected a config, created a browser, and opened the folder with the browser. Let's talk about some manual settings that you can make in the created browser.
Open the folder with the browser, then open:\ff_Your.Browser version\App\Firefox\browser Example: ff_46.0.1\App\Firefox\browser
There will be two files we need, open Notepad++, then the first file: “jsoverrider.json” . What can be changed there?
lecturer: Firstly, languages can be edited manually as needed, for this you need to change the value of the “Language” and “Languages” parameter (if any) Secondly, you can enable or disable JAVA (DO NOT CONFUSE with JAVASCRIPT!!) To do
this you need to find the “javaEnabled” parameter and change its value from True to False (or vice versa). Example:
“function javaEnabled() {return true;}” to “function javaEnabled() {return false;}”
Thirdly, you can edit the “Useragent” and
“appVersion” parameters, I would even say that this is necessary, because .To. the configs that you will have, be it Firefox, Chrome, Opera, Safari, etc., will already be old according to the browser version. lecturer: Let's take, for example, the Firefox config. There will be, for example, Useragent: “Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1” and appVersion: “5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox /40.1"
Version FiSrefoTx According to this parameter the frame of the steych.acs 4O0.1, Mona is already
outdated, we need to change it to a more modern one, for example, change it to the stable version 48.0. To do this, change the piece in the specified two parameters
“Firefox/40.1” to “Firefox/48.0”. We save the changes, open whoer or another checker and enjoy the changes.
This way you can change any parameter, knowing approximately what it does and means. You can easily learn this yourself by devoting a little time to it. Applies to any blood pressure, not only 7.1.
lecturer: Let's move on to the second file: “jsoverrider.js”. There you can correct WebRTC and the Canvas fingerprint.
Open this file.
Canvas in file: can be changed, can be disabled
replacing Canvas, thereby making the stock (standard) canvas of the Firefox browser.
In order to change the Canvas fingerprint, you need to change the value of the variable “var CanvasWebglRandomParameter”, i.e. put, for example, other numbers in it. (Screenshot: https://prnt.sc/h2y65s ) In order to return the stock (standard) canvas of your browser, you need to delete the line “return context.b_fillText(CanvasWebglRandomParameter, 2, 17);”
Drives may work better with a stock canvas, they may work better
with a substitute canvas, there may be no difference at all, especially if the store is small or simply does not request the canvas parameter of your browser.
lecturer: DSalete WYeXbRTMC. In this file
you can edit all 3 WebRTC (1 external, 2 internal) The variable “ipAddressRemote” contains the external WebRTC.
The "ipAddressLocal" variable contains the internal WebRTC.
I noted another meaning of internal WebRTC in the screenshot under the number “2” Screen: https://prnt.sc/dny2q9 lecturer: Also in this screenshot I showed: Blue areas, the boundaries of the code of each of the 3 WebRTC. This may be needed, for example, to remove one unnecessary internal WebRTC. The red area shows what needs to be removed in order for WebRTC to be completely disabled. Also, external and 1 internal WebRTC can be changed on the fly in the browser itself. (Screenshot: https://prnt.sc/h2yyko )
I would like to add that in the screenshot I indicated what the other columns are for.
It will be useful to read after the lecture for those who are going to take Antidetect 7.1
lecturer: And we move on to the next Antidetect, called “Linken Sphere” (Sphere).
lecturer: After purchasing, installing, and launching the browser (for questions related to purchasing, installing and launching the program, contact @@nevertheless or support), first of all you need to configure the general browser settings. They are located in the “Edit” tab, then from the drop-down list we find “Preferences”.
Screenshot: http://prntscr.com/itjman
In the screenshot I have highlighted the most necessary settings for a beginner. All the rest can be viewed and read in the documentation on the website.
1 item - default search engine, i.e. This parameter sets which search engine will open when you type a query into the address bar of your browser. For typing in, it is more convenient to install the Google PS, for anonymity and security DuckDuckGo.
2nd point – this parameter allows you to specify the site
that will open after creating a session. To enter, it is convenient to indicate any checker, whoer, detect.cc, browserleaks, etc., whichever is more convenient for you.
Point 3 – allows you to set the physical size of the screen, a very important parameter, I advise you to set it every time under the session (config). You can check these parameters (device-width, device-height) here: https://browserleaks.com/css
4th point – determines how the system time will be replaced. Important parameter. There are two options: 1) Through Javascript. 2) The system time will change. It is best to choose the second option, system override, as for me it is 100% not flawless, because In fact, we are not changing the time through Javascript, but as if we are changing it manually in the system.
Points 5 and 6 – I would classify these parameters as security. Ideally, if you are very worried about your safety: put a tick on point 5, not on point 6.
Actually, point 5 allows you to use TOR when logging into antidetect.
Point 6 – allows you to choose whether or not to save the password for your account when logging in.
lecturer: Point 7 – this point allows you to close ports in Web Sockets. Web sockets is a protocol designed to exchange messages between a browser and a web server. In simple terms, using Javascript, a site can check your open/closed Web Sockets ports.
Checker: http://www.andlabs.org/tools/jsrecon.html
According to the checker settings: IP Address – “127.0.0.1”, Start Port, End Port – here we indicate the range of ports (minimum 2), for example Start Port: 5939 ; End Port: 5940. Protocol: WebSockets. After scanning, you will be shown whether these ports are open or closed. In the example I used port
“5939” - it refers to TeamViewer. These ports belong to VNC technology (5900,5901,5902,5903) 3389 – RDP technology, etc.
Regarding setting this item: It is better not to change anything unless necessary.
lecturer: closing ports 80; 8080 in this way will not work right away, I say)
lecturer: The remaining parameters are aimed more at
usability (update design, etc.)
ShriAftRa, size, beskapOy, proxies for
Next, we move on to setting up browser sessions. Each session is essentially a separate system, like a virtual machine, which has its own config.
We'll talk more about free and paid configs and differences in settings during operation a little later; First you need to understand the important browser session settings for beginners.
lecturer: Let's start with an analysis of the first section. (Screenshot: http://prntscr.com/itjucp )
lecturer: 1st point – Select a session (config) from the list.
2 point – This point is needed to create a new session. To do this, you need to enter the session name in this field.
Point 3 – session notes window. A very useful feature.
In order not to get confused in the sessions and to make your life easier when analyzing the entries, I advise you to indicate all useful information in this field (Proxy Score, Risk Score, Which shops were entered into, by what method, the card used, the result of the entry, etc.)
4th point – allows you to set the session color, the session color will be displayed in the browser tabs (screen: http://prntscr.com/h3njn3 )
5th point – allows you to copy the entire session, including prints of canvas, audio, fonts, rects (if necessary).
Point 6 – allows you to change the session name (rename the session).
Point 7 – this point allows you to change the algorithm for replacing the canvas; in other words, this is the second option for replacing it (the first will be discussed below). Which option is better to use? Answer: Both, in different shops there may be different results, so it is better to try 2 options and empirically analyze which is better in your case.
8,9,10 point – allows you to enable/disable HTML 5
Storage, point 9 – allows you to save data and use it even after restarting the browser, point 10 – allows you to save and use data using the large structured data storage standard “IndexedDB”. In short, without delving into the theory. For typing in, both of these points must be enabled (exception: when typing in from a blackberry phone, for everything else, in terms of security, it’s
better to disable points 8,9,10.
lecturer: Let’s move on to a very interesting section for many,
“Fingerprints and other settings” (Screenshot: http://prntscr.com/itkiz7 )
1 item – turns on/off the Canvas substitution. Everyone has already heard about this parameter. Actually, what this substitution does in the field is that it uniqueizes the canvas without significantly changing “its picture”, thanks why it looks more or less natural. You can check the canvas here: https://browserleaks.com/canvas
If you greatly change the picture of the canvas, namely, use popular add-ons for the firefox and chrome browsers to change the canvas, you can 100% easily see the shop. Here's a checker in browserleaks that detects this: https://browserleaks.com/proxy (Option: HTML5 Canvas Protection). Also with fonts, the
“CSS Fonts Protection” parameter). At the moment, the minus of the Canvas uniqueization technology is that the output is 100% unique, and this applies to all antidetects. But, nevertheless, some AF systems react very hostilely to too high uniqueness, so try to periodically disable this function if you suspect that the shop is not working due to this parameter.
Point 2 - turns on/off Audio
fingerprint substitution. The audio print, of course, is not as popular as the canvas print, but over time, more and more banks and shops are introducing it into their anti-fraud
systems. Checker: https://audiofingerprint.openwpm.com/ Antidetect successfully replaces 4 parameters for each session: Fingerprint using DynamicsCompressor (sum of buffer values), Fingerprint using DynamicsCompressor (hash of full buffer), Fingerprint using OscillatorNode, Fingerprint using hybrid of OscillatorNode /DynamicsCompressor method
3 item - turns on/off font substitution.
A very popular detector, it’s easy to replace without an anti-detect, but in addition to replacing a fingerprint, the sphere allows you to customize the list of fonts, which is a definite plus. Checker: https://browserleaks.com/fonts (two “Fingerprint” parameters)
4th item – turns on/off rects substitution. In short, this is a substitution of the browser's coordinate system. The “getClientRects” element allows you to get the exact position and pixel size of the desired element, and depending on the system, or rather the system screen resolution, fonts and many other parameters, the results will be different. The sphere allows you to replace this without changing them too much, which in practice is not covered by Antifraud systems. Checker: https://browserleaks.com/rects (Parameter: “Full Hash”)
5th item – Enables/disables the use of random plugins. This parameter allows you to add a random set of plugins to your session, which allows you to avoid plugin detection. The function is needed for those who have free configs and who are too lazy to manually register plugins. Naturally, a set of plugins is included in paid configs.
Point 6 – enables/disables saving and encryption of cookies after exiting the session. Must be included. An additional security benefit is encryption.
7th point – turns Flash on/off. Here, just like with antidetect 7.1 - don’t turn it on unless you really need to, flash is an additional opportunity to detect you. The technology is currently outdated, all its capabilities have long been available in html5, so due to its absence, few people will no longer look at you askance.
Point 8 – when you enable this point, each time after opening the session will have new fingerprints, which I described to you above. There is no need for this for driving in, but for safety it can be used.
Point 9 – allows you to choose which prints to make, new, random (Canvas, Audio, Plugins, Rects, WebGL, Fonts, Media Devices). Refers to point 8.
Point 10 – this parameter blocks the output of the canvas hash.
It should be used if you are sure that your shop or merch does not respond well to the 100% uniqueness of the canvas. (Screenshot: http://prntscr.com/h3pk3m )
lecturer: Go to the section “Configuring and selecting a connection type” (Screenshot: http://prntscr.com/itkxrv ) lecturer: 1st point – allows you to select the connection type from the drop-down list . Now I will analyze the most necessary things for a beginner to work with.
lecturer: No proxy - this mode allows you to use a direct connection, i.e. Internet is taken from your system. It is necessary if you really want
to work with Proxyfier, Bitvise SSH and other software for using tunnels and socks. As for me, this mode is not needed, because... does not allow you to take advantage of the sphere's advantage of using different sessions at the same time, each of which is configured with a separate sock or tunnel connection, depending on what you like to use. The exception to this situation is the use of a router in which it is possible to connect a sock or tunnel in the router itself, and not on your system. (The forum sells such a configured router)
lecturer: Tor - I recommend using this connection mode for your security chain, when surfing shadow forums and to access forums through Tor, for example the Verified forum.
Socks, SSH Tunnel - combined these modes. The first relates to the use of Socks (Socks 5) and the second to the use of Tunnels (SSH). These modes can and should be used for driving in. For each session, you can configure different connections and use them simultaneously, i.e. in fact, it’s the same as typing in from several systems (virtual machines) at once. Driving from socks or tunnels is just up to your discretion as to who you prefer to work with. I personally use padding socks, LuxSocks. But the problem is that recently they have problems with socks, the number of socks has dropped sharply. Therefore, now I additionally use the “Faceless” sox service.
lecturer: Sphere socks – Socks raised on mobile
devices. These mobile socks are exclusively for clients of the industry; they are integrated directly into the antidetect.
This solution allows you to save even more time and improves the usability and uniqueness of the antidetect, because
The IP data of the socks is from the general pool of mobile operators, therefore, Antifraud systems can treat you more loyally. For better results, I advise you to use the configs of Android devices (Mobile phones + Tablets) with these socks
. Today the socks are at the implementation stage)
lecturer: Point 2 – Field for entering the ip of the sock/tunnel and port. Example of input SOCKS 5: 173.244.217.119:1081
3rd item – this checkbox allows you to disable internal IP. Those. When using this item, only the external webRTC IP will be displayed.
Point 4 – toe/tunnel authorization. Actually, all tunnels have authorization, so you must enter your login and password here, but Socks don’t come with authorization so often, so if you don’t have a login or password, leave the fields blank.
lecturer: point 5 – turns on/off WebRTC substitution. If you turn off substitution, WebRTC will correspond to the WebRTC of your system where the antidetect is installed.
6 point – This checkbox is responsible for External IP WebRTC. You need to disable the checkbox when the IP for connection differs from the IP that is obtained at the output (you can check it on any checker, for example on whoer.net). I’ll give an example from Luxsocks, after buying
a sock I get this ip
ort for connecting“212.83.165.56:29007”, I check on whoer.net, and there is IP
“97.113.91.76”, therefore, I have to disable this checkbox, and in the field “EXTERNAL IP WEBRTC” for competent substitution, I must write this IP
“97.113.91.76”
lecturer: Point 7 – this point allows you to enable IPv6 substitution. It should be used only if this information is “leaked” on your system. You can check the leak here: https://browserleaks.com/ip
“IPv6 Leak Test”.
Point 8 – disables WebRTC substitution, i.e. When this function is enabled, WebRTC will show that
it is disabled. CheTkeYr: wXhoMer.nAet
RKET.COM
lecturer: 9 point – allows you to set your own DNS. It must be used if your sock or tunnel does not have a DNS or is from a different country, or you need to replace the DNS not for typing, but for your safety. The “check DNS” button checks the functionality of the DNS server you specified.
Please note that working with this parameter is very important - DNS has the same meaning as the IP itself. In addition, it often happens that when you buy a Socs without its own DNS, the system’s DNS is shown (this is what happens by default if this field is not filled in and the Socs does not have its own parameter), and you catch Declines due to suspicious activity.
Point 10 – this “Check Proxy/ Geo” button allows you
to automatically check the connection Sock for functionality when pressed, and also automatically install it based on its geodata (based on MaxMind) and IP: Time Zone, External WebRTC, GPS) lecturer: Let’s move on to section 3 of the program: https://prnt.sc/itkq52
lecturer: 1st area - responsible for UserAgent. By clicking on the
“manage” button, you can edit, add, delete Useragents. Then you can quickly select the desired Useragent from the drop-down list in 2 clicks. The buttons at the top (“Chrome”, “Safari”, “MSIE”, “Other”) allow you to very quickly select by browser type.
I would like to clarify that on the website, in your personal account, there is a
“User Agents” section - there you can select ready-made user agents by OS, Browser and device type for free.
Area 2 – is responsible for the language of the session. You can select a country from the drop-down list, and the language will be entered automatically, or you can enter it manually in the input field, which is located to the right. lecturer: Point 3 – Blocking pop-up windows. This function prohibits the creation of pop-up windows.
Use only when necessary, sometimes a shop or merch will have “necessary” pop-ups.
Point 4 – All a beginner needs to know about it is that if the site loads with errors, or something does not work on the site, which does not allow you to complete the typing, you should enable this function. Do not turn it on unless necessary.
lecturer: Next section - https://prnt.sc/itklmh lecturer:
1) Config manager - in other words, free
configs. We clicked on the button, selected the browser type, selected the OC, clicked generate and the free config was loaded.
2) Setting up WebGL. This section allows you to configure all possible parameters for WebGL 1, WebGL 2, disable WebGL if necessary, and also generate it if you are too lazy to configure it.
3) Advanced settings. (Screenshot: https://prnt.sc/h3q2d0 ) This section allows you to manually register plugins, manually add http headers, manually edit more than 27 Javascript parameters. lecturer:
4) Fonts. This section allows you to edit a set of fonts, i.e. You can create your own list of fonts that will be visible to antifraud systems in addition to replacing the font fingerprint itself.
5) Window resolution emulation. This feature allows you to hide
your real screen resolution, and it will match the user agent data. Useful when working with mobile configurations.
6) Touch screen emulation is simply a MUST HAVE when working from mobile configs. Full touchscreen emulation as on mobile devices. None of the existing antidetects except this one have such a function.
lecturer: 7,8) These two values set the screen resolution. 7 – screen width, 8 – screen height. Example 1920x1080
lecturer: Let's move on, the next small section.
Screenshot: http://prntscr.com/itkmis
lecturer: 1st region - responsible for replacing geoposition. Latitude - geographic latitude, longitude - geographic longitude.
It is not necessary to put the geoposition directly under the ZIP of your tunnel; it will look quite normal and natural if you put the geoposition up to 10 km from your toe.
Example in the screenshot: http://prntscr.com/h3pyv1
The marker in Google maps marks the coordinates of the sock, there is a circle around it - so the area of the circle is a fairly natural geo-position for this sock/tunnel. lecturer: 2nd area – is responsible for changing the time zone, or simply put, setting the time zone and time.
The time can be set either by selecting a state from the drop-down list, or by selecting a time zone from the drop-down list.
Again, I want to clarify that when you click the “check proxy/geo” button, the geoposition and time are set automatically, which saves us precious time.
We've sorted out all the possible sphere settings that may be needed, now let's finally move on to working with this product.
lecturer: Option 1 – you have a PRO account and access to the config shop. How it works - buy the required config in the config shop, add it to the sphere, configure the connection type, WebRTC, DNS if necessary, click the Check proxy/geo button (the time zone and geolocation are automatically configured), then select the checkboxes of those fingerprints that you want to replace and go
ahead drive in In fact, what I described takes about a minute.
lecturer: Option 2 - you do not have access to the config shop, then you can configure it in two ways. The first is installing the required User Agent (choosing from ready-made ones or downloading your own, which is preferable), after which the parameter is generated using the built-in generator.
After generation, you will need to look at, tweak, adjust WebGL parameters, Advanced settings, Fonts, etc. The second option is to use built-in free configs (there are about 50,000 of them) - create a session, click Config manager, select the desired browser and OS, get the config of the real device from the built-in database. You don’t need to do anything additional with it - then it’s no different from the first option: configure the connection type, WebRTC, DNS if necessary, click the Check proxy/geo button (the time zone and geolocation are automatically configured), then select the checkboxes for those fingerprints that you want to replace and drive forward.
lecturer: However, built-in configs tend to
lag because they are used by a fairly large number of people, and their quality is objectively worse than those in the store, and this can negatively affect the result, although they are quite suitable for testing the strength of a beginner
.
It is also possible not to download a free config, but to write it yourself in the field from scratch, but for both the first option and the second, you need to have experience and knowledge of all the parameters. You can read about all the parameters in detail in the product documentation + Google for help.
More useful features in this Antidetect:
lecturer: 1) Antidetect has its own Web Emulator built into it
– this tool allows you to simulate the behavior of a real user by visiting sites automatically. In practice, this is necessary in order to reduce the routine work of collecting site Cookies, site visit history, in other words, “warm up” the system before entering it into the store. You can also configure the emulator so that it imitates the user’s behavior in the store before entering.
lecturer: 2) Entering data when entering is simplified - the antidetect
has its own Vbivotron built into it. The function is convenient, but please note that some sites are very hostile to copying, and even specially configured intervals of humanoid input may fall under antifraud.
Use the function if you are sure from your own experience that the store does not react in any way to such input.
Search for shops, merchandise
lecturer: We will divide the lecture into 2 parts, with a short break, since the volume of material will be large.
lecturer: Part 1 – Search for shops. Part 2 – Analysis of merch. lecturer: And so, let's go. Part 1. Search for shops.
lecturer: I’ll probably start right away with a warning: looking for shops with queries like: buy apple iPhone X, or buy macbook pro, or buy Gucci jeans - there’s no point. Since on the first pages of search engines there will always be giant shops, like BestBuy, Amazon, Seers, etc. You can work with them, but they require a completely different approach and experience.
You won’t be able to take the first SS you come across and drive in 10k dollars
, don’t try.
lecturer: So how to find the right shops? Here are just a few options:
lecturer: 1. You can search for shops using SEO optimization resources on one of the sites on the desired topic. SEO optimization is a set of measures for internal and external optimization of a website to promote it in search engines. Accordingly, the higher the site’s position in the search engine, the greater the traffic, and accordingly, higher-frequency queries are used to promote it.
lecturer: For example: at the request of Gucci jeans, Google produces
the following picture. http://prntscr.com/gpqxsz , let's take the 5th site as an example: http://prntscr.com/gpqxig . We go to the site, find any necessary category (in this case, dinner jeans) and right-click on a free field in the browser field.
lecturer: We need the line View Page Source http://prntscr.com/gpqy48 - click on it, we get this: http://prntscr.com/gpqyez- we see that in the meta name line - the requests for which this page is promoted are written. All we have to do is compile the queries with our own and go searching more specifically, for example: if you make the following query “clothes shop+inurl:super slim jeans” then Google will return http://prntscr.com/gpqzqh and http://prntscr.com /gpqzu9 .
lecturer: 2. Shops can also be searched through “
query operators”, about which you can read in more detail here https://sites.google.com/site/tilromen/poleznoe/kak-pravilno- sostavit-poiskovoj-zapros-google, or even better, study them on SEO forums, you can find a lot of interesting things there. As an example, I will give the following query operator: clothes shop+ inurl:e-gift - will give us a list of shops that have the phrase e-gift in the link, or “clothes totes egift” - Double quotes allow you to find only the expression that they contain.
lecturer: 3. You can also search for shops through eBay, but not
everyone has their own website, you need to search. It’s enough just to go to the product we’re interested in and look at the information about the seller; if it’s a shop, we’ll see that the page is usually colorfully designed, and the seller’s name is something like: freeshippngshoes, bestshoes, goodwatches, etc. Study carefully. Next, all we have to do is enter this data into Google and go to the store’s website, if one exists. However, it is not always possible to immediately bypass
the shop’s anti-fraud system; sometimes it’s easier to drive it into eBay (but more on that in the Brutus lectures).
lecturer: 4. Shops can also be searched through Amazon. We go to amazon.com, enter a query in the search bar, for example SSD. We are interested in the left column http://prntscr.com/dusrr7 , go down below, we need the line “Seller” and click “See More” http://prntscr.com/dussij , we will be redirected to the next page http://prntscr. com/dust0d . This page lists sellers of products in this category. All we have to do is copy their names and paste them into Google, and then continue by analogy with the previous one.
lecturer: 5. Shops can also be searched by parsers, for example
Butterfly. The disadvantage of parsers is that they find a lot of all kinds of garbage, so you have to sort through the sites manually. Although they certainly sometimes help a lot.
lecturer: 6. Shops can also be searched through SQL Dumper, if the roads are compiled correctly, you can find very sweet shops, but the dumper eats a lot of proxies, so you will have to constantly load new ones into it.
