Blog Archive

Aug 24, 2008

Versions of Download

Blanket SAD
Blanket Sad(what the godamn blog is about)
Is available for download at the following link
(RIGHT CLICK /DOWNLOAD to download)
RIGHT CLICK DOWNLOAD OMNISAD


SAD AIMX
is available at the following link
100% automated includes aim chat/msgr dumps
RIGHT CLICK DOWNLOAD SADAIMX
Posted by at No comments:

Creating new Blanket Modules/Addons

Ok First i have to come by some information i would like to automate. such as a birthdate. people for the most part are honest about their age on myspace, i had an idea for a advanced profiling technique that would allow you to guess their age by their zodiac sign,(and an exploit query for age) this would allow you to guestimate the user in questions age automatically up to within 21 days. what i would do is have it grab and parse the sign and make it a mathmatical equation their age reversed/now - then use sign to -21*. pretty simple shit

I was thinking about writting an "online" board especially for "online" profiling where it would get all last logins of accounts found auto. the problem is not a lot of readily available methods exist. myspace has the "last login" feature wich with even a privated profile cant hide. youtube also has the similar "last online" feature. and the yahoo messnger "online" module also exists. but only if the user is online at the moment (for yahoo) this board would allow for profiling, give sad a multiplatform look, allow graphing and weighing.i'm a bit hesitant as to this could assist a stalker in his ploy.

Adding a automated search results viewer might be cool... maybe go bath with the semi transparent look of pre-sad. would look sick i could imagine.

Could possibly add a "profile" feature allowing for built in profiling with profiles loadable/editable by blanket.
Posted by at No comments:

Blanket Adv-specs/det

Sad (Search and Destroy)
i have coded a redimentary oscar login for S&D to act as a "node" into the aim network. (this is totally legal it's the same as a messenger login to the T)
now what can i achieve with this aim bot?

{complete, all it needs is a dns query addon to prevent server rating/limit}
[B]#Aim Module[/B]
1.Reverse aim and email lookups(cross referencing accounts/find secondary emails).
2.Determine the difference of @aol and @aim.
3.Find if Accounts exist are Locked,Banned,Suspended.

{finished excluding a few more messengers i want to add but complete compiled working stable version created}
[B]#pastebin module[/B]
1. allow for easy info dropping with collaboration with most messengers
2.Allow control of posting parameters. (IE, Day month forver/email/name/)

{65% done just need to add more hueristic/parsing routines}
[B]#myspace deep profiler[/B]
1.allows for a deep analysis of a myspace account
2.Finds last login
3.can sometimes bypass private profiles
4.auto grabs and renders profile picture (in either large or small form you decide)
5. mainly for emails or profile names but will also include a by name lookup
(might add a top freinds grabbing module)

{100% complete working on updates}
#blanket sad
1.uses email service exploits/logins/captcha/Billing/profile/ to find emails
2.finds profiles with (Suck my dick chris) not unlike some 404 method.
3.finds social site accounts on multiple accounts simultaneasly (imhi) by exploits/query/freindshipsploit/ etc (notice i can find bebo's without logging in :p )
4. allows singular email profiling
5.(have it compiled but dont know if want to add the advanced age profiler)
6.allows multiple messenger support
7.directly has aim chat commands built into it, allowing you to advance your chat experience such as using blanket 100% through aim without ever having to touch blanket.

#random interfaces that ive made but dont know if im going to add
1.form exploiter allows rewritting all http post/get header and post data on the fly and automate it(15ps is the record its holding).
2.googledork autobot that lets you search for pages or directorys for files,logins,passwords,accounts,wazer,music,videos,ANYTHING
3.The Sad browser... havent figured if i want to make it a FF plugin or keep my own browser.
4.ParserX - module i made to parse any file out files out of a page, removing data you dont want and replacing it en-masse with code you do, great for bypassing security on ftp/http dir's and allowing to bypass some php features for basic security.
5.random as hell site plugins, one for Vfreaks
6.Some very rudimentary Destroy modules allowing you to lock accounts for aim and yahoo.

i'm thinking of adding the following:
1.yahoo messenger IP exploit grabber(exist)
2.aim (Run remote file) exploit gain ip(exist)
3.msn ip exploit grabber (don't know if this exists yet, making one wouldnt be a problem)

so i could at any time grab anyone's information from multiple databases and profiling in seconds....


theres some other advanced modules i have been creating/created/thought of
Querying Online Voter registration databases
Open record sources
Advanced meta searching
Deep web search queries
advanced people look ups
Posted by at No comments:

Blanket Sad Profile Of Creator

massiggyman@gmail.com
massiggyman@yahoo.com
http://profiles.yahoo.com/massiggyman
http://www.xanga.com/massiggyman
http://www.youtube.com/user/massiggyman
http://www.myspace.com/massiggyman
http://s124.photobucket.com/albums/p7/massiggyman/
http://profile.myspace.com/index.cfm?fuseaction=user.viewprofile&friendid=22630333
http://profiles.friendster.com/72187557
http://flickr.com/27692247@N03
http://www.bebo.com/Profile.jsp?MemberId=7520561386
- Results in 15 Seconds
#----Yahoo online 8/23/2008 10:30:25 PM(!NOW!)----#
massiggyman@yahoo.com
#----Youtube last login 3 hours ago----#
#----myspace login last 8/19/2008----#
#---massiggyman@gmail.com Profile---#
http://profiles.friendster.com/72187557
Facebook Found
http://www.bebo.com/Profile.jsp?MemberId=7520561386
#---End Of Profile---#


all information was generated in 15 seconds, i can confirm all of it is mine, except the xanga.. but i think i have a stalker who is making cloned profiles lol...
Posted by at No comments:

