Real talk about EMV cloning (aka selling ice to Eskimos)

christhoms2021

Carding Novice
Joined
04.08.23
Messages
18
Reaction score
2
Points
3
Man fuck all that, i have successfully cloned a dump and used it in the grocery store 250$ every transaction.👑
 

DumpWarrior

Carding Novice
Joined
20.03.24
Messages
1
Reaction score
0
Points
1
Let me make the following statement clear as a fucking bell:

———
Creating a FUNCTIONAL, physical clone of an EMV card is not possible, for a whole fuck-ton of reasons.
———​

It seems so simple, doesn’t it ladies? Just buy a 201 dump, run any of your trusty hi-co cr80 trashsquares through ye olde MSR, and voilá, right?

Maybe you’re more enlightened after some cursory perusal of forums like this and you think you know what the fuck you’re doing, right? Maybe you have an Omnikey 3121, some bullshit Java cards you paid way too much for, and that flaming turd of a virus dropping app that someone sold you in a bundle of other slick looking malware slingers - ooh, be still my quivering terminal!

Both of you kind of fucksticks are deficient in the sort of knowledge that keeps you thirsty for breaking even on your “investment” in this business, and even if you do break your ass free from the hypnotic seduction of your ignorance, unless you educate yourself about the technology you are up against you will continue to be fodder for the cretins below you, present company excluded of course.

SO WHY THE FUCK CAN’T IT BE DONE, HERR PROFESSOR?

Well, I am so very happy you asked, trog! If you wouldn’t mind mopping up your droolpuddle while I regale you and your friends here, I shall gladly do so:

REASON NUMBER ONE:
When you DIP THAT CHIP, a super complicated series of shit happens - the order of which is controlled by SOMETHING YOU HAVE NO CONTROL OVER: the payment terminal itself. But guess what? Essential transaction information like the card number, expiration date, discretionary data, et cetera - NONE of that shit gets transmitted between terminal and processor, processor and acquiring bank, issuing bank and acquiring bank, I mean for fucks sake, not even the goddamn name on the front of the card, BEFORE this one critical step happens.

What step? FUCKING CRYPTOGRAPHIC KEY IDENTIFICATION AND EXCHANGE, between the TERMINAL and the little bitty fucking tiny ass chip under those gold finger bits. Terminal says HEY BABY I HEAR YOU LIKE KEYS, and finger-bangs that little bitch chip a little til it gives up its public key, which the TERMINAL then replies with its own public key, and once the chip and the terminal have secure communications, the TERMINAL asks the chip some dirty questions about how it likes to get down, and as the two chat it up about how it likes to give and take, they also swap transaction keys… Just like the public keys earlier, but they change, and depend on the private key for the issuing bank, which is generated on the fly based on deep voodoo crypto shit stored one-way in the chip, and the private key assigned to the TERMINAL by the merchant processor.

Once ALL THAT IS DONE, in the blink of a fucking eye, once the TERMINAL and the chip can talk securely, does ANY of the fucking payment shit get shot back and forth. All of that shit is also cryptographically signed and encrypted - USUALLY but there ARE some mostly useless exceptions - some NFC for one, more on this later - and so even out of the gate, for a successful EMV clone operation you have to have possession of the cryptographic keys that you cannot read the actual values of, not even with Super CardPeek XTREAMedition. The functions do not exist, and attempting to read those locations low level directly will fail because again, THE IMPORTANT BITS are generated on the fly - this is the ATR shit you hear EMVfagUk and the other ice-vendors talk about.

TL;DR? You have no control over the sequence of events that result in a transaction, successful or not, thus you cannot capture the data needed to do it manually, except by capture and playback of packets sent back and forth. Yes, sequence prediction and replay attacks notwithstanding - i challenge anyone who does MiTM style replay attacks on legit straight EMV transactions using hardware terminals and a legit merchant processor to SHOW ME THE MONEY. No? Know why? Because you can’t.