In general, it is needed to search for vulnerabilities on websites, but the lecturer can easily adapt to searching for shops: 7. You can also search for shops on thematic forums, for example: a forum for young mothers, or a fishing forum. With the right approach and SI, you will be given a bunch of shops that you will spend a very long time looking for on the Internet.
Thanks to the young mother Michelle - she suggested an excellent
shop with expensive baby strollers and a no-show anti-fraud system. The shop unfortunately closed, and the strollers arrived in RU)
lecturer: 8. Shops can be searched on the website http://www.resellerratings.com
lecturer: At the top there is a drop-down menu store ratings. There we select browse all stores by category and on the left there will be a menu with categories. For example, choose apparel and jewelry. We see “sort by” and click
lecturer: This will display the sites with the lowest ratings on the first page. But there are 468 pages of these sites in the clothing and bizhi section. About 70% of them have a zero rating and about three quarters of those 70% of shops are small, giving well. Sometimes you come across shops that seem to have no ratings on this site at all, but in fact the shop is large and will just send you horseradish.
lecturer: In fact, there are many ways
to find the shops we need, with the right product, but I most often use these methods of work. I recommend that you experiment with query operators, as this is the fastest and most convenient option for searching for shops.
lecturer: In my experience, sometimes large stores send much better than small ones, but this is more an exception and direct hands than just luck). You need to try to break into all the shops you like.
lecturer: Sometimes you come across a scam shop, for example, I came across one where Canada Guz cost 200 bucks,
so it’s better not to swear in such shops, they were created by our colleagues to collect swear words. Study the shop carefully before entering.
lecturer: Part 2. Analysis of merch and their features.
lecturer: Merch is an electronic aggregator for processing incoming payments, in other words, it is a program that directly accepts payments
through the website. There is a huge variety of merch, both large and self-written.
lecturer: To determine merch, I most often use the site http://builtwith.com/ , - if you have the opportunity, you can buy a subscription there for your hard-earned money, it costs 500 bucks a month, don’t try to waste money - it won’t work. We enter the address of the store into the line, and it will give us all the information about the store, in the E-commerce section, there will be the merch we need.
Sometimes the merch is not shown, then you have to look for redirects in the browser or hit at random, this also happens.
lecturer: As for Euro merch, most often they can be seen during checkout, that is, when you are already entering a card, since most Euro shops do not post information about merch on their pages.
lecturer: Below is a list of merch products that are often found in the US:
lecturer: 1.Shopify – it is believed that every month it is more and more difficult to add it, but no. Everything is much simpler, you need to adjust the system to this merch. Merch loves real hardware, and he practically doesn’t care about socks and tunnels, the main hardware and the unique fingerprint
of the system. Fine and competent tuning of the system is very important. In general, merch is burning both grandfathers and IP substitution. Doesn't even bother with order cancellation letters and letters about possible fraud on your part.
The solution is to perfectly configure your driving system. lecturer: I have a separately configured virta for each merch, and accordingly I just change my socks and hit.
To find shops on this engine, we use the following search query: Ecommerce+Software+by+Shopify+dildo
2. WooCommerce is quite an interesting merch. I haven’t seen it that often; in terms of trafficability, it all depends on the shop. That is, what level of security is the merch set to? Some shops ship tons, some can't even get a dollar out of them.
lecturer: BSigCTomYmeXrceM – basically the same as
Shops are searched like this: dildo+ giftcertificates.php – will find all shops with dildo gifts))
4. Magento and its derivatives. My most favorite merch. Easy to work with and not particularly fussy.
Shops are searched for by dildo+ .com/checkout/cart/ - the cart itself, dildo+ .com/customer/account/ - account.
lecturer:
5.Shoprunner – aka merch/engine for many mono-brand stores. Light enough to work with. You can also punch it with a brute force.
6. Zen Cart – also quite common. It beats a little more difficult than the previous ones, but does not cause much trouble.
7. PrestaShop – basically everything is the same. A clean sock +
a well-tuned system and we will be happy with you. lecturer:
8. OpenCart is my least favorite merch. Even with perfect typing, it can send.
And the “f*ck off” messages go away. I still can’t understand him.
9. X-Cart - not so easy to find, but if the shop starts to give, then prepare the trucks
lecturer: Taking into account the peculiarities of setting up an ABC system in shops, it often happens that shops do not see the full address of the holder, but only see spare parts. Therefore, sometimes it is advisable to take a card under the middle/drop zip, and drive a beel=thorn into their address. Such shops can only be found by testing.
lecturer: I also recommend taking a roller (the same credit van) and entering the shops you like for small amounts to the holder’s address in order to see movements on the card.
Some shops write off the money right away, some hold it, some write it off at the moment the pack is sent, so having this information, you can easily choose a checkmate and a method of working with a specific shop lecturer: I will also give examples of euro merch: 1. SagePay (Saga) - BBW
always , each shop likes different types of cards. There is no safekey for Amex. YUK and YUSU eat by reset, but not all the bins. If the card is accepted, they almost always send it. As for air, the same principle applies.
lecturer: Stub Hub + virtual pos terminal – very often found on sites that sell tickets to all kinds of events. It’s quite difficult to push in this merch, VBV always does, I couldn’t
push in Yusa even once, only EU. It scorches everything, right down to the color of the socks you’re wearing, but it’s worth it).
https://prnt.sc/gpr913 - this is what driving in actually looks like. lecturer: 2. BancaSella is one of the wonderful WWW merch products. With a bang, Yusa and Yuk are discarded. A miracle happens and there is no problem. 100% hit if the transition is successful.
3. Adyen is also handsome, all countries climb, there is no safe key, discovery is available in most shops, and this is a sure way to bypass the WWW. However, even with the included card, the shop can get to the bottom of it. As for airlines/hotels - if the card is included, 100% hit. Reservations and tickets are in your pocket. lecturer: 4. Bucharoo - complex Dutch merch. VBV/Safes, You can also drive in with a usa - but extremely rarely - rather an exception. However, there are shops with which, having developed SI, you can drive in a yusu or another eu mat.
5. Wirecard - there is no key safe, just like Amex, practically,
YUSU has been eating great, at least for the last 2 months. It also happens without VBB.
6. Erstes - the same wirecaird.
7. SaferPay - safe deposit box, EU only. Sometimes without vbv.
lecturer: 8. Euro payment service – the reset mate fits perfectly. Yuk mat eats at least 10k, without any complaints
lecturer: PayPal and all its brothers - it’s clear here, I’m not considering it, there will be separate lectures
lecturer: Zerogrey - eats everything as before, just serve fresher beans. There is a 99% chance that the first order will require rendering. If done well (photo and not a scan), then success is guaranteed. I advise you to always create an account
in the store; if the card survives after the first sending, get the most out of it.
Europe and Asia
lecturer: today we are talking about EU and Asia, I would say in general about working around the world. Stop Flood)
lecturer: Working with maps of other regions (other than us) has a number of features, and it is logical, because There are different banking systems from region to region.
lecturer: I would advise you to look at this direction when you either already have a wealth of knowledge (and I’m talking in general about the mechanics of work and setting up the machine), or you have money for tests, but of course the best option is when you have both this and that
.
lecturer: The direction is interesting, but it requires investment, start working on it, keeping statistics, and you will see patterns.
lecturer: The lecture will be more of an overview nature, I’ll tell you the important parameters below
lecturer: And so let’s start, but first I’ll highlight one of the main advantages of the EU and Asia mat - the AVS system is not connected, who forgot the link below
lecturer: And let’s figure out what it is right away 3ds (aka vbv/mcsc)
lecturer: Bin is the first 6 digits of the card, well, I hope you
already know this.
lecturer: We remember that the AVS system is in England (uk), and nearby countries (Ireland, Scotland) because they are sometimes serviced by banks in England. Also, on English banks there is no ABC system. There is also Autovbv, that is, when the fraud likes you, the 3ds code is not requested, it can be configured on the side of the shop or bank.
lecturer: For example, a shop may simply not request a VBB up to a certain amount, let’s say it just has several merch, or the merch has dynamic 3ds disabled.
lecturer: We remember that driving in cards in the cardholder’s country can have consequences in the form of a quick charge.
lecturer: We warm up the shop, make sure to communicate. SI is our main tool. Communication with shops, receiving feedback, all this is important. At a minimum, it saves you money when you find out important information before entering, such as which countries the material is going through. lecturer: Just imagine, you can communicate with shops (tell them your stories, be like a holder), you can call banks and find out the reason for the Declines, etc.
lecturer: If from English. difficult, then use Google translit,
or a plugin for the grammarly.com browser
lecturer: As a rule, around the world (that is, outside of the US), communication with shops/offices is done by mail, less often by phone
lecturer: When entering internationally, get ready for the fact that I may request documents, this is normal, it’s more convenient It will happen
if you draw the docks right away, so that when you request a shop, you don’t have to make them for too long. Is it possible that a specialist can request the docks in order to stall for time until the charge arrives?
lecturer: SS with 3ds code and SS without 3ds, it’s simple.
lecturer: That is, somewhere you know the 3DS code, somewhere you don’t, somewhere it’s simply not installed on the card or is not needed at all for work, or it can be changed like a password in the mail (either easier or unrealistic).
lecturer: As for resetting the 3DS code (like resetting a password)
• it can be changed by knowing additional information on the card, like doba or
ssn, or other data depending on the country and bin.
https://prnSt.scT/fyYheyXl
lecturer: Next, the material and methods of work are divided depending on the countries and methods of receiving VBB (static, in SMS code, 2FA in a bank application)
lecturer: For example, what you can work with: lecturer: USA/Uk cards with 3DS code reset - it
Relatively painlessly it is reset on yuse, on yuk it is reset via dobu, zip, but more and more often it is received by phone via SMS.
lecturer: They drive it in - it climbs all over the world, in Asia, Europe and other regions
lecturer: Yes, using eu/ca/uk/au/usa you can reset the 3DS code and install your own knowing only the ext, but you need to look for bins that will suit you, because It’s becoming less and less common that the code can be changed so easily, and more and more cards are dying after changing the code. But if you have the means, you can try
to collect a database of beans.
lecturer: USA and the rest of the non-3ds countries - here you have to figure out the statistics yourself about what goes where, let’s say USA non-3ds almost doesn’t go into Europe, but it will already get into Asia, it’s also quite difficult to find EU bins without BBW, but in general it’s possible
lecturer: What is worth noting is that in Asia almost everywhere the 3DS code is sent via SMS; in EU you can still find a static code, but less and less often. Also in USA, large banks set up the reception of 3DS code by phone or it comes by mail (but in In general, there are still many banks with easy reset of 3ds by dob or dc). lecturer: The trend in the market is such that it is very difficult or almost impossible to buy a mat with a known code, a more realistic option is to take it for a % of the profit (transaction amount), but that’s a completely different story) lecturer: In the selection of cards you should not always give
preference only bold bins like gold/platina/signature, this is just one of the points when choosing a card, do not forget to look at the issuing bank and country. At least the country is for sure, in India there may be nothing on gold, but in Singapore there may be a lot of money on classics, here we generally use logic, you can google countries and see what the situation is like there. lecturer: To make it clearer, I’ll tell you about driving methods using different mats. (in general, this is all quite logical, and all the methods are based on what - where to hit and what to hit)
lecturer: That is, we look at the CC that we can buy, and
look at the store and where it delivers (don’t forget about the SI, and study the shop)
lecturer: Let's say - you can use USA/YUK mat with reset in EU shops from WWB, and make delivery to any address, or rather, they won’t see it if you specify billing not from the card, there is no avs system.
lecturer: The same as - to beat EU cards in USA, with delivery to Europe, yes they will ask for docks, yes there will be verification, but if the store is medium or larger, and there is delivery, then they will send it. lecturer: If there is material with a known code bbv then
let your imagination tell you where to put it - and this is either the most liquid product, Gifts, and so on, I think when it is in your hands you will be able to understand what to do with it, it does not fall from the sky.
lecturer: Sorting/determining 3DS protection in a shop (availability of merch). This is relevant, since many shops may simply not indicate that they have 3DS protection; there is also the fact that (mainly in Asia) the 3DS icon may be on the store’s website, but in fact it is not there, this is how carders are scared away .
lecturer: You can at least look/add some information on merch here -
lecturer: To determine the presence of a 3DS shop, I usually
take a card that has 3DS on it and I know it for sure, and drive it into the shops if the 3DS window opens (I I posted the screenshot above) then there is 3ds) if not, then no.
lecturer: We pay attention to the lock region, when working with different countries you may encounter it, it does not allow you
to make a transfer in a country/shop different from the country of the cardholder.
lecturer: We also remember about customs limits, naturally all the information is in Google.
lecturer: The WWW page has its own antifraud that you need to go through, as a rule, it’s not difficult except for the already tired Germany. (On the issue of region location, this is one of the ways the bank determines that the ip does not match the strange billing card) lecturer: Yes, for
cards with 3ds there is usually a long charge (except for yuk and usa), and if payment is made, then the fault lies with the holder, the shop itself is not responsible for it, so even if the shop sees a request from the bank, it can send
S.
TYXMARKET.COM
lecturer: Amex has an analogue of vbv, this is sefkey (but shops with support for this protection are not very common) lecturer: In conclusion, I want to say that the trend is that everywhere they try to have the 3ds code via SMS, or 2fa via an application, entering with with a reset code, they either die quickly, or the code simply cannot be reset. Considering that it is difficult to get a mat with a known code, you should either drive it into shops where there is no 3DS protection, or it is not on the card (or autovbv).
Having typed in from A to Z
lecturer: Hello everyone again.
lecturer: What is hammering and what does it consist of?
lecturer: In general, driving in looks like this
:
1. Found a shop
2. Selected materials for driving in (card, sox/tunnel/dedik, address/intermediary)
3. Typed in
4. PROFIT
lecturer: But... when instead of Order Success you start receiving order canceled / decline, you understand that in fact, there are much more details/underwater rocks/devils in the still waters - call it what you want - much more than 3. lecturer
: You may have never thought about this before, but this is precisely what could/may be the reason for your failures. Right now I propose to look at what the beating consists of and what it is eaten with. lecturer: Let's take as a basis calling each detail
a “variable”. Let's call a group of variables that fit one category a block; each block consists of several sub-items and variables inside it, let's proceed to a detailed examination of the blocks and variables inside them:
lecturer: CREDIT CARD block:
• bin (the first 6 digits of the card, determines the issuing bank, country of issue, card level, presence/absence of vbv ) lecturer: A particular bean may have restrictions on payments, limits on spending funds / limits on payments on the Internet, or it may simply be “non-cash”, various types of VBV/MCSC and its reset (reset varies depending on the bean);
lecturer: autovbv bins - when vbv is on the card, but does NOT require entering a password and is processed automatically.
You shouldn’t dwell on this sub-item, but you should at least take note. Therefore, write down each bin that you encounter in your work, as well as the result of working with it.
lecturer: - Card level, card type Card
level, Classic / Platinum / Premier / Gold, etc., as well as Debit / Credit. Based on the level of the card, it can make assumptions about the presence of a balance on it. It is logical that there will be more on platinum credit cards than on
classic debit cards - purely statistically.
lecturer: - validity of the card
Nothing matters: neither the quality of the IP, nor the system settings, if the card is dead. You can be absolutely sure of this only by calling the bank (or if you have an enroll to the card). Checkers often kill cards, so you can’t blindly trust them, and it’s better not to check US cards at all before inserting them.
lecturer: - billing info/address - credit card address (billing address, billing - the cardholder’s residential address), unfortunately, crooked billings appear on cards from time to time, and in the case of a crooked card being inserted into the merch that AVS checks (for example, almost all USA
stores ) such a card will not be included.
lecturer: The reasons contributing to this are the method of obtaining cards; almost always the information about the card that comes to us is the one that the holder entered somewhere HIMSELF. He can order something for work, for his mother-in-law’s house, and so on.
lecturer: There are various methods of dealing with this, I’ll tell you about several that I personally used:
A) By punching the holder’s billing before entering the card
lecturer: B) Searching for information about the holder in publicly available sources, for example, by searching in Google Name + zip (John Woods 18462 ) and checking the correspondence of the address and name on various sites and social networks. networks.
lecturer: C) By driving in certain bins and types of cards. Types of cards include Business Cards (cards for business).
These are work cards that are often registered to a company/organization (so don’t be surprised if suddenly, instead of a name on such a card, you see something like “Mike Stewart Washington Water Restoration”) lecturer: The advantage of entering such cards is that in
billing they are equal in 99% of cases, which other types of cards cannot boast of, due to the fact that the company orders goods or pays for services in relation to its work address, that is, billing. Minus - not all beans will give.
lecturer: - check cards. There are several types of card checks:
A) Authorization and write-off. A random amount of money is authorized on the card (from $0.01 to infinity, but usually no more than $1), using the same principle, a check is entered
somewhere when the amount is written off.
lecturer: B) Pre-authorization and/or cancellation of authorization. During pre-authorization, the amount is not debited due to its quick cancellation; when authorization is cancelled, cancellation (cancellation) occurs after the direct authorization of the amount
C) Calling the bank
lecturer: Each bank and bin has a different attitude towards different types of card checks, but basically this effect is negative (especially when working in the USA) and it happens kills cards (even pre-authorization)
lecturer: The next block is the camouflage block:
The first point will be called the “human factor”. At the moment, many banks automatically analyze the amount of monthly expenses and the type of transactions of the cardholder, and
due to absurd behavior (this is when a 65-year-old lady buys a snowboard), it is possible (I emphasize, possible) that the bank will refuse transactions. lecturer: This point is not critical, but it cannot be ignored. The shop transmits information about the transaction to the bank,
so you need to dial the minimum fraud score to bypass anti-fraud systems - focus on this.
lecturer: There is a sub-item for this item “Mode of behavior”. By this I mean the motivation and purpose of a person buying something at that particular moment in a particular store.
lecturer: Create an image for yourself, become a holder, you are driving in your card, not someone else’s, believe it! Are you a 65-year-old woman and have decided to give your son a laptop?
Talk about this with the store support and ask for advice, read the product description, make a mistake when entering text, your eyes are no longer the same as in your youth!)
lecturer: Sox and the tunnel as a whole can be grouped and called an ip-address block, then the variables in this The block is as follows:
lecturer: - IP purity according to blacklists
• open ports
I talked about this at my security lecture, in short, this is neither a negative nor a positive parameter in most cases.
lecturer: - geolocation of IP addresses using the maxmind database (or another important one)
Whoer.net and a number of other sites have an outdated max-mind geo database, so the consumption of geolocation information from the driven site in comparison with whoer and some similar sites can be very significant and critical, up to another state. lecturer: Certain sites have their own
geo-bases, often on these sites you are offered to automatically fill in a zip code, city and state, so when entering into such shops it is better to focus on the information they provide and select material based on it.
lecturer: - proxy & risk score
• provider, host name, DNS, belonging to the ip hosting provider
Internet provider ip, host name can tell about
the IP belonging to the cloud hoster (see lecture Security and setting up virtual machines)
lecturer: - range zip code ip from zip code cc
Using an example: we own a card with a zip code in billing 97401, which means zip ip should be as close as possible to zip, that is, 97401 / 9740* / 974**, etc. - however, this directly depends on your topic and the place where you drive, for e-gifts you need to select as close as possible, for a duffel bag, depending on the situation: under a drop/media or holder.
lecturer: Dedik, virtual and physical machines are included
in the second group of masking, respectively, they are a separate block and have their own groups of variables, namely:
lecturer: - OS
Version of Windows / Linux, etc.
• browser (Browser, version, WebRTC settings, coockies) lecturer: Serious merch can also request information from the browser about installed plugins (they can only check by requesting the id of a specific plugin(s)), check the sites on the list where you
logged in (https://browserleaks.com/social - you can check here, for example). In practice, with Facebook logged in, for example, this is a plus, but not critical.
lecturer: What is coockie stuffing?
• Stuffing cookies, surfing various sites - imitation of a real user BEFORE typing in. lecturer: It looks strange when a person with a “naked and
empty” browser goes to buy Gifts for a thousand bucks,
doesn’t it? Therefore, we create the image of an ordinary hamster user by first surfing the websites of all sorts of local clinics/restaurants, Amazon, eBay, Facebook, etc., in general, I talked about this in my lecture on setting up the system and security, now I remind you that this is the case.
lecturer: - all kinds of fingerprints (fonts, fingerprint, audiofingerprint and many others)
The set of fingerprints generates your unique impression of the user, which remains in the system, is solved by changing the system (changing Dedik, etc.), replacing a number of point fingerprints (such as fonts, screen resolution , video card frequency, etc.) and/or using antidetect.
lecturer: Block driving process. In my opinion, the typing process itself consists of several things, which, like all variables, can vary and/or modify themselves:
• the method of getting into the store (for example, from Google, or from Facebook/Twitter, other places)
lecturer: Yes , this is also important. Yes, shops see this too! To one degree or another, this also matters. There are several types of transition, I’ll tell you about them, starting from less trustworthy and moving to more trustworthy, respectively: lecturer: A) directly from the link from the browser’s home page, for example, browser > amazon.com B) from search engines, for example, google.com > amazon
lecturer : C) Social networks, affiliate programs, various coupon/cashback services.
