A N T I S M U T |
Fravia's antismut pages Fravia's Nofrill Web design (1998) |
updated October 1999 | Smut sites busting "Crackers against commercial smut"
|
---|
A small digression: stalking | ||
Of course all the stuff on my "enemy stalking" pages can be VERY USEFUL for this section as well. You may find it quite interesting to better understand which tools and techniques you can use to individuate the culprits... on the right side you go... |
1) General stalking techniques 1.1) Simple email stalking techniques 2) Reversing language patterns 3) Luring and social engineering tricks |
A general approach | commercial smut sites bombing | (Why and how to annoy them) | |
combing | i.e. how to find the "commercial smut" sites | (how to identify the weak ones) | |
source checking | How to exploit 'crumb trails' inside a page | (forgotten snippets of information inside counters and images) | |
cgi reverse engineering: one | How to exploit weak CGI-script and PERL programs used by the Smut dealers | (How to nuke a page against the will of its owner) | |
cgi reverse engineering: two | How to exploit CGI-script, server side includes and perl ticks | (How to see a smut site going Ka-boom! under your very eyes) | |
Server exploits: one | How to exploit Micro$oft's IIS bugs | (How to fish scripts or programs that should have been hidden) | |
Server exploits: Rudicarell's | How to exploit weak sites with your browser | (Some interesting logs and redirecting tricks) | |
How to allow any luser to access any commercial smut site for free :-) | How to seriously annoy smut sites... | (Some interesting proxy info for lusers) | |
restricted access: one | Some apostrophe + boolean value tricks | (Advanced perl-sites nuking) |
:03723 83781005 cmp dword ptr [eax+10], 5 :03727 7F0C jg 00403735 ;; You may want to change this to 7F3F = jg 00403768 :03729 83781005 cmp dword ptr [eax+10], 5 :0372D 7539 jne 00403768 :0372F 83780C14 cmp dword ptr [eax+0C], 14 :03733 7E33 jle 00403768 * Referenced by a Jump at Address:00403727(C) :03735 8B5371 mov edx, dword ptr [ebx+71] :03738 8B4204 mov eax, dword ptr [edx+04] :0373B 6A00 push 0 :0373D 6A00 push 0 :0373F 68A5FC4200 push 0042FCA5 ;; ->"This copy of wwwhack expired on June 19."Redirecting the jump (do not just nop the 7F0C, it won't work :-) will make wwwhack work whenever you want, yet as I said, this is just a very crude program, valid only for username/password combinations where BOTH strings are identical. You may of course slightly modify wwwhack code in order to try DIFFERENT STRINGS during your busting approaches, this requires a small patch. (It's incredible how many sites you can bust with the simple wwhack 'same strings' approach, though)