Привет, Гость ( Вход | Регистрация )



Reply to this topic Start new topic

> Неудаляемые папки
@ Воскресенье, 25 Января 2004, 17:00 / Deleters  Edit Post
- - = W A R E Z P I R A T E Z = - -
HOW TO MANUAL - THE END OF DELETERS v2.1
========================================
CREATED BY: [Piratez]
04/14/01

TABLE OF CONTENTS
=================

Title Line (CTRL+G)

1. What's NEW_________________________________________________________35
2. Introduction_______________________________________________________54
3. Invisible Directories______________________________________________68
4. Creating Invisible Directories_____________________________________76
5. Inaccessable Directories v1.0_____________________________________118
6. Creating Inaccessable Direcotires_________________________________125
7. Inaccessable Directories v2.0_____________________________________174
8. Creating Inaccessable Directories v2.0____________________________182
9. Smart Directories_________________________________________________218
10. Creating Smart Directories________________________________________226
11. Self-Protected Files______________________________________________252
12. Creating Self-Portected Files_____________________________________260
13. Ultimate Protection_______________________________________________283
14. Creating the Ultimate Protection__________________________________288
15. Undocmented Techniques Explaination_______________________________312
16. FAQ_______________________________________________________________326
17. Contacts__________________________________________________________348
18. Credits___________________________________________________________353
19. About_____________________________________________________________374
20. Future Developments_______________________________________________383


What's NEW
==========
The techniques in v1.0 of the manual had some possible vaulnerabilites and I was
able to get help with possible solutions/workarouds for now. If users bothered
to report/help in the aid of prevention I might be able to stop/document it COMPLETELY.

- added the /prn.hsp.laserjet/ inaccessable feature now called v2.0
- undeletable technique now called 'self-protected file'*
- edited some gramatical errors found that prevented a clear explaination.*
- others(re checked techniques with the new verfied vaulnerabilites and is embeded
in the ultimate protection to reduce the attempts)
- updated the faq/credits/about*
- undocumented technique explained(no examples shown to prevent deletion and keep
it as a vaild technique)*
- fixed some unclear explainations*
- added better formation with examples*
- fixed the line numbering for contents*

NOTE: *(asterisk) common bugs/updates.

Introduction
============

This documentation should not be used to exploit webservers. Some of the techniques
used here have certain outputs that can crash old servers making them unusable.
I am not preventing leeching(fill the pubs YOURSELF unless YOU have been given
access to leech be wise). Throughout this manual, techniques will be passed on
from exploits found in the 'WINDOWS' OS. That 'HELPS' in the prevention of deletion.
There are lots of methods in stopping a deleter, without restrictions set on the
server but most have some weak point. After coming across five new techniques,
making a folder 'invisible' from an ftp client LIST fuction. Making directories
'inaccessable' and clone and renaming prevention. Creating 'smart' directories
which slows down entries to the remote path. And the 'undeletable' file. After
experiencing rock solid protection and safe files. I decided to document it for
future reference for the next generation of software pirates.


Invisible Directories
=====================

The idea of invisible directoires came about when I came across paths that were
"/ /example/" and was not listed in the main folder but was still 'accessable'.
These can be created in all directories without other users knowing its existance
unless being searched for 'MANUALLY', which takes ages at the present time to
search through each folder for "/ /".(without using scripts)

Creating Invisible Directories
------------------------------

1. before
******************************************************************
./~/temp/tagged/for/team/warezpiratez/fxp/ <- not hidden
./pub/
./images/
./_vti_pvt/
./_vti_cnf/
./_vti_log/
./temp/
******************************************************************

2. after
******************************************************************
./ /~/temp/tagged/for/team/warezpiratez/fxp/ <- hidden folder
./pub/
./images/
./_vti_pvt/
./_vti_cnf/
./_vti_log/
./temp/
******************************************************************

To create the hidden directories, make a new folder as follows using this format.
[backslash][space][backslash][foldername1][backslash][foldername2]
ie. / /foldername1/foldername2/

the 'space' isn't a name but a 'character' that does not get listed, therefore making
the directories impossible to list.(without scripts)

NOTE: Making the hidden folders several LAYERS/SUB-DIRECTORIES deep is recommended.
ie. / / / /~/temp/tagged/for/ /team/warez/ /piratez/fxp/

This technique is not 'anti-deletion' proof but 'hidden' from deletion proof!

