Bitcoin CVV
Yingtai launched 12 card mining tb250btc pro, with 11 PCI-E 3.0 X1 slots and 1 PCI-E 3.0 X1 slot on the motherboard, so it is necessary to choose a good PCI-E X1 to PCI-E x16 adapter extension line
first plug in a row of interfaces
when 12 graphics cards are mining on a motherboard platform, it is necessary to use al power supply, which has a certain risk of card burning. The reason is that different power supplies will have different power supply design schemes, and the voltage and current are different. Different power supplies may damage the motherboard, graphics card or power supply, Try to choose the same brand and model of power supply. Here I use two Kunlun 1080W power supply of Xingu to short circuit one power supply, so that it can keep power on and supply power to other graphics cards Short circuit method: the 24 pin up, the fourth and fifth ports from the left of the upper layer can be short connected to realize the power supply without platform)
starting from the memory, first of all, the memory carried by the 12 cards can't be less, basically starting with 32g, otherwise it will be stuck strangely
for the graphics card part, whether it is a card or n card, the drivers of each graphics card can only support 8 cards at most. Therefore, the general 12 card mining combination can only be 6N + 6a, 8N + 4a (8a + 4N) and 7n + 5A (7a + 5N). Of course, through the expansion card, 8N + 8A combination can be implemented
Calculation of visa card check value CVV
calculation steps
1 arrange the following characters extracted from the second track from left to right to generate 26 characters:
main account number (Pan) 19 bits
card expiration date 4 bits
service code 3 bits and convert them into 104 bits (26x4). The conversion method is to convert each digit into 4-bit BC
d code, That is:
hexadecimal digit / BCD code
0 0000
1 0001
2 0010
3 0011
4 0100
5 0101
6 0110
7 0111
8 1000
9 1001
a 1010
b 1011
C 1100
e 1110
F 1111
2 add binary 0 to the last result of step 1 to make it a 128 bits field,
the field is divided into two 64 bits data, the first 64 bits data is data block 1, and the last 64
bits data is data block 2
3 Block 1 is encrypted with cvka
4 XOR the result of step 3 with data block 2, and encrypt the result with cvka
5 use cvkb to decrypt the result of step 4
6 encrypt the result of step 5 with cvka
7 extract all the numbers (0-9) from the left to the right according to the result of step 6
8 extract all hexadecimal characters (A-F) from left to right according to the result of step 6, and subtract 10 decimal from each hexadecimal character to make it a number, for example, hexadecimal B (decimal 11) becomes 1
9 arrange the numbers from steps 7 and 8 from left to right, and the number from step 8 is placed after the number from step 7
10 the first three digits of the result obtained in step 9 are the verification value (CVV) of the card
test data
the following data can be used to check whether the program is correct when writing CVV algorithm, Among them:
cvka = 0123 4567 89ab cdef
cvkb = fedc ba98 7654 3210
13 digit pan expiration date service code CVV
4123 456 789 012 8701 101 370
4999 988 887 777 9105 111 649
4666 655 554 444 9206 120 821
4333 322 221 111 9307 141 697
16 digit pan expiration date service code CVV
4123 456 789 012345 8701 101 561
4999 988 89ab 87 777000 9105 111 245
4666 655 554 444111 9206 120 664
4333 322 221 111222 9307 141 382
take the first 16 digit master account as an example, The steps to calculate the card verification value are as follows:
main account number: 4123 4567 8901 2345
expiration date: 8701
Service Code: 101
Step 1: extract data
4123 4567 8901 2345 8701 101
step 2: calculate the data block visa card verification value CVV
block 1 = 4123 4567 8901 2345
block 2 = 8701 1010 0000 0000
Step 3: encrypt with cvka
block 1 = 4123 4567 8901 2345
cvka = 0123 4567 89ab cdef
result 3 = b76a DDCE 71cc c6be
Step 4: XOR the result of step 3 with block 2, Result 3 = b76a DDCE 71cc c6be
block 2 = 8701 1010 0000
result = 306b cdde 71cc c6be
cvka = 0123 4567 89ab cdef
result 4 = A510 46a2 59a4 C467
Step 5: decrypt the result of step 4 with cvkb
result 4 = A510 46a2 59a4 C467
cvkb = fedc ba98 7654 3210
result 5 = 90f6 db02 a6f7 e621
Step 6: encrypt the result of step 5 with cvka
result 5 = 90f6 db02 a6f7 e621
cvka = 0123 4567 89ab cdef
result 6 = 5b61 4982 E03C 97dd
Step 7: extract digits from the result of step 6
result 7 = 5614 9820 397
Step 8: extract hexadecimal characters from the result of step 6, Step 9: arrange the result of step 8 after the number of step 7
result 9 = 5614 9820 3971 4233
Step 10: the first three digits of the result of step 9 are CVV
calculation of visa card verification value CVV
result 10 = 561
calculation of visa PIN verification value
calculation steps
calculation steps The calculation of visa PIN verification value includes the following elements:
