~ Classrooms ~
         Petit image    Third
Updated in November 2001
This is the second part of the third classroom, you'll find the first part [here].

I have invited here as teacher ~S~ Giglio, a master searcher I have met on my old messageboards. Just read the text below, where he goes to great lengths in order to explain the various techniques used in order to find "hidden" images on the web, and I'm sure you'll understand and enjoy...

This essay, ported from private emails, is NOT intended for minors. I have esitated before publishing this (this is a site for advanced searching, not for porno-searchers) since part of my activity is directed [against] the web-swamping porn-sites. On the other hand, Giglio is probably right: many zombies will land on this lab (because of the tricks he used: see code in both parts of this essay :-) and some of them may even "grow up" and begin to see some "knowledge light"... therefore: why not? Seekers shold not be surprised, nor scared when confronted during their errands with some weird aspects of human life...
Third classroom
The Zen of porn-images searching
Redheaded goddesses, Part 2 by ~S~ Giglio:

Heavily edited by fravia+

Search engines and cleaning mess

There are 3 search engines which are particularly apt for porn-images searching: YAHOO, which is always good if you're looking for a company or a general topic, such as Fetish or BDSM: you will be given a bunch of different places to choose from. Yahoo is also good for browsing, because you can start with their main categories, click on a topic that interests you, and look at the lists of websites.
ALTAVISTA is good if you're looking for something very specific such as "hogtied", "babes", "nipple clamps" or "suspended." It is also fairly good for porn-stalking (starlets name searching, as you have seen in the previous part of this lab, that is a very good way to find sites).
HOTBOT is good if you're looking for an exact phrase or exact name, such as "bound and gagged", "damsel in distress", or "Darla Crane". Use Hotbot's "exact phrase" option.
Remember also that both Altavista and hotbot are quite useful in order to find - and study - perl scripts like check.pl or pass.pl.
Another 'classical' approach is to use [main], [regional] or [local] search engines to look for eventual bingos like members/main.html, subscribers/main.html, members-area/main.html, thumbs/main.html, private/main.html and so on, you get the idea, eventually alternating index.html, index.htm and index.shtml just in case...
Do not gorget to change your browser settings and options. Set it to refuse cookies and warn you whenever information is being asked of your computer. generally it is a very good idea to use the Proxonomitron or another "home-made proxie" between you and your targets. A good [firewall] will help you not only for tracking down 'unwanted' accesses and 'weird' requests, but also to 'sniff' some hidden subdirectories once you'r perusing your target :-)
Always browse with the [Opera] browser and with its 'images' switch set to OFF (because many site will just annoy you with irrelevant commercial images and useless 'disclaimer' pages). You'll set back the 'images on' selectively only once you have hit paydirt - i.e. you found a site with a lot of working thumbnails.
Remember that in Opera the "toggle document settings" window can be pretty useful as well, in order to avoid annoying background crap.
If you're extra-paranoid, either use a free proxy on your own or else go online with an anonymizer. Set your homepage at Iproxy or Anonymizer or another free anonymizer.  Iproxy will provide you with guarded surfing: they ask for your info, but the only data you need to give which should be not bogus consist in a working email address, and by now, if you found this site, you should already have learned how to create them and have at least half a dozen bogus emailaddresses :-)
  Iproxy makes it nearly impossible for websites to know who the heck you are, which is very good.

Another possibility is to use a good credit-card numbers generator to snatch access to paying web-depots. This could eventually be illegal in some 'commercially bigot' countries, in that case do it through a proxy situated in a country where creditcard counterfeiting in order to screw commercial porn-sites is either legal - and encouraged - or not yet legislated upon :-)
Be warned: there are VERY FEW pay sites that really have good images, you are generally BETTER served with usenet for freeor with free sites, where real amateurs will already have collected all the available images of the web for their 'genre'.
Anyway, once you have gained access to a pay site, either through a faked credit card number, or using wwwhack or another guess-the-password utility, first thing you should do is to post all possible backdoors into the main search engines. If you have not the time to do it, just publish them on usenet, someone else will put them on the search engines. Once you have put the whole subdirectory structure of a pay porn site on the search engines, everyone will be able to have access there until they decide to change all names - which is a big hassle :-)