REASON NUMBER TWO:
If EMV cloning were possible, then some Russians would have been doing it twenty years ago when chip and pin was introduced in Europe, leading to what I can only estimate to be the simultaneous destruction of the Eurozone and the incredible post-Soviet rebirth of the Russian economy - both of which did not happen, leading us to the third and final,

REASON EMV CLONING IS NOT POSSIBLE:

If it were, then nobody would be selling software bundles, Java cards or Omnikey 3121s for the low ass prices you find. HID reader writer availability would dry up tighter than your mom’s pussy after a facelift. There would be more lucrative money to be had with making the clones and using them than would EVER be made otherwise, and the price of 201 dumps would skyrocket higher than pigeon tits.

in fact, were it possible to clone and use an EMV card, we would all likely be so broke that just the scent of the cologne worn by all the Russian mobsters who would control it would cost a young white pretty little whore’s whole year of wages in solid gold fucking bars to even get a whiff downwind.

SO WHERE IS ALL THE MONEY IN IT?

Elementary, my little Eskimos! In selling all of you little bushbabies ALL THE ICE YOU CAN DOWNLOAD !

Do the math, rugrats.

CLASS DISMISSED, GOODNIGHT LADIES!
lol I loved the fuck outta this. And as you say, you are right… let’s at least let them know the truth. 100% ANY Emv cloning software DOES NOT work. But that doesn’t mean you cant hit a 201. (readers shouting) “What about the chip!?!? I thought we can’t clone it!?!?” lol lol, well if you know, you know. And if you don’t well damn keep burning the holes in your brain. Obviously this works best when your not relying on websites. Theirs a lot of bins online not worth fucking with but if you know a bin list, the magic trick, and the spots you can get the money from a few golden bins are still around. Cheers 💰

and before anyone responds asking… no i do not teach or want to teach you lol
 

Joanny

Carding Novice
Joined
11.05.24
Messages
4
Reaction score
1
Points
3
Let me make the following statement clear as a fucking bell:

———
Creating a FUNCTIONAL, physical clone of an EMV card is not possible, for a whole fuck-ton of reasons.
———​

It seems so simple, doesn’t it ladies? Just buy a 201 dump, run any of your trusty hi-co cr80 trashsquares through ye olde MSR, and voilá, right?

Maybe you’re more enlightened after some cursory perusal of forums like this and you think you know what the fuck you’re doing, right? Maybe you have an Omnikey 3121, some bullshit Java cards you paid way too much for, and that flaming turd of a virus dropping app that someone sold you in a bundle of other slick looking malware slingers - ooh, be still my quivering terminal!

Both of you kind of fucksticks are deficient in the sort of knowledge that keeps you thirsty for breaking even on your “investment” in this business, and even if you do break your ass free from the hypnotic seduction of your ignorance, unless you educate yourself about the technology you are up against you will continue to be fodder for the cretins below you, present company excluded of course.

SO WHY THE FUCK CAN’T IT BE DONE, HERR PROFESSOR?

Well, I am so very happy you asked, trog! If you wouldn’t mind mopping up your droolpuddle while I regale you and your friends here, I shall gladly do so:

REASON NUMBER ONE:
When you DIP THAT CHIP, a super complicated series of shit happens - the order of which is controlled by SOMETHING YOU HAVE NO CONTROL OVER: the payment terminal itself. But guess what? Essential transaction information like the card number, expiration date, discretionary data, et cetera - NONE of that shit gets transmitted between terminal and processor, processor and acquiring bank, issuing bank and acquiring bank, I mean for fucks sake, not even the goddamn name on the front of the card, BEFORE this one critical step happens.

