Install Sniffer/сниффер on your shops

[b1ack]

I will install sniffer on your shop for percentage of the materials

I will be using this sniffer toolkit - b1ack Sniffer/сниффер -Most Advanced Sniffer


Types of forms we accept: native , iframe , redirect

Types of access we accept: admin,ftp,ssh,shell,database,RDP

We also help with the management and securing of the access and we accept access with neigbors also , because our sniffer can block the neigbor

Working conditions :
● We take access only from 5-10 cards per day for native
● We take access only from 5 cards per day for iframe
● We take access only from 5 cards per day for redirect
● We take 30 % of the material
● 24X7 support on jabber
● I can change the conditions whenever I want

Detailed statistics is provided on the panel , check the toolkit for the features of the sniffer

Contact:
Jabber: [email protected]

 

[perfecto]

Не работать, дал ему шопы для поставки сниффера на них, 400 оредров юса и 100 ордеров юк ( a week ), в итоге пишет чтобы работаьть с ним надо дать депозит 500 баксов) Хотя я ему шопы скинул на перед а потом он условия ставит!

Думаю за такое можно и жалобу написать

UPD - Вопрос не решился, не советую к работе. Без проверки якобы купил сервера для сниффера, не проверив шоп можно ли что установить! Изначально писал что сможет поставить на 1 шоп US а GB не получится. А ниже пишет что якобы он только потом все проверил.
UPD. Администрация хватит чистить

 

[b1ack]

advisir сказал(а):
Not to work, gave him shops to supply a sniffer to them, 400 us orders and 100 yuk orders (a week), as a result, he writes to work with him, you need to give a deposit of 500 bucks) Although I threw off the shops for him before and then he sets the conditions!

I think you can file a complaint for this

UPD - Solving the issue!
Нажмите, чтобы раскрыть...

Guys is a timewaster , he had such low level of access , that sniffer cannot be installed , but still wasted my times and I made 2 iframes for his site , and the main reason , he dropped the access without my consent and wanted to test my abilities , I took the challenge but I got pissed when I found out access did not had adequate permissions , I never login and check access first until sniffer is ready to be installed for customer's satisfaction , I have more deposit than him and more activity on the forum , simply a time-waster ,

 

[zewa]

start working togheter, on first shop sniff installed, ongoing more shops
vouch for him

 

[vei]

why list your sniffer as "Bypass CORS protection" when you're asking to host on the same server where the shop cms is also hosted? it's the same origin. if that's not the case, php & js alone won't bypass CORS as that would be a massive 0day of its own. you'd need a reverse proxy to run a bypass CORS if you're truly loading the shop from cross origin and that would also mean running under a different domain name and building traffic for it.

how does your sniffer differ from basic js that iterates through all input field to collect data and send it, such as old magecart js skimmers that's can easily be modified to fit the form they're needed for?

for example,

Код: Скопировать в буфер обмена

var inputs, index;

inputs = document.getElementsByTagName('input');

for (index = 0; index < inputs.length; ++index) {
    // store inputs data as string
    // send it to panel for storage
}

 

[b1ack]

vei сказал(а):
why list your sniffer as "Bypass CORS protection" when you're asking to host on the same server where the shop cms is also hosted? it's the same origin. if that's not the case, php & js alone won't bypass CORS as that would be a massive 0day of its own. you'd need a reverse proxy to run a bypass CORS if you're truly loading the shop from cross origin and that would also mean running under a different domain name and building traffic for it.

how does your sniffer differ from basic js that iterates through all input field to collect data and send it, such as old magecart js skimmers that's can easily be modified to fit the form they're needed for?

for example,

Код: Скопировать в буфер обмена

var inputs, index;

inputs = document.getElementsByTagName('input');

for (index = 0; index < inputs.length; ++index) {
    // store inputs data as string
    // send it to panel for storage
}

Нажмите, чтобы раскрыть...

The panel is hosted on a different server , and sniffer files are hosted on a different server (proxy server ) , this gives you the power to allow the hosts , who can request cross resources from your server and if your proxy domain is banned or blocked then your main panel is safe and you can host a different proxy server in 5 minutes , And to answer your question about cors bypass , It truly bypasses the cors , and I am not going to explain the technology to the public . The code you provided is the basic one , with no anti bots , Your code needs to block crawlers , scanners , Anti-Virus scan , My code does not shows on the inspect of the browser , and does not lets to inspect and view source once injected. You also need to enable different type of sniffing , because even the basic ones , have different forms . And this thread is related to my service of sniffer install for co-operation , so if you have questions about sniffer , Comment on the relevant thread .

