Hacker
Professional
- Messages
- 1,043
- Reaction score
- 844
- Points
- 113
Today we will be puzzled by a very important thing - determining what a shop or service checks when we try to drive in. This will help to understand much better the reasons for possible declines and flaws in the configuration of our system or browser. These can be various fingerprints, WebGL parameters, and other such things. So, first, download the OpenWPM system from Github. This system is on a regular Ubuntu - if you want to understand it, there should be no problems. It was created to detect our audio prints.
After we have installed all the basic things, we need python modules for scanning, using javascript parsing. After completing these actions, in the end, a window becomes available to us, in which we enter the addresses of a shop, office or any other link of interest and get a database with js requests. This analysis of the AF system takes only a couple of minutes in time, and as a result, you will receive information about what the final site wants to receive - it can be a canvas, an audio print or something else. anti-fraud systems are developing at a very fast pace, and literally every day new detections appear. Installing python takes a few minutes, but before that we need to install the mozilla.
Next, open a terminal and enter the command:
We started cloning the system - it will take a little time, no more than 5 minutes.
The project has been successfully cloned.
As a result, we have a folder with the name of the product - go to it and execute the script ./install.sh
Next, the system asks about installing the flash player - we give the go-ahead, press Enter and start installing the scripts that we need for the python module. After the installation is complete, we need to check if everything is enough for further work with the analysis - we start the check by executing ./demo.py
If the script is successfully executed, then everything is ok at this stage, but often a problem may occur associated with a lack of administrator rights - in this case, execute sudo *. / Demo.py, followed by python ./demo.py. If after playing these actions we get such a window, then everything is fine:
Now we do a test run, and we have three browser windows open. We are waiting for the necessary files-tools for our work to be loaded - we are waiting for their closing. After that, open the following file: namo demo.py
If everything was done correctly at the previous stage.
Let's pay attention to the sites that are highlighted in green with the number 3 - a parameter that will be launched with the number of browsers to analyze sites of interest to us. This value can either be loaded from a text file or manually entered in the command line. The number of simultaneously running browsers depends only on system resources.
We are now ready to go directly to testing. Let's start checking - enter the address of the target site, for example, paypal or facebook with all adjacent connection types (http / https), and execute the python demo.py * command. The process has begun, you will see it thanks to the start of creating files and folders on the desktop. To get the results, we are interested in the crowdata.sql file - it is in it that information about the requests received from the site will be stored. The time taken to check each specific site depends on its size, connection speed, and the amount of information requested. If your system does not have the required application to open files of this type, then I would recommend the "sql lite" application:
After opening the resulting file with this program, we get tables in which we now need to find the queries that interest us in our analysis. To do this, select the item "data", then select the javascript value in the table. Now let's see where the detections are - we are interested in the "script url" column.
And now the most interesting thing - let's look at what the site wants from us using Paypal as an example: let's expand 4 columns for convenience - script_url, func_name, symbol and the value column. These values were transmitted to the site at its request. For example, here is the font data:
Cookie data, session tokens:
Thus, thanks to this method, you can follow the main points that you should pay attention to when setting up a car for driving or working with accounts. In fact, there are also a large number of hidden and indirect detections, machine learning is actively developing in all top AF systems, as a result - abuses, locks, declines. All existing antidetects, which I personally had to deal with, in one way or another, require a creative approach and study of the anti-fraud of specific offices. Unfortunately, it is very difficult to give universal advice.
Personally, I use Dedicated as the simplest solution that does not require configuration. But we all know that they are completely unsuitable for many areas of activity, so we also have to use antidetects. Previously I used a byte antidetect, but today it is hopelessly outdated, so recently I switched to linken sphere - at the moment it suits me completely, after the old antidetect it seems to have moved to a spaceship, plus the developers are constantly adding something new, and so As I am an inquisitive person, learning new functions always makes me very happy. If you have not encountered this antidetect, then you can read information about it on their website: ls.tenebris.cc, or search the forums, I recommend.
