ideale7.htm: How to seriously annoy smut sites...

Smut sites busting

How to seriously annoy smut sites...
How to allow any luser to access any commercial smut site for free :-)

Courtesy of fravia's pages of reverse engineering

The info below is general anonymity lore, available (almost) all over the Web, yet -no minor deed!- the data below have been collected and organized in December, under heavy snowfalls, by A+heist and your +ruly
~
(12 December 1998)

Hey! I hope that you are a commercial smut site visitor
I hope that some of the readers that have found this page (that I sincerely wish to be copied and spread everywhere on the web :-) are commercial smut site visitors, because the main purpose of this specific section is to destroy those sites, and therefore I believe we have to hit them hard on the only place where it will hurt them (on their wallets).
I have in the last couple of years conducted a lonely battle against commercial smut sites (see General Smut sites busting), and I have now realized that that very lurid 'commercial' logic is -unfortunately- against me: for every site that I have successfully destroyed there have appeared ten more on this huge (and increasingly useless) web of ours. So I'm changing tactic, and I'm doing it right now.
I'll continue to deliver commercial smut site "busting knowledge" for the pleasure of myself and few other 'enlightened' ones, but I'll start -right now- to deliver commercial smut site "ruining knowledge" for the masses, in order to gain the great final battle for a free -not commercial- web.
Therefore in the never lost hope of being able to destroy all those obnoxious commercial smut sites that are polluting the web I would like to give any reader the possibility of accessing commercial sites for free using all the tricks I know of (I repeat that I have NOTHING against nude images, if given away for free, I'm against people polluting our web in order to scrap some money exploiting slaves instead of freeing them... I'm not a 'puritan' censor: I'm just against all commercially oriented bastards).

Take note...
<legal backcovering on>
"I would like", that's what I wrote above... c'mon, that's obviously just a wish of mine. I'm not saying that anyone should do something illegal really, because in that case (which is not this case) the content of this very page you are reading -My Gott- could be deemed illegal (by some contorted legal minds, in some countries, under determinate circumstances) if used with malice. The following information is only given as "general anonymity knowledge" and as "commercial smut sites busting knowledge" for educational purposes. It is just web-lore! (As such available on all relevant usenet groups). The idea is that you (potential site ruiner) may understand what COULD happen (which is an important knowledge per se: why should you be denied the awareness of these techniques?).
Of course, cela va sans dire, I never attacked myself any site with this kind of 'low level' approaches (in fact I would eventually use much harder ones :-) Moreover I do not condone these approaches in the least... or at least not very much.
<legal backcovering off>

Let's begin
First off, I suggest you browse either using Netscape or using Opera. I will not give you here any instruction pertaining to M$IE browsers, for the simple reason that I don't like Micro$oft and I don't like the people using their products.

First thing to do, is to keep a low profile while surfing the web.
The first thing to do is to eliminate any tracking possibility based on your cookies.
If you use the web a lot, then you probably have collected several cookies on your hard disc without realizing it, see my anonymity section.
Cookies are information snippets stored in your harddisk when you visit a site, designed and useful FOR THE SITE you visited
A Cookie is a little nugget of information that is sent to your browser from a World Wide Web Server. This block of data can be anything, a unique user ID generated by the server, the current date and time, the IP Address of where the browser is logged onto the net or any other chunk of data that you want.
After a browser receives a cookie it will then send that cookie (nugget of info) to the server that set it whenever it requests an html page. The browser will only send the cookie to the server that originally set it. This means that I (at my server) can't tell if you (some browser) have cookies that other sites have set. In other words I can't steal cookies I haven't given you by using HTTP protocols. Yet my cookies can be nasty enough to protect my site from people that are not accessing it through the PATH I want them to do it (which is the case for most smut servers).
Basically, then, cookies are small pieces of information that are sent automatically from a server to your computer. They are stored on your hard disc, where they act as labels, showing that you have visited a particular page. If the user goes back and visits the same website at a later date, the web server will detect the presence of one of its cookies on the users computer, and can stuff its databases and eventually modify the page accordingly. Ever wondered how does Yahoo mail recognize you when you login?

So you definitely want to silent cookies. To shut them off, see the instructions on my anonimity page: basically Then, second step, avoid Java and Javascript. As you'll be able to learn on my dedicated javascript pages, you can do almost anything with a good script, among other things you can get a readers address!
Once a site grabs your email address (if you'r not using a chain of pseudos), all they have to do is to run is a simple e-mail check through a place like Yahoo and they can find out where you get your internet service from, where you live, your name and home phone number.

Ok, next you need a way to get into these pay sites. Since they are "pay" sites (duh) they will want money from you. And that is their weakest point :-)
So you will need to download a credit card generator. There are hundreds of these little programs, which will create valid credit card numbers for you to "use" at the commercial smut pay sites.
Since for obvious reasons there is NO possibility to check immediately a credit card number (else anyone could easily bruteforce such a database until they would get valid numbers), and since, for obvious reasons as well, the 'clients' of the smut sites want to drool immediately over their images...

