zeroday

[Scam Report] Cthulhu

Recommended Posts

Scammers Profile Link:  https://cracked.to/member.php?action=profile&uid=69219

[if Applicable] Sales Thread: https://cracked.to/Thread-%E3%80%8C%EF%B8%8EONYX%E3%80%8D%EF%B8%8E-Black-Bullet-Config-Building-Premade-Configs-Request-Anything-Buy

Amount or Item(s) Scammed:  35 $

Screenshots of Communication: 

1. http://prntscr.com/mizg43

2. https://prnt.sc/mizgb1

3. http://prntscr.com/mizggo

4. http://prntscr.com/mizgkb

5. http://prntscr.com/mizgr8

6. http://prntscr.com/mizgvf

7. http://prntscr.com/mizgzc

8. http://prntscr.com/mizh2d

9. http://prntscr.com/mizh6a

10. http://prntscr.com/mizh9s

11. http://prntscr.com/mizhde

12. http://prntscr.com/mizhg2

13. http://prntscr.com/mizhjl

Additional Information: 

 

I asked for a working Hotels.com BB Config with capture.  :pogchamp:

He told me he would finish it in 1-2 hours. He could not make it in time so i gave him time cause i am a nice guy and want a working config and paid him 35 $ upfront.  :pupper:

1 Day later he send me a config. The config was not working for me i asked him to show proof that it was working. ChrisFTP called me and we were testing it out.

So the config WORKS with 1 CPM but after 10 tries i get reCAPTCHA with PREMIUM proxies i dont know alot about configs i am not sure if it works if i get reCAPTCHA this is why i asked him if the config would 100% work the config. If it gets reCAPTCHA BB config will say all the coming combo's are hits. Also the capture does not work. He promised he would make a WORKING API version. There is no working API version.

Goodluck cracking with 1 CPM after few tries i get reCAPTCHA with PREMIUM proxies.

 

Paid 35 $  for 1 CPM after 5-10 tries Recaptcha thats it i dont know if i can call it a working config also wasted money on Premium proxies :hype:

He is really unprofessional with customers.  :feelsgood:

So if u guys are ready to waste 35 $ for a 1 CPM cracker/checker after 10 tries that gets reCAPTCHA buy configs from him very HQ user  :pepe:

R.i.p my hard worked money  :pepi: 

 

If more proof is needed is i am ready to provide with a video

 

Never got the API verison XD also 4-5 days later  :kek:

Best meme 2k19 : Look, I will refund you either way if I can't finish this API version but I just want some time. It's a learning process for me as well cause I have to do some parts in Python for this to work.

Yes I'm working on that

 

``Nah I will refund you, but you won't get the full version.

I also wasted hours on you``

Share this post


Link to post
Share on other sites

User informed and has 24 hours to reply

Share this post


Link to post
Share on other sites

Honestly didn't think you would go this far and make many false statements. (Guess you just wanted a working config for free)

I was going to refund you, but I changed my mind when you threaten to ruin my reputation so I let you lie in a scam report and prove my innocence instead.

I finished the API versions which were two types "Loliscript" and "Blocks Actions" which was 50 different Actions to parse the Cross-Site Request Forgery and to create a huge amount of custom cookies. I also changed the browser fingerprint by hashing a list of random useragents. I also did some exploits and different methods to try to bypass this in an API version which did not work. (Also captured the Post Request by using the Hotels.com App which were still using Nucaptcha > iOS & Andriod)

I came to the conclusion it's not possible for the Post Data to go through in a Post Request, because of NuCaptcha not letting it through (even with all the methods stated above): https://www.nucaptcha.com/

I still managed to do a bypass by doing it in Selenium instead.

czBuCT9.png

 

You did not request it would be super-fast, just working which my config clearly is.

MobIvK2.png

 

These files are quite large because I didn't want to remove any duplicate frames to speed up the time. The CPM is in real-time.

The proxies I used here were public scarped SSL proxies, can guarantee it will be much faster wid paid socks.

I just ran a non-targeted combo-list and got a few hits, one which includes 2 nights.

Dm4Xgja.png

 

Make sure to download these two .gifs if you wanna see proof the config is working fine, and he straight up lied about the CPM. Also stated in a call with @ChrisFTP that he was able to check 18k accounts under 24 hours, so you're straight up lying here. Just increase the bots as I have told you. (couldn't upload to Imgur because the file is too large and I honestly do not have time to compress it...)