Empty your caches each time you finish surfing. You better, once more, use Opera or Navigator, since Iexplorer is a real hassle to empty.
When you're done surfing each day, finish on an innocuous page.  Then, at the top of your browser, select Preferences ~ cache ~ empty now (for Opera) or open Options ~ Network Preferences, and clear both of your caches. In Opera you may check through Window ~ Special window ~ Cache.
Then go to your RecycleBin/TrashCan and completely empty it. Clear your History list as well.  Select Edit, Preferences, Navigator and click "Clear History". Clear your pull-down list (it's an option of the white URL box near the top of your screen).  To clear the pull-down list, close all Netscape windows. Using Ultraedit, or at least Notepad (click Start button, select Programs/Accessories/Notepad), open this file: c:\Program Files\Netscape\users\your_name\prefs.js Look for the lines that begin user_pref ("browser.url_history.URL) You'll probably recognize the URLs (web addresses) that you visited in the rest of each line. Delete these lines and save the file. Restart Netscape and verify that they've disappeared from the Location box pull-down list. Because of the hassle of clearing the pull-down list, it's best to avoid putting stuff there in the first place. When you enter a URL by hand, don't type it directly into the Location box. Select File, Open Page (or hit CTL-O) and type the URL into the pop-up box. When you do it this way, the URL won't go into the pulldown list. Clear your Documents off your Start Menu when you finish surfing.   Click your Start button, then select Settings/Taskbar/Start Menu Programs, and clear your documents menu.  (If you use Norton, also consider deleting all "protected files.") Now all the websites that you visited are no longer accessible from the main menus... in case you're worried that your family / beloved one / co-workers are going to dig into your browser later.
Back to porn-images searching... there are some RULES that applies to newsgroups images, rules that you should be aware of: For instance visit the ["In Smut We Trust"] people? (note: you'll find this only on Google cached pages nowadays...) Read their faq, and you'll know everything about decoding and downloading images from usenet.
Here some of their rules about 'respecting' porn-images when posting on the newsgroups alt.fan.pst and alt.fan.pst.d:

"Do not rename pictures. This is also VERY important. When reposting someone else's scanned images leave the original name of the picture intact. Many people find renaming pictures easier to sort and catalog for there own personal use. However, a problem arises when you decide you want to repost these images. All of a sudden you have people flaming you left and right because they spent time downloading images that they already have under another (the original) name. Once again, PLEASE do not rename pictures (See exceptiosn below, though).
This also applies to resampling or resaving an image to lower the byte count as well as to cropping. These actions greatly lower the quality of the image - other bane of posters and collectors everywhere. Please retain the original file size and dimensions of the images you download.

There are some exceptions to renaming, of course. For instance, if you happen to change the image to enhance it (either by fiddling with the gamma or color levels) or do some mending of the image due to a damaged source (i.e.: the magazine the image was scanned from was torn) then you could add, for example, an "e" for enhanced - or use some other form of renaming like adding a "b" after the original title to indicate the second of the two almost identical images. In actuality you aren't really renaming the file, you are creating a new file from the image and naming it - the original file still retains its original name. Also, if your system does not support long filenames you will probably be forced to rename certain pictures. Most posters stick to the standard 8 character filenames, but some like to take advantage of long filenames to fully describe the file (I've seen filenames in this newsgroup with over 20 characters). Generally, the 8 character filename should be suitable for most titles

In my opinion, however, the RULE number one should be quite different: as soon as anyone taps a 'hidden' databases of images (breaking into a server, or by sheer luck, or however he managed it) he should not only publish them on usenet (which is a good idea: they will thus go forth and multiply) but also -most important- he should ADD the new found subdirectory structure to a good search engine (like hotbot, altavista or google)... thattaway any half-capable searcher will be able to find all the necessary angles for ever and ever...

Another very useful search engine is the [altavista images] search mask, check of course that their silly "family filter" is set to off before using it.
Try - for instance - a search for bigboob* and you'll see how this works.
You should by all means try the "similar" option that you can find on some images. Notice how the algorithm works... to understand it well, try a search for redhair*, find the photo of Shirley Manson (garbage singer) - on the last page probably - and click onto "similar". Ahah! Now we have more than hundred images, most of them about redhaired women, Q.E.D.

omen searching

And now we come to a nice and useful approach, that I have decide to call 'omen' searching. As manyfold stated by fravia et alia, on the web names are everything. Since names are so important, did you ever come to the idea of searching for them? As we have seen in the 'starlets' querries, above, this brings always great rewards, so, what about using THOSE VERY NAMES THAT CORRESPOND TO YOUR VERY FANTASIES? Let's try it right now... :-)
Let's search for: As you can see, there's absolutely no limit to your personal 'omen' searchstrings, there's also no reason whatsoever you should confine yourself to the english language... quite the contrary :-)
Usenet findings

Let's now go back to what we said at the beginning of this "lesson", d'you remember my words? "USENET newsgroups! Of course! How underestimated! And how silly to underestimate them... this is a sort of combing: as soon as a backdoor is discovered, a lot of good souls are going to post the images they have found on usenet. So you will get EVERYTHING you may want for free, served at once on a silver plate.".