Pictures Of Sad Modules

The following is a Myspace deep profile, it uses an older search mechanism, it still works but not many people know of the exploit/search

Image Hosted by ImageShack.us

The following is the pastebin auto dumper bot i wrote, its coded for aim and yahoo
Image Hosted by ImageShack.us


This is a 100% automated miniversion fo sad with only yahoo email lookup but includes profile finding.
Image Hosted by ImageShack.us
Posted by at No comments:

How Blanket parses information (depth)

Ok first of i'm going to assume your familiar with the http/https protocols, both form/post,get-data etc. Simply writting a winsock, or inet, to the resource in question is simple, creating a method for finding working resources or parsing it is a little bit harder but not by much so i'll explain.

i wanted to be able to verify if someone had a yahoo email now how would i do this? well there is a few ways. i'll elaborate:

#Exploit an email sendback/confirm form (not subtle often rated)
#Dictate existance from a network login fingerprint(cumbersome)
#exploit a 'Does email exist" mechanism
#exploit a "in profle/*" que
#exploit simple static url /*/ que
#use existing search by method
#using member only searches (50% success most sites security)

here i'll show using a yahoo 'is available' mechanism,
DoEvents
profilecheck = Inet1.OpenURL("https://edit.yahoo.com/membership/json?PartnerName=yahoo_default&RequestVersion=1&AccountID=" & Text1.Text & "&GivenName=&FamilyName=&ApiName=ValidateFields&intl=us&4737863")
If profilecheck = "" Then
Me.caption1 = "No Connection/Error"
End If
If InStr(profilecheck, "PERMANENT_FAILURE") Then
List1.AddItem ("http://profiles.yahoo.com/" & Text1.Text & yahoo)
List2.AddItem (Text1 & "@yahoo.com")
End If

StatVar = Inet1.OpenURL("http://opi.yahoo.com/online?u=" & Text1.Text & "&m=j")
If InStr(StatVar, " NOT ONLINE") Then
yahoo = " -Offline"
ElseIf InStr(StatVar, " ONLINE") Then
yahoo = " -Online"
List6.AddItem "#----Yahoo online " & Now & "(!NOW!)----#"
List6.AddItem (Text1 & "@yahoo.com")
End If

that right there is an example of how blanket finds a yahoo account, and wether it is online first using the username as a var in the data to be outputted
https://edit.yahoo.com/membership/json?PartnerName=yahoo_default&RequestVersion=1&AccountID=" & $USERNAME$ &"&GivenName=&FamilyName=&ApiName=ValidateFields&intl=us&4737863

the information will be decided if it's a failure then it means the account exists (means failure of account availability) so you can know even if the /profile/ is ghosted (some yahoo accounts have ghosted profiles) next the is online? is dictated by http://opi.yahoo.com/online?u=" u= $Username, if the outputted data = Online then the person is on, i just tell the form how to percieve and parse the data. simple, so simple.
Posted by at No comments:

Blanket In Action


This is Blanket sad at work, who best to use it on than it's creator? the shear amount of information such a small program can get is astounding , i will explain the parsing routines i created for it in great depth later with live code example, i hope to incorporate php and ruby examples as well.

Blanket sad modules in beta testing include
#@aol,@aim, network account login access
#multiclient quick chat interface
#pastebin auto dump
#extended chat support
#extended data miners
#addable site plugins

Blanket Modules in progress/wtf
#Advanced browser options
#advanced google dork and database filters
#auto advanced myspace profiling
#advanced age analysis
Posted by at No comments:

What is Project Blanket?

Project blanket
is a collaborative project that i have been amassing in portions for about 3 years and is now finally implemented in a stable environment (VB6) i'm not claiming any greatness to having created something in visual basic, but in concept i do beleive i may be onto something.

How Does Blanket work?
well blanket works by tapping into various open resources,databses,forms,queries,etc
I'm sure Blanket voids the TOS of a bunch of the sites, do i care? no..
Blanket allows for Automated email queing,
for hotmail(60%),gmail(1-10/100%),yahoo(98%).

How to use Blanket
Adding emails you have found will allow you to que
Facebook - (uses a send email conf)
Bebo - (uses a reverse que)
Freindster - (uses a reverse que)
Myspace - (reverse que)
Vampirefreaks - (email divulge sploit)
#staticly by email#

Adding a profile name to be scanned it will search hotmail,yahoo,gmail
then it will search for accounts regged under each email.
it will find about 20 topsite accounts staticly,
it will find last logins for youtubes,yahoos,myspace.

What does the chat interface offer?
i coded this for yahoo 8.9*newest* (can spam in chat or pm)
and aim 5.9 (it can grab chat usernames)(can spam in chat or pm)
both modules allow for removing http/ data to allow rating/link bypass

Whats the browser do?
The free copy? doesnt do much just as a quick go between for your blanket module and urls. but full blanket allows for music finding, 14 top search engines/queing/deepwebs, it also allows for interfacing with engines and databases, also has quick email retreival ops. (yahoo,photobucket,hotmail,gmail,myspace,etc)

Why free?
why not? why not make the whole thing a free concept with a multi breed of sad and blanket sad offspring. i was thinking of selling it i am still selling a private copy of S&D but i will be distrubiting everything free on this blog.
Posted by at No comments:
Subscribe to: Posts (Atom)