I Tried to get there API of saving cards ( savecards.php ) and now i am doing crash test on there server with multiple for loops running curl commands and inserting data into there mysql Database. Got some of there Mysql Column variables. Rest assured there DB will be loaded in a while and the website will be shutdown soon .
The Card numbers are randomly generated via randomizer and send to there website and most of them will have invalid CVV or Expiry date . lol.
if at all that helps being a Programmer for your revenge.
Already inserted 60,000 Random card details to there Database, its matter of time there Website will be crashed due to overloaded mysql db which saves the card of victims
My Ubuntu virtualbox is fully busy figuring out random 16 digit card numbers and random 3 digit CVE's and filling there mysql DB.
By this way i make sure they cannot manually send OTP to victim again as there are 1000's of Card entries coming at same time they wont be able to differentiate actual victim and Me who is bumping them with Curl commands .
Atleast my 2 cents on this.
If anyone interested on How i did this here is the python code : https://pastebin.com/mH...e0 and this will be executed in a bash script with a for loop and by a cronjob in Linux.
as expected when i checked manually now the website is not opening payment url page which means mostly there system is overloaded due to my script attack.