Yes, yes, but how do you exactly proceed?
I'll show you here the 'most quick' way, short of using a special made own bot.
First of all you visit http://pub.pictu review.com/groupindex.html. Pictureview is an IMAGE INDEX of USENET. As you'll see using its "Free Demonstration Archive", you can see the sheer amount of images posted every day on Usenet in useful thumbnails (reduced size images, useful to decide if it is worth downloading or not).
Now, unfortunately, groupindex is a 'pay service' that will allow lusers to access the wealth of usenet images if they are ready to pay 8 dollars per month: Users of the free demo may look at index pages and search the archive, but can not look at or download the full-size pictures.
Let's have a look at how it work:
First of all, http://pub.pictu review.com/groupindex.html is interesting enough because it will tell you which usenet groups are available, how many "total pictures" they carry and how many have been posetd in the same day you are visiting.
Now let's have a look at the URL coding:

http://pub.pictureview.com/dyx-pv/d-3B2UEM/i-E1OH/index1.html = alt.binaries.erotica.pictures.redheads, july 02, page 1
http://pub.pictureview.com/dyx-pv/d-3B2UEC/i-E1OH/index1.html = alt.binaries.erotica.pictures.redheads, july 01, page 1
http://pub.pictureview.com/dyx-pv/d-3B2UEC/i-E1OI/index2.html = alt.binaries.erotica.pictures.redheads, july 01, page 2
http://pub.pictureview.com/dyx-pv/d-3B2UEM/i-59MO1/index1.html alt.binaries.pictures.erotica.vintage, Jul 02, page 1
http://pub.pictureview.com/dyx-pv/d-3B2UEM/i-59MO2/index2.html = alt.binaries.pictures.erotica.vintage, Jul 02, page 2
http://pub.pictureview.com/dyx-pv/d-3B2UEM/i-5179D/index1.html = alt.binaries.pictures.erotica.redheads, Jul 02, page 1

Seems simple enough to decode, imo. Now, if from the last page (http://pub.pictureview.com/dyx-pv/d-3B2UEM/i-5179D/index1.html) I want to fetch an image, for instance 1407h024.jpg, I land at
http://www2.pictureview.com/dyx-pv/d-3B2UEM/p-5179Q/1407h024.jpg Where a friendly notice tells me that I have "attempted to enter an area reserved for PictureView members only". As readers of this site should know, the verification process is fairly easy to circumvent.

Anyway this tools is useful EVEN FOR THOSE AMONG YOU THAT DO NOT WANT TO BREAK INTO IT: infact it gives you all the data you need to fetch those images either through your own News reader, or through a service like spaceport< /a> or sub dimension or, even better, through a specialised "email bot" like sonador (see fravia's usenet pages.

What you MUST understand is that everyday on usenet you can find for free more images that you would find (paying) on one of the many porn lusers' sites out there.
Some basic info about uuencoded images and archie searches: By far the most common method of posting files to the pictures newsgroups is the UUENCODE standard. This program, shipped standard with most implementations of UNIX, converts binary files into plain-text ASCII files which can be handled by the mail system. Many posters also divide large posts into multiple parts, since some news software can't cope with big articles. You will need a version of UUDECODE before anything else in order to view anything downloaded from the net. Some news readers have an "extract" capability that greatly simplifies life by automatically decoding articles - this means you don't have to go to the hassle of saving to a file and then decoding. Newer versions of rn, nn, and trn can handle this - check the "man" page or ask your news administrator to find out if you can let your news reader do the work for you!

Remember that you can also use archie to find anonymous ftp archives of Usenet newsgroups. The most well-known Usenet newsgroup archive is probably ftp.uu.net
A very large European anonymous ftp site is nic.funet.fi, which archives Usenet newsgroups and mirrors several foreign specialized ftp servers. Other large European archive sites are mcsun.eu.net and ftp.inria.fr. If you are in Europe, you should look on one of these sites for things you need before trying sites elsewhere.
Archie is now almost defunct... note the "almost", eheh :-) Archie keeps track of the entire contents of a very large number of anonymous ftp sites, and allows you to search for files on those sites using various different kinds of filename searches. Archie also has a software description database - with contents similar to the output of the "whatis" command under Unix - on which you can do keyword searches. . You can access archie at the very few remaining machines in three different ways:
  1. Telnet or rlogin to the machine with username "archie" and no password.
  2. Send mail to archie@machine (e.g. archie@archie.au). Send a message with "help" in the body to find out more.
  3. Use one of the Prospero-based archie clients.
Additionally, it is possible to get files from anonymous FTP sites via e-mail, see fravia's accmail section.

"Free" or "public" Newsservers are getting harder and harder to find (for windoze users), since many commercial bastards are offering usenet access on payment. Yet many offer also an 'introductory" 30-days trial access period, and you can quietly go on for YEARS using these 30-days offers :-)
La va sans dire that you'll feed them only completely bogus data. A possible alternative is also to take advantage of a good credit card numbers generator :-)

Some possible adresses:
But I don't want to transform this lesson in another usenet specific page. Suffice to say that if you are searching for porn-images on the web without using Usenet - or usenet based ftp-repositories - you are a complete fool, as I hope to have demonstrated. As a final question - to chew upon - where do you think all those porn sites have taken the (few) images they are "selling" you?

Last but not least advices

There are of course some interesting sites and rings out there on the deep web...

and you should never forget THE TRICK for finding out unlisted sites on the web (courtesy of fravia+)... [netcraft searching!]

Do not forhet that [Jonathan's trick] can come handy as well to fool SQL servers accessing...

of course this is a work in progress... send your feedback! (gi_glio(at)usa(punkt)net)

Petit image

(c) III Millennium: [fravia+], all rights reserved