Imperator

From Spamwiki

Jump to: navigation, search

Imperator - Use this to generate completely fake, random personal data to seed spammer websites.

Contents

[edit] Feedback & Downloads

Feedback to and Download from Tools forum (currently out of action because of a DDos)

Download from http://www.retaliators.net/downloads/Imperator.zip

[edit] Documentation

Imperator is the successor of Impersonator. So, it's meant to be used manually against the sites that don't have a dedicated retaliator or the FormFiller.

Imperator is a utility that makes it very easy to frustrate spammers by flooding their forms with fake orders. Previously this required a lot of individual, specialized code for each iteration of a specific site. Imperator makes this easier by adapting to each specific form type as you come across it.

Imperator will produce a completely random "persona" including a credit card number whose format will pass most illegal spam websites' checks for format. The methodology behind this tool is that the operators of these fraudulent, relentlessly spammed sites will have to manually process each order, which takes time and leads to chargebacks or invalid credit card results, which can raise the attention of Visa, that many of these sites accept exclusively. (Likely because MasterCard is more diligent in security and merchant acceptance.)

[edit] Supported operating environment

Tested on Linux and WinXP. Should work anywhere with Firefox.

[edit] Prerequisites

[edit] Required

Firefox 1.5 (2.0.0.* recommended)

GreaseMonkey

[edit] Recommended

TOR to make your orders come from different addresses

Remove Cookie(s) for Site

NoScript to disable JavaScript and selectively okay only those scripts you need

[edit] Installation

Download the zipfile and unzip it somewhere.

In Firefox:

  • if you don't already have GreaseMonkey, install it from https://addons.mozilla.org/en-US/firefox/addon/748
  • open the file Imp.user.js from where you unzipped it - it should give an installation dialog and you can install it after a countdown of five seconds

Note that you can always disable Imperator, so that it won't interfere with the honest sites you'll visit: Click the monkey icon at the status bar with right button, and uncheck Imperator. When you need it again, check it.

If you do the same with left button, you disable GreaseMonkey completely. That's faster, if you don't need other GM scripts.

[edit] Usage

Open a spamvertised site in Firefox. If Imperator has been installed successfully, the "customer" details come to the same window. If the "slapped-on" details window is in the way, you can move it using four direction buttons.

You can teach it: first press a button in the details window, after that its piece of data will be assigned to any field you click at the site. So, with a new persona the field will be changed accordingly.

Think of those pieces as building blocks: you can combine them. For example, to make a credit card holder, take first name, space and last name, and add them to the field one at a time.

If you make a mistake, or if there is a wrong value copied from another site, choose the eraser button and click the field empty. If the spammers changed the form, so that prefill doesn't work correctly anymore, override with your own teaching.

You can also disable the choice if you want to write something that can't be used later.

Lots of selection fields also accept these data, notably expiration times. But click the field only once and then click away from it - otherwise the value may be duplicated. Note that the visible option names are not necessarily the real values. Imperator shows you the real values (until the right one, if that can be found) when you try to insert a piece of data into a selection field. If needed, erase and try again using your new knowledge. If you prefer, you can also look the values up in the page source.

If the selection doesn't work, or if you are asked something not included, see Tips. Reports of those incidents are welcome at the forum - something may be tweaked to make the automation work, maybe the whole site will be prefilled if it's common enough.

[edit] Tutorial

Something to get you going:

  • Visit a spamvertised site you want to send a fake order to. (For example, any Canadian Pharmacy site is a good testbed, but there the fields are already filled, so you won't get far trying out the teaching mode.)
  • Manually select one or more products and head to the checkout. You might see the Imperator load on all pages of the site. Ignore it for now as it is only needed during checkout.
  • On the checkout page, choose each element you wish to see appear in each field. For example, if you need to see both the first and last name appear in a "name" field, click on the first name button, then the name field, then the space button, then the name field again, then the last name button, then the name field again.
  • If you make a mistake, click on the eraser button, and click on any field you want emptied. Then repeat the steps.
  • Do this for each field.
  • Feel free to move the Imperator window by using the up and down buttons. Particularly for longer forms this is a useful feature.
  • If you wish, you can validate the street address by checking the mapquest link provided near the bottom of the Imperator window. Please note that the odds of a fake street address being genuine is extremely remote, for obvious reasons.
  • A successful order will usually result in a page stating something along the lines of "Thank you for your order" or "Your order has been stored."

