The Official Totse Army Raid Guide
The "Totse Army" does not actually exist. It is a purely fictional entity .
The Official Totse Raid Guide
Written/Compiled by: Paco
Disclaimer:
Neither totse.info nor the author of this e-book will be held responsible for the actions of those who might attempt to use or misuse this information. The information provided is strictly for educational and entertainment purposes only.
Table Of Contents
Chapter 1. What is Raiding?
Chapter 2. What Is The "Totse Army"?
Chapter 3. Staying Anonymous.
Chapter 4. D0xing for Dummies - A Guide to Gathering Dox
Chapter 5. General Ideas Behind Website Attacks
Chapter 6: Social Engineering
Chapter 7: SQL Injections
Chapter 1:
What is Raiding?
So what is "Raiding" anyway?The Official Totse Raid Guide
Written/Compiled by: Paco
Disclaimer:
Neither totse.info nor the author of this e-book will be held responsible for the actions of those who might attempt to use or misuse this information. The information provided is strictly for educational and entertainment purposes only.
Table Of Contents
Chapter 1. What is Raiding?
Chapter 2. What Is The "Totse Army"?
Chapter 3. Staying Anonymous.
Chapter 4. D0xing for Dummies - A Guide to Gathering Dox
Chapter 5. General Ideas Behind Website Attacks
Chapter 6: Social Engineering
Chapter 7: SQL Injections
Chapter 1:
What is Raiding?
Raiding, in layman's terms, is pretty much just raising hell somewhere for entertainment, or possibly personal gain. The raiding that the Totse Army does is almost all internet raiding, which is also almost always for our personal entertainment. However there may be a few opportunities in which raiding may be used IRL for personal-ish gain, such as An IRL "Raid" for advertising Totse, in which a large number of members would set up a certain day where they would all stencil some street art, throw up some stickers, desecrate a dead corpse ( just kidding) or maybe even hack a street sign, all in the name of Totse.info advertising.
However, all the information in this guide/e-book is about raiding on teh internets, our main target.
How does I raid??
The basics of raiding are pretty much this:
1. Find a site/forum whose beliefs we disagree with and/or are borderline retarded.
2. Begin Planning to attack said site.
3a. If it is a small, stupid attack, begin spamming said site/forum with obscene shock images and the like until everyone is banned and lulz have been had. If not, refer to:
3b. Begin searching for exploits and things of the like, once a plan has been made, set up Macros or have many dedicated army grunts spam the shit out of the site to serve as a distraction, While the spam is going on, the mods/admins will most likely think that it is just a spam attack and focus all of their time and manpower on banning these spammers.
4. While the spamming is going on and the site staff are busy, begin working on exploits in the site such as hacking the admin panel, etc.
5. Let your mind run free, with access to the admin panel you could delete all the users, delete all forum posts, etc. etc.
6. ????
7. Profit.
Chapter 2:
What is the "Totse Army"?
So many of you may or may not be asking yourselves, "What is the Totse Army?" Well, from what I have read on the Totse Forums, the orgin of the Totse Army isn't 100% clear. There have been quite a few different "armies" or "militias" on totse but no one quite knows for certain if any of them were the "official" Totse Army. On the original 'totse.com' you could be banned for even mentioning the Totse Army, mostly because of one raid they did on a sire called LOTRPlaza.com. The admin from the site discovered what was going on and one of the members kept logs of the chat. Later on the army decided to raid 'LovelyLivTyler.com' with shock images and the like. Eventually Jeff Hunter found out about it and laid the banhammer down on most of the raiders.
The most notable attack from the old army is definitely the battle of Bill Keller.
Bill Keller was a preacher who had a show where he would allow people to call in and talk with them. The Totse Army spammed the show with calls in which they harassed him, asked him anti-religious questions, etc. Eventually he found out that the attack came from totse.com where he contacted 'warweed' on of the moderators at the time. Luckily warweed talked Bill Keller out of pursuing any legal action and we never heard of it again.
What is the Totse Army today?
The new, and current Totse Army is the rebirth of the old force lead by totse.info user 'Paco'. The new army is based from 'totse.info', the reincarnated 'totse.com' and hopes to become and even more powerful force than its predecessor.