Thank you.

 

[Avista]

Price?

 

[b1ack]

Avista сказал(а):
Price?
Нажмите, чтобы раскрыть...

This thread is related to co-operation (Working together) sniffer thread is here https://xss.is/threads/92716/

 

[geecko]

Гражданина к сотрудничеству не советую.
Уже неделю как отправил ему доступ к небольшому шопу под сниффер, трое суток он его делал, когда закончил, заключил, что форма оплаты сложная под сниффер, етк. Ок. К этому моменту с него был добыт уже 1 сс, УРА!!!. Так что, недолго думая (а зря), дал ему доступ к шопу покрупнее. Вроде скрафтил на нём сниффер, но вот незадача - сс не идут. Решил тогда блэк (писать ли на блэка блэк, это вопрос, конечно) разобраться со всем этим делом (панель мою переустановить), а заодно, видимо, и удалить мой шелл со второго шопа. Такое мнение сложилось всилу того, что если бы это был действительно админ, то неожиданно появившаяся на сайте дополнительная форма оплаты его смутила (сниффер гражданина сейчас на обоих шопах стоит). Моё же смущение вызывает то, что отстук моих скриптов с обоих шопов на мой сервер (типа админ зашел в Back Office, по такой-то такой-то странице, etc) ещё идёт, а их действительно админы удаляют, когда обнаруживают присутствие.
Такое чувтсво, что я с этим 1 сс и останусь, когда его сниф заприметят админы и уже реально снесут чёрного.
Грустная короче история моего первого партнёрства на форуме.
UPD. Да даже если бы каким-то чудом оказалось, что админ шопа действительно не заметил сниффер, но заметил только бэкдор, то сроки, по которым, товарищ работает, вообще не гуд. 72 часа на незаконченный сниффер, серьёзно?

 

[b1ack]

geecko сказал(а):
I do not advise the citizen to cooperate.
It's been a week since I sent him access to a small shop for a sniffer, for three days he did it, when he finished, he concluded that the form of payment was complicated for a sniffer, etc. OK. By this time, 1 cc had already been extracted from him, Hurray !!!. So, without thinking twice (but in vain), I gave him access to a larger shop. It seems that I crafted a sniffer on it, but that's bad luck - ss do not work. Black then decided (whether to write in black black, this is a question, of course) to deal with the whole thing (reinstall my panel), and at the same time, apparently, remove my shell from the second shop. This opinion was formed due to the fact that if it were really an admin, then an additional form of payment that unexpectedly appeared on the site confused him (the citizen's sniffer is now on both shops). My confusion is caused by the fact that my scripts from both shops are being sent to my server (like the admin went to the Back Office,
It feels like I’ll stay with this 1 cc when the admins notice his snif and really demolish the black one.
Sad short story of my first partnership on the forum.
UPD. Yes, even if by some miracle it turned out that the shop admin really didn’t notice the sniffer, but noticed only the backdoor, then the terms by which the comrade works are not good at all. 72 hours for an unfinished sniffer, seriously?
Нажмите, чтобы раскрыть...

I know it's my mistake , but I installed sniffers for you first as soon as possible and made forms , and the sniffer is not an unfinished sniffer , adding more features , that no one has ever thought and tried to do it , The results will be satisfying and you will be back here , writing an good review , I can guarantee that . plus , I did not extract any CC from the panel , and I have proof for that , for this reason , I have activity log on the panel , Which shows all the activites.

 

[geecko]

b1ack сказал(а):
The results will be satisfying and you will be back here , writing an good review
Нажмите, чтобы раскрыть...

Как в воду глядел
Шоп совместными усилиями продали, думаю работать дальше

 

[b1ack]

I am still working and looking for more partners

 

[Marlimar]

b1ack сказал(а):
I am still working and looking for more partners
Нажмите, чтобы раскрыть...

Good luck

 

[b1ack]

Still working.

 

[b1ack]

We now provide elevation of rights , custom solutions and custom work , come let's do business with the best sniffer.

 

[paijo]

do you sell exploit magento 2 upload shell?

 

[b1ack]

paijo сказал(а):
do you sell exploit magento 2 upload shell?
Нажмите, чтобы раскрыть...

Currently there is no latest magento 2 upload shell exploit.

 

[paijo]

what version magento 2 upload do you have?

 

[b1ack]

Back to work , accepting access.