The shop keeps track of where you came from, the most advanced methods = the most reliable!
lecturer: - manual text entry or copy-paste - antifraud is scorching, do you copy your name from the clipboard when making purchases from your card? Don't think. lecturer: - warming up the shop
Surfing the shop, CONSCIOUS selection of goods, reading reviews, delivery methods. Removing/adding items to the cart[from], registering an account in the shop (and possible temporary suspension of it), calling in advance or communicating with support.
lecturer: - by dialing / no
Some shops have the ability to order by phone - order by phone. It happens that the holder’s website does not load/is glitchy and then a support operator comes to the rescue, who personally enters your card details, etc. The advantage is that the antifraud actually does not see
your system/IP address, and therefore does not assess the risks based on these factors.
lecturer: - billing = / ≠ shipping
Compliance of the entered billing address with the shipping address, it happens that orders are canceled due to differences. You can fight in the following ways: go through antifraud on all other indicators / warm up the shop (for example, chat in a live chat and say that you want to buy a gift for a friend, etc.) / search for shops that allow you to do this / enter billing = shipping = drop/intermediary (when checking The AVS system will not work in most cases), driving in
illiquid assets that will not be subject to antifraud. lecturer: - shipping
A number of addresses of well-known intermediaries can be blacklisted by many point shops and merch, duplicates are also monitored (whether this address was previously purchased in the same store) lecturer: - email for the
holder and for the recipient (in the case with Gifts)
Mail also has a certain risk-speed. The most trusted are corporate emails like [email protected] . The most fraudulent ones are all those that have a simplified registration process (for example, mail.com, in other words, those where you don’t need to receive SMS during registration) lecturer: Among other things, some merch pay attention to the names in email addresses ( [email protected] ) -
checking the presence of the holder’s first/last name is also not critical, but also an important plus.
lecturer: As you can see for yourself, there are a considerable number of variables. Therefore, when there are offices, think twice about the number of other variables that directly affect the result of the work. An analogy for creating this list can be drawn in any work, be it working with a stick, poker, banks or affiliates.
lecturer: Block of consequences of driving in. There are many
different options for the consequences of your driving, let's look at the main ones:
lecturer: - Decline. Decline. The shop didn't even let you
place an order, this often means that you have problems with the card, so first of all you should pay attention to it and see Block SS. In other cases, the site either has technical problems and the screws are tightened (rarely), or you don’t pass the antifraud (or shop or bank) from the word at all and get burned somewhere, in this case, see the “Disguise” blocks, “ip-address” and “The driving process” lecturer: - Cancel. Kancel. The order was hanged, but after a while (or immediately) an email received a cancellation of the order, reasons: the antifraud did not pass / the shop called the holder / something was wrong with the card and the shop could not write off the money. lecturer: They didn’t pass the antifraud and he didn’t like something
• 2 options for the development of further events:
1 - cancellation directly from the shop’s antifraud system (or the bank did not allow the transaction to take place)
lecturer: 2 - based on the amount of points scored in the fraud indicators, the order was processed manually (this is when the manager manually approves/cancels orders) and the manager canceled it, or called the holder.
lecturer: Otherwise, if everything is clear with the first case, then the rest should be examined in a little more detail. lecturer: The shop called the holder - yes, there are shops that always call, there are also shops that can only call for certain orders (for example, for Egypt) and/or from a specific specified order amount (for example, all orders $500+) lecturer:
Methods The way to combat this is as follows: indicating
your/your phone number so that, if necessary, you can receive a call on it/indicating
the left number (for example, some nearby cafe with a holder) or a non-existent number.
lecturer: However, due to the AVS system in a number of countries, such orders may also suffer. Personally, I never fool around with the holder number, since in my work the AVS match should be 99.99%, so look at your needs and desires/topics.
lecturer: The third and final option is a cancellation due to problems with the card. This means that the holder either managed to burn it down, or your shop does not process orders immediately, but after the buyer left the order, and then he can
even grab a dead card and give you an order, but the money from it,
of course, is not available.
lecturer: - request by the shop for additional verification in the form of a photo of an identifying document (passport/driver's license) or photo of a card. It means that you fell short in antifraud somewhere or your order seemed suspicious. It also occurs in cases where the shop is already quite advanced and requests verification at the slightest suspicion.
lecturer: - request for additional verification by
dialing, they ask you to call to “clarify” some details. Usually they drive on the background (see the lecture on penetration), depending on the shop, it can also mean that the card has crooked billing.
How to fight? Punch, call, draw. If the warrant or tests are worth it. We record the results and draw conclusions.
lecturer: The last point of the lecture is Checklist. Checklists, my method of working on point shops by developing and practicing an approach in relation to them.
lecturer: It is a list of points (usually 10-20) telling how you can break through a specific shop based on tests of entering this shop, various useful notes derived from experience again (for example, how quickly orders/offices arrive) - this is what I need helps in work, a kind of creation of a template that you need to focus on for success.
lecturer: An example of my checklist for one large store: "SHOP *****.COM
• There must be equal billings
• By entering the necessary data, you must modify the M1 IP.
Exception: 2 attempts
• Only manual input and previously non-repeating variables ( a la mail)
• Consider the option of entering from Dediks
• If the anti-fraud has not passed, but the card is clear, the receipt will arrive in the mail within 25 minutes •
When the order is not passed by the anti-fraud system, the merch gives a declaration with the text: Unable to process credit card at this time, processor reported (Authorization Failed)
• If the card has insufficient balance or incorrect billing, the merch gives a declaration with the text: Please double-check your billing address and credit card information
• The following bins were entered: 517805 464018 for such and such amounts ...*
And so on.
lecturer: As you may have noticed, blocks are divided in point and group order, the groups can be classified in order as follows:
Credit Card blocks, Masking (system) - consolidated - preparation for driving in.
lecturer: Blocks The driving process, consequences and checklists are the result of preparation for driving and, in fact, the consequences. It is important to trace the cause-and-effect relationship between preparation and result in order to learn to understand where and when you are to blame, and where the shop or supplier of the material is. lecturer: “Those who devote themselves to practice without knowledge are like a sailor setting off on a journey without a rudder and a compass... practice should always be based on
good knowledge and theory”A.
Self-register Paypal
lecturer: Okay comrades, hello everyone again lecturer: today we are looking at self-regs pp
lecturer: first we’ll look at the theoretical part, then we’ll check the self-regs and then answer questions
lecturer: so PayPal is a stick/ pp. the PayPal account regulated by you - accordingly, self-reg PP
lecturer: I think this is understandable
lecturer: the most important advantage of self-reg is the long (as a rule) charge
lecturer: and if the transit went through, then most likely the goods will be sent
lecturer: and it will arrive without problems.
lecturer: that is, problems like with SS, cancellation of transit, reversal of a pack with self-regs is not present
lecturer: but naturally there are also disadvantages of self-regs lecturer: namely the buildup of akov
lecturer: making a self-reg and immediately driving stuff into it for 1k will not work
lecturer: it is possible, but these are rather exceptions to the rule lecturer: therefore the self-reg needs to be pumped up with small purchases/transactions
lecturer: in order to create a self-reg you need: 1- fulka
2- phone
3- ba
4- ss/vss
lecturer: FULKA is data on a real Amer lecturer: Here is an example of a full
lecturer: Dale S Murray 7955 Colee Cove Road Saint Augustine, FL us 32092
SSN - 593-12-7088
MOB - 904-237-3757 DOB - 09/16/1966
lecturer: Dale S Murray - full name
lecturer: 7955 Colee Cove Road - lecturer address
: Saint Augustine,
FL us 32092 - city/state/zip
lecturer: SSN - 593-12-7088 - social security number lecturer: MOB - 904-237-3757 - lecturer phone: DOB - 09/16/ 1966 - date of birth
lecturer: fulkas are the easiest to buy. a regular fulka costs
$0.5
lecturer: a fulka with a high CS (credit speed) 2-3$
lecturer: the quality of a fulka is much better when you buy a CC on xta and punch a fulka to it
lecturer: and the ideal option is to seal this card and tie it to the PP
lecturer : this option is good and on Novoreg you can immediately pay/send 200-300$
lecturer: 2- PHONE
lecturer: we will need to receive SMS from pp
lecturer: therefore, the phone number in the stick we indicate the one to which we have access
lecturer: namely gv (google voice) or textnow lecturer: 3-BA lecturer: BA can be tied to the stick in two ways lecturer: 1-SinTstoYy chXerMez laog-RPasKET .COM
2- minikami
lecturer: 1- linking insta means that in the stick we select the bank we need, enter the login password for it, then select the desired account and link to the stick.
lecturer: 2-minikami. and each bank account has an account and a routing number. so to link this account to the pp, we enter these numbers and send mini-deposits to them
lecturer: mini-deposits are two charges from pp to this account to $1 which are then written off in one amount lecturer: in the state it looks something like this lecturer: verifing PP john smith +0.10
verifing PP john smit +0.20
-0.30
lecturer: account and routing numbers are sold immediately together with the BA or you can get through the corresponding services on the forum
lecturer: it’s best to take the BA immediately with the numbers
lecturer: this may be useful in the future when drawing states or, if necessary, confirm the BA again
lecturer: the cost of the BA is $1-30 depending on the bank and balance BA
lecturer: when purchasing, be sure to pay attention to the conditions for replacement BA
lecturer: I recommend taking BA 5+ in the initial stages lecturer: 4- SS /VCC
lecturer: according to SS said above, as for everything, use a visa vanilla card
lecturer: enter the card details, confirm it with miniks and the card is linked
lecturer: according to theory, we have finished
Methods of working with self-registration Paypal
lecturer: the topic is actually quite extensive and there is always there is a place to show your creativity
lecturer: we will look at the most common options lecturer: so, the first rule, we behave like a real American lecturer: so here is the
lecturer: if the self-registration did not give a purchase, send, donate, holding, reducing the transaction amount, changing the product helps/ seller/mail/shop
lecturer: I repeat, before working with self-regs, I strongly recommend reading the archives on the stick lecturer: let's look at the slang lecturer: instant-instantly
send - sending money from one aka pp to another mini-mini-deposits
state - statement - statement from the bank
lecturer: in terms of organizing work, as I said, numbers take the cake, and when you accumulate a decent number of self-registers, the issue of maintaining statistics and reporting becomes especially acute. lecturer: therefore, I advise you to immediately create a statistic
in Excel or a similar program, whichever is convenient for
you lecturer: in I usually enter into the stat:
registration date aka linking date date of the last action
which ba is linked (miniatures if any) email and a place for notes
lecturer: I write down transactions there, when it clears and similar information lecturer
: in addition to this, as I said above, I advise you to install thunderbird , mail collector for the convenience of monitoring your self-registrations
lecturer: some options for non-standard registration of a pp account:
lecturer: 1) through payment with CC
lecturer: we are looking for a donation that accepts payment via pp, try to pay with CC for $1-2. enter the data, check the box
lecturer: “Register a PayPal account”
lecturer: pay and get a self-registration with one transaction lecturer: then go to ak, add dob and ssn through ed money
lecturer: if everything is orm then we hook up the gv, then ba and in lay down on 3-7 days
lecturer: I’ll explain right away, laying down, this is when we don’t log into the account at all after a successful transaction
lecturer: 2) we issue an invoice for empty soap lecturer: “empty soap” is mail for which a PayPal account has not yet been registered
lecturer: s samorega pp we issue an invoice for empty soap, a letter with an invoice arrives at this mail, follow the link from it and pay for the invoice in vanilla (up to $100 is fine) lecturer: simultaneously download
two of our accounts lecturer: 3) send for empty soap from a trust account pp
lecturer: a trust account can be either our well-developed self-registration or a real amera’s pp account with many successful transactions
lecturer: in the second case you will have to be creative, for example, buy game keys and sell them to amers on the forum with payment via pp for empty soap
lecturer: The point of this method is that such a self-registration will initially have a higher credibility and it will be much easier to merge it
lecturer: further
lecturer: types of payment in self-registration pp: 1- with ss/vss
2- with ba (e-check and insta)
3- from balance pp 4- bml
lecturer: I’ll explain about payment from BA lecturer: it comes in two types:
1) by e-check
2) instant
lecturer: payment by e-check takes 3-5 banking days/days lecturer: in simple words, this is a banking operation of debiting funds from a bank linked to the PP and transferring them to another account PP
lecturer: payment by instant is the same e-check but with one difference
lecturer: in the case of insta, the stick trusts our account PP and sends money immediately, as if lending to us, and
then itself waits for the flow of money to be cleared and cleared ERCHECK
ET.COM
lecturer: the day when the transfer of funds from BA to PP is completed and is called the day of purification (clear Echeka)
lecturer: let's sort out the refs (refunds)
lecturer: a ref is a cancellation of the purchase and a refund of the money lecturer: as a rule, stick insects use refs in order to pour money into the balik pp
lecturer: what are the features and pitfalls lecturer: if the payment was made with the ss-to when a referral is made, the funds are returned to the SS
lecturer: if with a BA a check that has been cleared, it falls to the balance of the pp
lecturer: if with a BA check, the funds are debited from the BA but the transaction itself is in the pending - after 3-5 business days it will fall to the balance lecturer: if from a BA instant - after 3-5 business days it will fall
to the balance
lecturer: from bml ref will fall back to bml lecturer: options for draining balance pp lecturer: 1- cash out
2- drain to stuff
lecturer: cash out options:
lecturer: 1) send from balik to output ak pp and withdrawal from it to visa (about 3 business days)
lecturer: 2) withdrawal a ba on the same self-registration
lecturer: the simplest and most effective method in my opinion lecturer: paid, refunded, cashed
lecturer: drain to stuff
lecturer: sometimes It’s easier to merge into stuff than to dump
lecturer: but there is less percentage if you drive in stingy and
wait longer YproXfiMt esAliRslaKtEsebTe.stSafOM
lecturer: for this we register ak ebay, pp to ebay we don’t link lecturer: we download it in small transfers from balika lecturer: yes, we regist ak ebay for data media
lecturer: we fill in 5 feedbacks little things
lecturer: and you can start hitting on media iPhones, MacBooks from the badence of our self-registers
lecturer: further
lecturer: it happens that an ak with a balik went into the limit for 180 days lecturer: it’s okay, we postpone such an ak, after 180 days we tie up our withdrawal account and merge the balik lecturer: yes, I’ll add it on eBay, it’s better to transfer our ak ebay into a business ak
lecturer
: this way it will be a little easier to flow lecturer: if the self-registration does not allow:
lecturer: helps to lay down lecturer: 3-7 days
lecturer: or reducing the amount of driving in, changing the seller, shop lecturer: do not make many attempts of the same type of actions
lecturer: at least get an all-around activity lecturer: in the worst case, limit
lecturer: this is called wanking the ac
lecturer: make 3 attempts, it is no longer advisable lecturer: links for working with self-regs pp lecturer: 1) 1virta = 1 self-reg + toons/soxes lecturer
: 2) base+ antique + toons/soxes lecturer: 3) grandfathers homework with hidden accounting
lecturer: 4) virtual machine + portable for everyone + toons/socks
lecturer: 5) basis+ sphere+ socks
lecturer: 6) rega aka base+ sphere+ socks. typing in aka with hvnc lecturer: limits:
lecturer: 1) easy - receive SMS, password change, secret, binding/confirmation ba
lecturer: 2) medium - you need to draw a passport, iD, state SS/BA, proof of address. consideration of two business days lecturer: if during this time they have not removed it, then you need to call the stick
lecturer: 3) heavy - all of the above plus an explanation of transactions
lecturer: the percentage that such a limit will be lifted is extremely small lecturer: it’s easier to drive it to 180
lecturer: that’s probably it All.
Brutus Paypal
lecturer: Good evening everyone! Today I am your lecturer and the topic of our conversation is driving
in signed accounts of the Paypal payment system or in short - brut pp.
lecturer: I will give you basic information on working with this area of carding and answer questions that you may have during the lecture. Go! lecturer: Let's start with a short introduction
lecturer: I have been working with a stick since registering on the forum and completing training.
lecturer: I was attracted to this direction primarily by its simplicity and accessibility for me at that time.
lecturer: Because To work, you just need a Dedik, the accounts themselves and the address where to send them. Everything else is a matter of technology. lecturer: During this time, the stick tightened its antifraud many times and the work became more and more difficult and expensive.
But we didn’t stand still and learned something new every time.
lecturer: So that you understand how antifraud has changed over these 2 years in working with brute pp, I’ll give an example.
lecturer: Previously, when I was just starting, it was possible to do this.
lecturer: You go to any store with liquid goods (iPhones, etc.). You try to drive a stick in there, and when we entered the log pass, I simply added the address of the intermediary, the stick ate this address and some real phone was on its way to my warehouse.
Perhaps you still don’t understand what’s going on here. But if you start working in this direction and then
re-read this lecture, you will understand that it is almost impossible to do this now, or it would be a lot of luck. lecturer: now directly about working with Brutus pp lecturer: Let's start with purchasing accounts for work.
lecturer: Due to the fact that sellers have different checkers, the type of account itself that you buy may change from time to time, but in general the information written there is the same.
lecturer: For example:
lecturer: =========================
[email protected] :Sklo5151 Holder name - shellie klotovich Address - shellie klotovich| Po box 160||CROCKETT|CA|94525 Primary e-mail: [email protected]
Limited: - False Country - US
Phone - 1S925T38Y158X11MARKET.COM
Card - CC 5805|11/17
Bank 8134|JP MORGAN CHASE BANK, NA
Transactions :
85.05 USD-Bank account 06/30/2017
85.05 USD-Jennifer Nicolini 06/10/2017
233.00 USD-Bank account 05/29/2017
210.00 USD-Jennifer Nicolini 05/29/2017
========= ====
lecturer: In general, everything should be clear here even without knowledge of English
lecturer: But I’ll explain briefly
lecturer: At the beginning there is a login and password for the stick itself. Next, full name (Holder name), address (Address), mail,
telephone, limit/unlimited, account country, telephone, balance, credit card, bank (BA) and transactions that were made by the owner from this account.
lecturer: Before purchasing, it is advisable to decide which country you will be targeting.
lecturer: These are mainly the following directions: USA, EU (Europe) and exotic (essentially all other countries). lecturer: I can’t say which country to beat better. Personally, I started my journey with US accounts, but I would advise you to start with EU accounts, because... According to my observations, orders work better there.
lecturer: Guys, is everything clear from what was written above? Are there any questions or not?
lecturer: let's move on, we've just started
lecturer: At the moment, all accounts being sold can be divided into 2 categories - with transactions (1) and without transactions (2).
lecturer: The second type of accounts is also called zero-level accounts lecturer: What’s good about type 1 accounts is that KH is active there, there are purchases in various shops or services, and the percentage of your typing will go through is of course much higher lecturer: I use zero-level ones most
often to hijack an account and then attach a BA and leak it to shops/services.
lecturer: Now let's move on to the topic "Where to drive in." lecturer: 1. Dedicated servers (dedicated servers) Most often, sellers have the following types: Home \ Servers \ Amazon (Amazon) lecturer:
2. SSH (tunnels) \ socks (socks) \ proxy (proxy)
lecturer : I can’t say what you need to enter to get 100%, I think you understand
the lecturer: But, focusing on the fact that you are just starting your path, and at least some positive result is important to you more than anyone else, I would advise starting with Dedikov.
lecturer: Just don’t take homework for 10 bucks at once lecturer: even though sellers say that they are the best and cleanest, we don’t need that yet lecturer: you’ll
spend more on the material and go broke lecturer
: Take homework - servers up to 300-400 rubles lecturer : I loved and love to use Amazon Dediks, they cost on average 64 rubles
lecturer: For those who are a little more sophisticated, I advise you to use the “virtual + tunnels” scheme.
lecturer: You can also find sellers of all these riches in the corresponding sections on the forum.
lecturer: To work with Dediks, use the program - mRemoteNG.
lecturer: Now let's imagine that you bought Brute stick accounts and decided on the device from which you will
hit.
lecturer: Now it remains to understand: where to drive and for what purpose? According to the old scheme, I will divide what we can drive into 2 categories
lecturer: 1. Physical goods 2. Electronic goods
lecturer: You can sell the first category of goods either to an intermediary, with subsequent transportation to you, or to a drop, with delivery of the goods for a percentage.
lecturer: You probably guessed about the second category; it includes various gift items
from stores that can also be given to thrifts/sold/brought
into the middle by yourself.
lecturer: Be very careful when choosing an intermediary, because Sometimes you come across very unpleasant companies that examine parcels under a microscope, and any discrepancy leads to an account ban.
lecturer: A few more important points. After New Year's Eve 2018,
the antifraud policy has noticeably tightened up, and now even just logging into your account can be problematic.
lecturer: How can we do this? We take any shop with any kind of illiquid goods and through an instant checkout we try to buy some small thing at KH (as cheap as possible).
lecturer: Next, write paypal.com in the address bar and look at the result. If you're logged in, great. If not, take another one and repeat the movement.
lecturer: even if you are in the middle, this does not mean that you will not be able to get into your personal account. If the account pops up, try writing paypal.com, you won’t lose much time, but somewhere you can and the
lecturer will re-pin you in the personal account: there you can already look at the shops and try to enter them, it’s already good
lecturer: Security check lecturer: Champions League - personal account
lecturer : Most of the shops can be divided into 2 categories according to the method of driving. The first one is, so to speak, “classic”. When you found a shop - put the goods in the cart - clicked the checkout button - entered the billing/shipping address - selected the PayPal payment method - you were transferred to the stick website where you entered the log pass - the shop entered the address in the stick • you paid for the order
.
lecturer: The second category breaks through a quick checkout, through which we try to get into PayPal’s personal account at the beginning. What does he look like? You found a store, put any item in the cart, and there you will immediately see a button - Check out with PayPal. This is the quick checkout button. When you click on it and enter the log file, you will see the KH address during review. Here is an example of a shop, so you understand, with such a checkout - shop.lego.com.
lecturer: Shops only break through with such a checkout.
lecturer: At the beginning, you take a shop of the 1st category, you get to the review, when the shop has entered the address you need, you DO NOT pay for the purchase, but leave the account to sit for a day or two.
lecturer: Be sure to save cookies in sendspace.com
if this is a grandfather and he can die
lecturer: Then you go to a shop with a quick checkout (category 2), and already there, when you click the
Check out with PayPal button, you will see your address, to which you can easily place an order.
lecturer: be sure to learn how to save cookies
lecturer: This is very important when working with a stick. Dedik may die, and all your efforts to recover from the illness will be in vain. We were able to get into your account - this is already a reason to save cookies.
lecturer: If this is a Dedik, then immediately download the portable software (up to version 55) and install the extension for working with cookies, I personally use the advanced cookie manager, but you can look for something of your own.
lecturer: I would also like to point out a big mistake of beginners. When you try to beat a stick, take small amounts, about $50-100
lecturer: because The main thing for you now is to get at least some result. Don't beat ebay.
