From Hack Story

Revision as of 22:44, 8 March 2013 by WikiSysop (Talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
Staff Zap (Under Construction)black.jpg



What is the scene?

The Scene The scene aka the warez scene is the pretty unknown worldwide network where people trade pirated goods, like dvd's, movies, games, applications etc. Warez refers primarily to copyrighted material traded in violation of its copyright license. It does not refer to commercial for-profit software counterfeiting. First warez is released by releasegroups, groups which are specialized in publishing warez. They copy a dvd or break the security of game, and will make it available for other people, as a so-called release. When these releasegroups finish a release it will be uploaded to sites. These sites are very fast private ftp-servers, and the first stadium in the distribution of a release. Eventually, at the end of the distribution, the releases are available for everyone on p2p-software.

The speed of this worldwide network is enormous. Within minutes a release can be copied to hundreds of other sites. Within an hour, it's available on thousands of sites and fxp boards.

Within a day or two it's available on newsgroups, irc and in the end, on p2p-software. It's not all one big happy family. The warez scene consists of certain groups/layers. At the top we have the releasegroups and the topsites. These groups are the scene core. The other groups officially are not a part of the scene. Though most people consist them as a part of the scene. Read more about the scene hierarchy here..

The scene isn't just a distribution network, it's far more than that. There are the scene rules which are there to guarantee good quality releases. If not, a release will be nuked. This means it will be marked as bad. Nuked releases are not spread well and the releasegroup will get a bad status. More about how the scene works, and the scene system, click here.

Security is an important issue in the scene. Since their activities are illegal the sceners have to secure themselves, to be safe from the anti-piracy organisations (such as the feds, national anti-piracy organisations, etc) and avoid being caught in a takedown.

The scene is build up in a certain hierarchy. To explain the structure of this, here is a global overview of the piracy food chain. Not all these 'layers' are considered as a part of the scene by everyone. The anti piracy organizations and most of the other parties which are not in the scene themself, do consider all these groups to the scene. Though they are not a part of the scene. In fact, the releasegroups and the people on the topsites hate these other groups. The reason for this is that fxp boards, irc traders but mostly peer to peer users bring the scene in danger. The sceners (people from the scene) want to keep the releases for a limited amount of people. Since everyone who knows how to use a computer knows how to user p2p-software, everyone would be able to download releases. This causes big losses for record labels, movie producers etc, what leads to the anti-piracy organisations, police/fbi-attention etc. On their turn, this brings the sceners in danger, so that's why they dissaprove these groups. FXP boards consider themselves in the scene. Irc-traders and newsgroups might now even know about the scene, and p2p-users defently don't know about the scene.

Here is the hierarchy:

Releasegroups - Groups of people who release the warez into the scene. Often linked with Site Traders.

Topsites - Very fast FTP servers with people who trade the releases from the above groups to other (top)sites.
FXP Boards - People who scan/hack/fill vulnerable computers with warez.
IRC Trading - Users of IRC who download from "XDCC Bots" or "Fserves".
Newsgroups - People who download from alt.binaries newsgroups.
Peer-To-Peer - Users of p2p (peer-to-peer) programs like KaZaA but also BitTorrent who share with eachother.

FXP Boards

FXP is the File eXchange Protocol. It isn't an actual protocol, just a method of transfer making use of a vulnerability in FTP. It allows the transfer of files between two FTP servers. Rather than client-to-server, the tranfer becomes server to server. The fxp'er just gives a command to 1 server to send files to the other server. FXP usually allows very fast transfer speeds although it totally depends on the connection of the servers. Still it's ussually faster since the hackers are able to hack very fast servers. The fxp boards layer in the piracy food chain is quite unknown and therefore rather safe. Though the hacker's activities are very illegal, and therefore dangerous. Security is important. The members are ussually a lot smarter than irc-traders/p2p-users and have a greater knowledge about computers and internet.

The boards usually run a vBulletin forum with custom hacks. The boards ussually don't work with a credit system. Though the admins do an user cleanup once in a while. The board's members consist of scanners, hackers, and fillers. They each have their own tasks:

The Scanner

The Scanner's job is to scan IP ranges where fast internet connection are knwon to lie (usually universities, company's, etc.) for vulnerable computers. We're talking brute forcing passwords from programs, or scanning on ports for certain programs which contain a bug. The scanner will oftten use slow previously hacked computers for his scanning (known as scanstro's), using remote scan programs. Once the scanner has gotten his results, he'll run post this at the board. This is where the Hacker" comes into play.

The Hacker

HackingHackers are the people who break into computers. There are many easy-to-exploit vulnerabilities. Hackers get in to a computer using an exploit to get in via a program's bug. An exploit is a script which uses the bug to get in the pc. The program/exploit he uses (of course) depends upon the vulnerability the scanner has scanned for.When in, the hacker runs his rootkit (a modified version of Serv-U ussually). This rootkit is the server where other people can download from. Most likely he will also install remote administrator software (ussually Radmin), so he can get in to the computer easily. Once the server is installed and working he'll post the admin logindata to the FTP server on his FXP board. Depending on the speed of the compromised computer's (aka pubstro or stro) internet connection and the hard drive space, it will be used either by a filler or a scanner.

The Filler

Filler Now if the pubstro is fast enough and has enough hard drive space, it's the filler's job to get to work filling it with the latest warez. The filler gets his warez from other ftp servers hacked/filled by other people. Fillers sometimes have site access, and fxp releases from there to their pubstro. These people who are in sites and in fxp boards are considered corrupt, and if other sceners find out, they will be scenebanned (banned from all his sites). Though it is said that it happens quite often. Once he's done fxp'ing his warez, the filler goes back to the board and posts leech logins for one and all to use. Fillers (with site access) all try to post a release the first. It's kinda like a race, who ever wins it get the most credit. The speed of these pubstro's depend on how fast the pc is they hacked. Though the hackers from these fxp-boards are rather good, and are able to hack 100mbit's.


Pubbing is not so important anymore nowadays. This scan/hack/fill methodes are from the old days when many university and business ftp servers had write access enabled on anonymous ftp-servers. So instead of break ing into a computer, they would just upload their warez and give the IP address to their friends. This was very popular but died out for obvious reasons. It works like this; there is someone who scans for ftp servers with anonymous logins with write-access. Once found a pub would be tagged (a folder with the name "tagged.by.name"). The idea was that if a pub was already "tagged" other pubbers would leave it alone. This apparently worked for a while, with people respecting other people's tags and leaving the pubs alone. But it certainly hasn't worked for a very long time.

A method against retagging is dir locking. This is used in pubbing to stop people which are not allowed to get into the directory of the tagger (and slowing the server down). There are a couple or dir locking tricks. The first and easiest is to make a maze. When you make a maze you just make a lot directories and other people would never know in what map your stuff is since you would have to try them all out. Second is UNIX tagging. That's about a the magical character, the ÿ (alt+0255) which is an escape character on UNIX machines. When give a directory a name containing that character, the name will be displayed different then when you typed. The creator can get in by typing in the original name. Last is dir locking NT systems. More about this and other dir locking here.

Retrieved from "https://hackstory.net/FxP"
Hackstory.es - La historia nunca contada del underground hacker en la Península Ibérica.