The Totse Army aims to become a powerful and efficient raiding force on the internet. In order to achieve this goal we must recruit members who hopefully have great internet knowledge who can complete useful tasked such as finding exploits or hacking webpages. We must also stay organized, in the past attacks from the army, people just spammed shock images and things like that until everyone was banned or they got bored. This plan of attack is generally pointless, ineffective and just plain stupid. In the future, we aim to plan out organized, complicated attacks where we could provide maximum lulz, the most win and do the most damage. Of course a large majority of out attacks will be for our own personal entertainment and lulz but in the future we can use our attacks to fulfill revenge, take out other sites or anything else we need to do.
Chapter 3:
Staying Anonymous.
Using Tor:
Now most of you will know about tor, if you don't then I recommend reading this site;
http://www.torproject.org/
The thing is you can't just download it, let it run and expect to be as anonymous as you think. yes Tor selects the best routers of its own, but if you actually check you'll find that alot of them are in the US and Germany. If you have 3, hell even 2 nodes from the same country and range then the traffic is easily correlated; also the exit nodes are not encrypted and the entry node knows your IP, so imagine how easy it would be for them if they were in the same country.
To make sure you don't get a bad circuit you want to edit the torrc file.
Not all nodes are always available so you'll have to keep checking to see which ones are available.
https://torstat.xenobite.eu/
(and the link whilst using Tor: http://eodys67qpzyvyxm5.onion/torstat/)
Or you can check them in the view network window if you use vidalia.
Also this link lists all of the suspicious nodes that have been blacklisted by Tor as stings, I'll explain what to do with this later.
http://en.linuxreviews.org/Bad_Tor_exit_servers
Now on with choosing the nodes.
The first nodes you choose will be the entry nodes, choose fast ones; if you're using vidalia (which I recommend) then you can see their speeds in the view network window, you can sort them by speed. Choose fast nodes that are in a foreign country (you actually never want to use any node that is in your origin country anywhere in your circuit).
EntryNodes node1,node2,etc
Now you want to specify only the nodes you wrote above will be used or Tor will use other nodes if yours are down.
Do this by adding this line to your file;
StrictEntryNodes 1
Now you'll want to choose your exit nodes. I recommend choosing Russian, Ukrainian or Japanese nodes if you can get any, they are unlikely to be interested in what you're doing. I recommend staying away from Nigerian nodes, as while they won't give a fuck about what you're doing they will be sniffing for passwords and login details. Too choose your nodes add this line;
ExitNodes node3,node4,etc
Like with entry nodes, specify to only use these ones you've chosen.
StrictExitNodes 1
Now we want to add the nodes that we never want to be used in a circuit; these will include nodes from your own country, unnamed nodes and any that are acting suspiciously. There are plenty of Tor forums out there on the entwork that discuss these type of nodes as well, so keep an eye out.
ExcludeNodes node5,node6,etc
Note that the node1,node2 etc should be changed to the actual names of your nodes. I know most of you would know this, but there are some idiots who would just c/p everything from this into their file.
Going back to what I said earlier about the entry and exit nodes being in the same country; make sure they're not.
You can't choose middle nodes, so just be careful and keep any eye ou. The middle node doesn't know who you are or what you're doing though.
Once the file is edited and saved, restart Tor so the changes work. Go and check that your IP is changed
(http://www.ip-adress.com/ip_tracer/).
If it still uses unwanted nodes then delete the router-cache and restart Tor.
C:\Documents and Settings\loginname\Application Data\Tor\
Delete the cached-status, cached-routers and cached-routers.new files.
Always be on the look out to see if your nodes are still up and which ones are available. Like with your proxies, you should change them regularly.
If you're still paranoid and want that great deniabilty factor in your favour (comes in great handy when downloading Certain Pornographic content) then run your own exit node.
http://en.linuxreviews.org/HOWTO_setup_a_Tor-server
Also coming for great deniability is truecrypt, and of course flash drives which can be disposed of or hidden easily. I'll go into them at another time though.
I will also say, like with other proxies, it will be wise to disable javascript and flash, or you could torrify them with the help of proxifier; but I won't go into that, I recommend just disabling them.
Tor is useless if you are logging into something that's linked to you in ayway, shape or form from the same nodes; unless the account was created on Tor itself.