serial number element description
1. Pvka left part (64 bits) if the PIN verification key pair
2. Pvkb right part (64 bits) if the PIN verification key pair
3. Pan most 11 digits of the pan exclude the check digit
4. PVK index 0-F
5. Consumer pin first 4 digits of the consumer pin < B R / > the calculation method of pin check value, i.e. PVV, is as follows:
1. A 16 byte hexadecimal digit string is composed of the rightmost 11 digits of pan (excluding check bit), PVK index number (a hexadecimal digit) and the first 4 bits of customer's personal password
2. Convert the above 16 byte hexadecimal digit string into 64 bit BCD code, Use pvka to do DES encryption operation
3. Use pvkb to do des decryption operation
4. Use pvka to do DES encryption operation to get the result
5. Extract all numbers (0-9) from left to right in the result of step 4.
6. Extract all hexadecimal characters (A-F) from left to right in the result of step 5, And subtract decimal 10 from each hexadecimal character to make it a number, for example, hexadecimal B (decimal 11) becomes 1.
7, The number obtained in step 6 is placed after the number obtained in step 5.
8. The first four digits of the result obtained in step 7 are the verification value (PVV) of pin.
test data
the following data can be used to check whether the program is correct when writing PVV algorithm, Among them:
pvka = 0123 4567 89ab cdef
pvkb = fedc ba98 7654 3210
13 bit pan PVK index consumer pinpvv
4123 456 789 012 x 0 123456 3920
4123 456 789 012 x 0 1234 3920
4999 988 887 777 x 1 234561 4045
4999 988 887 777 x 1 2345 4045
4666 655 554 444 x 2 345612 2635
calculation of visa PIN verification value PVV
4666 655 55 4 444 x 2 3456 2635
4333 322 221 111 x f 456123 3421
4333 322 221 111 x f 4561 3421
16 bit pan PVK index consumer pinpvv
4123 456 8901 2345 x 0 123456 0410
4123 456 8901 2345 x 0 1234 0410
4999 9888 8777 7000 x 1 234561 0105
4999 9888 8777 7000 x 1 2345 0105
4666 6555 5444 4111 x 2 345612 6307
4666 6555 5444 4111 x 2 3456 6307
4333 3222 2111 1222 x f 456123 7112
4333 3222 2111 1222 x f 4561 7112
note: X in the above table is the check value of account number, which is not included in the calculation. During the calculation, only 11 digits on the left side of X have
effect, The steps to calculate the card verification value are as follows:
main account number: 4666 6555 5444 4111 x (Note: X is the verification value of the account number)
PVK index: 2
consumer pin: 345612
Step 1: extract data to form a data block
result 1 = 555 5444 4111 2 3456
Step 2: use pvka for DES encryption operation
result 1 = 555 5444 4111 2 3456
pvka = 0123 4567 89ab cdef
Step 2: use pvka for DES encryption operation Results 2 = 6568 2af5 0304 a6ca
Step 3: use pvkb for DES decryption
result 2 = 6568 2af5 0304 a6ca
pvkb = fedc ba98 7654 3210
result 3 = 5644 6fb7 c183 CCDF
Step 4: use pvka for DES encryption to get the result
result 3 = 5644 6fb7 c183 CCDF
pvka = 0123 4567 89ab cdef result 4 = 63c0 db79 eeb3 fb9d
VI Calculation of PVV of SA pin check value
Step 5: extract all numbers (0-9) from left to right
result 5 = 6307939
Step 6: extract hexadecimal characters from the result of step 4, Step 7: arrange the result of step 6 after the number of step 5
result 7 = 6307 9392 314 4151 3
Step 8: the first four digits of the result of step 7 are PVV
result 8 = 6307
this series of blackmail, in fact, is that the blackmailer forges the header data of the email to make the victim receive an "email from himself", so as to make the blackmailed believe that his mailbox has been invaded. But in fact, the user's e-mail account and machine are not intruded and controlled by the fraudster, so we must not remit money to the fraudster in private to prevent being cheated
although this kind of blackmail is not caused by e-mail intrusion, e-mail is still the most vulnerable entry. We put forward the following suggestions for e-mail users and e-mail system builders and maintainers:
for e-mail security protection of users, we can refer to the following suggestions:
1. Improve personal security awareness, and confirm whether the source of e-mail is reliable when sending and receiving e-mail, Don't click or the web address in the e-mail at will, don't download the attachment with unknown source easily, it's recommended not to open the stranger's e-mail
2. Try not to log in to e-mail in an uncontrollable environment, such as computers in Internet cafes and other people's computers
3. Ensure the environment security of the terminal system (PC, mobile phone, pad, etc.), timely upgrade and repair the vulnerability patch, install the terminal security protection software, and timely upgrade and open the monitoring, so as to ensure the environment security of the mail receiving and sending
