Section 1: Introduction

After my last tutorial, I decided to write something a little less
technical. This tutorial is for your average joe, who just doesn't want
to pay $30 a month to masturbate. Anyone with any serious technical
experience will probably find this tutorial boring, but for those of you
out there who are not, and just want to masturbate freely without having
to hand out your credit card number, then this is the article for you.
Anyways, this tutorial will cover basically two methods you can try when
breaking into porn sites. Section 2 will cover cracking into porn sites
by breaking into an existing member account, while Section 3 will cover
traversing through the internal database via a redundant directory
scheme. Hope you all enjoy...

Section 2: Cracking Member Accounts

Well what you need here is of course a password cracker. Brutus is an
excellent choice for this, which you can find at the below link...

http://packetsurge.com/main.php?surge=downloads

Now, once you have Brutus downloaded and open, you will see several
options that are available to you. The "Target:" of course is the remote
server (in this case, a web server) that you are targeting, and "Type:"
is the type of service that the server is running that you are wanting
to break through. "HTTP(Basic Auth)" should already be selected, and
that's the service that you will be cracking. So everything is set as
far as that is concerned. So what you will do is first select your
target. First you will go to the site that you are wanting to crack, and
then go to the icon that brings you to the members section login. You
will right click this icon, and select "Properties". You will within
Properties see the "Address" listed. This is the address for the login
that we will want to crack, so you will copy and paste this address into
the "Target:" bar on Brutus. There, now we have the target selected. We
will now want to check the "Use Proxy" box, and click "Define" to use a
proxy serv er with our cracker. In this case, we have to options of
using different types of socks servers, which are basically servers set
up to forward traffic to it's final destination (which is the member
login we are wanting to crack). That way, the crack attempt will only
reach as far as the socks server, and you will be able to safely crack
accounts on the site. You can find a list of active socks server at the
link below...

http://www.samair.ru/proxy/socks.htm

So all you do then is just simply copy the ip address into the "Proxy
Address" bar, copy the port number into the "Proxy Port" (which by
default is 1080), and select what type of socks server it is. Now we can
make our final configurations. On the bottom you will see a user list
and a word list. You can use the word list that comes with the cracker
if you like, or change it for another word list that you feel is better,
but the user list will have to be changed. To make it simple for you,
simply define the user file as the word list. Considering I can almost
guarantee you, on every porn site, there is at least one moron who
chooses his password as his user name. Otherwise, if you want to take
the time, then you can also define the combination file based on words
within the user list, with parameters that are usually found on such
sites. There are basically two types of redundant password schemes that
you will want to look for when breaking into a member account on a porn
site. As I men tioned, there of course is the accounts that have the
password the same as the user name. For example, john:john. There are
also variations of this like john1:john, and such. There are also
different types of accounts that have the password correlate with the
user name in a rather obvious fashion. For example, cookie:monster, or
stoney:stoneman. Therefore, you can try and put together such redundant
possibilities of password schemes within your combo file, and take a go
at it. Otherwise, if that doesn't work, then you can just do a regular
crack, defining the word list as both the user list and the word list.
Well now we should have everything set, and you can just click on
"Start" and let her rip. If you have the patience, and time, then you
will get results.

Section 3: Figuring out the Directory Scheme

This section will be short and sweet, considering the method for which
is rather obvious. There is a way you can view material from within the
site itself, without breaking into an existing member account. This is
possible because a lot of sites have a fairly standard directory scheme
for storing their material. So let's discuss how such a standardized
directory scheme can be exploited to our advantage. There are sites on
the internet like www.thehun.net that offer free previews to different
porn sites. Different sites contribute preview pages to the site, to
give potential members a preview of the material within. However, these
preview pages are set up within the internal database of the site. This
allows us to get a preview of much more than the administrator wants us
to, like a look into the directory scheme utilized within the porn site.
Now, most administrators will be smart enough to randomize their
directory scheme, so that the only way to really traverse through the
directorie s, is to go through the member section. However, many other
sites however use a incremential directory scheme, which allow for one
to very easily traverse through the internal database. For example, say
the address is something like
porn.site.address/some_other_directory_paths/34/ when you click the
preview page. Well, we can very simply increment or decrement the
numbered directory, to transverse through the internal database (i.e.
/33/, /32/, etc.). We can try this with any numerical directory scheme
that is in place to potentially tranverse through the internal database.
You just have to use your brain.

Section 4: Conclusion

Well that covers it for this tutorial. Once again, I hope you enjoyed
reading this as much as I enjoyed writing this. By now you should know
enough to start breaking into different porn sites of choice, and maybe
get into the whole xxx-cracker scene and start submitting passwords up
on xxx-cracker forums. But that's all up to you. Anyways, until next
time....

Note: For those of you who have any questions or comments and feel the
need to reach me, you can do so at protonigg3r@yahoo.com and I will try
to get back with you as soon as possible.

Sites to Visit

www.packetsurge.com - because we 0wn

www.cyberphaze.net - lots of information, and a nice forum

www.digital-deception.net - good site with good people

www.satanz-mafia.org - still growing, but developing nicely