If you want advice on settng up such applications like IRC and instant messengers through Tor then check this out
http://www.hermann-uwe.de/blog/howto...-some-pitfalls
In most cases it's just about redirecting it to go through the port tor uses (9050)
Server: 127.0.0.1
Port: 8118
socks 5 / server: localhost port: 9050
It's pretty simple.
Chapter 4:
D0xing for Dummies - A Guide to Gathering Dox
Originally Written by Trx100 from totse.info/bbs
Firstly, I'd just like to say that this can be improved. Ill write it as well as I can though.
So, for whatever reason you may have, you find yourself needing to get some personal information on somebody. But how do you go about doing it?
Firstly, you need to use the information you already have. If this is someone you know IRL, then you will have a name. However, if this is someone you know on the internet, then you will most likely have a USERNAME to go by. This is your starter.
Usernames
With the internet being a thing used by almost everybody in today's world, a LOT of people have accounts on websites/forums which require a username. To keep things simple, a hell of a lot of people use the same username for every website they sign up to. This however, makes our job easier as well. The first thing I usually do when collecting someone's info is to enter their username into a search engine. The following is a list of the one's which I find the most helpful.
http://www.google.com
http://www.pipl.com - Highly recommended!
http://www.zuula.com
So, your search should have brought up a whole bunch of shit related to that username. This should, hopefully, be the workings of that particular person on the internet. It is up to you to sift through the information that you find. Remember, you are looking for ANYTHING of interest, including the following;
- Name
- General Location
- Contact details of any kind (MSN, AIM, Email address, phone number, house number)
- Social networking sites
What should I do with the basic information?
Well, you use it to find MORE information, of course! This is how you get the ball rolling, and you will be on your way to gathering more and more information. Simply rinse and repeat the previous method of gathering information - By searching the internet for it.
You soon should find that you are building up a little document (Seriously, save it in a txt file) of information, which all slots together.
How can I get an address from this?
Getting an address couldn't be easier, with the help of Whitepages (US), or BT residential (UK), AS LONG AS YOUR SUBJECT IS ACTUALLY IN THE DIRECTORY. You will need to know the general location of your subject, and their surname. A full name of the house owner sometimes helps by a metric shit ton, as many people with the same name can live in a certain area.
So, simply enter the details, and let the internet do the rest. It should bring up an exact address, complete with phone number and everything.
How does Doxing apply to raids?
D0xing can be used in Raids as blackmail against users, mods or admins or it can be used to just leak PI for lulz. It all depends on the specific raid.
Chapter 5:
General Ideas Behind Website Attacks
Also Originally Written by Trx100 from totse.info/bbs
In order for attacks to succeed in any situation, they need to have a certain amount of structure and organization. Everyone should have a role to perform, and they should also know what others are doing during the attack. Once the perfect level of coordination has been achieved, attacks will become much easier and way more efficient. Want to know how other groups attack websites properly? Then listen up...
General Attack Order
• Proposed attack, with a good reason to get everyone motivated.
• Protection - Proxy up!
• Information gathering or Attack template
• Coordination - Meet in IRC to discuss which roles are needed based on your strategies and obtained information.
• Assign roles to attackers for a more effective raid.
• Time planning - are you all attacking at once, or in stages?
• Once everything is established, start attacking!
Ettiquette
First things first, I'm going to mention the Etiquette involved when making attacks. Attack groups don't want people to go in all guns blazing, spewing their name everywhere and fagging shit up for the rest of them. Be considerate, be professional.
Anonymity
Taking extra steps to anonymity is fairly easy to do. Firstly, I have to stress that you must protect the Totse name if you decide to read this and try an attack a website. Don't be a douche and mention it anywhere during an attack - no linking back to us, no URL spam, no nothing. We don't want to be associated with any of that crap.
Make use of http://anonym.to/ - It's an anonymous linking service which will stop website referrers from appearing on server logs as a website which has linked to the targeted website. For more information on this one, read this thread.