OK, of course anyone that pays in order to access a commercial smut site is just a plain stupid luser... of course there's NO NEED WHATSOEVER to pay for something on the web... anyone can have tons of backdoors for free, immediately, just performing on good old Hotbot (or any other search engine with similar algos) a query like

+"index of" +bond -james +jpg
...and substitute 'bond' with what your more or less excited fantasy craves... but we are trying here to get morons, not accomplished searchers, to ruin those sites... and educate those very morons at the same time :-)

...they will accept the faked credit card number, they will give you access, and you will be able to roam around their sites 'eventually gaining root :-) until they realize that you've had them. At that moment they will delete your account, usually between 10 to 40 days after you have signed (at least a week). If you need a credit card numbers app, just query +"credit card generators" in any good search engine, you'll find a dozen dozens.

Hide your location
Now that you have found the simple tools you need to fake a credit card number, just wait a minute: before you use them you will need to hide your "identity" on the net.
This is the most time comsuming part and at the same time the more useful part of the whole attack scheme.
Many use the service of Anonymizer (http://www.anonymizer.com) to keep from being traced, but unfortunately anonymizer itself logs all visits in order to see where your going (because THOSE data are the wealth for the anonymizer guys... just like your supermarket's 'special frequent buyer' card will let them know how much you cry ~ shit ~ make love with your beloved one so the anonymizer and ALL search engines are free just in order to GATHER DATA on you... never forget this simple truth)

Therefore, instead of the Anonymizer, you can use something that works samo samo, but won't log.
It is a very simple device (duh) called a proxy server. Basically it is just a firewall of sorts, that makes it seem as if you are living and getting your internet from somewhere else.
This is how it works: Surfing Normally
your account > access > commercial smut site
your account < send data < commercial smut site That's how it happens when you surf the usual way. You bustthe site and they can see what your IP was, and eventually trace you back, and eventually * contact your ISP, and eventually you're in trouble (not easy if you chain pseudos, but, hey, why should you risk anything?).
When you use a proxy server, they will think you live somewhere like South Korea, even if you live in Luxembourg.
This is how a proxy server works: Surfing with a Proxy Server
your account > access > proxy server > access > commercial smut site
your account < send data < proxy server < send data < commercial smut site
So what you are doing is logging into a proxy server from your ISP account. Now, if the proxy server you find doesn't care about who you are, then you go to a commercial site you want to explore ~ bust ~ destroy ~ whatever you fancy.
Since you live -say- in Luxembourg, the commercial smut site would normally see that you live there, and try to retaliate.
Yet, let us say your using a proxy server you found somewhere in South Korea or in some other middle of nowhere where they don't understand anything about this stuff... The commercial smut site sends all its data (read: lusers' images) to the proxy server in South Korea, while the proxy sends the data to you. The commercial smut site just figures that you are some horny luser from South Korea! But what happens when your target site finds out that your using a fake credit card number? They just notice that someone from South Korea signed up. Then they figure out it was a proxy and anybody could have done it. They also don't want to waste time on a not very expensive account.

Now that you know about proxys, you need to find your arrows. Finding a proxy is easy, the time consuming part is finding a good one. You can find proxys on the search engines by typing in keywords like "public proxys" or "free proxys", or you can perform a research on the relevant usenet channels to find all the proxys you'll need for the next one thousand years.

Once you find a promising one, do the following:
either

-go to the top of the page of Netscape and click on Option
-choose "Network preferences"
-pick "proxies"
-click on "manual proxy configuration"
-then click on "view"
-where it says: "http" put in the proxy server ( ie: proxy.inter.net)
-under "port" enter in the port number (ie: 8080)
-click "ok"

-go to the top of the page of Netscape and click on edit
-choose "preferences"
-pick "advanced"
-pick "proxies"
-click on "manual proxy configuration"
-then click on "view"
-where it says: "http" put in the proxy server ( ie: proxy.inter.net)
-under "port" enter in the port number (ie: 8080)
-click "ok"

Mhead

As promised, I have done research and have uncovered some very interesting
things I believe those using Opera, specifically 3.50, should know.

Preferences->Advanced:

	This is where the Cookie logging option is. As you said about Netscape,
this should be disabled.

	Another interesting thing here is Referrer Logging. This option allows
those monitoring a given site to see where you came from, and quite
possibly where your going. This is a definite uncheck.


Preferences->Multimedia:

Here resides if Javascripting is enabled. Don't see Javascript? It's
under scripting languages. Unchecking this box takes out javascript. Why is
this important? The best way to keep yourself safe from javascript bombs is
to not enable it in the first place. Kinda like having a mine sniffer.
Remember where this is, just in case you DO need javascripting enabled
for certain pages.

Preferences->Link Presentation:

For the true paranoids, set both non-visited and visited links to the
same color, and the same format (underlined, bold, ect.)

A nasty trick that I have not come across, but I can imagine, is someone
setting their page refresh rate to gather information. An option here,
Enable Document Loading, when unchecked, prevents this.

If you have any question about whether your preferences are giving away
anything about you that you DON'T want, check out your Opera.ini.

Also, unless moved, Opera's cache is located at c:\opera\cache

Mhead

http://www.tamos.com/bin/proxy.cgi

proxy server detected

may

proxy server not detected

link

http://www.anonymizer.com/snoop.cgi

incredible Bonanza

Site Busting

homepage

links

+ORC

most recent essays

anonymity

counter measures

bots wars

CGI antismut

cocktails

search_forms

history of this site

AntiMicro$oft

mail_fravia

Is reverse engineering legal?

How to seriously annoy smut sites...How to allow any luser to access any commercial smut site for free :-)

How to seriously annoy smut sites...
How to allow any luser to access any commercial smut site for free :-)