Read more to find out how to combine ALL FIVE TECHNIQUES to make it 'REMOTELY'
impossible to delete. Please note the 'quotes', REMOTELY in a sense that remote/localhost.
The 'siteadmin' can still 'delete' the folder "if he's around that is "


Inaccessable Directories v1.0
=============================

Inaccessable directories prevents the user from 'entering' the folder period.
The user will not be able to enter the folders unless knowing the 'entire' remote path.
Which was impossible for a short time, this is not rock solid but can be helpfull.

Creating Inaccessable Directories (use this within the 'inaccessable' direcotires v2.0)
-----------------------------------------------------------------------------------------

1. before
*****************************************************************************************
./temp/tagged/for/team/warezpiratez/fxp/
./pub/
./images/
./_vti_pvt/
./_vti_cnf/
./_vti_log/
./temp/
******************************************************************************************

2. after
******************************************************************************************
./COM1 /temp/tagged/for/team/warezpiratez/fxp/ <- inaccessable directories, due to 'COM1'
former windows bug.
./pub/
./images/
./_vti_pvt/
./_vti_cnf/
./_vti_log/
./temp/
*****************************************************************************************
To create inaccessable folders, use the following list of 'UNUSABLE NAMES'

COM1 COM1 COM3 COM4 (Windows COM PORTS)
LPT1 LPT2 LPT3 LPT4 (Windows Printer Ports)
AUX
NUL

Make a new folder "COM1[space][backslash][space][backslash]"
ie. /COM1 / /

NOTE: This makes the folder inaccessable, even to the siteadmin. Unless accessed from DOS(local)
with access to the machine)

To use the dir. Create a new folder called "COM1 /[foldername1][backslash]"
ie. /COM1 /tagged/

NOTE: This folder is still inaccessable, if a user attempts to enter it. To gain access to the
folder, the 'full path' must be known.

To enter the folder use the RAW command 'CWD' change dir. path. to enter the folder.
ie. CWD /COM1 /tagged/ and voila the folder is usable and working.

TIP: Creating the folder 'several' LAYERS/SUB-DRIECTORIES deep. It might be impossible to
getaround(without scripts).

Inaccessable Directories v2.0
==============================
The idea of this came about when a bug report that was brought to attention that the
inaccessable directories can be accessed so in response to the report of course I
took action to prevent it. The idea is to make the directories COMPLETELY inaccesable
through the means of having the 'network' itself protect the file meaning that I'm
forcing protection even though the fucking servers have no restrictions, this applies
to most pubs running NT4/5. Brute protection schemes to get to job done, keep on
reading how to use it.

Creating Inaccessable Directories v2.0
---------------------------------------
First of all, we want the deleter to be STOPED right there/right NOW! and don't
get the chance to proceed further. Create a main folder with the name
"prn[period]hsp[period]laserjet[backslash][space][backslash]" ie. prn.hsp.laserjet/ /

Then create a second folder so its possible to use it.
prn.hsp.laser.jet/[foldername1][blackslash] ie. prn.hsp.laserjet/tagged/

NOTE: YOU MUST CREATE EACH SUBDIRECTORY AT A TIME.

1.
*********************************************************************************************
./temp/tagged/for/team/warezpiratez/fxp/
./pub/
./images/
./_vti_pvt/
./_vti_cnf/
./_vti_log/
./temp/
**********************************************************************************************

2.
**********************************************************************************************
./prn.hsp.laserjet/temp/tagged/for/team/warezpiratez/fxp/ <- block entire access with
first folder
./pub/
./images/
./_vti_pvt/
./_vti_cnf/
./_vti_log/
./temp/
**********************************************************************************************

NOTE: See the ultimate protection to make this as safe/secure as possible.
This might be the ONLY idea I am supplied with that has a workaround
the usage of COM1.