Use a proxy chain - Attackers must also find a way of protecting themselves. They use proxy servers to mask their true IP address, and use a chain of them for better protection. I'm sure we all know how to use a proxy service whether it's a web-proxy, SOCKS or even TOR. For extra anonymity, attackers may consider connecting their laptop to someone else's WiFi access point with a spoofed MAC address
Use Noscript/flashblock - Remember that even when using a proxy server, Flash/Java objects can still give away your true IP address. Attackers eliminate this problem by blocking them altogether with a tool such as Noscript or Flashblock
Using IRC
IRC is a fantastic way of getting in a real-time chat with the rest of your comrades, and gives raiders a much more effective way of organizing and discussing things.
Establishing Roles
I mentioned earlier that certain people would need certain roles depending on the website that's being attacked and the strategies which will be used during the attack. Before attacking, everyone takes on the reconnaissance role where information and dox are gathered. However, once this is all completed and positions are ready to be assigned, the following are a good example of a few that could be used. Attack groups need people who can;
• Gather information and dox
• PsyOps - Nothings better than an inside man
• Find and exploit vulnerabilities - PHP/SQLi/Cookie Stealing/Vulnerable Ports/Vulnerable server OS, etc etc etc.
• Break into Cpanels and admin territory.
• DDoS attack - Gay, but still an idea.
• Spam - Also gay, but could provide a distraction for people doing other things.
Automated Tools + Botnets
I put this one right at the bottom as it's probably anybodies least favorite thing to do during an attack, but if it comes down to needing to spam/DDoS then some firepower is needed. To start with, take these tools into account;
DDoS - LOIC - http://totse.info/bbs/showthread.php?t=5683
iMacros - Spam - http://addons.mozilla.org/en-us/fire...s-for-firefox/
Also, I mentioned botnets because in order to do some serious damage, you'd either need a shit load of dedication or a massive network of zombie computers.
Chapter 6:
Social Engineering
What is Social Engineering?
Social engineering is the act of manipulating people into performing actions or divulging confidential information, rather than by breaking in or using technical cracking techniques.[1] While similar to a confidence trick or simple fraud, the term typically applies to trickery or deception for the purpose of information gathering, fraud, or computer system access; in most cases the attacker never comes face-to-face with the victim. (from Wikipedia.)
So How can we use this during Raids?
Well a very large marjority of internet users are very lazy or forgetful, thus giving them all one big weakness. The primary weakness is that many users often repeat the use of one simple password on every account, this makes our job much easier. Using the information you learned before in Chapter 4 about d0xing, you can hopefully find the facebook page of some users of the website we plan on attacking. Using some pretty good Social Engineering skills, one may be able to obtain one of their passwords, which, with some luck, may also be the password they used on the website, thus allowing us to log in as them and have some control.
Social Engineering can be a very complicated thing but can also be very useful if executed correctly. To learn more about social engineering you can download the RAR I posted in this thread which contains a large amount of books all about Social Engineering.
http://totse.info/bbs/showthread.php?t=426
Chapter 7:
SQL Injections
SQL Injections
What is a SQL injection?
In the magic world of the internet, websites have to deal with large amounts of data. This can become a confusing mess of information that relates to other information that relates to other information. For example: passwords that relate to user names etc. Website admins deal with this by the use of a relational database management system (RDMS). The most popular of systems used is a 'SQL database' (Structured Query Language, pronounced like 'sequel'). The most popular of these management systems is 'Oracle DBMS' and Microsoft's 'SQL Server'. But don't worry SQL is an internationally standardised language, so all SQL query syntax is the same across all systems. To get to know how SQL databases work, create your own by using Microsoft's free SQL server and Visual C++/C# express editions at: Microsoft Express Editions
Great, right? But what is a SQL injection? Well, when you are supposedly inputing data like your user name and password, they sometimes get put directly into a SQL database. However, some lazy programmers won't check for a valid input. This is where you can type (or inject) SQL commands into the database that execute and control that database. This can include deleting tables or simply returning information.
Where should you do SQL injections? Wherever you have permission. Seriously, DO NOT TRY TO 'HACK' WEBSITES WITHOUT PERMISSION.
On a less serious note. The latest version of ASP.NET and IIS7 has an automatic input validation control. So before any input is put into the database it is checked for any SQL commands and stopped unless specified otherwise by the programmer. So avoid websites if their URL's end in '.asp/x'. You are much more likely to be able to find a flaw in a site written in other server side languages like 'PHP'. To check for this, just click around and see if any URL's end with '.php'.