Although, if you really want to, you can try, but the main thing is not for large sums!
lecturer: Any material, whether it’s Dedik or Sox, you always select it
according to the state if it’s USA, and according to the country if it’s EU (Europe). lecturer: Save any results. I've always worked with Excel. If you entered it successfully, write down everything that may be useful - the shop, the mail where you entered it, the log of the stick itself, where you entered it from (Dedik, Soks), if there is an order, write down its number, etc.
lecturer: I would also like to note this very important point. The stick works with a floating antifraud, and if you work today and according to your method make a couple of orders in an hour, this does not mean at all that tomorrow you will get the same thing.
lecturer: So that you know when the stick has “tweaked” the antifraud and other nuances a little, Working with Brutus accounts
lecturer: Well, let’s probably start. If anyone is late,
the lecturer will catch up with the logs: Today we will talk about brut. This is the most profitable direction in carding in terms of financial costs; the only downside to it is the opposite of costs - time. Let's remember what Brute
lecturer is: Brute is the process of searching through the login
assword strings from the database, using software to determine the validity of the service you needlecturer: What do we need for this:
lecturer: 1. Database
lecturer: 2. Proxy
lecturer: 3. Server
lecturer: 4. Soft
lecturer: Now about everything in order
lecturer: 1. Basics. What is it and where do you get it? The database is a leaked dump of a hacked site where user credentials are stored in the form of login
assword. Not always in the form of loginassword, there may be hashes, but mostlythey sell it in its pure form
. lecturer: Databases have several characteristics. lecturer: This is privacy - the ratio of the number of
unique login
assword combinations to the ratio of those combinations that have long been gathering dust in the publiclecturer: This is valid - the ratio of the number of login
assword lines with which we can get to the holder’s maillecturer: Well, the topic with geography
lecturer: 2. Proxy. You choose a proxy individually, and if you have found your ideal, do not tell anyone about it. This is the same “bread” as the mediating and giving themes. If you need to hack the accounts of some weakly protected service, like a small shop with clothes, you can take the first ones you come across. If you need to brute Amazon, Ebay,
PP, then you will have to look for
a lecturer: 3. Server. It is needed only to ensure normal operating conditions for the software, to increase your safety and to ensure that your brute-force machine works without interruptions. You should approach the choice of a service based on your financial status, there are enough offers for such requests for exploits, the price tag ranges from 10 bucks and above, tens of times higher
lecturer: I’ll immediately answer a possible question, is it possible to
brute force on your computer/virtual. It’s possible, only in the case of virtual software the efficiency will be low (system requirements), and I don’t recommend running ANYTHING bought on our topic forums on its basis.
Today the software is normal, and tomorrow with an update your cue balls will go to the developer of the software
lecturer: 4. Software. The most important thing is that without it you won’t be able to brute. Purchased for the site you need on VVH, Exploit and BHF (oh, in vain). Look carefully at the reviews and how long ago this coder went public.
Quite often, coders cut out good stuff, and then give up on updates. Updates will be made only by people who are strongly motivated by the accumulated turnips and finances
lecturer: Software is also written to order, on the same forums.
lecturer: There is also such a thing as “harvesters”, these are software where the brute force is assembled for many different sites at once. I don’t recommend you take them, because at the beginning of sales it works fine, but then everything starts to fall off and coders often leak. At the beginning of the journey I stumbled twice
lecturer: You can find a site for working with other accounts on your own, even though the niche has already been taken into all the cracks, there are still unoccupied holes. To begin with, you need to evaluate how often people use this site, it is clear that on Ebay and Amazon the number of “buzzes” will be many times higher than on an unpopular site with clothes, but the work on these services will be very different.
A virgin store that has not yet been raked out will
give you an easy and relaxed experience, but to work with giants you will have to shell out a hefty amount of money for tests
lecturer: Also, you should check whether the site stores your credit card. To do this, we take 2 grandfathers (2 virtuals + proxies, or
antique casts), take one CC, mail on mail.com and go to enter from the first grandfather. We save payment information when paying. Then, having only a login and password in hand, we go to the same shop from the second grandfather, try to log into the account and make a second order
lecturer: If it worked, it doesn’t ask you for CVV or any other data that you don’t have, that means in the shop you can work from brute
lecturer: Assess whether it will be liquid to brute, order software and go into battle. A clean shop is always a pleasure
lecturer: There is another feature that I often mentioned before. Feel free to use Google, it knows everything. Just because you think a shop is virgin doesn't mean it is. Try typing carding into the query www.nameshop.com , carding, it’s quite possible that it will pop up somewhere among our brothers in the black list lecturer: Now let’s go through exactly how we can type in lecturer
: We have several options. We either package it all
in the middle, in a barbaric way, or we package it for drops in the same barbaric way, we can send it to the KH address if the shop sends it by mail, which can be redirected, picked up, etc. lecturer: A little more detailed
lecturer: 1. Direct to the middle or drop. We simply log into the account, change the shipping address to our own, without affecting billing (relevant for Yusa) and hit. It worked
• we’re shaking and waiting for confirmation, if it didn’t work, we’ll shovel the accounts further
lecturer: Here it’s better to hit the drops anyway. In all the shops there are people, managers, they know the addresses of the intermediaries very well, they know how to use Google
lecturer: By the way, about Google. Punch your drops from the admin panel
lecturer: They can be “hot”, the arrival of goods to such an address is like a holiday, usually if it is on the black list, the store will immediately block the account
lecturer: Also, try not to touch the holder’s name. If John Wick changed his address, this is acceptable, but if he suddenly also changed his name, especially to Vasya Pupkin, then your chances drop to zero. If you use intermediaries, then register them with non-Slavic data, some kind of Dzhamshuts and we have enough lecturer there too
: Regarding the pickup, I can only say that your chances of driving in are about the same, because the amounts should be large, but getting a picked up The product is a pain in the ass. Here the drop can be accepted and he can hide it himself, and the DS wants to eat, he can lose your pack
lecturer: Also, I can advise you to carefully study the shop where you are going to work, read thoroughly. They often have some kind of promotions, chips, which, with imagination and the proper level of skill, provide freedom for action.
lecturer: As an example, in one shop you could hit with a brute, do a reset to the balance until the stuff was sent, and then stock up on the balik there liquid gifts. Another example - the balance was also returned, but it could be
transferred to the store’s partners; the goods stolen from such a bank were “clean” for all anti-fraud agents and the work went well. There are actually a lot of examples, so don’t be lazy to read for 15 minutes. Carding and in particular brute force is not a stupid search of accounts, but also work with the head lecturer: Now regarding the brute accounts themselves, they come not only with cards. There are also linked
PayPal accounts, and there are enough for other payments as well. The easiest to learn and work with is account + CC, everything is the old fashioned way, only the shop’s anti-fraud is stopping you, and the bank’s anti-fraud usually doesn’t have the same effect on driving. But with PP you get the whole headache of the stick with its PMS. In addition to the fact that the shop itself can shave, the stick will also sprinkle MF, SM,
etc.
lecturer: PP is good for “seeing” how it works, accounts cost pennies
lecturer: But I don’t recommend it for work if you are not close friends with the stick
lecturer: You still drove in your product, the order is in pending. What can we do to increase the likelihood that this stuff will be sent to you?
lecturer: We can only influence how information about this purchase will be available to the account holder lecturer: First, we understand the account. We change the email, password and phone number to ours there
lecturer: Register your mail after a successful entry under the name of the holder, you can register it on mail.com, it’s done quickly, you
don’t need to receive SMS there
lecturer: If the order is small, put the number from your head,
if it’s big, then put your Skype or dial-in number lecturer: This will only help if the holder has already forgotten about this shop and has not received an SMS from the bank lecturer: Unfortunately, in the field of online payments, the development has gone far and often among the
holders there are push notifications on the phone and SMS and the shops themselves call
the lecturer: But if KH is a slob, then for the first few days he may not notice, and then he won’t be able to do anything
lecturer: For prevention, if the order is large, we can load spam email to him. But this is just an option and is only needed as a safety net if the order is very important. Rather, the holder learns about the spending by SMS or notification on the phone
lecturer: Also, look at the contact details of KH not only in the information about shipping, but also in billing, there is often a duplicate phone number and it is quite possible that the data on the PP account, where mail can be another
Brutus Ebay + Paypal
lecturer: Hello everyone. Today we’ll talk about brut ebay+pp (PayPal), we’ll figure out what it is and what it’s used with. lecturer: I personally have been working in this direction for about a year, I have seen both good times and not so much, for example, like now.
lecturer: I’ll note right away that I didn’t earn millions, but if you take into account that it took a minimum of costs and time, then I consider this a good and affordable way to earn money.
lecturer: Today we will learn how to drive in brute accounts from eBay and throughout the lecture we will try to get to know this giant in more detail - Ebay.
lecturer: Let's start first with the advantages that await us:
lecturer: This is easily accessible material, I think if you leafed through the shops a little, then in almost everyone you saw ebay+pp, ebay+cc, completely different countries
lecturer: In fact, now with ebay accounts are not very good, because they die within a few hours, since the authorization method used to check accounts has broken down.
lecturer: The main countries of eBay accounts are USA and UK, which stand out, but there are also IT, DE, CA, too, as far as I know, but now most sellers sell this as a mix or under a different name in different countries.
All these accounts have a variation with either pp or ss, respectively, with a linked PayPal account or card.
lecturer: Actually, this is what the account log looks like: lecturer: [email protected] :neil1976 / Access Email: NoCheck /
UserID: neil132011 / FeedbackScore: 17 / Orders in the last 60 days: No / CC: No / PP: Yes / Country - GB / State - Scotland / City - Aberdeen / Street - 1 lossie place / Zip - ab166tj / Phone
- 07927 938797 / Seller: No
lecturer: Let's look at hodler soap in order / access to soap (not all shops have this and it costs a couple of times more)
/ user ID on ebay, aka login (most often you go through UseRide rather than email)/Number of reviews (the more the better for us, but in fact, if there are a lot of reviews, then the account owner will quickly notice our purchase from his account)/purchases over the last 60 days (most often tells us about the activity of the account, most often you don’t buy from such people, by the way, but the holder can forget about his account altogether)/linked card/linked PayPal/country/state/city/address/zip/telephone/seller or not, but I think that’s where you You’ll figure it out for yourself, that’s just me. lecturer: Actually the price for these same accounts. Ebay accounts are cheap, if my memory serves me right, then for 1 account we pay from 20 to 30 rubles, this is for USA, UK accounts, a mix of countries will be cheaper, you probably understand why lecturer: Work environment, for example your grandfather,
sox , VNS,
tunnel and everything, everything you can think of to work. Personally, I used to work on Dedik and processed more than 100 accounts from one Dedik, this is at a minimum, I think that it should also work with the same VNS, but I haven’t personally tested it, since previously it was quite expensive to take a VNS and sometimes VNS lasts much less than Dedik, but recently I changed direction, but more on that later.
lecturer: As far as I know, it works best from a real phone, but I personally don’t use it, because I simply don’t know how to configure a phone and it would be advisable for us to purchase a patched router if we decide to work well from a phone.
lecturer: Holidays. As in all shops, fraud is weakening, we can enthusiastically try amounts that we could not try before.
This is where the pros end, now let’s move on to the cons, there are about the same number of them.
lecturer: Actually, the disadvantages:
lecturer: Easily accessible does not mean good, namely, I often hear questions like “tell me the seller’s account, store, topic, forum and everything, everything, everything” there is no ideal shop, just test everything if you need I will give a list of shops with accounts that I know, some of which I use, but time passes and I cannot say or more accurately call any of the shops good.
lecturer: Now this problem is especially relevant, because
accounts die quickly.
lecturer: For example, this is what a bad account looks like , that is, it is already locked and you will not be able to access it.
lecturer: Each seller has its own rules, that is, one has a replacement within 3 hours, and another 6, and one even 12, but if the seller is decent, then he must make a replacement. Just some advice, if you bought accounts, then immediately go work them out. I honestly don’t know how eBay is saying that the account is closed, but after a while it can be blocked. They worked quickly, they entered what they wanted or didn’t enter, but the account was processed for both you and the seller, there are no problems. Never put off your accounts!!!
lecturer: Now it seems there is no guarantee at all for many accounts (for the reason stated above)
lecturer: It will be difficult for us to find undamaged SOX Deds, tunnels (especially them), unless the VNS is usually clean. This is a brute, it is publicly available, so get used to the fact that the sox is jacked off, the dedik is killed. Finding crystal clear materials is very difficult now, but it is possible. Personally, based on the Dediks, I can say that there are no good Dediks on the forum. There are normal ones, but not good at all, so get used to the fact that you will still need to put socks on them, but I haven’t tried all the services that we have, so maybe I’m wrong about the dirtiness. Private shops with grandfathers are not bad.
We cannot check Riskscor and Proxyscor, when
the seller sells to us, they personally assure me that the best one they have, and in private ones it will most likely be built in, but of course you have to take for the money the lower the indicators, the better.
lecturer: For example, here is a screenshot of one of the private services with Dediks lecturer: I’ll immediately warn you that for those who plan to work with Dediks. We only buy homework, skip the server ones. You and I don’t have a server at home from which we make purchases, right?
lecturer: The very nerdiness of ebay. We can't do anything about this at all. Ebays have peculiar periods, just like sticks. Most often this occurs at the end of the month. Basically from the 25th to the end of the month + - it’s better not to climb during this time for a couple of days.
lecturer: Let's move on directly to the driving itself. I will divide the directions into 3 parts.
lecturer: By typing in kh followed by rerouting. Here it gives
quite a lot of money and mostly it’s USA, because there are drops, reroutes, stingy, in general, everything is good there, but I personally don’t work in this area, because with USA it’s getting worse and worse, but no one forbids you to work on UK, but as far as I know, rerouting is difficult there. There may be difficulties with mail.
lecturer: In USA there are 3 main mails - fedex, usps, ups lecturer: fedex with a ban - they reroute, usps with a ban also reroute, ups with a ban - consider it lost
lecturer: But if you buy from some private seller on ebay, then the likelihood that he has a ban on rerouting is small
lecturer: although there are some sellers who monitor the track directly and will turn it back if you reroute it. I've come across a couple of people like this, but there's no way to escape from it, but if you do come across one, just write down his login so you don't fall for the same rake later.
lecturer: Entering with a change of address. The amounts here are not large. On average up to 150 pounds (200 bucks), but this is a small thing, but nice. The country of operation is South Caucasus (different countries will also work), because in my experience the address here changes much better, but as a plus, we can ship directly to the CIS, or any other country to our drop, the middleman, Uncle Vasya. I strongly advise against hissing yourself!!! Many people say that the amount is small, but don’t be afraid, but you don’t need to burn your name. Drop services are quite expensive for us, but if we work on a duffel bag, as I wrote above, up to 150 pounds, so Uncle
Petya from the next door, I think, will not refuse to go for a parcel for Magarych, again, the chance that they will come for you is minimal, but There is always some % risk in any business.
lecturer: Digital direction, they are also digital goods, if in our business, then gift cards. All these gift cards, vouchers, games, game currency. The list is simply huge, but it’s better to look through the hoarding topics, there you will find %, as well as a complete list of what they buy, but if you didn’t find your gift in the hoarding list, then don’t be upset, maybe they will take it too, but it’s better to check before buying the gift itself, whether it is needed sparingly or not, so as not to incur losses in case of unprofitability.
lecturer: Ebay is probably the easiest way to get
gift cards, which is, and yes, the country of this direction is USA. There are also a few in the UK, but mostly all Gifts are USA. Amers with Gifts just have a disease.
lecturer: The most I bought here was a Victoria's Secret gift for $500, I have never seen a higher price. Here the goods are divided into two types. There are Egyptians, and there are paper ones, if you can call them that, but that’s not what we’re looking at.
lecturer: We need the seller to send the card number and pin code, it most often looks like this
lecturer: card number: 006493300605817195 Pin: 4234 lecturer: Or a game gift card/key, a certain number of symbols for example AAAA-AAAA-AAAA-AAAA , everyone has a different number
lecturer: Using this data we can check the balance
cards, we will then hand them over sparingly. So, we are only satisfied with sending an ebay message, or via email linked to our PayPal account, but for the latter we need to buy an ebay account with access to mail. This is quite rare, but you can find it, although the price will vary. I saw about 150 rubles per account in one store. But remember that gift cards and games are not the only things you can find in the digital direction. It all depends on your imagination, because the eBay search does not work very smartly, so some things are generally better to search through Google, for example “buy dildo on ebay”.
lecturer: And so, having entered, you will decide what to enter from
yourself, some use mobile devices, but XMARKET.COM is quite difficult to set up and, as a rule, working with them is slower than with anything else, but also more profitable.
lecturer: Dedik is quite expensive to start with, so let’s start, or I advise you to start with a virtual machine + Sox. There are a lot of resources where you can buy socks, but I personally take them on VIPs, but if you want to make serious amounts, namely higher than those announced earlier, then I recommend abandoning them, and if you want to work in America, then it’s better to forget about VIPs, and Europe is still will do. After we have pulled on the sock, we go to the entrance and the anonymity scale should reach 90 at least, but better than 100.
The most common problem that I constantly
encounter is that Sox has a DNS from another country. Here we are powerless, but since we took it, we will try. I
personally always try this brut, after all, it’s brut that comes from quantity, not quality. We use either Mozilla or Chrome browser. We will also need to download an extension to clean our browser after each account. Google it here, there are a lot of them for every taste and color, but I personally use portable mozilla, which after a restart everything is deleted.
lecturer: Vip72 socks are more for just
trying. They are cheap, but the quality is so good. There are many good resources for Sox, such as LuxSox, Faceless, SoxClub (it seems there are even mobile Sox). But everything except the last one went private and for the account of the same suites you need to pay greens, faceless is cheaper in this regard. I don’t know if the registrar is open there now, but a month ago registration was $50, which will be credited to your balance.
lecturer: Let’s go to ebay.com, it’s better to do this from Google, but if we are doing YUSU for rerouting, or digital goods we use the .com domain, small goods with a change of address we use ebay.co.uk.
lecturer: By clicking on Sign in we go to this page , here we log in with our userid and password, I recommend trying to log in immediately with the userid, because it often doesn’t want to log in from email.
lecturer: The first drive we always do is warm-up, or as they call it, warm-up, and this is an inexpensive product, I usually buy some kind of ball for up to 10 bucks or some other garbage. For example, we choose one of these three products here, whatever your heart desires,
because this is just a warm-up, but if we work in the South Caucasus and we need to change the address, then we should pay attention to delivery, that is Is there delivery to our country and how much does it cost?
lecturer: In the last month I often came across the fact that I wanted to buy crosses that cost 50 pounds, but delivery to my country cost the same, so don’t be lazy, look for a seller who sends by cheap post, no matter what post you send from England, then it will come to you at Ukrposhta, if in UA and to the Russian post office, if in RU, that’s why I don’t recommend breakable goods, so as not to ruin your mood) you yourself know what kind of mail we have lecturer: We see this beauty
where something in the middle of the page
• https://imSguTr.coYm/XvwhM8QAvmR , and for the country we need - 16 pounds is normal delivery. Again, if we are under redirect in USA, then we skip all these points, we just look at what kind of mail the seller sends, because some cannot be redirected, and some goods may generally be prohibited from redirecting, but this is most often on the road, to us It’s still too early for this
lecturer: Digital we don’t touch anything either, we just buy our warm-up product.
lecturer: In the UK, before purchasing, we change the address, as an example, here we see one delivery address , but often there are many, if there is only one address, then we change it to the desired one right there, if There are a lot of them, for example 3 or more, then we try to
add our own, just don’t forget to check the “make this addresse primary” checkbox.
lecturer: This is what a full changed address looks like, we indicate a fake phone number, just the country you need - https://imgur.com/a/HVV57 .
If allowed to change, the blue payment button lights up again https://imgur.com/a/o320F, if not, then you will see an error, you can forget about this account after we were not allowed to change the address, but before that, go and delete the address that you wrote before in the account settings. lecturer: Then the sweetest part is again the search for goods. Let's move on to the search, I advise you to buy something illiquid, that is, don't rush there to try to buy airpods, video cards and all that stuff, but gear, illiquid
electronics, because Aso RsmeKnoyev Td.ugsuyuOstmanu does not
give particularly large sums.
lecturer: I always post Listings buy it now in order to weed out unnecessary auctions that are just an eyesore. lecturer: I always change Sort from Best Match to Newly listed, so that it shows products that were recently posted. lecturer: It’s also worth paying attention to the seller who sells. Do not choose a seller with a reputation of 0-50, the most optimal is 100-200, but also giants, they often sizzle quickly, it’s easy to buy from them.
lecturer: It’s better to skip the first search page altogether
and start with 2-3, by the way, some sellers need to be bombed, so it’s better to write them down, as in general it’s better to record all actions, but honestly, I found some kind of pattern on ebay - it didn’t let me stop watching lately
, but the list of sellers on ebay will really help you, you don’t need to write much, just a login or a link to it and a few words, for example: PR0$3LL3R228 - sent a brick instead of an iPhone.
PussyEater99 - quickly hissed, quickly added a track.
This is of course in a humorous form, but I hope you understand me.
We move to the stage that the order has already been made, now we need to cover our tracks and wait for our track/gift card, if you do not reroute, but ship somewhere to a certain place, as for example in my case in the CIS, then just once every 2 weeks
send your person to the post office to check, if the track still hasn’t arrived
lecturer: But in the case of a reroute, the track is required for us, as is the name of the person, and the address where the pack goes to us.
lecturer: We can change absolutely all the data in your ebay account without any confirmation, so you can do this, but as I noticed, this does not really
help, since everything is restored very quickly. lecturer: Alternatively, there is always mail flooding, but also
it often doesn’t help when KH just has the Paypal application and it shows him that the money has gone, but don’t be upset, if the account has been restored, the goods can still be sent, since we enterprisingly press the More actions>Hide order button in orders, Now there may be a chance that KH simply will not notice our order, and I’ll tell you how to get a track from a dead account further. lecturer: There are many services that offer this
function for free, oddly enough, that is, there is always a chance that the big hand of a bigger brother will get to your pack, but neither I nor my friends have encountered this yet.
lecturer: https://imgur.com/a/exkmJ click as in the screenshot and a link will be displayed in the address bar. Next, we see a couple of parameters in the link - itemid and transid. It is in my link that itemid is 173009293376, and transid is 1801961736007, so we need to save them.
lecturer: In the case of digital goods, we simply monitor either personal messages on the account while it is available to us, or mail, if we decide to fork out. That's all there is to it
.
