Carding with kali Linux

Carding with Kali Linux

Carding with Kali Linux

Carding with Kali Linux

Hi guys, let’s start with some easy terms “Hacking credit cards is an illegal act, this is only an informational post and I am not responsible for any actions done by you after reading this carding with Kali Linux tutorial. This post is for educational purposes only”, I don’t recommend starting carding after just reading this tutorial. Please guys first read all the basics of carding, here is the full tutorial on what is carding? Next please understand the post and cons of the carding as well as the laws applicable related to cybercrime in your country.
If you have a basic idea about carding we can start. Let’s begin with basic terminology.
What is a credit card?
A credit card is a card issued by a financial company that enables the cardholder to borrow funds. The funds may be used as payment for goods and services. Issuance of credit cards has the condition that the cardholder will pay back the original, borrowed amount plus any additional agreed-upon charges.
There are two types of Credit cards:
Debit Card: Debit means you have a sum of amount in it and you can use them.
Credit Card: Credit means you have a credit line limit of $5000 and you can use them and by the end of the month you have to pay it to the bank.
To use a credit card on the internet you just do not need a cc number and expiry date but you also need much information such as:
First name
Last name
CC number
Expiry date
BINS = the first 6 digits of every credit card is called BIN (for example cc number is: 4121638430101157 then its bin is 412163, I hope this is easy to understand.
If you get that information you can use that to buy any goods and services on the internet, like software license, porn site membership, proxy membership, or anything (online services like Webhosting, domains).
If you want to make money through hacking then you also need to be very lucky. You need to have an exact bank and bin to get the cash.
Now the question is how to make money through credit cards. It’s strange, well you can’t do that, but there are specific persons in the world who can do that. They call themselves cashiers. You can take some time to find a reliable cashier.
Be sure cashiers are legit because many cashiers are there who take your credit card and rip you off and don’t send your 50% share back.
You can also find some cashiers on mIRC *( /server ) channel : #cashout, #ccpower
Well, check the website where you have a list of bins and banks mostly 101% cashable. If you get the credit card of the same bank with the same bin, then you can cash out otherwise not. Remember for using a credit card on the internet you don’t need an ATM PIN. The first method of SQL injection and shopadmin hacking doesn’t provide pins, it only gives cc numb cvv2 and other info which is usually needed for shopping not for cashing.CC can be carded in two ways:
Credit Card Scams (usually used for earning money, sometimes for shopping)
Credit Card Shopadmin Hacking (just for fun, knowledge, shopping on the internet)

  1. Shopadmin Hacking

This method is used for testing the knowledge or for getting a credit card for shopping on the internet, or for fun, or any way but not for cashing ( because this method doesn’t give PIN – 4 digit passcode ) only gives cc numb, cvv2 and other basic info.
Shopadmins are of different companies, like VP-ASP, X CART, etc. This tutorial is for hacking VP-ASP SHOP.
I hope you see whenever you try to buy something on the internet with cc, they show you a well-programmed form, very secure. They are carts, like VP-asp xcarts. Specific sites are not cardable, but carts are cardable.

Below I’m posting a tutorial to hack VP ASP cart. Now every site which uses that cart can be hacked, and through their *mdb file you can get their clients ‘credit card details, and also login name and password of their admin area, and all other info of clients and company secrets.
Let’s start:
Type: VP-ASP Shopping Cart
Version: 5.00
How to find VP-ASP 5.00 sites?
Finding VP-ASP 5.00 sites is so simple…

  1. Go to Google and search for VP-ASP Shopping Cart 5.00
  2. You will find many websites with VP-ASP 5.00 cart software installed.

Now let’s go to the exploit.
The page will be like this: ****://***
The exploit is: diag_dbtest.asp
Now you need to do this: ****://***
A page will appear contain those:
xdatabasetypexEmailxEmail NamexEmailSubjectxEmailSy stemxEmailTypexOrdernumbe r
The most important thing here is xDatabase
xDatabase: shopping140
Ok, now the URL will be like this: ****://***
If you didn’t download the Database, try this while there is dblocation:
The url will be: ****://***
If you see the error message you have to try this:
Download the mdb file and you should be able to open it with any mdb file viewer, you should be able to find mdb file viewer at, or use MS Office Access.
Inside this file you should be able to find credit card information, and you should even be able to find the admin username and password for the website.

The admin login page is usually located here: ****://***
If you cannot find the admin username and password in the mdb file or you can but it is incorrect, or you cannot find the mdb file at all, then try to find the admin login page and enter the default passwords which are:
Username: admin
password: admin
Username: vpasp
password: vpasp

  1. Hacking Through Scams

This method is usually used to hack for earning money, in this method you create a clone page.
Here your target is or for general credit cards, or if you want to target any specific cashable bank like then you have to create a clone page for that bank. Anyway we will keep it simple and start with
How to get the emails of their users?

Go to and type “Email Harvestor” or any Email Spider and search for eBay Buyers and eBay Sellers and you will get long lists. That lists are not accurate but out of 1000, at least 1 email would be valid. Hard work needed af.
Well, you create a clone page of eBay, and mail the list you create from the spider with the message, like “Your account has been hacked, please response” or any reason that looks legit, or professional and ask them to visit the link below and enter your information billing and the scam page have programming when they enter their info it comes directly to your email.
On the form page, you have the PIN required so you also get the PIN number through which you can cash through ATM.
Now if you run an eBay scam or PayPal scam, it’s up to your luck who’s your victim. A client of the bank of America or of Citibank or of the region, it’s about luck, maybe you get cashable, maybe you don’t it’s just luck, nothing else.
Search on google to download a scam site and study it!
After you create your scam site, just find some email harvester or spider from the internet (download a good one at Bulk Email Software Superstore – Email Marketing Internet Advertising) and create a good email list.
And you need to find a mailer (mass sending mailer) that send mass – emails to all emails with the message of updating their account on your scam page). In from to, use email and in subject use: eBay – Update your eBay Account and in Name use eBay
Some Instructions:

  1. Make sure your hosting remains up or the link in the email you will send, and when your victim emails visit it, it will show page cannot be displayed, and your plan will be failed.
  2. The hardest point is to find hosting which remains up in a scam. Even though I don’t find it easily, it’s a very hard part.
  3. Maybe you have contacts with someone who owns a hosting company and co-locations or dedicated he can hide your scam in some of the dedicated without restrictions.
  4. Finding a good email list (good means = actually users)

You can also buy instant:


Cashapp Money Transfer Click here

Paypal Money Transfer Click here

Western Union  Money Transfer Click here

Venmo Money Transfer Click here

Bank Money Transfer Click here to Contact Us

Leave a Reply