SQL Commands
This article is long enough, learn all commands and what they do at: http://www.sqlcommands.net/
Let's Get Started!
Unless you have your own site, written in PHP, head on over to: http://www.hackthissite.org/missions/realistic/4/. You may have to get a free account. This is a safe, legal place to practice SQL injections.
1. Firstly, get some information about the database. For this you're going to have to find a form that puts something in that database. Surprisingly, on the main page there is a form that puts your email into a table. We are going to try a general comment in SQL, '.
2. Entering ' or # returns a error. Unfortunately it looks like they have employed an input validation (so something like ' or 1=1-- for login forms wont work here). Fortunately, they tell you what it failed to do. "Error inserting into table "email"! Email not valid! Please contact an administrator of Fischer's" This tells you the table that stores the email string is called 'email'. Of course, you could always guess the table name of an uncreative programmer's database.
3. Now we need to find where it is stored in the database. Click on the fur coats link. We are going to use the 'ORDER BY' statement to find just how big the email table is.
After the URL, type:ORDER BY 1--; The URL should now be:
"http://www.hackthissite.org/missions/realistic/4/products.php?category=1ORDER BY 1--;"
Notice there is no space between 1 and order.
Press enter. NO ERROR? This is telling us that there is the first column to our database table.
Keep incrementing the integer at the end by 1 until:
"http://www.hackthissite.org/missions/realistic/4/products.php?category=1ORDER BY 5--;"
Looks like we got an error. This has told us that we have 4 columns, as this is the last integer that didn't return an error.
4. Great. Now we got our number of columns and the name of the table, we can start the injection. Type after the URL:
"UNION ALL SELECT *,*,*,* FROM email;"
The URL is now:
"http://www.hackthissite.org/missions/realistic/4/products.php?category=1UNION ALL SELECT *,*,*,* FROM email;"
Notice there is no space between 1 and UNION.
What this command actually does:
UNION: This merges the result of two or more SELECT queries into 1 result
SELECT: This selects the data from the table and returns it.
*,*,*,*: These represent what to return from each column.
In programming, * is the standard 'wild card' symbol. This can be used to select all fields in a column. If you don't want to see all that info, try replacing *,*,*,* with NULL,*,*,* or NULL,NULL,*,NULL. Null returns nothing. As long as there are 4 total columns it will return different information. NULL, NULL, *, NULL returns just the emails as this 3rd column where the actual email string is stored.
FROM email: This gets the data from the specified table, and this is why we had to know what the table was called.
You should see a list below the original page content of all the emails in the database.
Congrats, you've completed your first and LEGAL SQL injection.
Conclusion:
The "Totse Army" does not actually exist. It is a purely fictional entity and should never actually be created.
But if this fictional "Army" were to actually exist:
The Totse Army would ONLY communicate through IRC.
Any army conversation would have to be done in the official secret Army channel, The channel would be invite only so in order to get in you must be invited by an OP of the channel.
The official server for Totse and the fictional "Totse Army":
irc.totse.info
Public Channel:
#totse
Be sure to frequent the forums.
www.totse.info/bbs
But if this fictional "Army" were to actually exist:
The Totse Army would ONLY communicate through IRC.
Any army conversation would have to be done in the official secret Army channel, The channel would be invite only so in order to get in you must be invited by an OP of the channel.
The official server for Totse and the fictional "Totse Army":
irc.totse.info
Public Channel:
#totse
Be sure to frequent the forums.
www.totse.info/bbs
Ebook Download Link: http://dl.dropbox.com/u/30996330/The%20Official%20Totse%20Raid%20Guide.pdf
Comments
The raid guide was always meant to be an e-book that one had to download to read but after thinking about it I'm thinking of just posting the whole thing here instead and having a DL link at the bottom just in case someone wants a hard copy.
Thoughts?
Done.
http://www.totse.info/bbs/showthread.php?t=290
It's seriously amazing. Not skiddie in the slightest.
Good point although most of the methods have been published elsewhere in different forms and haven't lost their potency so I doubt that's a big issue.
Good read Paco, I've been waiting to see this since you started doing your research on the Totse army a while back.
Yea, It would suck if this group actually existed. Luckily, this is just a fictional work I put together in order to practice my Creative Writing abilities.