Cc Checker Script | Php
Remember: The only valid CC checker script is the one you write for testing your own credit cards on your own merchant account in a sandbox environment. Everything else is a federal crime.
<?php
/**
* Credit Card Checker Script
*
* DISCLAIMER: This script is for EDUCATIONAL PURPOSES ONLY.
* Use only on cards you own or have explicit permission to test.
* Unauthorized credit card checking is ILLEGAL in most jurisdictions.
*
* Features:
* - Luhn algorithm validation
* - Card type detection (Visa, MC, Amex, Discover, etc.)
* - BIN lookup (first 6 digits)
* - Expiry date validation
* - CVV length checking
*/
class CreditCardChecker
/**
* Validate credit card number using Luhn algorithm
*/
public function luhnCheck($cardNumber)
$cardNumber = preg_replace('/\D/', '', $cardNumber);
$sum = 0;
$alternate = false;
for ($i = strlen($cardNumber) - 1; $i >= 0; $i--)
$n = (int)$cardNumber[$i];
if ($alternate)
$n *= 2;
if ($n > 9)
$n = ($n % 10) + 1;
$sum += $n;
$alternate = !$alternate;
return ($sum % 10 == 0);
/**
* Detect card type based on BIN (first 6 digits)
*/
public function getCardType($cardNumber)
/**
* Get expected card length for type
*/
public function getExpectedLength($cardType)
$lengths = [
'Visa' => [13, 16],
'MasterCard' => [16],
'American Express' => [15],
'Discover' => [16],
'JCB' => [16],
'Diners Club' => [14, 16]
];
return isset($lengths[$cardType]) ? $lengths[$cardType] : [];
/**
* Validate expiry date (MM/YY or MM/YYYY)
*/
public function validateExpiry($expiryMonth, $expiryYear)
// Normalize year to 4 digits
if (strlen($expiryYear) == 2)
$expiryYear = 2000 + (int)$expiryYear;
else
$expiryYear = (int)$expiryYear;
$expiryMonth = (int)$expiryMonth;
// Basic range checks
if ($expiryMonth < 1
/**
* Validate CVV based on card type
*/
public function validateCVV($cvv, $cardType)
$cvv = preg_replace('/\D/', '', $cvv);
$expectedLength = ($cardType == 'American Express') ? 4 : 3;
if (strlen($cvv) != $expectedLength)
return ['valid' => false, 'message' => "CVV must be $expectedLength digits for $cardType"];
return ['valid' => true, 'message' => 'CVV format valid'];
/**
* Perform BIN lookup (simulated - real implementation would use API)
*/
public function binLookup($cardNumber)
$bin = substr(preg_replace('/\D/', '', $cardNumber), 0, 6);
// This is a SIMULATED response
// In production, you'd call an API like binlist.net
$simulatedData = [
'bin' => $bin,
'scheme' => $this->getCardType($cardNumber),
'country' => 'US',
'bank' => 'Example Bank',
'type' => 'CREDIT',
'level' => 'STANDARD'
];
return $simulatedData;
/**
* Main checking function
*/
public function checkCard($cardNumber, $expiryMonth = null, $expiryYear = null, $cvv = null)
strlen($cleanedCard) < 13)
return [
'valid' => false,
'error' => 'Invalid card number length',
'details' => null
];
// Check Luhn
$luhnValid = $this->luhnCheck($cleanedCard);
// Get card type
$cardType = $this->getCardType($cleanedCard);
// Check length for card type
$expectedLengths = $this->getExpectedLength($cardType);
$lengthValid = in_array(strlen($cleanedCard), $expectedLengths);
$result = [
'valid' => ($luhnValid && $lengthValid),
'luhn_check' => $luhnValid,
'card_type' => $cardType,
'card_number' => $this->maskCardNumber($cleanedCard),
'length_valid' => $lengthValid,
'bin_info' => $this->binLookup($cleanedCard)
];
// Check expiry if provided
if ($expiryMonth && $expiryYear)
$expiryCheck = $this->validateExpiry($expiryMonth, $expiryYear);
$result['expiry_valid'] = $expiryCheck['valid'];
$result['expiry_message'] = $expiryCheck['message'];
// Check CVV if provided
if ($cvv)
$cvvCheck = $this->validateCVV($cvv, $cardType);
$result['cvv_valid'] = $cvvCheck['valid'];
$result['cvv_message'] = $cvvCheck['message'];
return $result;
/**
* Mask card number for display
*/
private function maskCardNumber($cardNumber)
