Searchers against Smut
Why should we fight against Smut sites? Are we censors?
(A general approach to smut site bombing and some exploit searching tricks)
By fravia+, Started 1998 ~ Updated December 2001
|Why should we fight against Smut sites? Are we censors? No!|
We are not censors, and we have nothing whatsoever against nude images (if
given away for free), yet we have to wage battle against commercial smut sites
for many pretty sound reasons. Here the main ones:
Because commercial smut sites are swamping the whole Web. They have long ago swamped, for
instance, the server where my main page was hosted to a point that made impossible
for me to remain there. This swamping may seem strange, since there is NO REASON
WHATSOEVER to use or peruse such commercial smut sites.
As anyone that visit these pages of mine knows, if you have learned how to search
the web there is NOTHING... absolutely nothing that you will not find on the web.
Any application you can think of, any image that has ever been taken or made, any
BOOK that has been written, any MUSIC, any FILM, any document, any lore...
dwells somewhere inside a server on our planet, ready
to be downloaded by you for free.
In such a situation selling "commercially" what is already free is only a
fraud. Porn sites (but most 'advanced searching' sites as well, come to think of it) are just doing that.
We are compelled to vegetate in a context where 'copyrights'
laws are just used as fig leaves to cover strong commercial
interests, where all tricks of the trade are exploited to deny knowledge to
the 'poors and
the simple ones' (they want zombie slaves that slurp advertisement and firmly believe
"real life" is to drool around a noisy vulgar mall buying and/or consuming some useless crap for
the sake of some corporation).
In this social Hell all kind of 'frill' and 'push' activities are
fostered heavily in order
to keep under their consumistic chains (and advertisement whips) those still
unaware of what's going on around them, the gullible believers in a nonsensical
where money -and not knowledge- means
Yet this still surviving web & nether world of ours points (among difficulties and errors) to
a NEW reality: See and rejoice! You can also (and still) get at (and
download) all the knowledge (and horrors) of the human race. That is, you 'could'... once
you know how to find them.
The problem and the difficulty is to understand where exactly -and under which
name that what you seek has been stored.
This is fairly easy endeavour, though, (as you have understood on my pages), yet many poor suckers
and lusers simply don't know it, and have -for instance- to pay in order to
get their daily smut ration... don't laugh at them! Imagine you are a frustrated
young man, somewhere in Saudi Arabia (or in Idaho :-), with a web access and enough money and yet
no naked women images (nor many naked real women AROUND
nor Wodka-Martinis 'comme-il-faut' for that matter :-)
nowhere in a range of 1000 kilometers... you would probably fall for it as well...
Since, as you know, on the Web there is NO law, reversers are among the few that can
try to put an end to any activity they happen to dislike.
'Seekers noblesse' oblige: We decide alone what we allow
and what we forbid, since we HAVE (and spread) real knowledge... after all
we are the only real "power"
in these worlds of bytes and codes, where commercial minds stumble around, blinded by
money... a universe where we can still destroy them,
and stamp them out if need be, as you will learn here and elsewhere.
You'll begin to grasp and understand - here - how we can attack our enemies,
and you may decide to join and help (or
even criticize and ignore... as usual you are not compelled to agree with our course
The proliferation of all kinds of commercial sites is unrelated to their (mostly poor)
content, and in the case of porn sites is independent from the fact that they are
offering images that [you could
have for free], since the people
that usually fall for these tricks DO NOT KNOW that, all moralisation campaigns
notwithstanding (that, as usual in this awful society, always stop
short of attacking the "holy" commercial activities)
this swamping is simply a consequence of the 'inner working' (or if you prefer the
'coding choices') of these sites, workings and choices that
you must understand in order to defeat them, and that we will try to summarize
Let's see how a "classical" commercial smut works:
THE WORKING OF A CLASSICAL COMMERCIAL SMUT SITE
WHAT CAN WE DO AGAINST THEM?
You steal a great number of bad scanned smut images from the newsgroups (where
anybody could get them for free, of course, but that's for sure completely irrelevant for you).
- You get an Internic name like xxxsmuttfickxxx.com for a few dollars (you are
already a server provider yourself, or you find one for next to nothing)
- You buy some bad-written cgi-scripts to get zombies pay for
some sort of paid
access to your smut offerings.
