☕️ 🧅 Ⓒⓐⓕⓔ Ⓓⓡⓔⓐⓓ 🧅 ☕️ |
|---|
| ⭐ Dread's NUMBER ONE SUB ⭐ |
| ⭐ 3 YEARS RUNNING!! ⭐ |
If your post is pending approval contact us via Mod Mail
☞ Enjoy Playing Poker?
💵 Visit /d/PokerClub ♠️-♥️-♣️-♦️
/d/CafeDread 
5,250 subscribers
☕️ 🧅 Ⓒⓐⓕⓔ Ⓓⓡⓔⓐⓓ 🧅 ☕️ |
|---|
| ⭐ Dread's NUMBER ONE SUB ⭐ |
| ⭐ 3 YEARS RUNNING!! ⭐ |
If your post is pending approval contact us via Mod Mail
☞ Enjoy Playing Poker?
💵 Visit /d/PokerClub ♠️-♥️-♣️-♦️
by /u/diaree 🍼 · 4 votes · 6 days ago
/u/Redfoot has invited you to the invite-only subdread: /d/BlackMarket!
Besides the fact that this type of low level marketing should be banned, it made me check it out for fun.
Compare the `logo`, layout, captcha setup and everything else of both markets. Fair enough, there is a different reason it is so similar: it is not `coded from scratch`, as everyone claims every single time with their markets, this is some version of Eckmar's. Compare the URL structures, overall layout, features, the JS warning code:
<script>
let warningText = 'You have JavaScript enabled, you are putting yourself at risk! Please disable it immediately!'
let jsWarning = document.getElementById('jswarning');
let alert = document.createElement('div');
let span = document.createElement('span');
alert.classList.add('alert');
alert.classList.add('alert-danger');
span.innerText = warningText;
alert.appendChild(span);
jsWarning.appendChild(alert);
</script>
All of that is Eckmar's. The list goes on and on. Eckmar's script is Laravel. Black Market has two cookies, `bm_cook` (customized session cookie name) and `XSRF-TOKEN`, one of the easiest way to identify a Laravel application.
So World Market is basically just a wild guess due to the heartless logo and shit marketing that fits a quick pump and dump scheme these exit scammers use. Might be any of the other scum doing it.
Take Eckmar's, write `DarkMarket` with Arial in Gimp, change a tiny bit of the layout, generate some marketing text as in `Cutting-edge all new market with never seen before features`, use your exit scam money to buy your way up and repeat. That is a `work` of 2 hours.
Why aren't these types of `markets` (some people setting up a script marketing it with money and lies) getting banned? Where are the unique features? Coded from scratch is a blatant lie, why is this and the other `marketing` techniques being tolerated?
/page/marketstandards/
HIGHLIGHTED rejection reason: Minimally or no skinned Script Markets
What is this market if not that? How did they get a subdread? Money? Wow, a shocker!
BlackMarket is basically just an example, I can write similar texts about some other markets, we all know how fucked this scene is.
Use it if you want, I would avoid it at all costs.
/u/Goatan · 2 votes · 6 days ago · Link
Thank you for taking the time to create a very interesting post. We agree any use of Eckmar's script is an obvious sign of suspicion.
We'd love to get your input on the New Markets Superlist. Maybe create a followup post detailing which /d/newmarkets are using Eckmar's script or Laravel.
/post/6cc274c154af5b2271e6
/u/diaree 📢 🍼
· 1 votes
· 6 days ago
· Link
I don't think fingerprinting Laravel is interesting here. I'd say it is fine to build a market based on a normal framework for a programming language.
Checking the first one I opened, it is Eckmar's too. `MellowMarket`.
Has the usual URL structure (f.e. compare messaging a vendor URL with the one of BlackMarket for example, both /profile/messages?otherParty=vendorname), UUIDs for vendors/products, same JS for the JS warning, `XSRF-Token` and `mellowmarket_session` cookies (the real Laravel default, it is based on the application name in the config, which appears to be MellowMarket then, followed by a `_session'' suffix). All the typical signs of Eckmar's.
Found a conversation about that: /post/26085046ba4568cf685f/#c-c4355b73e4b7499266
They are lying about, just like everyone. They are the best with best security blah blah. It is the same every single time. Avoid that one too.
Edit: Just saw that he is talking about DarkMarket (BlackMarket?) in one of the comments aswell.
/u/diaree 📢 🍼
· 1 votes
· 6 days ago
· Link
I just found more discussion about the market in particular:
/post/3997151c014c2b800740/
/u/dontlaugh raised the same question, how can they have a sub? Not even for that marketing method, markets with a sub have been doing this for years, but the clear match in the rejection criteria. This market is a 2 hour work pump and dump.
/u/diaree 📢 🍼
· 1 votes
· 6 days ago
· Link
/u/Paris
/u/HugBunter
And all the other innocent participants, that for sure don't take a single dime for any favor or anything alike, I'm happy about a statement about these marketing techniques and shit markets. Sure, you can't check every market, you didn't see it, oh thanks for telling us... we know these sentences. Hah what a coincidence foshizzle put World Market in the sidebar right before the exit scam telling everyone to stop the FUD! So unlucky! You can't hide behind that forever.
/u/plkqcs · 1 votes · 6 days ago · Link
[removed]
/u/diaree 📢 🍼
· 1 votes
· 6 days ago
· Link
Let's just look forward to the answer as of why they got a subdread if they clearly fall under the rejection criteria that is even highlighted in the market standards. I'm asking questions.
Yes, I think and heard they are from credible people, but I don't and most likely never will have any evidence for that, so just keep asking questions like these.
Same question for foshizzle, haha what a coincidence, right? The same foshizzle that pinned a manipulated fresh onions site with CP fixed at the top. Haha I didn't see that, whoops shit happens.
Edit: He removed this comment but he said something like if you think the admins are corrupt, just have the balls to say it out loud you pussy.
/u/plkqcs · 1 votes · 6 days ago · Link
Yes. You are a pussy. But at least you're harmless. PS I love foshizzle
/u/capobianco · 1 votes · 6 days ago · Link
/u/redfoot has been a bit of a bumhole lately, not just to you but to a few others.
/u/zedisdead 🍼 · 1 votes · 6 days ago · Link
What about blackpyramid market
/u/Ninja · 1 votes · 6 days ago · Link
another alphabay clone is exactly what people wanted. You can tell if a market is eckmar by the /login request.
/u/AutoModerator M Fuck You · 1 votes · 6 days ago · Link
eckmar's script is racist, call it bob's script please.
This comment was posted automatically by a bot. All AutoModerator settings are configured by individual communities. Contact this community's Moderators to have your post approved if you believe this was in error.
/u/9nyx · 1 votes · 6 days ago · Link
This is super interesting, thanks for sharing your research.
I'm toying with a few project ideas, part of which would be comparing/analyzing onion site code - this kind of intel would be amazingly helpful.
/u/diaree 📢 🍼
· 2 votes
· 6 days ago
· Link
I can go on all day.
A cool trick for identifying Laravel for example is sending an HTTP request to a known route with a different HTTP method (which the route is not registered for). You not only sometimes find applications that have the debug mode enabled with that method - very very nice trick, but the response, which most people don't customize, can be fingerprinted too.
In the case of BlackMarket it is something along the lines of `Whoops, looks like something went wrong.`, which is a default Laravel response in older versions, not sure if still the same in current ones.