4. The email password must be a strong password (for example, the password length is greater than 12 characters, and must be a combination of numbers, English uppercase and lowercase letters, and special characters), and the password must be changed regularly; Passwords should not be mixed with other services
5. If you use the mail client, ensure the security of the client installation program, and configure the mail sending and receiving according to the encrypted link mode (such as SSL) supported by the mail server, instead of using the plaintext protocol to send and receive mail; Volume encryption (such as BitLocker) is recommended for the volume where the mail client data file is located
6. If you use a browser to send and receive e-mail, you need to use the HTTPS protocol to log in to the mailbox instead of HTTP
7. Standardize e-mail signature according to organization regulations
8. Don't spread the email address at will, so as to rece the possibility of attackers finding the attack entrance; If the email address must be made public, the @ symbol can be replaced with other symbols to avoid being crawled and recognized by crawlers and becoming the target of spamming and mass mailing attacks.
at about 3:10 p.m. on January 21, 2014, the root server of the domestic general top-level domain suddenly appeared abnormal, resulting in DNS resolution failure of many well-known websites, and users could not access it normally. Although domestic access to the root server recovered quickly, e to the DNS cache problem, the phenomenon of "network disconnection" of users in some regions continued for several hours, and at least two thirds of domestic websites were affected. Microblog survey shows that "1 & 8226; In the 21st century, the impact of the "great disaster" was unprecedented. During the accident, more than 85% of the users encountered DNS failures, which caused slow network speed and unable to open the website< In February 2014, Mt. GOx, the world's largest bitcoin trading platform, was forced to declare bankruptcy e to the loopholes in its trading system. 750000 bitcoins and about 100000 bitcoins in Mt. GOx's own accounts were stolen, with an estimated loss of $467 million. This incident highlights the vulnerability of Internet Finance in the face of network security threats< On March 22, 2014, a security researcher reported a vulnerability entitled "Ctrip security payment log can be downloaded and traversed, resulting in a large number of users' bank card information leakage (including cardholder's name and ID card, bank card number, card CVV code and 6-digit card bin)" on the third-party vulnerability collection platform. The report materials pointed out that Ctrip security payment log can be downloaded, resulting in a large number of users' bank card information leakage, and said that the details have been notified to the manufacturer and waiting for the manufacturer to handle. This loophole immediately triggered a heated discussion about "e-commerce websites store sensitive information such as users' credit cards, and there is a risk of leakage"< Event 4: XP system stopped service
Microsoft stopped updating and maintaining XP system after April 8, 2014. But XP is still one of the most widely used operating systems in the world. Especially in China, 63.7% of the users, that is, about 300 million users, are still using XP. Therefore, the information security in the "post XP era" has always been concerned, but how effective are the protection software launched by domestic security manufacturers? In the face of so many security protection software on the market, which one to choose is a question, so the XP challenge came into being. In the XP challenge on April 5, 2014, Tencent and Jinshan lost and 360 stuck to success< Event 5: OpenSSL heart bleeding vulnerability
in April 2014, heartbled vulnerability broke out, which is the most widely affected high-risk vulnerability in recent years, involving major online banking, portal websites, etc. The vulnerability can be used to steal the sensitive information of the server and capture the user's account and password in real time. During the period from the disclosure of the vulnerability to the repair of the vulnerability, hackers have launched a large number of attacks using OpenSSL vulnerability, and some website user information may have been illegally obtained by hackers. In the future, hackers may make use of the obtained user information to carry out other forms of malicious attacks on the Internet again, and the "secondary hazards" (such as network fraud) against users will appear in a large number. Even in the next decade, it is expected that this vulnerability will still be found on thousands of servers, even some very important servers< In April 2014, a domestic hacker launched a network attack on the internal systems of two large domestic logistics companies, illegally