- You realise that almost nobody comes
- You spam every usenet group you can get your hands on in order to get some
idiot to visit your site, in the hope they will pay you some money
- You realise that almost nobody comes
- You prepare a real ugly smut image as "banner-ad" and exchange it with one
hundred other smut sites, hoping that the small park of frustrated rich idiots
that roam these sites (and pay for them) will waste some dollars on your site as well.
- You realise that almost nobody comes
- You specialise in nastier and nastier smut images ("lolitas swallowing horses"
"pregnant teenagers tortured by lorry drivers" or whatever)
- You swamp whole servers with the same poor images yet with twenty differently
named "entrances" to the same (poor) content you have copycatted on the web.
- You spam and spam and spam and swamp and swamp and swamp
- You realise that most people that seek this kind of images
still prefer to get them for free
- Ahah! You write the word "free" everywhere in your commercial
smut site hoping to
get somehow inside the search engines listings for 'free smut' images.
- You eventually scrap a couple of bucks from your dirty floor
and swallow them.
Well, there are some possible line of actions:
Nuke the sites
This is far from easy, and you need some particular conditions to
be able to do it, yet it is great fun. You'll get some hints and
some simple tricks on my "cgi reverse engineering" pages one and two.
Basically you just write something like
#exec cmd="chmod 666 /etc/passwd"
for SSI servers
or add something like the following to the http://www.yoursmuttarget.
or add to your target URL
or submit a tag like the following one:
<!--#exec cmd="/bin/rm -rf /"-->
or if the perl.executable is there run it with this URL:
and nuke the smut site for a while :-)
And all this is just to SEE if you can play a little with them (a real
"complete" attack is of course a little more complicated).
VISIT MY cgi reverse engineering PAGE ONE
VISIT MY cgi reverse engineering PAGE TWO
Find and explore the sites
You can easily explore these sites 'jumping' over their password verification
applets or scripts.
- Download applets or scripts
- Crack them
- Find a weak point
<WARNING: OBSOLETE SITES ON>
VISIT MY how to comb smut sites PAGE
VISIT MY combing and klebing techniques PAGE
Use the tricks explained here or just read the robots.txt files (see the
<OBSOLETE SITES OFF>
Don't forget that you don't need to respect smut sites!
Use credit card generators
to get a faked but working credit card number (test it on geocities 'kids' facility until you
find a working one). Once you are inside the smut site, either nuke it or post immediately its
complete subdirectory structure on usenet (even worse: nuking will last only some time, but
re-creating the whole subdir structure can be a hassle :-)
If you don't want to use faked credit card numbes, don't forget that you can also enter smut sites using
FALSE passwords. There are in the warez
scene hundred of sites that offer 'capered' passwords for commercial smut sites,
one of the rare occurrencies where I'm fully favourable to the warez kids.
frustrated smut-seekers use these free passwords in order to gain access to the
smut sites WITHOUT paying them. This is IMO very good because this does not only
damage the smut sites... in fact most of these simpletons realise in this way very
soon, how bogus all these commercial smut sites are and won't in their life never
come to the idea of paying for access again.
The Commercial smut sites react against password capering with automated scripts that
deconnect all accounts used by two persons on the same time. Yet web server-user
notifications protocols are so unreliable that most of the time they just don't dare
pushing it really too much, and default to a completely useless warning, because
much too many dynamic IDs, and the real fear of these sites is to scare off
one of the few
gullible "correct users" they have got. So everytime you get a "scarecrow" message
with capered passwords, just reload until it disappears.
You can also enter these sites using gathered 'crumbs' that you'll find on the source
html script of the page. Useful crumb gathering is often possible through right
clicking onto any logo, or image, and carefully watching and registering the URL
call sequence through your logger or personal firewall.