Pickup, Interception
lecturer: Hello everyone again
lecturer: Today the topic of the lecture is Pickup/Interception
lecturer: I will ask you right away, if anyone has questions during the lecture, ask them when I inform you that you can ask questions. If, based on the information that we have currently gone through, a question arises, we write it down in a notepad and then quickly copy it, I answer and continue.
lecturer: Let's figure out what it is and how to work in this direction.
lecturer: In terms of pickup, I advise persistent people who don’t mind spending money on tests to work.
lecturer: For example, people beat ebay, stick, etc.
lecturer: They have, God forbid, $300-400 from one successful operation, and on top of everything, it can take much more time.
lecturer: Everything is different in a pickup truck. if you find a giving store, then from one order the profit will be 1k+
lecturer: For work, it is advisable to know English, or have a dialer on your salary, as you will have to make a lot of calls, requests for drawings are not so common.
lecturer: As I already said, tests require a decent amount of money. Now it’s not like before, you took the ss, entered it into the first store you came across and wait for the goods, this is not only in a pickup truck but also in all other topics. Right now everything is very complicated and
it’s difficult to find something that gives. You need to work hard. lecturer: I think 1-1.5k$ is enough for tests
lecturer: This money includes the cost of the SS, and preferably it should be a roller. Only the essence of the video is not to change the telephone address, etc., that is, we are not jerking off the bank, we are not gaining fraud points, and the video is just to know the balance, accept minis in rare shops.
The second cost item is grandfathers. The price of good Dediks reaches $25. And one Dedik can be used in one shop. So consider it. 1k bucks for roughly 30 samples. lecturer: But there is a bright side
lecturer: They invested and paid it off in a couple of orders. I think it's not bad.
lecturer: Now to the specifics.
lecturer: Take a clean Dedik homework (from socks and tunnels you have to sweat to get it), you can use Antique (the Linken
Sphere browser is also suitable), go buy a CC for the pickup area, go to the store, choose the stuff and hit it.
lecturer: In principle, everything is simple
lecturer: But as in other directions, there are many pitfalls.
lecturer: I’ll tell you about all the pitfalls during the lecture.
lecturer: There are 2 types of pickup.
lecturer: This is a pickup for fake documents of the card owner (kh)
lecturer: And a pickup in the name of the drop.
lecturer: I don’t think you need to contact a pickup truck in the name of a drop, because this has not been practiced for a long time.
lecturer: ВS95T% Occasionally there are Tpic.ASP noa fake
lecturer: The term Fake ID - fake documents. lecturer: Pickup services are not stable. At the moment there are a couple of working ones on the forum, sometimes there are no services at all, sometimes you can’t choose from their abundance.
lecturer: Here are a couple of services as an example.
lecturer: There you will see the conditions, the coverage map, the goods being purchased.
lecturer: You can write to the support team and chat, they are usually sociable.
lecturer: Now let's talk about types of work.
lecturer: Previously, there were 3 types of work in services. lecturer: Work 50/50, work on a stingy basis, work on a transfer basis
lecturer: At the moment, the services for the most part only have work on a stingy basis lecturer
: But you can try to come to an agreement, and I think it will be possible to establish relationships and work on other types.
lecturer: Now about each type in order. lecturer: Work 50/50
lecturer: This means
lecturer: For example, you installed a MacBook with a touchbar
lecturer: and suddenly you want one of these, you write to the service, I want this laptop, he says let’s do 50/50
lecturer: in this case you make another such MacBook (the pickup service can offer something else similar in amount)
lecturer: And in the end one the MacBook is sent to you, another service takes it for itself, thereby covering the costs lecturer: Working under the stingy lecturer:
everything is simple here, you bought a MacBook with a touchbar for 2k lecturer: it arrived, and the service pays you a percentage. All services have different percentages. let it be 35% for Apple
lecturer: The goods were picked up as a drop, the stingy one pays you $700
lecturer: Everyone is happy.
lecturer: The last type of work, work for shipment.
lecturer: This species is very rare, and it’s not very good.
lecturer: You made a MacBook with a touchbar, you say you switched, but you refuse 50/50
lecturer: in this case, the service tells you, cover the costs and send it. As a rule, covering expenses is 35% lecturer: You pay the service $700 + delivery of 30-40 bucks and it sends the MacBook to you in the middle, no one sends it to RU.
lecturer: + from an intermediary to ru delivery of bucks 50-100 depending on the intermediary
lecturer: By type of work all
lecturer: After entering you have 2 options
lecturer: 1 you see red letters that you are a fraudster and
go to work fromTayte nXa factory
lecturer: 2 thanks for We will send your order, order number, information by email.
lecturer: Let's look at the first option
lecturer: no need to give up, real Americans also suffer from all this.
lecturer: What are we doing? We take and call the store manager
lecturer: swear
lecturer: We say that we spent 40 minutes choosing and decorating
lecturer: and they sent us lecturer: we ask you to figure it out lecturer: The manager can tell you that let me try to carry out the operation over the phone
lecturer: or they send you lecturer in the fraud department
: If they tell you that we can do it over the phone, provide all the information. and there is a possibility that the order will still go through (this means that they screwed up the system setup and the anti-fraud shop did not allow the transaction)
lecturer: If it doesn’t go through, it’s the bank’s mistake lecturer: and they also send you to the fraud department, where the evil uncle tells you let’s have a conference with the bank and
Then they ask you for all possible information that you don’t know, it could be anything, questions about loans, cars, houses, and so on.
lecturer: In general, here we just hang up and throw away the message, she died
lecturer: Nothing can be done, you can try to use it in instant checkmate for the future)
lecturer: Now the second option after placing an order. lecturer: There are stores that do not immediately write off money from the card, but after some time
lecturer: they write to you that thank you for the order, etc. lecturer: And after 2-3 hours you notice at the post office that the order has been canceled or frozen.
lecturer: If it’s frozen, they usually ask you to call to clarify the information, here everything is according to the old scenario. you call, and the manager can either simply clarify the address, or redirect you to the fraud department, to which you are unable to say anything.
lecturer: If everything worked out for you, and after specifying the address, you receive information with a tracking number and everything is fine.
lecturer: But even now you shouldn’t be happy) lecturer: All these are
rootstocks
lecturer: Now we need the pack not to go home to the card owner
lecturer: but stay at the post office lecturer: Popularly called hold lecturer
: so when everything is fine in the track status it is written Hold for pickup
lecturer: what do we do, take the track and call the transport company (UPS, Fedex)
lecturer: And there we say not to deliver the parcel to the owner’s address, but leave it and we’ll pick it up ourselves
lecturer: it’s the same here 2 outcomes of events
lecturer: The first says that everything is fine and after 5 minutes checking the track you see the inscription Requested to leave the package at the post office
lecturer: Here we wait and the next day, as a rule, the request is approved and the parcel lies waiting for it to be picked up
lecturer: The parcel lies for 5 days, If it is not picked up within 5 days, then it is returned back to the store, the money is on the card.
lecturer: Now the second outcome of events
lecturer: They tell you that it is impossible to do a hold. lecturer:
Let's use a trick
lecturer: Where we bought the goods, we look for the name and surname of the manager
lecturer: and we call the transport company on behalf of the store manager
lecturer: We say that the client has contacted and asks to leave
the package at the post office
lecturer: Usually they don’t refuse
lecturer: But about a year ago they introduced such a thing as a program hold on actions
lecturer: This means
lecturer: that you called on behalf of a manager, a company employee wants to do a hold, but the program in which he does this gives an error that the hold is impossible
lecturer : in this case we forget the store because there is no way to do a hold at all.
lecturer: let's go look for a new one.
lecturer: After a successful hold, when you have done everything lecturer: transfer the information to the service and sit and wait
until they take away the PXOSYLK from
RKET.COM
lecturer: we check the track, it happens that it is turned around, and the package goes back
lecturer: When we see the word Delivered we begin to rejoice, this means that the service was taken away by the pack lecturer: but not always))
lecturer: Sometimes the hold is not placed for some reason
lecturer: and the delivery man picks up and delivers the pack to the delivery address lecturer: maybe it’s the delivery guy’s mistake lecturer: most likely it is lecturer: yes,
if you checked track and it says Out for delivery
lecturer: you should sound the alarm and call the transport company to swear
lecturer: so that the delivery man brings the pack back to the post office lecturer: you don’t always have time and then the pack is wasted lecturer:
such cases happen but rarely
lecturer: If your pack is delivered and drop service says that they took it
lecturer: we’re just waiting for payment lecturer: Now about reporting lecturer: I advise you to create a sign where we will enter information
lecturer: for convenience and so as not to hit one store that does not give 10 times
lecturer: I’ll drop the table view right now
lecturer: Date / Shop ss / Shop goods / Country ss / card type / bin ss / bank ss / warming up the shop / device / Alexa / tel kx or skype / order amount / delivery method / primary result / track / full explanation lecturer: I also do not
recommend working alone, too much cost, time and money
lecturer: We gathered in a team of 2-3 people
lecturer: and testing different stores, sending statistics to the dorm
lecturer: Much easier.
lecturer: It is very important to pick up the phone when the store calls back.
lecturer: There was a case where I bought a laptop for 3k
lecturer: the shop calls back just to clarify the address
lecturer: and the manager’s joy was endless when I picked up the phone
lecturer: he was happy to speed up my delivery.
lecturer: very often people screw up calls and so on
lecturer: this is their important mistake.
Working on Android
lecturer: So guys, let's start the lecture on Android (bucket) lecturer: everyone can set up Android for typing. resembles setting up virtual reality only with its own characteristics)
lecturer: I would highlight 2 types of working with android lecturer: 1) a simple option, without deep settings - this is by typing in from the browser
lecturer: 2) deep setting by typing in from the application lecturer: But in any case it is necessary get root rights on the device (not to be confused with admin rights, this is completely
different, it is necessary to perform a number of other functions, this is for general development, some people think that root = admin rights)
lecturer: I always do this through kingo root (Google), download apk file on the phone and install . the easiest way to get root rights
lecturer: now I’ll throw off the list of programs and go through them lecturer: kingo rooT
xposed installer (framework) device id changer Pro Proxy droid xprivacy ccleaner root cloak
location cheater
lecturer: and so, what are they for
lecturer: Fundamentals For driving from applications on the bucket, this is the xposed framework. This is a system program for changing firmware settings (OS versions). We will also
touch on this in the analysis of typing in from the application
lecturer: device id changer pro changes data about your phone’s hardware (imei) and other parameters. This is the xposed framework module
lecturer: Proxy droid - we install socks through it. I don’t work with tunnels and I don’t recommend it
lecturer: DNS Forwarder - in a proxy droid sometimes the DNS connection from Sox doesn’t work correctly (the Internet just doesn’t work on the phone) to replace it we use this application
lecturer: ccleaner I think it knows everything, it’s convenient to clean garbage on the phone
lecturer: location cheater is used to replace location data
lecturer: roSot TcloaYk (framework module) is used to hide from other applications that the phone has root rights
lecturer: xprivacy This is a program that replaces a SIM card and more, it either allows or denies all applications to see certain information. In addition to it, I recommend the sim card application, on it you can hone in on what to prohibit and what to allow applications to see, so that they display the correct information about devices lecturer
: All applications above (except for the cleaner) do not
work without root rights
lecturer: Let's start the analysis settings for working with applications
lecturer: install xposed installer after you have received root
rights, and install the framework through it. I’ll say right away that here we will encounter the difficulty of installing the framework, we need an Android on version 4.4.4 (it’s easiest to install this program on it), on versions higher it is extremely problematic to do this, but if you know how to install custom recovery and flash archives, you can try. Otherwise, I advise those who have higher firmware to roll back the bucket to 4.4.4 themselves or take it to a service center and they will flash it for you, it’s not expensive. Plus, it’s much more convenient
to work on 4.4.4 than on higher versions.
lecturer: And here is a link to 4pda there you will find an installer for 4.4.4. (and versions higher)
lecturer: https://4pda.ru/forum/index.php?showtopic=425052 lecturer: After installing the xposed framework, install the following programs
lecturer: device id changer Pro name Pro Proxy Droid DNS Forwarder ccleaner Location cheater
lecturer: all these programs are downloaded in the play market lecturer: xprivacy
root cloak
lecturer: these programs are downloaded by xposed installer. go to the download section and look for them in the search and install
lecturer: Well, an important note. apkpure.com immediately bookmark the site, and download the sim card applications (green SIM card on the label)
lecturer: When you have installed all the above programs, you need to go to the xposed installer, modules section and check the boxes on all modules (device id ch/root
cloak/ xprivacy)
lecturer: Then go to the framework section and press quick reboot so that the modules are installed; if this is not done, the modules will not work correctly
lecturer: At this stage, our device is almost ready for insertion
lecturer: Now I’ll tell you a little about the xprivacy module, a very useful thing when you work with serious shops, banks, etc., I personally use it to replace a SIM card, in fact it has more capabilities, go into it and go to the parameters section, touch only those values what is connected with the SIM card
lecturer: and this is
lecturer: phone number lecturer: MCC
lecturer: MNC lecturer: country code lecturer: operator lecturer:
ICC ID lecturer: subscription ID
lecturer: Let's take the number 4356681778 as a basis, if someone adapts to the holder and needs to break through operator
, go here http://www.whitepages.com
lecturer: What is MCC, you can find it here https://m.wikipedia.org/wiki/Mobile_Country_Code , from the same page you can take the value for our parameter in the program
lecturer : MNC is the operator code, you can also look up the code of the desired operator (the desired country) here https://en.wikipedia.org/wiki/Mobile_country_code
lecturer: the country and operator are all clear here
lecturer: Now what is icc id and id subscriptions, and how to register it
lecturer: icc id is the SIM card serial number, which always consists of 19 digits
lecturer: https://i.imgur.com/HzmKDk7.png
lecturer: the first 2 digits 89 are always set by default, this applies to industry, its identifier
lecturer: Next, what is highlighted is the country code
, length from 1 to 3 digits https://i.imgur.com/5uIizLl.png lecturer: in USA it is 01. in other countries the meaning is different (more precisely, the most distributed throughout the US 01) lecturer: So since we adapt to the US, in the ICC ID value the first 4 digits will always be 8901, and the remaining 15 digits can be written randomly
lecturer: https://i.imgur.com/1xoxBvF.png in the middle, by the way, this just a random SIM card number, and the very last digit is calculated by the Luhn method
lecturer: https://en.wikipedia.org/wiki/Luhn_algorithm
lecturer: it is used, for example, to calculate the number of a bank card, etc., if you work in Karzha I think sometime listen to this
lecturer: Subscription ID (in xprivacy) In general, this is called sim imsi. How to register it. We look at the picture https://i.imgur.com/uAfNjDl.png , it always consists of 15 digits. First we write the MCC value, then MNC, then we write the remaining numbers randomly, so that in the end there are 15 characters in this field
lecturer: How to make sure that the data is replaced when you install a new application, xprivacy throws
a notification, and the data that needs to be replaced, click on the deny button
lecturer: And this is where the simcard application comes in handy, which will help you learn what values to replace
lecturer: Now I’ll describe how it happens by typing in the
lecturer: put SOX in the proxy droid, enter ip, port there
, don’t forget to specify the type of proxy, also try to check the box so that the DNS is from SOX, but if the Internet doesn’t work, turn off this option and everything will work (if SOX doesn’t work) dead) and turn on
the lecturer: Go to whoer.net, look at what time zone, go to the settings, set the time zone and language for the holder lecturer: if DNS does not work through the proxy droid, then go to SdnTs fYorwXardMer, Select ipTi.vruOemMego lecturer: then to location cheater we set the coordinates, I usually set them a couple of meters from the desired address (under the IP or spike address)
lecturer: go back to whoer and see if everything is set up correctly
lecturer: If the sox goes off, turn off the proxy droid, dns forwarder, and cheater, and turn it on again them, this does not happen on all devices, but personally, for everything to work normally, I turn these programs on and off a couple of times, it’s annoying, but what can you do) lecturer:
To check whether the location cheater works or not, download Google Maps, and look there ( press the button my location)
lecturer: If everything works, then download the desired
application and open the root cloak
lecturer: go to the root cloak, go to the first section (add/remove application), click on the plus sign, and look for our application, after that, to save the settings, go xposed installer, framework section, and click quick reboot. After this,
lecturer: even if you delete this application, the root cloak will remember it and you don’t need to do this every time lecturer: After typing in, to start the next one, you need to go to device id changer, in the first in the device id section, click random all and apply, then go to the xposed installer section, framework, and click quick reboot so that the hardware changes
lecturer: and so, with the system, change the data lecturer: Now we install the application again and drive in, do not forget to change the data in xprivacy
lecturer: If you need to forcefully beat the stick and so as not to download the application every time, not to log into your Google account, which is very tiring, we use the website apkpure.com, where you can download the application and add it to your phone
lecturer: that is, how they worked out the account, deleted the application, changed the data, rebooted the device, just install the application again lecturer: Now let’s move on to entering from the browser lecturer: Everything is much simpler
here, in general, any version of Android is suitable for working
lecturer: for working with the browser we need
a lecturer: 1) the browser itself (chrome.ff, the native browser
of the phone)
2) ccleaner (or application manager, available in the settings on each phone)
3) proxy droid
4) dns forwarder
5) location cheater
lecturer: in the case of working with browser, it is not necessary to change the hardware, but it is advisable to reinstall the browser, and clean it
lecturer: Having driven in almost the same as from the application, we simply skip the points with device id changer/root cloak/xprivacy lecturer: they mainly hit from Mozilla (since there webrtc is disabled in the same way as on a computer), or from your native browser (a rarity on new versions of the bucket). we clear the cache (and history) through ccleaner or the application manager after each typing, be sure to
lecturer: on apkpure you can download previous versions of
the application (if, for example, you need different versions of the browser)
lecturer: Oh, and I forgot to add, I usually work from under the left sim , but for those who work with wi-f1, for example, you need a VPN, in general Tunnel Bear is convenient (download on Google Play), everything is intuitive there, turn it on before the proxy!
Poker
lecturer: Hello everyone. Today is a lecture on a poker topic. lecturer: I’ll say right away that this topic is too complicated
for people unfamiliar with online poker. Therefore, for beginners in the shadow sphere who have never played online poker (getting together with friends over beer with bets of 50 rubles does not count), I strongly recommend skipping this information and going to practice with something more understandable.
lecturer: A little theory and terminology. Accounts are divided into 2 types:
lecturer: Slivnoy (also called Karzh) - an account with “left” money, it happens:
Samoregi - with a deposit through SS or BA
Brute / from logs - an account taken from the user with his own money (brut - brute force passwords, from logs - by
infecting the user's PTC)
KET.COM
lecturer: Withdrawal (vyvodnik) - an account with clean money intended for further winnings from drains and withdrawal to payment systems.
lecturer: The idea of making money in poker comes down to making the money on the drain account (black) your own (white/gray). There are two options: withdraw from the withdrawal act to a payment system to which we have access, or deliberately lose at the poker table to the withdrawal act and withdraw from it to the payment system.
lecturer: Key actions at the start of work:
First, we create a profile on 3+ thematic platforms, this is very, very important, this way you can find the necessary contacts and material much faster. lecturer: Secondly, read my articles on working with Dediks.
Dediks are the main material when working with poker; by learning to work correctly at the start you will save a lot of time.
lecturer: The virtual machine is critically unsuitable for poker rooms where you need to install a client to make a deposit/game, because the installed client blurts out virtualization lecturer: VNC are probably a good alternative to RDP, but there is a moment, the holder in a parallel session will see the installed client of the poker room
lecturer: On Dedik (RDP) you can create a separate account and install the client only for this account, this is important to remember when installing the application lecturer: Methods for creating a drain account:
lecturer: 1) Selecting a country
Based on the countries suitable for us to create accounts, we determine it with a very simple action - open the client of the poker room we need, find a tournament with the maximum number of registrations and look through the list of participants, look where are they from? Next, we go to the store / material seller (dedics / tunnels, SS) and see what kind of material is available. From which country there are many players and for which there is material, we begin to test. lecturer: - 2) Choosing a method for creating a balance
There are 3 options to get a drain account with a balance:
• a) Self-registration and make a deposit on it We register an account through a poker client (after downloading it), for this we
need a valid email (the client checks the possibility of
delivering letters and swears if the mail does not exist), come up with a login and password.
You can buy mail here - https://buyaccs.com/
After registration, I do not recommend immediately pressing the deposit button and entering the CC number, click on the tabs of the poker room for a while, open tables for play chips, play for 5-10 minutes, only then go into the deposit and start with a small amount ($30-150) . If possible, enter any code that provides a bonus upon deposit, you can find it in a few minutes by using Google or at the office. website.
lecturer: b) From brut / zero logs and make a deposit or with a
ready balance
We go into the account, you can also play a little with the conditions, then if there is mail from aka, then go into it and set a filter on letters from our room so that they We immediately left and the holder didn’t burn us.
Now we take the CC and put it in the account, I also recommend making the first deposit up to $400.
lecturer: At this stage we have an account with a balance, all that remains is to monetize it.
lecturer: Options:
1) Sell for a percentage, a so-so option, you won’t get a high percentage.
2) Lose money at the table to another account that already has the required payment card linked to it.
3) Link your payment card to this account and withdraw money.