$length = strlen($cardNumber);
if ($length <= 8)
return str_repeat('*', $length);
$first4 = substr($cardNumber, 0, 4);
$last4 = substr($cardNumber, -4);
$masked = str_repeat('*', $length - 8);
return $first4 . $masked . $last4;
// ============ USAGE EXAMPLES ============
$checker = new CreditCardChecker();
// Example 1: Validate single card
$testCard = "4111111111111111"; // Valid Visa test number
$result = $checker->checkCard($testCard, '12', '25', '123');
echo "=== CREDIT CARD CHECKER RESULT ===\n";
echo "Card: " . $result['card_number'] . "\n";
echo "Type: " . $result['card_type'] . "\n";
echo "Luhn Check: " . ($result['luhn_check'] ? 'PASS' : 'FAIL') . "\n";
echo "Length Valid: " . ($result['length_valid'] ? 'PASS' : 'FAIL') . "\n";
echo "Overall Valid: " . ($result['valid'] ? 'YES' : 'NO') . "\n";
if (isset($result['expiry_valid']))
echo "Expiry: " . ($result['expiry_valid'] ? 'Valid' : 'Invalid - ' . $result['expiry_message']) . "\n";
if (isset($result['cvv_valid']))
echo "CVV: " . ($result['cvv_valid'] ? 'Valid format' : 'Invalid - ' . $result['cvv_message']) . "\n";
echo "\nBIN Info:\n";
print_r($result['bin_info']);
// Example 2: Bulk check from file
function bulkCheckFromFile($filename, $checker)
if (!file_exists($filename))
echo "File not found: $filename\n";
return;
$lines = file($filename, FILE_IGNORE_NEW_LINES
// Uncomment to use bulk check
// $bulkResults = bulkCheckFromFile('cards.txt', $checker);
// foreach ($bulkResults as $res)
// echo ($res['valid'] ? 'VALID' : 'INVALID') . ' - ' . $res['card_number'] . ' (' . $res['card_type'] . ")\n";
//
?>
A "CC checker script" is rarely used alone. It’s part of a larger stack:
One successful PHP CC checker can process 50,000 cards/day, identifying 5,000 live cards. At $10 per live card on resale, that’s $50,000 daily in potential fraud before chargebacks.
⚠️ This script is for educational purposes only. Using it to check unauthorized credit cards is: cc checker script php
In the shadows of the internet, terms like "CC checker script PHP" are searched thousands of times per month. To the uninitiated, it might sound like a harmless technical tool—perhaps a script to validate color codes or gift card balances. However, within cybersecurity circles and black-hat forums, "CC" stands for Credit Card.
A CC checker script is a piece of PHP code designed to validate stolen credit card data en masse. It acts as a quality assurance tool for cybercriminals, allowing them to determine which stolen cards are still active, have funds available, or can be used for fraudulent transactions.
This article will dissect how such a script works programmatically, the logic behind its design, the severe legal and ethical implications, and why understanding this code is crucial for defensive cybersecurity. Remember: The only valid CC checker script is
🚨 Disclaimer: This article is for educational purposes only. Writing, distributing, or using a CC checker script to validate unauthorized credit card data is a federal crime in most jurisdictions (18 U.S.C. § 1029 in the US, Computer Misuse Act in the UK). The author does not condone any illegal activity.
Under written authorization, you may simulate a CC checker for:
Example authorized script (sandbox mode): A "CC checker script" is rarely used alone
<?php
// ONLY for authorized testing against YOUR OWN Stripe test keys
\Stripe\Stripe::setApiKey("sk_test_...");
try
\Stripe\Charge::create([
'amount' => 50,
'currency' => 'usd',
'source' => 'tok_visa', // Stripe test token
'description' => 'Authorized test'
]);
echo "Test auth success";
catch (\Exception $e)
echo "Test decline – as expected";
?>
Store cookies from initial gateway visit to appear as returning customer.
CC checkers often use raw cURL without rendering JS. Implement a CAPTCHA (reCAPTCHA v3) or a JavaScript-generated token on your payment form.