What's new
By:
Filters
Runion

This is a sample guest message. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

frauding from a VM and webRTC

N

Nailpower

Midle Weight
Депозит
$0
ENG
hello again everyone,
I'm getting into paypal and EU bank fraud and I was evaluating if an RDP is worth it.
Most of the RDP I see being sold online are just Azure or AWS VMs which I don't think are really worth it.. I already have a decent enough computer where I can create windows 10 VMs with 8gb ram and 4 cores each.
what is your opinion? is an RDP even just a VM rdp better than frauding from a windows VM i got on my computer? talking about paypals and bank accounts.
I already hacked my neighbours wi-fi and I have everything torrified thanks to qubes so I don't think the advantages of having an RDP in terms of OpSec are really worth it, what's y'all opinion? Do people still do fraud on a VM here?

one other question would be regarding webRTC, I know that having it turned on helps hitting, but I know that it can potentially leak info about my real hardware and (of course) websites will catch on to that since hardware won't be the same between fngerprint and webRTC. How would I go about webRTC? should I turn it on and check for leaks? or just turn it off just to be safe?
P.S. setup would use proxy from nsocks or proxyLTE.
thanks for the eventual help!


RU
Приветствую всех снова,
Я столкнулся с мошенничеством через paypal и банки ЕС, и я оценивал, стоит ли RDP того.
Большинство RDP, которые я вижу продаются онлайн, это просто Azure или AWS VMs, которые я не думаю, что действительно того стоят... У меня уже есть достаточно приличный компьютер, на котором я могу создавать виртуальные машины windows 10 с 8gb ram и 4 ядрами каждая.
Каково ваше мнение? RDP, даже просто VM rdp, лучше, чем мошенничество с виртуальной машины windows, которую я получил на своем компьютере? Я говорю о paypals и банковских счетах.
Я уже взломал соседский wi-fi, и у меня все торрифицировано благодаря qubes, так что я не думаю, что преимущества RDP в плане OpSec действительно того стоят, каково ваше мнение? Люди все еще делают мошенничество на виртуальной машине?

Еще один вопрос касается webRTC, я знаю, что включение этой технологии помогает в борьбе с мошенничеством, но я знаю, что она может потенциально слить информацию о моем реальном оборудовании, и (конечно) веб-сайты поймут это, так как оборудование не будет одинаковым между ifngerprint и webRTC. Как мне поступить с webRTC? Включить его и проверить на утечки? Или просто отключить его на всякий случай?
P.S. для настройки я бы использовал прокси от nsocks или proxyLTE.
Спасибо за возможную помощь!

first language is english and I used a translator for russian, sorry if translation isn't perfect
 
Keep virtualization on the iron with qubes, remove tor routing from your workflow, and make sure there's no discrepancies with your MTU size or high latency. Chrome flags should have an option for using local ip with webrtc, and you can use ODoH or DoT for DNS with 94.140.14.140, 1.1.1.1, 9.9.9.9 etc
 
DimmuBurgor сказал(а):
Keep virtualization on the iron with qubes, remove tor routing from your workflow, and make sure there's no discrepancies with your MTU size or high latency. Chrome flags should have an option for using local ip with webrtc, and you can use ODoH or DoT for DNS with 94.140.14.140, 1.1.1.1, 9.9.9.9 etc
Click to expand...

thanks for the answer! just a couple question, what do you mean by keeping virtualization on the iron? does qubes have some specific vulnerabilities I have to be aware of? I always thought it was superior to other OS to fraud with, but I don't know if it's better in terms of virtualization.
I also never heard about MTU size discrepancies and latency. should I change MTU size to something specific? How would I check for MTU size discrepancies?
thank you again for the help
 
When a client uses an internet proxy, packets are sent from the client to the proxy to be forwarded to the server. Depending on the protocol used to send these packets to the proxy through the tunnel, the data are encapsulated in other packets; extra headers are added, and in some cases the data are compressed and encrypted and MACs are added.
Maximum Transmission Unit To make optimal use of the bandwidth of a network, the transported packets need to be of a certain size. If packets are too small, the number of overhead bytes used for IP and TCP headers make transportation inefficient. In data communication the Maximum Transmission Unit (MTU) is defined as the maximum data that can be transmitted in one packet. Every link-layer network protocol has an MTU value. For Ethernet the MTU is set to 1500 bytes. When a packet from a client of 1500 bytes is encapsulated in a tunnel protocol and extra headers are added, the total packet size is larger than the maximum. When this packet is sent it will be split up into two packets that are smaller than 1500 bytes. This fragmentation will cause the speed to dramatically drop because of the overhead. To prevent this, tunnel protocols can advertise a smaller MTU to the application layer. This causes the packets to be encapsulated to fit perfectly, and the total package never to exceed the MTU of 1500 bytes.
TCP Maximum Segment Size When a TCP connection is established, both endpoints state their Maximum Segment Size (MSS) to inform the other of the maximum TCP data size it can receive without packet fragmentation. Because an internet proxy forward all IP and TCP packets transparently, the client sends its MSS value 45 as it is set by the proxy interface. The client sets the MSS to the MTU minus the size of the IP header (20 bytes) and TCP header (20 bytes). So, normally the MSS is set to 1500 – 40=1460 for TCP/IP over Ethernet. Figure 14 The MTU and MSS of an Ethernet packet When an incoming connection advertises an MSS other than 1460 this does not necessarily mean the connection is a proxy. The MSS value can differ for many reasons. However, there is a relation between the proxy settings and the advertised MSS value.
 