Option 2 is the most preferable, but the main thing is not to be greedy, pour carefully, little by little, preferably on 6max Omaha tables.
lecturer: IMPORTANT!!! Don’t be greedy, there are situations when you really need to win a hand on the account where the flood is being made, but the cards are laid out in such a way that the drain account has an extremely strong combination. Lose to him, even if you have to spend several hours to restore your balance - this is much better than having both accounts blocked.
lecturer: Depends on the poker room, some are very
strict and you shouldn’t work with them, some have no BBB lecturer: The same with cards, some have a forced BBB for each transaction, some require a certain amount lecturer: That’s why
I in the lecture I recommend starting with small amounts of $30-150
lecturer: I myself always worked only with Stars and 888 poker, there was no forced one on the WBB PS, on 888 it was from $150, but it also allowed any transactions from certain bins in Australia and New Zealand without VBB lecturer: Yes, an important point, almost all poker rooms do not work with the USA, so we will need material from Europe, Asia or other countries
lecturer: Now let’s talk about the “output”
lecturer: Where to create?
1) A physical PC is a reliable option, but not with the volume
very comfortable.
You can start from your PC and ask your friends for access via teamviewer.
Used PCs can be used again by changing the HDD/SSD and network adapter, IP - the easiest way is a new modem.
lecturer: At the initial stage, I recommend this option, because your funds will be maximally protected and the room cannot have any complaints about the hardware.
lecturer: 2) Mobile. The device is an equally reliable option, but less convenient at the filling/pumping stage, but easier to change.
Everything is the same as in the first point, only now you have a small device.
I don’t recommend cleaning; it’s also a good option to change used handsets + a new SIM card.
lecturer: 3) Dediki - not very reliable, but convenient and easily replaceable.
I’ll say right away, forget about server operating systems - they are not suitable for us.
The main advantage of Dedik is scalability, how long will it take you to find 15 different phones or PCs. With Dediks, $150 and now you have 15 unique configs on home Windows.
Another advantage is that they are located in different regions.
That's where the pros ended and the cons began. and they are quite significant.
The first and worst thing is the lack of guarantees that
the Dedik has not been used before you for the same poker room, this leads to automatic blocking of the account with a bunch of unpleasant verifications, in the end you will get your money back in 90% of cases having the necessary set of documents
, but there can be no question of any kind of gulf + this procedure is not quick, at this time the money lies like a dead weight.
Second and no less unpleasant - the grandfather can die at any moment, changing the individual entrepreneur is bad and can also lead to verification. Well, the most unlikely, but still possible point, because... Not only you have access to the Dedik, your account can simply be taken away. lecturer: An important addition to the information on the withdrawal is the country, RU/CIS is quite a good option, it’s easier to work, and we don’t violate any laws globally, even if proving the fact of deliberate draining of money is only a violation of the rules of the poker room.
lecturer: How to create an account and make a deposit?
Registration of a poker account costs on already purchased documents, complete with pass + selfie with pass in hands, the country of documents must correspond to the individual entrepreneur from which you are logging in, I always chose RU.
This is the most important part, all other documents are easy to draw, but it’s better to have a pass + selfie prepared. Next, we need to make a deposit using any of the methods offered by the system.
lecturer: After the withdrawal you need to pump up and make a beautiful bay, the main conditions are:
1) we play a certain number of hands at the same tables where we plan to drain the balance from the card (to the bays)
2) we pump up the account with successful deposits/withdrawals of funds (to the bays)
3) neat game during the drain, don’t be greedy and don’t collect 100% of the balance for yourself (no more than 70%, with the exception of super successful situations, for example, they give you AA, and Karzh the KK account) lecturer: This is where the main theory ends, with each individual
poker- The room has its own moments, which can only be verified in practice, good luck.
Enroll
lecturer: Let's start.
lecturer: My nickname is Fox. Today I will be your lecturer on the topic Enroll.
lecturer: I'll tell you what it is, where to get it, and how to use it. In my opinion, this is the easiest way to work with a duffel bag.
lecturer: What is Enroll?
This is the most common CC (credit card), or a debit card (but for all the time I worked on Enroll, I found only one bank that allows me to sign up for a debit card) and a personal account for this card.
lecturer: Changing the Billing address
Most banks allow you to change the billing address online in your personal account to the one we need
(drop/client/intermediary).
lecturer: Why do we need this? In the USA there is a system for reconciling billing addresses and shipping addresses, called AVS. You should have already learned about this from the first lectures. And in USA, most shops are very principled in this regard.
lecturer: If billing does not coincide with shipping, then the shop will either refuse to place an order, or they will bombard you with a bunch of different checks and verifications.
lecturer: So, to get around this, rollers will help us. They have the opportunity to change the billing address of KH to your own.
This is all done very simply in your personal account. Just fill out the form for the address you need. After that, go to the store and hit billing=shipping.
lecturer: As a rule, a shift lasts 2-5 working days (depending on the bank, most often – 3). Weekends don't count.
lecturer: I would also like to note that not all banks have this opportunity. There are banks where the billing change occurs by dialing, or there is no such opportunity at all.
lecturer: Mini-deposits/Miniks
Also, access to your personal account allows you to view mini-deposits (Mini-deposits/mini-deposits/miniks). lecturer: This is a micro-transaction that the store charges you. As a rule, the minimum amount will be around 1-2 dollars. This transaction serves as a verification of your card in the shop
lecturer: The shop withdraws a small amount of money from you and
asks you to say exactly how much they took from your card, or the transaction code that came with this miniphone
lecturer: If you named it, then that’s it Ok. The shop’s level of trust in you increases significantly and 99% of the shop will not have any problems with this order, but this only applies to those shops for which minis are everything. lecturer: There are shops that don’t care about the bill=thorn, the main thing for them is to verify the minis. If they have verified the miniki, then with the order there is a 99% chance that there will be no problems.
lecturer: I’ll give you a couple of examples so that you understand what I’m talking about.
lecturer: I have a roller of some bank that allows you to see miniki instantly (without waiting). [19:19:03] lecturer: I go to Steam and type it in for a hundred bucks. Steam immediately blocks my account for a week to manually verify this operation, or offers to accept miniks for verification.
lecturer: I send these mini-transactions, Steam sends 2 mini-transactions. I go into the roller, see which two transactions came from Steam, and confirm them in Steam. That's it, the hold is removed, Steam has gotten used to the card, and then I undress this card in the same Steam without any delays or holds.
lecturer: Second example
lecturer: Skrill without a minicum allows you to deposit 140 bucks into your account, but if I confirmed the minicum, then I can already deposit up to 5k there.
But I want to note in advance. Most offices are a la
Steam, Skrill, etc. Already jacked up by the rolls and missing certain beans/pots/cards. How to find out which one will be allowed? Check using the “Trial and Error” method, or find out from those who already know (but they are unlikely to tell you such information for “Thank you”)
lecturer: VBV/MCSC
This can be said as an Internet pin code. If in the CIS it comes via SMS, then in the US it is static, that is, one and does not change. KX installs it himself.
lecturer: VBV(Verified by Visa) - if the card is VISA. MCSC(MasterCard Secure Code) - if the card is MasterCard. Amex and Discover do not have this type of protection at all.
lecturer: Usually you can install it by driving it in. At the time of payment, a window will pop up and ask for this code, there you can either immediately put yours, or simply reset the old one and put yours in the same way, or install it in advance.
lecturer: Here is the website for Visa: https://verified.visa.com/aam/activation/landingPage.aam There is a similar one for MasterCard. I didn’t save it, but you can find it on our forum, the lecturer mentioned it more than once: As a result, if the shop has a VBV code request and you entered it, then this is another good plus in the shop’s trust in your purchase lecturer:
Yes such shops and services that
will not process an order at all without the BBB. lecturer: Changing the phone
The last point that we will consider from the advantages of enroll is changing the holder’s phone number in the card.
lecturer: It’s no secret that we can call with a substitution of the number that was specified when purchasing the card / or we found in the office, but the shop can always call back the number from which we called.
lecturer: If the shop does this, then they will end up on the holder, we don’t need that. Even a call from our own number, which we could buy on Skype, will not save us, because the shop now very often calls the bank to verify the address, name of the holder, as well as his phone number.
lecturer: And if the bank says that the information does not match, then the shop immediately cancels the transaction, and the bank blocks the card. It's over, we don't have a warrant, and the card is dead. lecturer: In this case, enroll will save us. Along with
the billing address, we can also change the phone number. As a result, when the shop calls the bank, all the information provided matches and the pack will safely go to your drop. lecturer: But there is another side to the coin. Recently, many banks, with any suspicious activity on the roller, can ring KH. That is, if their fraud (more on that later) didn’t like something, then, for example, when changing billing, they can call KH and clarify: “Are you changing the billing?”, KH, of course, will answer that it’s
not
him , and the roll will die, the card will be reissued. lecturer: Where can I get it?
We now know what Enroll is, the next question arises: “Where can I get it?”
lecturer: There are two options: Buy from us on the forum, or install it yourself.
lecturer: First method:
Go to the forum section “carding offers” and buy enroll from your favorite seller
lecturer: Second method, more difficult, try to roll on your own
lecturer: I can warn you in advance, you may win on the first try, or maybe you won’t be able to roll the card on the fifth.
lecturer: My first roll turned out right the first time, and then I couldn’t make 6 cards in a row.
lecturer: In this case, we must know the banks that roll with a minimum of information, we must buy a CC, and get that same information to it
lecturer: Different banks require different information for enrolling lecturer: They can simply ask for SSN/DOB, or they can also ask for a hard drive mother's maiden name, PIN code, billing phone number, answers to the holder's background, code provided by the bank, account number, and so on. lecturer: We need those who ask for SSN/DOB SSN - social security number of the holder DOB - date of birth of the holder
lecturer: We have many services on the board that
deal with this type of penetration, I recommend contacting the Syndicate.
lecturer: Next, having received ssn/dob, we go to the bank’s website and try to make an enroll by filling out the appropriate fields with the
information required for this.
lecturer: If everything is smooth, then we get the same enroll
lecturer: What could be “not smooth”:
You enter your data, but it doesn’t allow you to roll out the card, there are several answers:
• The card is dead
• The information is entered incorrectly
• The card does not belong the person who was indicated at the time of purchase, and the real holder is mom/dad/wife/husband/son
• The card is not the main one, but serves only as an additional card that is linked to the main account of the husband/wife/mom/dad or someone else
lecturer : Sometimes, when it wrote to me that the data I was entering was not suitable, but the card was 100% valid, I could also enter the husband/wife’s data, and very often it would work and the card would roll, this often happened with boa and synovus banks lecturer
: But I recommend doing this when you have experience and free money
lecturer: And the last option:
• The card was rolled out before you, that is, the holder has already registered a personal account.
We will look at this in more detail. lecturer: Primary Enroll and ReRoll There are two types of Enroll
1. Primary - the holder has not yet created a personal account before you, and you can easily do it yourself
2. ReRoll - a personal account has already been created before you, BUT the bank gives you the opportunity to restore your login and password. More often
all for this we need to have the same information as with the primary enroll; sometimes we can get to the holder’s background in the form of secret questions.
lecturer: Also, many banks for ReRoll require you to specify a set Username or E-mail. In this case, most often, there is no point in fighting further, because the information for recovery will be sent to the KH mail.
lecturer: To get to Primary Enroll, I can advise you to take cards with a maximum expiration date, cards, that is, freshly issued cards, with an expiration date of
**/21 or **/22
lecturer: The longer the expiration date, the better
Much more likely that the holder did not get around to creating a personal account
lecturer: As a rule, the balance that we can use is signed – available credit.
The balance that KH spent is Current Balance. lecturer: I’ll tell you for those who don’t know how
credit cards work. Roughly speaking, KH takes out a loan from a bank, and these funds are kept on the card, and not in cash.
Accordingly, Current balance is that part of the credit funds that has been spent, and Available credit is how much is still available. Don't confuse these concepts!
lecturer: 444796 - here is the credit one bank bin. It rolls and re-rolls very easily, but the balances there are whiplash. You can practice on
this bank, since it allows you to reroll and 9 out of 10 cards roll, but you will rarely see even 1k there. You can just fill your hand.
lecturer: The last bank I used was Boa,
there are usually good balances, but many cards have already been rolled, a reroll cannot be done, and primaries are rarely found.
lecturer: I'll tell you how everything happens for me
lecturer: I take beans that I know will roll and go to XTA and see what's available
lecturer: I select several cards, punch a dc to them, and try to roll
lecturer: When enrolling, I take grandfather/ ssh/sox for the card holder lecturer: I go to the site and try to roll
lecturer: I put off all the cards that I managed to roll until Monday
lecturer: On Monday I take sox/ssh/ded already under the drop stuff and change the address
lecturer: Then the address changes from 2 -5 days of weekdays, weekends are not taken into account
lecturer: Usually I wait until Monday again and go to type it in. You shouldn’t just bomb the roller into a bunch of places, just put it in one shop, wait until the pack is delivered and go drive it in again if the card is still alive.
Gift and E-Gift
lecturer: During the lecture, I will cover this topic and give you an understanding of this niche as deeply and comprehensively as I can do based on my experience in this area.
lecturer: Physical Gifts and Egypts
For those who do not know: Gift - translated from English - “Gift”. This is a gift certificate, a prepaid card, for the nominal amount of which you can buy goods in
the store of this gift.
lecturer: Gifts are physical and electronic, Gift and E-Gift. Physical gifts come to the recipient (or buyer) by mail or mailbox in real life, while electronic gifts come to the recipient (buyer) by email (e-mail).
lecturer: The main difference between driving in physical and electronic Gifts (hereinafter referred to as Egypt) is manifested in the following subtleties of work:
Physical Gifts require addresses for reception, most official intermediaries do not accept them, in most shops they cannot be recalled, the time difference between entering and receiving a ready-to-use Gift in your hands, and the AVS system will not always
allow SopTdeYr.
XMARKET.COM
lecturer: You can purchase a physical gift directly in an offline store, come and simply pay with it at the checkout. This is also possible with Egypt, but not in all shops.
lecturer: Although antifraud is stronger in Egypt, there is no need to bypass AVS with them, there is no need for drops, intermediaries and waiting several days between entering and receiving, therefore you can turn over funds within the work much faster. Gifts are sold mainly in denominations from $1 to $1000. In some stores, you can add several Gifts when paying.
lecturer: Shops are divided into several main types:
• Point. The shop sells its own gift cards
from its own store. Such shops have weaker antifraud compared to the next two types of shops.
• Multi-gift, resellers. The store sells dozens or hundreds of Gifts from various shops, for example: ebay.com. Such shops have average antifraud.
lecturer: - Units. Direct manufacturers and at the same time sellers of gift cards, their anti-fraud agents are the strongest.
You should immediately realize that if point shops have weaker antifraud than aggregates, this does not mean that it will be easy to break through them.
lecturer: Direct driving in Gifts - driving directly into the shop whose Gift you plan to get. (Buy ebay gift on ebay). By driving into the intermediary - obviously, by driving into the reseller. Resellers usually get through easier (especially not public ones), so be guided by this. Look for shops the same way as everyone else; a couple of additional life hacks will be in this lecture.
lecturer: The following parameters will directly influence the result of the work:
1. Device + system
2. IP
3. Cards
lecturer: Since I reveal these points in the lecture “Driving from A to Z”, here I will tell you in a nutshell what directly affects for working specifically with Gifts, for a detailed discussion of the topic of the system and IP, see the lecture “Driving from A to Z.”
lecturer: 1 - Device. Top shops are difficult to access from
a regular virtual machine, since antifraud detects them. For top shops, you need to use either real devices (for example, a mobile phone), or remote access (dedicated computers, VNC machines), or antidetects.
lecturer: 2 - Much depends not only on the purity of the IP address, but also on the provider. There are providers that are at risk for antifraud, and there are also hosting providers. The use of such providers has a negative impact on typing. Pay attention to this and write down the provider.
lecturer: A couple of examples of well-proven Internet companies from personal experience: qwest, charter, cox, att, verizon, comcast. You can look at them in the store when buying a sox or
tunnel. A couple of examples of the bad behavior of our own
providers: rr.com, myfairpoint.net. But this does not mean that
you can forget about cleanliness. On the contrary, the purity of the IP for blacklists and risk proxies is no less important.
lecturer: 3. Maps. I recommend using the least popular jars. NOT like Chase, BofA, CapOne, WellsFargo and others. Naturally, you can get money from these and other popular banks, however, the throughput from lesser-known banks is higher. The level and type of card is not critical. Most often, MasterCard and Visa are used for entering. Amex is also possible, but with Amex, bins play a key role, and charges are much faster. lecturer: Checking cards before inserting
Cards should not be checked before inserting Gifts if you are not
sure of the bean and checker. Firstly, because she herself
The purchase of Gift is one of the high-risk operations performed by banks.
lecturer: Secondly, because the checker often kills cards and is an even more fraudulent operation than buying Gifts, in total these two parameters increase the risk of card death, and therefore a waste of time and unsuccessful insertion.
lecturer: Brutus accounts + change of billing
You can also write brutes for shops, download mail-pass databases and collect accounts of these shops.
lecturer: Often in a store the holder leaves his card attached, and you can also buy a gift from it. But there is a problem here - CVV. Even if the card is saved, in most shops (and in all large ones) CVV will have to be entered every time you make a purchase, and since we don’t own the name, we have 3 options for using brute accounts, namely: lecturer: A) Search for shops where
CVV is saved. There are some,
but they are mostly small, so finding them is not easy.
B) Changing billing (adding a new one) in addition to the holder’s billing. We take the engaged account and simply attach a new card and billing to it.
lecturer: What's the point, you ask? - The point is that this account was created by a real person, he made successful purchases without charges, therefore the antifraud is more loyal to him than to the novoreg. lecturer: But do not forget that adding a new card and billing address to an already existing account is a relatively fraudulent action, so this
method of driving is not a panacea, but it has a place. Sometimes you can debug accounts, add cards/billings and wait a week or two, it makes sense.
lecturer: I’m talking about this type of driving not because it is a priority, but because it exists. In fact, for most large shops (for example, mircosoft, walmart and others) there are incredibly few brutes, or they work extremely unstable, which makes this type of work difficult - find an encoder, pay, find good proxies for brute force, a bulletproof server, and so on .
If you decide to try yourself in this niche, at first
never start with large, world-famous shops.
lecturer: C) Purchase with bonuses. Some stores have this, accumulative points and discounts, but I have almost never seen this.
lecturer: Driving from a stick.
Entering PayPal from Brutus is possible in the same way as from cards, but here shops play a key role. Because Gifts mostly come to your PayPal account email, which we almost never have access to (unless you use soap+stick) or buy a software with access to soap. When driving from a stick, the shops must be selected carefully and tested intensively.
lecturer: Driving sticks from self-regs is real and works,
but there are other ways to pour self-regs more profitably and easier, so few people do this.
lecturer: You can ring Gifts in the same way as you do other goods. But not all shops treat this well, and
some, on the contrary, only ring and drive it in. I don’t recommend starting with this, but it’s important to take note of this option.
lecturer: Emails and messages
When purchasing Egypt, in most shops you will be asked to enter the recipient’s email, then, when registering or entering, your email. Not only the domain zones of the mail (gmail.com/yahoo.com/etc.) are important, but also the text in it before @, since the antifraud pays attention to this and it happens when the order is canceled only because the antifraud did not like your email.
lecturer: When registering, I recommend entering the cardholder’s first and last name from the card, and choosing a domain zone that is as natural as possible (not mail.ru) and least fraudulent (not mail.com). The best options: corporate mail (mysite.com), gmail.com, hotmail.com (outlook.com), yahoo.com.
lecturer: A good mail for the holder will look like “first name-last [email protected]” after registration, for example, [email protected] . Numbers in the mail are normal, since often the name is already taken during registration - [email protected] .
lecturer: We've sorted out the buyer, now about the recipient
• everything here is the same as with the holder, with the exception of the domain zone. For variety, it is recommended to use a different email domain from the buyer (that is, if @gmail.com is the buyer, then @yahoo.com is the recipient), in fact this is not critical, everything else is the same. If your imagination is weak, you can
generate the recipient’s name, for example, here:
http://www.fakenamegenerator.com/
lecturer: Of course, there are shops where you can send directly to your email, but if the shop asks you to enter the recipient’s email, enter it there holder mail will be suspicious and unnatural in most cases.
lecturer: On the page for placing an order and selecting an Egyptian denomination, it will be possible to enter a personal message to the recipient.
This is a really influential point, and it directly affects the result of driving. Even if everything is perfect (system, card, mail, and so on), but the message says something unimaginably stupid or suspicious, then when processing an order (especially manually), the order may be canceled even because of this.
lecturer: There have been cases when gift cancellations were due to illiterately written texts where it was obvious to the store manager that the buyer was not an American, sometimes due to a complete lack of message.
lecturer: Give free rein to your imagination and write, at least, naturally, not necessarily cool and a lot. Write a greeting, a wish, a congratulation, or a thesis/quote from the book. Imagine that you are giving this gift to your girlfriend or sister and don’t think that you are buying it with someone else’s card.
lecturer: Sometimes he can download the text from special sites, which can be found by googling “happy birthday in English” or “congratulations on
engagement”, etc. The downside is that these sites are already dead, so you can and should use them to create a “skeleton” and develop imagination/replenish your vocabulary, but they are not suitable as a full-fledged tool for everyday use. You should not neglect this parameter for driving in Egypt.
lecturer: Continuing the topic of parameters when driving Gifts, let's consider a phone number.
In Egypt, especially in US stores, the passage of antifraud using the AVS parameter plays a very important role. Very important, but, however, not critical. For beginners, when entering mid-level and higher-level shops, I advise you to write exactly the holder number. The reason is simple - 90% of shops do not call, or call only in special cases - when you have not passed the antifraud and they need verification in this particular way.
lecturer: However, these cases are fewer than cancellations due to AVS mismatch. Of course, there are also top liquid shops that periodically call the holder to confirm the order, but they can only be identified empirically, that is, by tests and entries. Smaller shops may call, so you can try writing a different phone number or your google voice/skype. Personally, I always write only the holder number.
lecturer: Shop lists are stingy.