[edit] Tips

If there is a more difficult field, after first defining it you can load about:config to another tab/window and change the user variables greasemonkey.scriptvals./Imperator.input_* (and greasemonkey.scriptvals./Imperator.select_* - see below) where needed. You can use the JavaScript definitions such as substrings and fixed strings. An example (in reality, there the FormFiller works better):

  • At International Legal RX­, first click the card type into the corresponding field.
  • Open about:config and find greasemonkey.scriptvals./Imperator.select_cctype
  • Modify its value to GM_getValue("f_cctype").substring(0,1)
  • Now, it will give only the first letter of the card name, and Visa and MasterCard will be accepted.

This particular tip may be useful at many places, because Imperator only checks if its "guess" is in the required option string; it doesn't have to be all of it. For example, "Mar" and "arc" will be accepted as "March".

After making the order, you can remove the cookies for that site and come back later. That's why TOR and the cookie remover were recommended. If your IP address comes from a DHCP pool or you have several fixed IPs available, you can also change your own address - then you can avoid using TOR servers, they get blocked frequently.

If you really know what you are doing, you can examine the scripts at the site. If they are not dangerous, you can enable them separately (with NoScript) to get some functionality to ease the ordering or even make it possible in the first place.

You can be as specific as you want with some field / data types. You'll notice that there are many options for the phone number: brackets around the area code, dash, etc. Once you choose the format for that entry type, it will be the chosen format for every order you place for this site type. You can choose a different format any time you want by erasing the values and starting over.

Please note that certain field types may not accept values from the Imperator. (Notably drop-downs for expiration dates.) You can merely select one manually, or build the variable yourself (see above). You may also consider making a fixed value: for example making the card always Visa, and clicking new personae (see below) until you get a Visa.

If you need a different persona, or the credit card type which was generated is not correct for the site you are currently on, you can merely click on the Male or Female button to generate a new one.

[edit] Prefilled sites

included - that means, they work without teaching, until spammers change their forms.

[edit] Contraindications

Imperator shouldn't be used at:

[edit] Sites validating in real time

These sites won't accept a fake order, because they have direct connection to a credit card processor. Probably the fake orders won't even cause them any costs, so they'd be waste of time.

[edit] Sites that have a more efficient retaliator

  • KS FormFiller
  • FsckChickenboners!

(see both at http://www.retaliators.net/ )

[edit] Legitimate sites

Obviously. Well, they usually validate in real time anyway.

[edit] Disclaimer / philosophy

The Imperator is provided as-is, for free, with no warranties (think GNU here). The writers of this tool accept no responsibility for any damages which may result from your operation of Imperator. Imperator will not steal any of your personal data, nor will it download anything malicious from any domain. Its sole functionality and intended use is that listed here.

In plain English: We know this is shaky ground, legally speaking. Fake orders are fraud.

We also know that websites like My Canadian Pharmacy operate 100% illegally, and may even have led to people dying due to purchasing fake drugs. Utilities such as this are created to fight back against such rogue, illegal operations and are solely meant for that purpose. If you use this utility against a genuine website you can face legal repercussions and that is frankly not our problem, since this is not the intended use of Imperator. Besides, probably that wouldn't even work: Using Imperator against a genuine e-commerce site will result in no order being placed, since the credit card numbers are bogus and will only pass a format check, nothing more.

Thank you for reading (and even better, for using),

Team KaSpaR: Karlston / SpamIsLame / SpamSlayer / RayVenn

Personal tools