Study and crack the friends of your enemies
Many commercial smut sites resort to 'commercial smut verificators', which pay them
'per visit' and take care of the whole verification routines. While this offers a
better security on one site of the medal (good thought
cgi-scripts protections schemes can be certainly tougher than the home-made concoctions),
also that once you have cracked one of these schemes you have cracked all of the sites that
Beat them at their own game demonstrating that they are utterly useless
There is practically not a single image on the commercial smut sides that
you could not have for free if you cared to. Yet, instead of leaving these
images where only determined people would have found them (why not, if someone
wants to see them, he should be free to do so), the commercial smut sites throw all
these images everywhere on the web, making it dead easy, even for childrens,
to get exposed even if they ARE NOT seeking porn (and since I have
three kids, I know what I am saying... if you want to have a look for yourself
at what kind of smut you can get without any filter whatsoever, visit Giglio's
This situation is of course just one of the many nasty consequence of the awful
society where we live in, where everything
is measured only through its 'commercial' value, even people and bodies. Yet
there is no reason we should accept this. Since nuking the commercial smut
sites, while being great fun does not seem to bring us nowhere (there are simply
too many of them and they proliferate like champignons), I am considering writing
simple robots that will "dig out" automatically
all sort of smut images publishing (and updating) these links automatically on
the usenet relevant groups, where part of the suckers that PAY the commercial smut
sites roams. This should damage smut sites where it really
hurts them: on their commercial site :-)
So a good counter-offensive could be to publish on the relevant usenet
groups (say once every week, through an automated bot):
I believe that sending all these info to every warez sites (which are all
concurring against another -for bucks- as well, and would tehrefore immediatly
publish everything you feed them, just in order to gain some more hits :-) would
inflict a more lasting damage to the whole commercial smut scene.
- either a list of all password capering sites;
- or a list of all the many really free smut sites (which exist but
are fairly difficult to find due to the fraudulent proliferation of
the adjective 'free' inside the commercial smut sites);
- or a list of all the hidden links inside the main smut sites;
- or some cracking / reversing tutorials for the PASSWORD ASKING AND CHECKING applets;
- or some easy robots that would allow any luser to gather whatever
images he (thinks he) needs.
Since the commercial smut sites cannot afford to change continuously the
whole subdirectory naming structure, the publishing of the hidden links and
subdirectories structure could be even more effective that the traditional publishing
of the passwords or the occasional nuking of a couple of exposed site.
We will examine how exactly a userid/password script works, and
how it 'decides' if the user should gain access to the site or not. There
are now some new censorship applications that check THE (rosa) PIXELS of the
images in order to allow or forbid to 'corporate prisoners' to see them.
We could therefore reverse the algorithms of these very censorship appz in order to
obtain the opposite, and
FIND where such images have been hidden. Such a little
bot could then be released for free to the zombies... smut seekers will thus get
for free their smut-dope, automagically brought home, and commercial smut sites
will fail miserably as they deserve... hey! this could be (ahem) very useful against
any sort of commercial site as well, come to think of it :-)
Another very interesting sector is PASSWORD CAPERING. If you have a closer
look at the passwords and userids used by the commercial sites (not only smut
sites) you'll soon realise that they are divided in TWO main categories:
user-chosen and automatically generated.
Both approaches have weaknesses, as we know:
"user chosen" passwords are repetitive, Johnny the bozo cannot remember anything more complicated than
the name 'coke':
fred/fred (look at the letters "fred" on your keyboard)
userid/password (ofter that you would think)
That's the reason some commercial site 'assign' you your password:
And as all reversers know, in that case there is nothing easier than crack the algorithms
that assign valid passwords in such a way. Just download the relative applets or, even
more simply, have a quick (reverser :-) look at a small list of valid passwords, that you can
collect at ease from
the many password warez sites.
It is clear that this project will only survive and thrive if there will be
more and more essays from ALL OF YOU and if you will find and send me other
-even better- tricks in order to commercial ruin (or at least to seriously annoy)
all those bastards that run the commercial smut sites.
Some lusers believe that money and sex are the two only things that count in life, and
that 'combining' the two, they may have found an easy way to scrap some easy bucks. Let's
show them that in our world money does not mean anything at all and that even if sex
would really have something to do with poor quality smut images,
which I doubt, that too can be gathered en masse on the web for free, like everything else.
I hope you understand now WHY I want to bust commercial sites (apart from the 'intrinsecal'
fun in busting web sites :-) and WHY this has nothing to do with any censorship attitude of
mine: I am a reverser and a seeker: I want a free web with
free resources for anyone and I'm gonna struggle for it if necessary.
(c) fravia+ 1998
Good luck, good hunt!
And if you are interested, here is a small e-mail exchange of your
with a smut site
And if you are interested, here is a
very simple password busting program
|Some strings (that may knock the stuffing of some sites :-)|
Corto's 0&sa=N trick
Common knowledge's +directory +indexing +bugtraq trick
(c) III Millennium: [fravia+], all rights reserved