Our and other forums are full of Egyptian buyers, each with their own percentage, reviews, conditions and methods of work, different lists of liquid/illicit Egyptians and shops.
lecturer: Before starting work, I recommend comparing the conditions, percentages and reviews of different buyers; choosing your buyer is a delicate matter
But I started talking about them not for this, but in order to show you the simplest thing - shops right before your eyes, in the topics of avarice you can find both liquid shops and illiquid ones, the gifts of which are easier to get. There are also stingy purchases of purely illiquid Gifts, at a lower percentage, but it’s easier to work this way.
lecturer: The options for where to put the gift don’t end with being stingy on the forum. The Internet is full of sites where you can resell a gift even to Americans who think they are buying a white gift certificate. The simplest example: https://localbitcoins.net/ - here gifts can be bought even at a higher percentage, but sometimes verification is needed, so you need to select the items no less carefully than on the forums.
lecturer: There are dozens of such sites, each needs to be
tested and analyzed, on each you can find some interesting shop that is not on the list of forum stingy people. Having put the matter on stream, the sale of Gifts can be launched not only on specialized sites, but even on ebay.com, but beginners will understand this only with more experience, and with more experience the complexity of the work increases a hundred times, keep in mind.
lecturer: Liquid and illiquid Gifts can be determined by
the proposed percentage. The classic interest rate for illiquid assets: 25-45%, for liquid assets - 45-90%.
When displaying or offering a gift not from the list and offering a percentage, be guided by the store’s assortment. If it contains equipment, ask for from 40 to 70%, if things - 25-50%, depending on the brands.
lecturer: Merchandising
Merchandising of gifts to the address of intermediaries or drops is carried out from an IP for the state or city, from Dedik, SOX or tunnel. In this case, it is not necessary to use the
same name that was listed as the recipient of the gift upon purchase. Basically, only very small shops can “ask” for this, and if something happens, you can solve it by calling.
lecturer: When purchasing liquid gifts from top shops, try not to use corrupted addresses of public intermediaries, otherwise your account may be banned and you will lose the gift.
lecturer: It is better to check the balance of a Gift (validity check) on the shop’s website from the IP of the country of the shop; do not check with the VPN of Germany or your home IP address, otherwise the system may block the Gift. It is not recommended to purchase gifts day after day, wait a day, and here the working hours are already important, since physical stuff is generally not sent on weekends. lecturer: Spike small stuff on kh and add goods to cart.
Many people who drive Gifts sooner or later ask the question: “What if you add socks for a dollar to the
shopping cart in addition to Gifts and buy them to the holder’s address? Will this increase the loyalty of the anti-fraud?” The answer is NO. lecturer: In your portfolio, Egypt still remains, and the analysis of the order by the antifraud will still take place as an order with Egypt. It only makes sense to do this at different times - today you bought socks and warmed up the shop with it, tomorrow you bought a gift from the same account
lecturer: Adding and removing an item to the cart as a way to warm up the shop is possible, but not necessary. Surf the store, read product descriptions, look at the catalog before directly purchasing Egypt - yes.
lecturer: By interrupting previously used cards and shop accounts
By interrupting as a phenomenon can be divided into two options for actions with a card:
A) by interrupting cards after the Decline or Cancellation
B) by interrupting cards after a successful order and spent Egypt
lecturer: Let's consider each of the options in more detail.
A - this is done in cases where you are not sure that the cancellation or declaring was due to a dead card.
Roughly speaking, if we didn’t pass the antifraud, we went to try our luck at another store. It makes sense, since sometimes it works, and there is no need for any costs for the material, the only thing is that when entering into 2 different shops served by the same merch, re-entering will almost always be useless, since your data is already in the system, because the merch two different shops have one in common, so pay attention to the merch.
lecturer: With option B, we have several decisions that need to be made before driving. The first and most important thing is to go to the same shop or another? On the one hand, the store already knows us, we carried out a successful order and it seems like this should add loyalty, on the other hand, it may also arouse suspicion in the store due to the uniformity of the product and the actions of the buyer.
lecturer: From the recommendations for making this decision, I can only say - make a decision yourself, depending on whether your access (Sox, tunnel, Dedik) is still alive or not. If you are alive, then you can try to enter it into the same shop from the same IP; if not, we replace the IP and go to another shop.
lecturer: The second question is how much should I charge the card? More, or the same, or less? I usually focus on the level and type of card. If it’s a low-level debit (classic), then I’ll bet for the same amount as before. Accordingly, if the card level is higher (platinum and so on) or the credit type, then you can try to increase the amount.
lecturer: The downside of interruptions is that we don’t know if she’s alive
This card is still there, and the plus is that we don’t have to buy it; interrupting brings an intuitive understanding of the antifraud work of specific shops and their attitude towards repeat purchases, and it also gives working bins. When interrupting, it is recommended to change the recipient.
lecturer: The most important advantage of interrupting lies in a simple truth: it will significantly reduce the time to identify the causes of declarations and cancellations, will direct you on the
right path and indicate where to look for errors, and, therefore, sooner or later will lead to a solution. lecturer: Decline or kancel? But did it go to another shop? - The conclusion is simple, the shop or bank did not pass the antifraud!
Decline or cancel in several shops? - Conclusion: the bin is crap/the card is dead or the sox/system is bad. You can try to find a trouble-free shop with wild illiquid goods and check the cards on it
lecturer: Based on this, create your own method for identifying the problem, because Training is Study. Learn to learn, as
the lecturer says: Time of day for driving and time of response from the shop (final result)
Often beginners ask the question - What time of day should they hit? Answer: depends on the store, its schedule and working days.
lecturer: Some large shops can issue Gifts instantly even at night on weekends, while in small shops you will have to wait for business hours on weekdays. Start hitting on weekdays; as you gain experience, you can hit at any time of the day and thus find out how the shop reacts (test it).
lecturer: Several types of shop reactions for understanding:
1 - Gift arrived instant (instantly, up to 5 minutes)
2 - Gift arrived within 1-12 hours. - this is the average processing time given the store’s working hours. This is fine. But, if the same shop has previously given you an instant gift, it means this time you fell short somewhere in passing the antifraud and the verification process was delayed
or turned into a manual check.
3 - Shop requested verification. I talk about verification in my lecture “Driving from A to Z.”
4 - Instant cancellation (multiple order cancellation) - the shop didn’t like something so much that it sent a refusal instantly. Sometimes it can mean cancellation by the bank or a dead card. You can try to get it to another shop.
(19:59:20) lecturer: 5 - Processing took a day or more - manual checking in large stores, sometimes means trying to call the holder or dialing in after hours. In a nutshell: either they didn’t reach it enough, or they hit it at the wrong time.
Record the time and results (reactions) of each shop and merch to acquire methods of working with them.
lecturer: Profit arithmetic
Let's assume we buy cards for $10/piece, sox or tunnel $1.5/piece - the minimum set of necessary tools for driving. If you beat with Dediks, instead of sox for $1.5, add the price of Dediks, that is, from
$4 to $10-12/piece. Prices are average, they may vary depending on the shops.
lecturer: For this, let’s take a liquid gift with a face value of
$100, which is bought at 60%. We add up the costs of materials, calculate our percentage from the nominal value of the Gift, remove the difference between costs and revenue - we get net profit. (10+1.5) - (100*60) = $48.5 net profit from one successful liquid Gift made on the first attempt.
lecturer: But everything is not always so smooth, because on the first try the gift may not come, and then the costs will increase, and in order to break even you will have to try to drive in gifts for increasingly larger amounts, 150, 200, 300 $ - and in top shops such amounts you need to be able to drive it in, because they have a strong antifraud system, newbies will simply lose money and start whining that karzh is dead.
lecturer: This is why I advise everyone to start driving in
illiquid Gifts, which are bought at 25-40%, depending on the store. With the same costs for the material, gift denominations can be successfully carried several times higher relative to liquid shops, since mid-range stores are much easier to get through.
lecturer: Costs: $11.5, gift denomination: $300, percentage is stingy 25%, then net profit = $63.5 - even more than from a liquid gift, but at the same time bypassing antifraud is almost much easier.
lecturer: Everything is important in gifts.
Time of day, map, ip, operating system, device, emails, addresses, banks, shops, merchandise and everything that I listed in the lecture. All customizable parameters must be brought to the point of automatic reproduction, all theoretical knowledge must be brought to the point of bouncing off the teeth, all unknown X and Y must be learned to be calculated by the method of elimination and through testing.
lecturer: Only then will you be able to adequately work in
plus on Gifts, so be prepared to lose money at first if you start your journey with Gifts, and on the contrary, do not start with Gifts if your budget is limited or small.
lecturer: The single formula for successfully driving in Gifts comes down to:
Preparation parameters (ip, system, card, etc.) + shop (merch, nerdiness, liquidity, verification, etc.)
= Here is your eGift Card! A + B = C.
lecturer: When I started working on Gifts, my statistical Excel file contained about 60 entries, of which 4 or 5 were successful. This is 8% success. In terms of dollars, the amount spent on materials at that moment already exceeded $700 before I started to make a profit. Why did this happen? - Because at that time I did not yet know everything that I told you about in this lecture.
Having entered Liquid stuff using Enroll
lecturer: Greetings everyone! Today's lecture will be devoted to the topic of entering Liquid stuff using Enroll lecturer: In this lecture we will learn:
1. How to correctly use enroll when changing billing.
2. Basic mistakes that should not be made when driving.
3. How to build logical chains when typing
4. Well, the most important thing is the result. How to make sure that your favorite Gucci sweater is on your hands!
lecturer: Perhaps some people already have a question, what is Enroll?
That is why, to begin with, I would like to draw your attention to the analysis of these incomprehensible words that will often be used in the lecture.
lecturer: So that you, as listeners/students, do not have problems in mastering and understanding the material. For convenience, you can copy these definition words into your notebook, so that during the lecture you can unwittingly peep if you suddenly have difficulties in understanding.
lecturer: Definition words:
lecturer: Enroll (in Russian “Enroll” or “Enroll”) is a cc (Credit card) with access to the bank, where you can later change the holder’s billing address...
lecturer: Drop - the definition is broad, but in our case it is a person who is responsible for the transfer of goods and services. lecturer: Intermediary - a company that sends your purchased goods from the USA/EU to you in the CIS lecturer: Holder - Owner of the card, bank, account
and TD lecturer: Bill (aka billing) - Personal address of the holder lecturer: Ship - Address to which we order the goods lecturer: Let's
go further
lecturer: Preparation of the material
lecturer: For many beginners and not only, I think the question immediately arises in the head: “And where should we take these same enroll?" or "Who should we buy from?"
The answer to this matter is simple - buy from sellers!
lecturer: There are many sellers on the site selling enrolls with replaceable billing.
lecturer: We need to take enroll with changeable billing online (As a rule, billing changes within 3 days).
Highlight or write down this moment for yourself
lecturer: We will also need a drop, just a drop, and not an intermediary, because billing for an intermediary simply will not change and your material will be blocked lecturer: What about the system?
lecturer: There are controversial opinions on this matter, some people like to beat with Dediks (Exclusively Brutal), some with VNC (Remote computer control, VNC can also be purchased from sellers on the forum), there are many options, they can be listed and listed.. lecturer
: Personally, my first drive using enroll was from Dedik under the city drop.
In any case, the IP address must be not for the enroll bill, but for the drop.
lecturer: Work progress
lecturer: We go to our purchased material, enter exclusively from an IP under the drop. I think many people immediately have a question: “Why change the bill not from the individual holder
?”
lecturer: Again, you can use IP for a holder, but what’s the point of that? We turn on the logic, immediately put ourselves in the place of the holder, imagine, you are moving to live in another city, for example, from New Yourk to Dallas, when you move, you will definitely not think about the fact that you need to change the billing in your bank account right now.
Accordingly, upon moving, you will change your billing address.
lecturer: At this point, I think everyone understands. Go ahead.
lecturer: Immediately after the billing change, precisely from the moment of submitting the application, that is, immediately, we go and select the store we will go to. Remember this moment once and for all, you can break into absolutely any shop! No matter what protection it has, if a shop is created for an ordinary person, then we can make goods from it.
lecturer: I’ll tell you about finding a shop using my example:
When I started working on this topic, I didn’t really worry about finding a shop (Well, some will say, a shop that gives is the key to success) Not at all! The key to success is only in a competently constructed logical chain to break through the shop!
lecturer: And so, at that moment, I went to Google and wrote “buy gucci”, went straight to the 2nd page and randomly clicked on the shop, that’s it! Nothing more is needed! I highly advise against buying shops and engaging in other nonsense.
lecturer: Only your own experience and personal search will lead to success. Remember one thing, no one will ever sell you money for money. (Perhaps on your way you will meet “sellers” who will sell “Magic shops” that give “an apple in a ru”. I think the meaning is clear.) Don’t buy anything from such people!
lecturer: We go to the shop, register with the roller holder's details (Full name enter the holder, billing and shipping address - drop)
lecturer: I think many people will have a question: “why
do you need to register in the shop right away? And if the bill doesn’t change, what’s the point? Until the main tool for driving in is ready, I am always convinced of one thing, 40% of success is warming up the account! This is the most basic part (in my opinion) to achieve results.
lecturer: How does warming happen? And what kind of animal is this? lecturer: And this beast, something between heavy and simple, I would call it faceless.
Warming up work can be done in different ways, but I strongly recommend that you take this issue seriously.
lecturer: To warm up your account, I recommend using as many methods as you know, I’ll tell you just a few of them.
lecturer: 1. Surfing - I think the most popular way to add heat to your account!) Without surfing, you won’t be able to drive anything, only if it’s in the most leaky shop. We need to constantly surf the site, look at the product, read the site rules, look at the product parameters, material, etc.
lecturer: We always put ourselves in the place of a real holder, I don’t think that a holder would come in and make an order in 5 minutes, no! Americans and many Europeans are very sensitive to the choice of any product, even if it’s just ordinary socks
lecturer: A real pendos, before buying any product, reads everything about it, reads a bunch of reviews, thinks 100 times whether he needs it or not, then Let's look at the quality of the material, check it with other analogues of the product,
only then will it buy, I know this from personal experience with pendos
lecturer: We need to warm up our account every day until the billing changes.
Simply put, we logged into the account for an hour or two and looked at the product (
Close to what we will order
the lecturer: For example, if we order a Guchi sweater, we surf only sweatshirts or just a Guchi brand, sometimes we go to something else), the next day we do that same operation and so on until the bill is changed. lecturer: 2. Calling, chat
As practice shows, warming up with this type greatly encourages success. We immediately put ourselves in the place of the holder. Let's say we registered in the store, looked at the product and immediately had several questions, where will our curious holder run to ask them? Of course, online chat. lecturer: The questions can be different, the point is not in them at all, but in the fact that when communicating in a chat, fraud begins to smile at us more and more, because we begin to fit the description of a real holder!) lecturer: For those people who are
friends with English:
Ask different questions: “How long does delivery take,” “And if the item doesn’t fit, can I change it?” , “I want to give a gift to my brother, can you make gift wrapping?” and so on... there may be many questions, use your brain and think!
lecturer: For those people who do not speak English:
On the forum there are many different calling services that have a “chat warming up” service, for a certain amount (usually no more than 5-8 $) they log into your account and communicate with store.
lecturer: There are many more ways, but basically I use these two methods
lecturer: In the next course of work, there are 2 reversals of events: lecturer: 1. The bank changes billing and everyone is happy.
2. The bank blocks the account. What to do in this case? We contact callers, the chance of unblocking your account is approximately 30-40 percent. It all depends on the bank and how much information you have on the holder. lecturer: How much money to buy goods.
lecturer: The question is very delicate, here again, it all depends on the bank and the limit on the holder’s card. How to find out the limit?
Again we turn to the callers.
lecturer: The meaning of the conversation with the bank should be such that the holder wants to make a purchase on the Internet (Suppose you enter in the amount of $1,500) and find out whether the payment will go through normally? I mean, won't there be any problems?
lecturer: There are 2 options:
lecturer: 1. Your future purchase meets the limits and the bank says “Everything is fine, you can make a purchase”
2. Or “Your card limit for online transactions is $1000, we can increase your limit
lecturer: 2 The second option is the most common. We do this not only to find out the limit at the bank, but also to warm up the transaction, what does this mean? And the fact that we have now directly notified the bank that we will be placing an order for $1,500! And the bank already knows about it! What could be better?
lecturer: Always remember. If you have any problems with your order, contact the callers immediately, a good caller can help you out with a lot.
lecturer: If the shop’s problems cannot be solved, the problem is with you, not with the shop! Always check your system carefully to make sure everything is configured correctly. When driving, you need to take into account a lot of factors, not everything is as simple as it seems, with each driving you will become more and more experienced. lecturer: Let's talk a little about the construction of logical circuits and what factors need to be taken into account when driving.
lecturer: This information may, of course, seem obvious to experienced people, but many beginners do not know about it. I will tell you briefly about the main factors.
lecturer: - Set up machine for driving
in Once again, for everything to go smoothly, be sure to use a replacement IP for the drop! Why? I described above.
lecturer: In general, for convenient work and better quality driving, I advise you to buy a sphere, you can read it in more detail and buy it in this topic: lecturer:
Personally, I’ve been using it for 3 months, driving in and other work goes much better than with the same ones Dedikov. And in terms of money, it will be much more profitable for you, the price for a home garden is 8-10 dollars, the price for a sphere is 100 dollars a month, so do the math! Sox cost pennies
lecturer: Also, working with VNC is much better than working with Dedik. When choosing a machine for typing, there is an individual approach from the lecturer: -Mail
Here it is better to use the gmail domain. Also, if the holder’s name is “Leen Helson”, for example, then I advise you to do mail something like this: “ [email protected] ”, whoever deals with email databases will understand that mostly amers use first name, last name or just last name for mail login , the most common type.
lecturer: -CTR+C CTR+V
A mistake many beginners make! Write any data by hand! And only with your hands! You never need to copy and paste anything, be it login, password, billing, and so on...
90 percent of the antifraud system looks at this, because a real holder will definitely not copy and paste his address or card data!
lecturer: - Entries from different entrepreneurs
Very often it happens that in the process of 3 days of
driving, a sock dies or a grandfather who has been at work for a long time, I think they know this unpleasant situation well. If this happens to you, don’t even think about taking the first Dedik or Sox you come across and going into your account, be it a bank or an account in a shop!
lecturer: In such a situation, select the most similar IP to what you had, try to find the same zip if there is no zip in the city. If this is not done, from the shop side it will look like this. Go through registration
You are from Texas, you spend a day looking at the product, 3 hours later you come in from Las Vegas, isn’t it strange?
lecturer: We immediately remember about the fraud glasses, which we don’t really need, and the fraud’s smile immediately begins to subside.
If this happens, even from the same city, but from different addresses, it’s okay, let’s say you came to a friend’s house and sat with him. We registered, climbed with him, looked at the goods, then came home and went to the site again. The situation is simple. lecturer: I think this is clear.
lecturer: There are very, very many factors, every little thing can and will affect progress! Always imagine yourself in the holder's place! After all, you are an ordinary American who wants to place an order.
lecturer: - Time for driving
In no case, I do not recommend driving in on Friday, Saturday and Sunday! You do this only from Monday to Thursday! Because they send the goods on these days, if you enter on a weekend, your goods will be sent on Monday and the chance that by this time the transaction will be canceled is very high! lecturer: Let's move on to the driving itself!
lecturer: Everything is simple here, you don’t need to invent anything. Selected a product, read reviews (if any), looked at the quality of the material, and added to cart!
lecturer: If there are several products, we go further to look at various products, at least 15 minutes, did you find it?! Well done! Add the product to the cart!
lecturer: Under no circumstances follow the links to the product. Let's say you ordered 3 Guchi sweaters, you send the client a website where to look for these sweaters, the client sent you 3 links, open them strictly on another machine, you can use the main one, and search for this product in the store manually, otherwise they will come again evil fraud glasses!
lecturer: Let's move on to paying for the goods!
lecturer: In the Billing address we enter the bank holder's name, surname + address of the drop (when he changed at the bank) lecturer: In shipping, the name and surname of the drop, the address accordingly too, the differences in billing and shipping are only in full hiring
lecturer: Many people will immediately ask the question: “How will the shop react if the names are different, this immediately arouses suspicion?” Does it arouse suspicion?! I would not say. lecturer: Over the hill this is a very common occurrence when holders order goods for their brother, mother, father, sister and so on, as a rule they live together! Why and why? Many are very busy in order to pick up a parcel, for example with work, Study, and a mother who always sits at home can easily cope with this, or when they give a gift to someone lecturer: A common
occurrence, here the shop will not bother too much, because in fact, in there is nothing like that.
lecturer: Press confirm! If you did everything correctly, you will see a nice green sign. lecturer: What to do if a channel appears?
lecturer: First of all, calm down! Yes, it’s not a very pleasant sight, because you tried so hard, and then there’s an instant cancellation! But don’t be afraid, first of all, double-check that you entered all the data correctly, SS number, exp, bill! If not, correct it and try again!
lecturer: If yes, press confirm again anyway, because a regular holder would do just that. If it’s the same song again, call the store right away and anxiously find out what happened and why it happened, because your brother’s birthday is in 2 days and you really need these things!
Usually they help and enter the card either over the phone, or you do it again and everything goes through.
lecturer: Next, I recommend calling the shop or writing to the life chat! Say something like this: “I made an order, is everything okay and when will it be delivered?” And again, you need these things so urgently!)
lecturer: In normal practice, everything goes with a bang, they send the goods! But there are pitfalls here too, the cansl also really likes to fly to the post office, but if you see this sign, we’ll immediately call the store and find out what’s going on. In
such cases, if we do everything correctly, often the bank simply cancels the transaction, the reason for this in 90 percent of cases is the holder calling and canceling the payment.
lecturer: We immediately write to the dialer and try to pull out the transaction, if not, then alas! In every business, there are unpleasant things. Here we do not despair and move on. lecturer: Let's summarize. lecturer: Today we learned:
lecturer: - Correctly set up logical circuits when typing in lecturer: - Studied the main factors of working with enroll lecturer: - Understood how important it is to use the dialing service, that without it we won’t go far
lecturer: - Do the correct account warming up! We realized that this is an obligatory part of driving in!
lecturer: Well, I hope in the future that you will make and continue to make goods using enroll!
lecturer: Homework:
lecturer: Assignment #1 Write down in a notebook, journal, notebook, wherever it is more convenient for you, those things that you did not know before this lecture and constantly try to repeat it so that it sticks in your head, after making one slightest mistake , you can simply lose the goods, money for the material, and most importantly, time, because it is priceless. You can earn money, but you won’t get your time back, use it wisely
lecturer: Task #2 Everyone make at least 2 attempts at
this type of driving! Write out the entire work algorithm for yourself! Example of an algorithm:
1. shop - www dwdwd. com (EXAMPLE!)