obtained more than 14 million pieces of personal information of express users and sold them to criminals. Interestingly, the hacker only made a profit of 1000 yuan by selling this information. According to media reports, the hacker is only a 22-year-old college student, who is a sophomore majoring in Computer Science in a university< On May 22, 2014, eBay asked nearly 128 million active users to reset their passwords. Previously, the retail website revealed that hackers could obtain passwords, phone numbers, addresses and other personal data from the website. According to the company, the eBay database that hackers successfully attacked does not contain any financial information of customers, such as credit card numbers. EBay said it would contact users about password reset to resolve the crisis. The leak happened at the end of February and the beginning of March this year. It was only in early May that eBay discovered the leak. It did not indicate how many users were affected by the incident< In August 2014, Jakob lell and karstennohl announced the basb vulnerability. The attacker uses this vulnerability to store the malicious code in the firmware storage area of the USB device controller, rather than in other storage areas that can be read through the USB interface. In this way, anti-virus software or ordinary formatting operation can not clear the code, so that USB devices can cheat the PC's operating system when connecting to PC and other devices, so as to achieve some purposes< On September 25, 2014, US-CERT announced a serious bash security vulnerability (cve-2014 - 6271). Bash is a tool widely used by Linux users to control command prompt, which leads to a wide range of vulnerability. Security experts said that because not all computers running bash are vulnerable, the number of systems affected may not be as many as "bleeding heart.". However, Shellshock itself is more destructive, because hackers can take full control of the infected machine, not only destroy data, but also shut down the network or launch attacks on the website< In September 2014, about 5 million Google account and password databases were leaked to a Russian Internet Security Forum. Most of these users use Gmail mail service and other procts of American Internet giants. According to CNews, a popular Russian it news website, forum user tvskit claimed that 60% of passwords were valid, and some users confirmed that their data was found in the database< In October 2014, crowdstrike discovered that hurricane panda is a local empowerment tool, which is mainly aimed at advanced attackers of infrastructure companies. Foreign professionals also said that the attack code is very good, the success rate is 100%. We know that hurricane panda uses the "China chopper" webshell, and once the webshell is uploaded, the operator can try to enhance the permissions, and then obtain the legal credentials of the target access through various password cracking tools. The local authority tool affects all versions of windows, including Windows 7 and Windows Server 2008 R2 and below< On November 24, 2014, Symantec released a report saying that the company discovered an advanced stealth malware named "regin". This is an Advanced Spyware, known as the history of the most complex backdoor Trojan malware. The software is used to monitor the espionage activities of government agencies, infrastructure operators, enterprises, research institutions and even indivials< Event 13: Sony Pictures was attacked by hackers
in December 2014, Sony Pictures was attacked by hackers. The impact of the hacker's attack on Sony Pictures is shocking: sensitive data such as shooting plans, star privacy and unpublished scripts have been stolen by hackers and graally released on the Internet, even including the personal information of Sony Pictures employees. Sony Pictures is expected to lose as much as $100 million, second only to the loss of hackers in 2011
events fourteen and 12306 user data leakage, including ID and password information
December 25, 2014, the cloud cloud report platform report said that a large number of 12306 user data were crazy on the Internet, including user accounts, plaintext passwords, ID number, mobile phone number and e-mail box. This incident is that hackers first collected the user name and password information leaked by a game website and other websites on the Internet, and then used the lack of 12306 security mechanism to obtain more than 130000 user data by crashing the database. At the same time, 360 Internet Security Center called on 12306 users to change their passwords as soon as possible to avoid malicious refund of train tickets. In addition, if other important accounts use the same registered email and password as 12306, the password should be changed as soon as possible to avoid the risk of number theft.