Courtesy of http://www.searchlores.org, March 2002
[noanon]   [anonemail]   [anonymizers]   [proxy]   [compare]

the garden of forked paths
by Corto Maltese
edited by fravia+, April 2002

Our very talented 'pseudoanonymizers spotter' Corto Maltese keeps sending us his wondrous findings.
He writes: "There are so many 'unspotted' resources out there. The only thing one has to do is to spot them..." and that's what Corto did with his bag of tricks, and then with his "da bag is not empty, yet".
You should by all means read or re-read them and then enjoy this one...




at the garden of forked paths ,again

Since these tricks are more practical than theoretical, with the present addenda i intend to finish them, closing the series; enough examples are given in the present and former two essays... now it's up to other´s to present their own findings and to donate some 'developments time' :-)


  • As we have already seen various patterns of the tips described in "da bag is not empty, yet" can be found allover the net:
  • any reader will be able to find global ones like these, but we must remember:

    a commom characteristic MEANS NEVER a common basic principle nor can be taken as a general working way

    b.e. the google´s chain +inurl:"index.php?url=" offer us a world of pseudos that usually works:
    yet sometimes several of the results of that very search DO NOT work, or may hide a single -dangerous- redirector that will show our ip:
    you must ALWAYS check what other give you!

    i usuallly work with showclientheader.htm as first "tester" because of its amazing speed (and also because I know that fravia's PHPlab does not keep any loggings), yet the promising chains "jtk" or "ktj" are both dangerous... because when using it, we reveal our forwarded ip without realizing it: compare
    Playing with pseudoanonymizers is a MUST, before any serious use

    it´s not even necessary to search for them, you may meet them in other searches, when surfing... but if you need to look for them yourself, play with words that exclude terms like "redir", "link"... & include promising quarries like "url=".
    Once you find one, watch if similar pattern do exists on the web at large, searching for them, modifing them if needed, reversing their meaning (what does the "jtk" above mean? And "kgj"?)

    But you are not finished! You should later think about other possible applications, different from the specific one you started surfing with... just list all possibilities in a simple (and of course non exhaustive) mode, and play with all known seeker's tricks :-)

    The colonel doesn't know who writes him...
    Although a real working formmail (see the +HCU essay) is, nowadays, almost a "desideratum" if you find one (even a "para-formmail" would do :-) you can comb it with pseudos changing the string action= and adding the spot:
    (of course test by auto-sending first email and also adding, this time, the parameter
    <input type=hidden name="env_report" value="REMOTE_HOST,HTTP_USER_AGENT">
    to the form)

    so, all pseudos allow these cgi executing... something that, usually, real anonymizers (as the actually working http://anonymouse-master.com) DO NOT,
    NOTE THAT the same happens when posting onto a messageboard, he, if we slighty modify some parameters on the forms, for instance the one at http://fravia.2113.ch/phplab/mbs.php3/mb001: or
    sometimes if u are lucky, gosh: very lucky, you could even snatch a paralell way and a clean method to avoid ip limitations in order to access a site by looking for the (internal or external) "non official proxy" that the pseudoanonymizers spotter is, but that is another further step, worth an investigation.


    Tools

    This time google, opera with cookies disabled and proxonomitron though sometimes to test failures, or see what other see (popups, cookies...), iexplorer with proxy without other add-ons is a perfect 'lame duck target'.

    I think that "investigators" (all seekers for that matter) may also find [ethereal] useful       (fravia+)

    now it's up to other´s to present their own findings and to donate some 'developments time' :-)

    Corto Maltese, April 2002



    [advanced]   [noanon]   [proxies]

    (c) III Millennium: [fravia+] , all rights reserved and reversed