Report this post to a moderator | IP: Logged

02-05-2001 21:05



jarod
Member

Registered: Apr 2001
Location:
Posts: 12


Smart Directories
=================

This technique involves, the creation of directories that are 'COPYRIGHT'
How's that for a simple description. The idea is to create directories that
would contain [peroids] thorough each of the subdirectories or segmenets.
The use of this is quite simple, note the word 'COPY'RIGHT. Most users use the
ftp://loginassword@iport/path/ format for faster access to an ftp.

Creating Smart Directories
--------------------------
To create 'smart' directories. Make the folder names of each sub directories
contain a period before, inside, and after words within the subdirectories
creating a fake 'file' recognition. The Widows based clients will assume the
folders to be files using the 8.3 format for file names. Creating a fake file extension.

1. before
********************************************************************************************
ftp://anonymous@anonymous@123.456.7...rezpiratez/fxp/
********************************************************************************************

2. after
********************************************************************************************
ftp://anonymous@anonymous@123.456.789:21/temp/tagged ./for . /team. /.
warez .piratez/fxp
********************************************************************************************

NOTE: Be as creative as possible with the period formation, to prevent COPYING of all folders
through each directories. The idea is to make the directories act as file extensions therefore
when copied, it will be 'queued' and the user has to enter the directories MANUALLY. Other
'SYMBOLS/CHARACTERS' can be used NOT ONLY just periods. But I find this most common, for a
'memorable' pharse.

********************************************************************************************
QUEUE: 1. /temp/tagged ./for . /team. /. warez .piratez/fxp
<- result of folder extensions
********************************************************************************************


Self-Protected Files (undocumented deletion vaulnerabilites, known ONLY to 10-15% of internet
users <- vague)
====================

Sad that we had to resolve to this but, this is a possible end of deletion as we speak.
I find no other methods out there that can accomplish this task except setting
restrictions from the server. This method involves the file being self-protected.
Meaning the files are accessable/downloadable but can NOT be deleted(so I thought).
The idea is to make the file corrupted/crash on the server side.

Creating Self-Protected Files
-----------------------------
To create a self protected file, rename the entire file including the extensions to the
follwoing format filename[space][period]/[space]/ ie. filename ./ / The / / in the name
as shown above in the previous example of creating invisible directories makes the
.extesion impossible to view on the pub as a windows recognized mime but, once
dowloaded it will be shown and accessable.

1. before
********************************************************************************************
warezpiratez.rar <- rar mime, winrar.
********************************************************************************************

2. renaming
********************************************************************************************
warezpiratez ./ /
********************************************************************************************

3.
********************************************************************************************
warezpiratez <- unknown file(undeletable,downloadable) <- file will take the correct mime
format on localhost
********************************************************************************************
The ICON will return to the original mime format once downloaded, might not work on this text
file but others.

Ultimate Protection
===================
The ultimate protection originated from the 'inaccessable' directories technique.
The idea is to make the folder COMPLETELY self-protected, much like the
self-protected files.

Creating The Ultimate Protection
--------------------------------

To create the ultimate protection originated from the 'inaccessable' directories.
The idea is above, several sub.dirs deep. Then creating an 'inaccesable' folder
within those invisible folders. Then the next step is to create those smart
directories so it slows down ANY attempt to gain full access, and also it makes
to user run into inaccessable folders because. The idea is to trap the user before
those folders using the smart directories idea. I didn't think that was ingenieus
but just common sense and seemd smart!.

1. before
********************************************************************************************
/temp/tagged/for/team/warezpiratez/fxp/ <- no protection
********************************************************************************************

2. after
********************************************************************************************
/prn.hsp.laserjet/ / /./ ./COM1 /temp/tagged ./for . /team. /.
warez .piratez/fxp <- protection(strong, can't be renabed/accessed)

UNLESS KNOWING THE ACTUAL PATH. Its the closest we'll get.
********************************************************************************************

NOTE: This is BY far the most protective method to block a folder from being accessed without
knowing the actual path, please use at own risk meaning loss of data if inaccessable.
That's all for now.