 

https://anonfile.com/x3u3xbt7b9/Proof_its_working_gif

https://anonfile.com/I7v5x2tdb4/CheckCPM_gif

 

 

I already sent this message to him and I will include it here as well to hear my point of view, in case you did not read all the screenshots that were provided.

 

**********************************************

I've looked more into Nucaptcha now, and I suggest you visit their website as well: https://www.nucaptcha.com/

I did around 50 **blocks** (One block is a group of actions BB) which took me many hours to make. The conclusion I came to it's not possible to get a Post Request through Nucaptcha. It won't allow it, and it's stated on the website.

 

Completion times under 5 seconds and nearly 100% human pass rates.

Highest security “Captcha” authentication service on the market.

 

To solve this issue I had to make it in selenium instead of using standard get/post request that was using Nucaptcha. It's using an action called "WaitForElement".

Their system detects significant traffic because hotels.com are using NuCaptcha and there isn't a bypass out there, but I just did it for you. It's stated its nearly 100% human pass rates, and I still was able to make a config for you. I also parsed the data from fiddler by installing the APK, and they have their website linked to the website, so it's still using Nucaptcha. I have not found a different URL to send the post request, and it seems like it's everywhere.

 

If I were to refund you, I know you're still going to use the config because it still works, it's just slow, you have to use targeted combo-lists for it.

 

The config we provided to you is still fully functional, and does the capture you asked me to do.

I managed to fill out those terms you had before we made the deal. You have also stated to us **you managed to check accounts with the config.** I can even prove from my end this config works, and you never said it had to be "super fast." or have X amount of CPM.

It's my right to keep these funds because I still made the request you asked. I know you're still going to use this config, even if I refund you.

 

**********************************************

I can provide more free night hotels.com Hits if you want. Config is working fine. :fuck:

 

Kind Regards,

Cthulhu :fyou:

Share this post


Link to post
Share on other sites

Wrath's Config running for 10 minutes :

Also in the video u can see it wont capture 6:31. ''Giving ONLY false hits''

 

Testing the results :  https://youtu.be/7-CRv9CpgYY

 

CPU Usage 100%:  http://prntscr.com/mj0vwt Cause its opening 30 times Google Chrome. Thats the 30 CPM he claims. @ChrisFTP adviced me to run with 1 CPM

 

Answer those questions :

1. I am making 2 versions

I'm making one in selenium that will bypass recaptcha by sending human keystrokes

and also one API, api one will take some more hours tho

 

2. Look, I will refund you either way if I can't finish this API version but I just want some time. It's a learning process for me as well cause I have to do some parts in Python for this to work.

Yes I'm working on that

 

3. Nah I will refund you, but you won't get the full version.

I also wasted hours on you

 

----------------------------------------------

 

There is no API version btw.

 

Also u are acting like its all my fault .

I am your customer buying a config from u, u dont act professional at all.

 

Refund me please. So i can close this scam report.

 

Also u say : http://prntscr.com/mj124p

 

I finished the API versions which were two types "Loliscript" and "Blocks Actions" which was 50 different Actions to parse the Cross-Site Request Forgery and to create a huge amount of custom cookies. I also changed the browser fingerprint by hashing a list of random useragents. I also did some exploits and different methods to try to bypass this in an API version which did not work. (Also captured the Post Request by using the Hotels.com App which were still using Nucaptcha > iOS & Andriod)

 

But u said to me : Look, I will refund you either way if I can't finish this API version but I just want some time. It's a learning process for me as well cause I have to do some parts in Python for this to work. 

http://prntscr.com/mj1281

Share this post


Link to post
Share on other sites

Provide proof, adding Hotels.com Config into the video and I will believe it.

 

Good luck @Cthulhu you' will get out of this.

Share this post


Link to post
Share on other sites

Provide proof, adding Hotels.com Config into the video and I will believe it.

 

Good luck @Cthulhu you' will get out of this.

 


Cthulhu fixed the config made it working.

 

Closed-----

Share this post


Link to post
Share on other sites

Solved this through PM.

Share this post


Link to post
Share on other sites

Solved.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.