I hope that thanks to this article you have learned something new and useful for yourself. In our business, you always need to develop, experiment and adapt to circumstances in time, and then there will be a profit!
All good, thank you for your attention.
After we have installed all the basic things, we need python modules for scanning, using javascript parsing. After completing these actions, in the end, a window becomes available to us, in which we enter the addresses of a shop, office or any other link of interest and get a database with js requests. This analysis of the AF system takes only a couple of minutes in time, and as a result, you will receive information about what the final site wants to receive - it can be a canvas, an audio print or something else. anti-fraud systems are developing at a very fast pace, and literally every day new detections appear. Installing python takes a few minutes, but before that we need to install the mozilla.
Next, open a terminal and enter the command:
Code:
git cloneWe started cloning the system - it will take a little time, no more than 5 minutes.
The project has been successfully cloned.
As a result, we have a folder with the name of the product - go to it and execute the script ./install.sh
Next, the system asks about installing the flash player - we give the go-ahead, press Enter and start installing the scripts that we need for the python module. After the installation is complete, we need to check if everything is enough for further work with the analysis - we start the check by executing ./demo.py
If the script is successfully executed, then everything is ok at this stage, but often a problem may occur associated with a lack of administrator rights - in this case, execute sudo *. / Demo.py, followed by python ./demo.py. If after playing these actions we get such a window, then everything is fine:
Now we do a test run, and we have three browser windows open. We are waiting for the necessary files-tools for our work to be loaded - we are waiting for their closing. After that, open the following file: namo demo.py
If everything was done correctly at the previous stage.
Let's pay attention to the sites that are highlighted in green with the number 3 - a parameter that will be launched with the number of browsers to analyze sites of interest to us. This value can either be loaded from a text file or manually entered in the command line. The number of simultaneously running browsers depends only on system resources.
We are now ready to go directly to testing. Let's start checking - enter the address of the target site, for example, paypal or facebook with all adjacent connection types (http / https), and execute the python demo.py * command. The process has begun, you will see it thanks to the start of creating files and folders on the desktop. To get the results, we are interested in the crowdata.sql file - it is in it that information about the requests received from the site will be stored. The time taken to check each specific site depends on its size, connection speed, and the amount of information requested. If your system does not have the required application to open files of this type, then I would recommend the "sql lite" application:
After opening the resulting file with this program, we get tables in which we now need to find the queries that interest us in our analysis. To do this, select the item "data", then select the javascript value in the table. Now let's see where the detections are - we are interested in the "script url" column.
And now the most interesting thing - let's look at what the site wants from us using Paypal as an example: let's expand 4 columns for convenience - script_url, func_name, symbol and the value column. These values were transmitted to the site at its request. For example, here is the font data:
Cookie data, session tokens:
Thus, thanks to this method, you can follow the main points that you should pay attention to when setting up a car for driving or working with accounts. In fact, there are also a large number of hidden and indirect detections, machine learning is actively developing in all top AF systems, as a result - abuses, locks, declines. All existing antidetects, which I personally had to deal with, in one way or another, require a creative approach and study of the anti-fraud of specific offices. Unfortunately, it is very difficult to give universal advice.
Personally, I use Dedicated as the simplest solution that does not require configuration. But we all know that they are completely unsuitable for many areas of activity, so we also have to use antidetects. Previously I used a byte antidetect, but today it is hopelessly outdated, so recently I switched to linken sphere - at the moment it suits me completely, after the old antidetect it seems to have moved to a spaceship, plus the developers are constantly adding something new, and so As I am an inquisitive person, learning new functions always makes me very happy. If you have not encountered this antidetect, then you can read information about it on their website: ls.tenebris.cc, or search the forums, I recommend.
I hope that thanks to this article you have learned something new and useful for yourself. In our business, you always need to develop, experiment and adapt to circumstances in time, and then there will be a profit!
All good, thank you for your attention.