Undocumented Tehnique Explaination
==================================

SORRY, but I CAN NOT release the methods involved in DESTROYING all of MY attempts.
Instead a simple explaination will be provided. First of all the so called 'undeletable'
files weren't so LUCKY after all. It seemed that it could be deleted BUT, don't jump
to ANY conclusions. I made sure I take action against this so I rewrote the ultimate
protection with a new technique so please look it over. That technique allows TOTAL
protection since the user CAN NOT rename the folder/access the folder/delete or other
sorts(TO MY RECOLLECTION! PLEASE REPORT FOR ANOTHER WORK AROUND IF YOU FIND).
The deletetion of the self protected files CAN and COULD ONLY be done to ONE FILE at a
TIME. It means that the deleter would take ages in deleting all the files if protected
for example deleting big fucking isos!!!. Ok but down to the point if the deleter is
smart and has a purpose to stop warez, all that has to be done is delete one file from
each release causing the entire fucking release to be corrupted so if YOU SEE WHY i
can't blab these vaulnerabilites out its for YOUR OWN PROTECTION!!!

FAQ
===

1. What is a SUB-DIRECTORY
- It is the folder that is second/inside another folder. ie. maindir/subdir/

2. What is a PUB
- Short for public ftp. There are, no restrictions/protection on the access over files. Some
have them in most cases but then uploads/downloads are denied. Some would not allow fxp.

4. What does all this mean?
- Good question, this means that there should be more warez around in the future. More gamez
for YOU, more appz for me. You too.

5. What can I do to help?
- You can help the WAREZ scene, getting this manual around informing them of HOPE!

6. Who are the deleters?
- The most logical answer is that the deleters are the pub taggers and fxp/courier groups that
delete to keep updating the releases. The other explaination is what "LEECHERS" do when a
pub is found with the GLORY of 0SEC releases.

Contacts
========

[Piratez] - EFnet IRC irc://irc.powersurfr.com:6667/ (leave a message)

Credits
=======

1. MystiGirl - EFnet IRC irc://irc.powersurfr.com:6667/dcbythenose (visit)

- reported work around undeletable file technique.
- suggested another inaccessable folder technique that is much better than that of the COM1
- brain storming of other ideas, using scripts to delete that might not work if planned against
clients.
- commented: doing this also aids in more hacking/deletion but its time to put a stop to it.

2. Luniz - Efnet IRC irc://irc.powerusrfr.com:6667/dcisos (visit)

- reported some non working examples with the COM1/hidden folders
- reported unclear explanations when creating folders

3. Gaker - Help sending the manual out to new posted pubs

4. Thanks goes out to the readers of this documentation, please ingore the gramatical errors
found throught this, it has undergone several reviews for the techniques alone.


About
=====

This manual was inspired from the makers of other how to stop the deleter manuals but
never worked or at least it was not doucmented in detail to understand much.
The information was gathered from other sources that had some lines of credit others
none(IDENTITY reasons). Thanks goes out to all linux members for bug fixing windows
and its exploits to help stop deleters. Your skills are HIGHLY admired and apprechiated.
Keep the warez scene alive. Greets goes out the the deleters, with one last request.
"DELETE ME NOW BITCH! I DARE YA! MUWHAHHAH!"

Future Development
==================

I wouldn't know how far I plan on taking this simple problem but one things for sure
i'm going to STOP it. The next releases of this manual will incldue 'scripts' that
will perform these tasks for creating the directories making it more automatable.
I will not make scripts that is capable of undoing(defeats the purpose of the manual
and techniques) what has been done or release them if created. So be warned when using
the manual.

THE END
=======

Lo-Fi Версия CMSBlog Сейчас: Пятница, 01 Ноября 2024, 3:15