What step? FUCKING CRYPTOGRAPHIC KEY IDENTIFICATION AND EXCHANGE, between the TERMINAL and the little bitty fucking tiny ass chip under those gold finger bits. Terminal says HEY BABY I HEAR YOU LIKE KEYS, and finger-bangs that little bitch chip a little til it gives up its public key, which the TERMINAL then replies with its own public key, and once the chip and the terminal have secure communications, the TERMINAL asks the chip some dirty questions about how it likes to get down, and as the two chat it up about how it likes to give and take, they also swap transaction keys… Just like the public keys earlier, but they change, and depend on the private key for the issuing bank, which is generated on the fly based on deep voodoo crypto shit stored one-way in the chip, and the private key assigned to the TERMINAL by the merchant processor.

Once ALL THAT IS DONE, in the blink of a fucking eye, once the TERMINAL and the chip can talk securely, does ANY of the fucking payment shit get shot back and forth. All of that shit is also cryptographically signed and encrypted - USUALLY but there ARE some mostly useless exceptions - some NFC for one, more on this later - and so even out of the gate, for a successful EMV clone operation you have to have possession of the cryptographic keys that you cannot read the actual values of, not even with Super CardPeek XTREAMedition. The functions do not exist, and attempting to read those locations low level directly will fail because again, THE IMPORTANT BITS are generated on the fly - this is the ATR shit you hear EMVfagUk and the other ice-vendors talk about.

TL;DR? You have no control over the sequence of events that result in a transaction, successful or not, thus you cannot capture the data needed to do it manually, except by capture and playback of packets sent back and forth. Yes, sequence prediction and replay attacks notwithstanding - i challenge anyone who does MiTM style replay attacks on legit straight EMV transactions using hardware terminals and a legit merchant processor to SHOW ME THE MONEY. No? Know why? Because you can’t.

REASON NUMBER TWO:
If EMV cloning were possible, then some Russians would have been doing it twenty years ago when chip and pin was introduced in Europe, leading to what I can only estimate to be the simultaneous destruction of the Eurozone and the incredible post-Soviet rebirth of the Russian economy - both of which did not happen, leading us to the third and final,

REASON EMV CLONING IS NOT POSSIBLE:

If it were, then nobody would be selling software bundles, Java cards or Omnikey 3121s for the low ass prices you find. HID reader writer availability would dry up tighter than your mom’s pussy after a facelift. There would be more lucrative money to be had with making the clones and using them than would EVER be made otherwise, and the price of 201 dumps would skyrocket higher than pigeon tits.

in fact, were it possible to clone and use an EMV card, we would all likely be so broke that just the scent of the cologne worn by all the Russian mobsters who would control it would cost a young white pretty little whore’s whole year of wages in solid gold fucking bars to even get a whiff downwind.

SO WHERE IS ALL THE MONEY IN IT?

Elementary, my little Eskimos! In selling all of you little bushbabies ALL THE ICE YOU CAN DOWNLOAD !

Do the math, rugrats.

CLASS DISMISSED, GOODNIGHT LADIES!
Emv works u got scammed doesn’t mean it’s fake bitch
 

Joanny

Carding Novice
Joined
11.05.24
Messages
4
Reaction score
1
Points
3
Exactly. The cryptography involved by itself is a major roadblock - and the people who bump their gums talking like they understand how it works are fodder for my amusement.

Succinctly, if you know what a ‘201’ really is, and you claim that’s what you ‘cloned’ onto a Java card - all I have to say is who’s the fucking idiot, eh?
Nigga sounds so angry get stinking ass out
 

christhoms2021

Carding Novice
Joined
04.08.23
Messages
18
Reaction score
2
Points
3
Do you remember what bin you were using if so can you share? My bin quit working long ago unfortunately
It was BOA visa but it was only working for a good month now its declining im currently trying to find a new bin which means new ATR too:(
 

Ianmoone

Basic
Joined
13.11.21
Messages
84
Reaction score
43
Points
18
It was BOA visa but it was only working for a good month now its declining im currently trying to find a new bin which means new ATR too:(
Best of luck on your research if your able to find another vulnerable bin please dm it to me and if I hit off it I’ll make it well worth your time for your help. I’m a man of my word ask anyone on here that’s done business with me or seen me around here over the years
 
Top Bottom