In order to hack a website and install a card sniffer on it, we must find vulnerabilities on the site. Please study the manual on how to do this correctly:
"How to look for website vulnerabilities":
After you have hacked the site and gained access to it, we need to install a sniffer that will transmit to us the CC+CVV of cardholders who pay for any goods or services with cards on this site. Details in the manual at the link.
"How to install a card sniffer":
In my opinion, rather than wasting time on hacking a site and installing a sniffer, it is much easier to buy valid CCs in a trusted card store and start carding.
The professionals have already done everything for us - they hacked the sites and gave the card database to the store for sale.
In the store you can see exactly whose base is being sold. Perhaps you will be able to contact them and they will teach you how to get cards correctly.