2 Bank roll + bin (First 6 digits of the card)
3. Description of the full method of work:
What calls were there and how many + Call results Warming up methods
Shop behavior (Letters from him, etc.)
Try to write down all the factors that were in process!
4. RESULT!) (I hope it will be positive for you
)
lecturer: Unsuccessful algorithms or problematic ones (in the process), you can send me a PM, I will help and correct them. We will try to get out the problematic ones
Hotels
lecturer: welcome everyone, today we will talk about this area of work such as booking and rental
lecturer: and more specifically hotels, cars, excursions lecturer: tomorrow we will discuss air tickets, and also tomorrow we will work in the form of a question and answer
lecturer: just not today sense on questions since tomorrow there will still be information that will probably give all the answers
lecturer: there are several ways to make a hotel reservation at someone else's expense:
lecturer: payment using an authorization form - Payment via an agent - Payment through BOOKING - Payment with rewards
lecturer: let's talk now in detail on each of these topics lecturer: 1) Option for the authorization form
lecturer: And so what is it all about:
lecturer: Download http://rghost.ru/6BsVFb7Jn and watch carefully!!!
lecturer: The authorization form is a questionnaire in which all the payer’s data, period of stay and card details are indicated; with this form, KH confirms its consent to write off funds
lecturer: then the hotel employee enters the card data into the POS terminal and makes the payment
lecturer: Now everything is in order:
lecturer: Let's go to http://www.booking.com/
lecturer: choose a hotel, make a reservation for the one we will check in ,It is possible to deal with MtisA and RbeKz boEokTing..cComOa immediately lecturer: we call the hotel and, introducing ourselves as an agent, request an authorization form to pay for the reservation
lecturer: An approximate dialogue looks like this:
lecturer: - Hello, I’m from the travel agency “XXXXX”, we want to book a room for our client. Is it possible to pay through the authorization form?
lecturer: - Yes, of course
lecturer: - Very good, send the form to [email protected]
lecturer: Fill out the authorization form:
lecturer: Credit Card Holder's Name enter KH or a fictitious name
lecturer: Hotel Guest Name enter the person we will accommodate
lecturer: We indicate telephone numbers Skype with an answering machine lecturer: We make a rendering, there is an important nuance, it is better to do the drawing not in the form of scans, but in the form of photographs in hand lecturer: We send
all this to the email specified in the form, they often ask to send it by fax, here you need to call and ask for an email address
lecturer: We receive a slip check (a check confirming a completed transaction)
lecturer: Never accommodate anyone without this check!!!!
lecturer: It is necessary to observe the maximum limits for one transaction
lecturer: Do not make more than 2-3k$, since very often for large amounts there is a restriction on making payments
lecturer: What to do if the cost of the reservation is 4k for 10 days? lecturer: We split the reservations into two: the first for 2k 5 days and the second for 2k 5 days
lecturer: The scheme looks like this:
lecturer: We go to http://www.booking.com/ make reservations for the one who will stay (you can do it at least for month before check-in)
lecturer: 2-3 days before check-in we call the hotel, get an authorization form - pay
lecturer: Checked in
lecturer: 1-2 days before the start of the second reservation call the hotel from the same number, get an authorization form -
pay
lecturer : The best cards for making payments are: Malaysia, Singapore, South Africa, Germany, we value the maximum period for the charge
lecturer: We need to approach ringing and drawing as seriously as possible!!!
lecturer: The quality must be high, hotel workers should not have any doubts!!!
lecturer: 2) Option of driving into an agent
lecturer: There are a huge number of agents who are intermediaries between the hotel and the person who needs this hotel
lecturer: The main difference here is that the agent has his own merch for accepting payment for the hotel
lecturer: PSazbTerYem Xna MpriAmerRe EKxpEediTa.c. oCm OM
lecturer: We hit from the grandfather or the tunnel, the selection of tunnels and grandfathers is a very serious thing!!!
lecturer: agents have very strict antifraud, so we do everything as clearly as possible!!!
lecturer: we also select the mat carefully, the zip of the tunnel/grandfather must coincide with the zip of the SS if you hit with the same
lecturer: there is no mat for the zip, which means we don’t take this tunnel/grandfather, because even if the payment goes through, the reservation will not be given, and even if gives, then there will be a cancellation, it has been checked many times!!!
lecturer: there is still one nuance that increases the chances lecturer: You can enter the KH in the residing room, then he may simply not come, or even better, call the hotel on behalf of the agent through whom the reservation was made and ask to change the First and Last Name of the KH to the one we need lecturer:
we
need understand that Expedia.com is very popular, and it gives very reluctantly, but there are a lot of agents and you just need to look for a
lecturer: I will say right away that finding an agent is an expensive and time-consuming task, here you need to approach it systematically - try different mats, different schemes, etc.
lecturer: be sure to record all your actions during the tests, so that later you can understand exactly how to enter, etc.
lecturer: accordingly, for these experiments you need to have free funds lecturer
: the main disadvantage of such input is a terrible anti-fraud, it often requires dialing and drawing, and so on
lecturer: but all this pays off RPLKYUSEOMT: re.dsko
Cancel reservations during your stay. This is due to the fact that the cost of fraud merch is borne by itself)
lecturer: What you should pay attention to: lecturer
: Very often merch companies check the phone number from the SS data, and they often call - at the slightest suspicion, here we can initially check for ourselves whether it is active KX has a number, and if it is turned on and KX picks up the phone, then you need to flood him to death so that he turns off the phone, or buy an SS where the number is not active
lecturer: And accordingly, when they can’t get through from the merch, they will write to the soap, and you will have to call them yourself
lecturer: Also pay attention to the hotel itself that you choose, if it is new or not popular they can be
blocked on suspicion of a gulf lecturer: 3) By typing at booking.com
lecturer: Booking.com is one of the largest companies in the online travel market lecturer
: Everything is very simple for them - hotels display their properties, users select the appropriate ones and pay the hotels, which pay Booking a commission once a month
lecturer: THAT is Booking does not charge at all and does not have its own merch!!!
lecturer: When you enter your data on the website, CC booking sends your data to the hotel via a secure channel lecturer: And the hotel debits money from you at some point in time at its discretion lecturer: It can write off immediately, maybe in a month, or maybe not at all
and ask you to pay on the spot lecturer: The debiting of payment is an absolutely unpredictable thing, and it is determined solely by the hotel owner, but not by Booking.com
lecturer: And here you need to be prepared for many questions like: show the card, pay in cash, and so on
lecturer: We must understand that when you or your clients move in, all these questions may arise, and they will not speak to you in Russian, and a situation may also arise when there is no stuff who can generally help with payment issues, lecturer: hammered in, then it is very advisable to control the debiting of funds
, by calling the bank on a robot or if they beat you from a roller, then you need to look at
the transactions online
lecturer: If you beat the euro, then depending on the circumstances, most often you won’t find out anything there...
lecturer: But in a situation where the hotel could not write off the funds from the card, they can write to soap and then you can put another SS
lecturer: BUT OFTEN THEY DON'T DO THIS!!!
lecturer: Then we wait for a while and call the hotel and tell
the lecturer: “Hello, I’m Vasya Pupkin, I just paid for the room through booking. Please check if everything has been paid for and if you need any additional expenses from me.” Well, it’s advisable to just talk a little: ask about the weather, about prices in the bar, ask how many taxis. There is a lecturer standing in the city
: You must look like a real tourist!!!
lecturer: If everything is in order, then you can move in
lecturer: Booking and services like it, for example, have a very serious disadvantage in that a charge often arrives during your stay. In such a situation, you have to pay in cash yourself. And if the KH gets boiling, then you can talk with the local police)))
lecturer: Accordingly, you should NEVER swear at the country where the tourist is traveling!!!
lecturer: An important aspect: HOW TO GENERALLY DISTINGUISH AN AGENT FROM A PSEUDO AGENT
lecturer: that is, when searching for merch, we must understand the principles of its operation and, based on this, decide for
ourselves whether it is suitable for you or not
lecturer: Initially, we read Google, reviews about the service, so called how it work, respectively, we hit foreign services and also read not on RU sites))))
lecturer: Next, we enter a test from the roller and look in transactions who writes off the money, if the hotel itself writes off, then it’s not an agent but a service like booking, if he writes off the merch of the site where they hit it, which means it’s an agent
lecturer: Please pay attention to the fact that even if you enter into an agent, there are no guarantees that the reservation will not be lost during your stay!!!
lecturer: 4) Brutal rewards accounts
lecturer: You can get the coveted reservation using various loyalty programs
lecturer: There are two types:
lecturer: Loyalty programs of SS issuer banks, I think everyone knows about this
lecturer: KH when he pays with a card for every spent dollar receives: miles / points / rewards on a virtual account
lecturer: And they can be spent on hotels/air/cars or something else
lecturer: And the second type is loyalty programs of hotel chains / large travel agencies / large stores, etc. lecturer: Working with them is of course not so easy, and experiments require quite a lot of money, you need to be prepared for this
lecturer: Initially, information is collected about existing loyalty programs, then you need to
write software for the brute force, find accounts and try to make a reservation
lecturer: There are a lot of nuances there and each such program has its own features... you can understand them only by trying the lecturer: The main problem: will it allow you to make a reservation not for the holder aka but for the left Vasya?
lecturer: It’s not hard to guess that most often it won’t work))) lecturer: Here you can do this: lecturer
: Try to change the guests’ data in the merch itself by calling, but here you need to be prepared for the fact that they will try to dial the holder and the question of the number’s activity arises
lecturer: You can call the hotel and say “Hello, Vasya and his wife will come instead of me.”
lecturer: Another option using a scan (drawing): upon check-in, the reservation is shown, and if the question arises: “Where is the person for whom the room is reserved”
lecturer: we answer : “He’s not there yet, he’ll be later”
lecturer: and we show a photocopy of his passport, which we had previously drawn and printed
lecturer: Just like we brute ourselves, you can also buy from lairs, and sometimes sellers sell something, but most often it’s not worth anything will sell))))
lecturer: There are also options to combine, for example, take an account and link a new card to it, and pay for it
lecturer: CAR rental
lecturer: there are two options for booking cars lecturer: payment in full through an agent (our option)
lecturer: payment parts from the card are usually 30-50%, and the rest through the cash register directly (this does not suit us) lecturer: having entered the standard one, it makes no sense to describe everything lecturer: and so the entering was successful, and you go to get the car, then you will have to make a deposit for the car from your card which has your name on it!!!
lecturer: http://prntscr.com/gwsw9a
lecturer: the card is used to block a certain amount as insurance and after returning the car, the amount is unfrozen after 3-5 days
lecturer: what you need to pay attention to:
lecturer: be sure to read the rules for using the service
lecturer: Make sure you pay 100% of the rent and no additional payments will be required!!!
lecturer: Be sure to look at the minimum age of the driver, often they don’t pay attention to this and simply don’t issue a car!
lecturer: we always have money with us to pay for the meeting! lecturer: The card you leave should not be important to you, that is, if you use such a service, you need to make a card to lock it after the rental, since the money can be withdrawn even after a few months!!!
lecturer: Excursions
lecturer: one of them is viator.com, the entries here are standard, there is no point in describing them, I will dwell on some of the nuances
lecturer: antifraud is most often also a very serious lecturer: just like with booking, you come across services that
do not charge themselves, they are rare, but such are found, so what you need to pay attention to when testing
lecturer: when filling out the data, we indicate the data for the transfer, that is, the hotel from where to pick up and telephone number lecturer: You can indicate the hotel next door and just go there, but you don’t need to be late so that the driver does not call the hotel to your room lecturer: If you
leave telephone number, also look at who it is registered to
lecturer: Also, you should not swear at the country where the excursion is taking place)
lecturer: Next I want to tell you the mandatory rules when using karzh hotels:
lecturer: Before checking in, always call the hotel and confirm that the reservation is ok!!
lecturer: ALWAYS have money in cash, so that during the meeting you can pay for everything!!!
lecturer: Don't spend more money than you have!!!!
lecturer: When paying with a form, always wait until you receive a
“slip check”, because even when you call they can tell you that everything is in order, but after checking in it turns out that it is not, and you will have to pay your own lecturer: NEVER give your
card, I can ask for it for deposit or anything else, if asked, leave cash!!!
lecturer: THE PERIOD OF STAY should not be more than 14 days, you must understand for yourself - the shorter the better!!! lecturer: NEVER tell ANYONE where the reservation is from, etc., no one should know about karzh!!!
lecturer: I don’t recommend staying in RU hotels because of Karzh!!! In Russia, when you check in, you will be asked for a passport, all the data is there, it won’t be difficult to find you!!!
Air
lecturer: Good evening, today we’ll talk about perhaps one of the most profitable topics in Karzh - air tickets lecturer: First I’ll tell you about the different options for obtaining tickets, lecturer: then we’ll talk about the safety of
this whole event,
lecturer: and only then I I’ll answer your questions lecturer: So, what are the options:
lecturer: AGENTYY-XFORMMAA-RREKVERDTY.-SVBOIVMV AK
lecturer: an agent is an intermediary, for example, bravofly.com, between a huge number of airlines and the passenger, payment in this case goes to the agent
lecturer: this option is safe for the one who flies, since during the meeting all questions go to the intermediary who issued the ticket
lecturer: most often agents are sites with merch with payment from VBV
lecturer: that is, we have three options here:
lecturer: SS + VBV = the armor holds up best, but the mat is very expensive and very difficult to find
lecturer: In the euro merch mat yusa+vbv used to climb normally
- now it doesn’t climb very well either)))
lecturer: SS nouvbv bins here a rally is possible at any
time, it very much depends on the country SS on the merch itself and on a lot of other things
lecturer: SS amex – SS Amex themselves do not have VBB as such, now they have done something like that, and some time ago there were merch that Amex sold, and if you hit Australia or New Zealand with Amex, they gave you a lecturer: now this method is less effective, since everyone has lost sight of it and they started fraud
lecturer: there are also merch products without VBB, but there are very few of them and they are very tough)))
lecturer: I have been dealing with tickets for quite a long time, and I will give some advice:
lecturer: if you decide to try yourself in this field - make sure that you know how to drive in, without experience with stuff, gifts, etc., you don’t need to start at all, since here you will need experience in understanding how antifraud works, and in setting up the machine for driving in and in drawings and ringing lecturer:
no start searching for airline merch without good capital - which you can easily drain lecturer: learn to work systematically
lecturer: that is, when you have found some merch that in your opinion should give, you must develop a system for testing it
lecturer: you need to try different math
lecturer: It is necessary test different directions, if the Russian Federation did not give it, this does not mean that it will not give something else
lecturer: Different booking deadlines, etc., many do not give it if there is little time before departure
lecturer: Different amounts of tickets purchased, cheap ones are given and expensive ones are not
lecturer: Before you fly yourself or send clients, you must be 100% convinced that your method is reliable!!!
lecturer: Today, the topic of aviation is very much beaten, and even a checkmate with a vbv does not give any guarantees of success
lecturer: Depending on the airline and the direction, passengers may be asked to draw the CC at the counter, for example, you should know all the nuances in advance
lecturer: Very often payment It goes well, tickets are given, but a meeting occurs, most often this is an additional verification of payment or something else. Here you need to call and understand the reasons for working
lecturer: When working with the VBV mat, it’s worth considering driving in in more detail:
lecturer: We set up the virtual machine, everything should be perfect, after driving in we clean it, if we use Antique, we clean it too
lecturer: We buy a sock or a tunnel, it is important that it is fast and clean, we select it as close as possible to the KX IP
lecturer: We receive data on the CH IP and the KX user agent from the seller SS+VBV
lecturer: We go to the agent’s website, if we beat VBV then we need 100% know that it is there), choose a ticket, pay for
the lecturer: Using the example of CC+VBV Nemtsev, I will describe what
the lecturer is like: CC DE FULL INFO CLASSIC (these are classic bins), the price for such CC is up to 50 euros (limit guarantee in average 500 euros)
lecturer: CC DE FULL INFO HIGH (these are bins from premium to corporate), the price of such CCs is up to 75 euros. CC HIGH come with a limit guarantee of up to 750 euros
lecturer: CC DE FULL INFO BUISNESS (business and corporate card bins, etc.), the price for such CC is up to 90 euros. Limit guarantee up to 1300-1500 euros
lecturer: it is clear that the Vestma numbers are average, and the limit guarantee and price can differ significantly
lecturer: also today there are sellers who do not give a guarantee limit at all
lecturer: they take advantage of the fact that such swearing is rare and the lecturer is in great demand: we never buy full cards - SPARKASSEN (name of the bank), firstly they are petty, secondly there is a powerful anti-fraud system, thirdly, there are no replacements for them lecturer:
Naturally, if the card is not valid, a replacement is also made
lecturer: Replacement of the SS all sellers do it strictly when providing a video by driving
in the lecturer: The video should start from the moment the CC is opened from the seller in private, then show that your sock/tunnel is read (check2ip.com) and end with either a successful drive in or problems resetting the VBB, etc.)
lecturer: I’ll give you a link to the program for recording
lecturer: http://rutracker.org/forum/viewtopic.php?t=5022971
lecturer: The format of the issued SS is normal, but plus this is included in the full DE
lecturer: Gaberstatum (in short, DOB) lecturer: Kontonummer (account number from 7-10 digits)
lecturer: Servicenummer (not for all CC) bank number where to call, but it is rarely required
lecturer: Bankleitzahl (bank number for other banks, usually does not ask for it, since it is the only one in bank) lecturer: SC respectively Security code, for us it is
known as VBV, but a very big BUT, it is not needed in 70% of cases, since in German banks the SC is reset automatically every 30 days
lecturer: it turns out that we activate the IC every time using Kontonummer (account number), Haberstatum (ext), Gultigkeit (escapation date) and Prufsiffer (svv2 code - three-digit code) lecturer: We
enter the passenger data, enter the card data, change the VBV and if everything works out , then we rejoice. If the card is invalid, there are not enough funds up to the agreed limit, the VBV does not allow changing, we put Bandikam on stop, upload it to sendspace, send it to the seller and wait for a replacement
lecturer: and here is another very important nuance
lecturer: Yesterday in a lecture on hotels I spoke in detail about services like booking.com
lecturer: Let me remind you of these services that do not have their own merch and simply transfer your data to AK and the airline processes it
lecturer: At the same time, you may not see this yourself
lecturer: That is, when you make a reservation through an aggregator like skyscanner, then you you see that when paying, you went to another site
lecturer: And when you book on vayama, you don’t go anywhere, but the money is withdrawn by the airline whose flight you are booking!!!
lecturer: In fact, this is a direct drive in with all the ensuing consequences
lecturer: How to figure it out:
lecturer: there are two methods here - drive tests from the roller and see who wrote off the money
lecturer: You can also call AK and, under the guise of making some changes, find out everything, but This method is not 100% often the case, so the airline company says “contact the agent
who signed up for XbilMet.” Although
the airline company made the list!!!
lecturer: If you made a ticket through such merch, then it is advisable to make the client a fake document for the ticket and be sure to warn about possible problems lecturer: When entering in this way, NEVER swear at the country where you are flying!!!
lecturer: There have been cases when they are removed during a transfer and they begin to torment me very much!!!
lecturer: The next way is to enter the payment form into the agent lecturer: It’s the same as with hotels
lecturer: We just call the agent, come up with a story why we can’t pay via the Internet, request the form, make a drawing, call and make a ticket
lecturer: I’ll say right away, very few agents now accept payment by form, and of course making tickets for small amounts is not interesting here since the cost is high
lecturer: The next topic is rewards
lecturer: It’s the same as for hotels, I told a lot yesterday
lecturer: Let me note an important thing - most often loyalty programs allow you to do hotels/airlines/cars, that is, everything for a tourist
lecturer: There is very little left - to find)))
lecturer: Miles from airline companies are also a very working topic, although large airline companies everything has already been reduced, and here I want to point out an important nuance
lecturer: When we pay for a ticket with miles, we often need to pay additional taxes and fees in money, here we enter the CC, but we also need to find the CC so that the charge is as long as possible
lecturer: The amount of taxes and additional payments is usually not more than 20-100 bucks per passenger
lecturer: Sometimes you can pay taxes with a virtual card like QIWI or YAD, but almost everywhere it doesn’t work anymore lecturer: The most beaten AKs are British, Delta, Lufthansa... they behave very strangely, they can and get off the flight during a transfer, it happens that they cancel the flight and don’t let you on the plane)))
lecturer: I’m writing all this to the fact that before sending someone off, it’s important to test everything
lecturer: Phone activity is very important, I talked about this at last lecture on hotels, if someone was not there yesterday, re-read the logs
lecturer: There are also miles not of any specific AK but of associations, such as SkyTeam, and in some it is possible to enter by code-sharing, that is, you have airline miles A and you use them for a flight of company B
lecturer: Here is the advice, do not use miles of Russian airlines, and do not use miles of Western AKs for flights of Russian AKs
lecturer: We can get accounts in the following ways: lecturer: We bring it ourselves – We buy from logs – We buy in AK shops
lecturer: THE FOLLOWING WAY I DO NOT RECOMMEND TO USE
lecturer: Directly driving into ak, there are no problems, there is no vbv there, and the fraud is not so fierce, all this because ak can always take money from you through the court) lecturer: By driving directly, the case is criminal and very dangerous, there are a lot of cases when AKs seize all the money, so I don’t recommend doing this)))
lecturer: Air safety
lecturer: So, if you want to use such a service, choose sellers with good reviews, use a guarantor for transactions
lecturer: ALWAYS have money to pay for the ticket in cash!!!!
lecturer: Never tell anyone about the origin of your tickets
lecturer: NEVER carry electronic traces with you on your laptop, phone, etc., always encrypt everything!!! lecturer: No need to jump above your ass!!!
lecturer: That is, if you don’t have a cache just in case, then you don’t need to buy tickets for business class
lecturer: If you open a service:
lecturer: Make sure 100% that your scheme works lecturer: Don’t work without payment
lecturer: Don’t take orders that you cannot fulfill lecturer: Always be careful about orders where there are a lot of people with children
lecturer: Never hit AK and RU merch directly
lecturer: Always negotiate everything on the shore