Nailpower сказал(а):
ENG
hello again everyone,
I'm getting into paypal and EU bank fraud and I was evaluating if an RDP is worth it.
Most of the RDP I see being sold online are just Azure or AWS VMs which I don't think are really worth it.. I already have a decent enough computer where I can create windows 10 VMs with 8gb ram and 4 cores each.
what is your opinion? is an RDP even just a VM rdp better than frauding from a windows VM i got on my computer? talking about paypals and bank accounts.
I already hacked my neighbours wi-fi and I have everything torrified thanks to qubes so I don't think the advantages of having an RDP in terms of OpSec are really worth it, what's y'all opinion? Do people still do fraud on a VM here?

one other question would be regarding webRTC, I know that having it turned on helps hitting, but I know that it can potentially leak info about my real hardware and (of course) websites will catch on to that since hardware won't be the same between fngerprint and webRTC. How would I go about webRTC? should I turn it on and check for leaks? or just turn it off just to be safe?
P.S. setup would use proxy from nsocks or proxyLTE.
thanks for the eventual help!



Приветствую всех снова,
Я столкнулся с мошенничеством через paypal и банки ЕС, и я оценивал, стоит ли RDP того.
Большинство RDP, которые я вижу продаются онлайн, это просто Azure или AWS VMs, которые я не думаю, что действительно того стоят... У меня уже есть достаточно приличный компьютер, на котором я могу создавать виртуальные машины windows 10 с 8gb ram и 4 ядрами каждая.
Каково ваше мнение? RDP, даже просто VM rdp, лучше, чем мошенничество с виртуальной машины windows, которую я получил на своем компьютере? Я говорю о paypals и банковских счетах.
Я уже взломал соседский wi-fi, и у меня все торрифицировано благодаря qubes, так что я не думаю, что преимущества RDP в плане OpSec действительно того стоят, каково ваше мнение? Люди все еще делают мошенничество на виртуальной машине?

Еще один вопрос касается webRTC, я знаю, что включение этой технологии помогает в борьбе с мошенничеством, но я знаю, что она может потенциально слить информацию о моем реальном оборудовании, и (конечно) веб-сайты поймут это, так как оборудование не будет одинаковым между ifngerprint и webRTC. Как мне поступить с webRTC? Включить его и проверить на утечки? Или просто отключить его на всякий случай?
P.S. для настройки я бы использовал прокси от nsocks или proxyLTE.
Спасибо за возможную помощь!

first language is english and I used a translator for russian, sorry if translation isn't perfect
Нажмите, чтобы раскрыть...
Click to expand...

wazz up dude , im new here and im in interesed to make partner in crime i like more cc credit card and mz skills are in street if u are interesed info me
 
DimmuBurgor сказал(а):
When a client uses an internet proxy, packets are sent from the client to the proxy to be forwarded to the server. Depending on the protocol used to send these packets to the proxy through the tunnel, the data are encapsulated in other packets; extra headers are added, and in some cases the data are compressed and encrypted and MACs are added.
Maximum Transmission Unit To make optimal use of the bandwidth of a network, the transported packets need to be of a certain size. If packets are too small, the number of overhead bytes used for IP and TCP headers make transportation inefficient. In data communication the Maximum Transmission Unit (MTU) is defined as the maximum data that can be transmitted in one packet. Every link-layer network protocol has an MTU value. For Ethernet the MTU is set to 1500 bytes. When a packet from a client of 1500 bytes is encapsulated in a tunnel protocol and extra headers are added, the total packet size is larger than the maximum. When this packet is sent it will be split up into two packets that are smaller than 1500 bytes. This fragmentation will cause the speed to dramatically drop because of the overhead. To prevent this, tunnel protocols can advertise a smaller MTU to the application layer. This causes the packets to be encapsulated to fit perfectly, and the total package never to exceed the MTU of 1500 bytes.
TCP Maximum Segment Size When a TCP connection is established, both endpoints state their Maximum Segment Size (MSS) to inform the other of the maximum TCP data size it can receive without packet fragmentation. Because an internet proxy forward all IP and TCP packets transparently, the client sends its MSS value 45 as it is set by the proxy interface. The client sets the MSS to the MTU minus the size of the IP header (20 bytes) and TCP header (20 bytes). So, normally the MSS is set to 1500 – 40=1460 for TCP/IP over Ethernet. Figure 14 The MTU and MSS of an Ethernet packet When an incoming connection advertises an MSS other than 1460 this does not necessarily mean the connection is a proxy. The MSS value can differ for many reasons. However, there is a relation between the proxy settings and the advertised MSS value.
Нажмите, чтобы раскрыть...
Click to expand...

thank you very much for this, seems like it's something I cannot change since it's proxy related, that means I should change proxies whenever I see MTU discrepancies? every value except for 1500 and 1492 should be trashed since it's detected as a proxy by the AF right?
thank you again for the help
 
Nailpower сказал(а):
thank you very much for this, seems like it's something I cannot change since it's proxy related, that means I should change proxies whenever I see MTU discrepancies? every value except for 1500 and 1492 should be trashed since it's detected as a proxy by the AF right?
thank you again for the help
Click to expand...

Depends on the network connection. A lower MTU can be acceptable, for example, if you're using 3g/LTE proxy, but definitely not if you're supposed to be on gigabit ether. You can manipulate your own MTU locally by configuring the subinterface paramaters from elevated netshell (assuming windows), but yeah you can not modify the host's from the client side.
If you would like to know more you can lookup MSS fingerprints and passive os detections. Let me know if you have trouble tracking it down
 
You must log in or register to reply here.
Top