Originally Posted by
anon
The truly elite had private tools like Tony Vegas and Sentry, which could solve captchas (of the time) and had more features but were very difficult to obtain if you weren't connected.
Sentry 2.0 by Sentinel was openly available to users, as I remember.
Code:
https://github.com/Rootmarm/sentry-2.0
I had the archived link of the original website (I can't find it to show it to you now). Note that this version didn't have the OCR anti-captcha abilities within it. I used this version for 1.5 years (1.5 is not a typing mistake for 15).
Anyway, Netflix was something that recently took off then, and that was all people could talk about. I vaguely remember buying a Netflix account from someone (who messaged me regarding Netflix) who was selling it for more than half its original price on a porn forum. After building a relationship with the person, he introduced me to Sentry 2.0 and SQL injections to website databases (for combos). Once the cracking forums grew, I joined one (believe it or not, I rose to the level of Co-Administrator from cracking accounts and sharing them with paying members) and then learned about the MBA version. The only problem with the Sentry MBA version modded by Astaris was that it could only simulate 250 bots to do the brute force work. So I kept cracking until I stumbled upon the Sentry MBA version from Leakforums, which was a mod of a mod. This could simulate 2500 bots in place of 250. Anyway enough of the history lesson.
Side note: - The Sentry MBA version (Sentry MBA) modded by Astaris was released publicly (has the OCR anti-captcha abilities) in the year 2012 or 2013 (I think).
Originally Posted by
anon
Using cracked accounts in a commercial setting is like running pirated software; the simplicity and cost-saving are very tempting, but you can get in serious trouble if word ever gets out.
There's litterally nothing I can do as the services I crack are way too expensive (for my employer and me). I surmise that others in my industry must be doing the same thing to keep ROIs at a significantly high level.
Originally Posted by
anon
Then again, I suppose your employer knows that already.
Yes, my employer does know and doesn't care as long as the work gets done, and ROIs are high.
Side note: - The country I come from has more than 51% of the people paying bribes to get their work done. Corruption is high, and no one cares as long as the work gets done.
Originally Posted by
anon
Back in the day, it was Charon vs. ProxyFire since the other checkers sucked. I was on team Charon because it was freeware, had no limitations, did everything I wanted, and worked very well... all of which remains true to this day. Author Rhino retired from the scene and shut down his Web site years ago, but mirrors are available.
I did download a copy of Charon from
Code:
http://proxyprivate.org/program/programproxy/charon.html
. I am waiting for some free time to check whether the copy I have, logs any data.
Originally Posted by
anon
prxjdg.cgi was the first script of this kind, and the one the name "Proxy Judge" comes from. It showed a listing of the request headers it received from you and gave a point-by-point explanation of each along with an anonymity rating. Very educational, but nobody checks proxies one by one using a browser now, so they'll never see it.
Ah, thanks for the clarification. I assumed it was some sort of "Proxy Judge," and what do you know? It turns out it actually is one.
Originally Posted by
anon
azenv.php does the same job, but it's PHP (Perl version also available) and only shows a list of headers with no commentary. Proxy checkers already know their meaning, so the rest is unnecessary.
So to cut things short, the "azenv.php" version is better than "prxjdg.cgi" to self-host?
Originally Posted by
anon
I tried to recall the proxy judges from my youth and added an "S" to the protocol scheme. Surprisingly, all of them worked! If my memory hadn't been as good, I would have instead done a quick search...
Gosh, darn it. Now, why didn't I think of that?
Originally Posted by
anon
...and then filtered and validated results.
You make these "Google Search Operators" easy. I still have a hard time remembering some of these.
Code:
https://support.google.com/websearch/answer/2466433?hl=en
Originally Posted by
anon
A tunnel proxy uses itself another proxy to forward traffic. That exit IP won't be in any lists and usually survives port scans, making these much more stealthy and highly sought-after. Unfortunately, few public or even private ones fall into this category. Charon flags these as "gateway" and gives them a score boost.
Thanks, I now know that Charon and tunnel proxies are something I should replace for my Proxy checker and proxies. Thanks, @anon; your knowledge of these things reminds of "KnowsMore" from the 2018 movie "Ralph Breaks the Internet." Please consider this a compliment and not a sarcasm.
Originally Posted by
anon
As long as you can install a trusted TLS certificate on it, then sure. If you have your own (sub)domain, Let's Encrypt offers those for free after a fairly easy validation process, so there shouldn't be any problems.
My hosting provider has the option of unlimited (sub)domains, so I guess I have to get one now. Never had a reason to register a domain before for personal use.
Originally Posted by
anon
I promise you'll never look at a router's ping/traceroute page the same way again
Now I guess I have no more excuses to keep postponing this research.
Originally Posted by
anon
took action against one of my hacked accounts.
Happens to the accounts I cracked quite often. Usually, when there are more than two people logged in simultaneously with the same account with different IPs. However, I never connect to these cracked services with my real IP. I always use a VPN, so my real IP doesn't get blacklisted. VPN and Proxies are something my employer pays for, as its use involves quite a large portion of our work daily. So this doesn't concern me one bit.
~cloud99
Bookmarks