SlayingDragons

Subscribe!
Contacting SlayingDragons
Send message Forward
Add to friends Favorites
Add to group Block user
 Who gave a Kudo :
due 07 (2)
So-Cal (2)
Friday, September 23, 2011

Getting around UG forum censors

Views: 154
Comments: 1
Updated 2/06/12 to fix a bit of noobishness.

As we all know, UG has censors in place to make it a PG-13 site, or something like that. They're usually fine, and solved with a simple tag injection if you want to post a word. But what about when you want to post an image? The censors replace a couple characters with ****, and you can't put in size tags to bypass the censors as it would break the url. (Such as f[size=2]uc[/size]k.)

Nevertheless, there is a way around it. There's usually only two situations in which this is a problem:

> A censored word in the domain name
     If you are trying to post a link to a site with a censored word, like www.whatthefuckhasobamadone.com or something like that, then the censors will block out "fuck" with "****" breaking the url.

Open up the command line, and type in "ping (whatever your intended domain name is)", without the paranthesis of course.

code:
bash ~ $ ping www.whatthefuckhasobamadone.com
PING www.whatthefuckhasobamadone.com (64.20.60.99) 56(84) bytes of data.
64 bytes from 64.20.60.99: icmp_req=1 ttl=49 time=20.1 ms


This will give you the IP address of the server, in this case, 64.20.60.99. You can then link to the site using the IP adress instead of the url, like http://64.20.60.99.

There is also a utility that is usually on unix/unix-like systems (that means you, linux and osx users) called "host", which may be preferable.

code:
bash ~ $ host ultimate-guitar.com
ultimate-guitar.com has address 178.18.22.151


For the second situation:

> A censored word in a url, such as a filename, $_GET value, directory, etc. 
    This seems to be more common situation: You want to link to an image, such as

http://1.bp.blogspot.com/-9BbEfHFLEB0/TcqJY7l8O-I/ AAAAAAAAAQs/-3oFPZPjWuQ/s1600/look-at-all-the-fuck s-i-dont-give-theyre-just-falling-from-the-sky.jpg


and it replaces "fuck" with "****". This is also easily bypassed through a method known as hex injection. If you've ever seen a url that was something like "www.site.com/%20a%20palm%69%45%32" or something like that, the weird numbers and letters were hex. To get around the filters, you simply take the text from the url you want to replace, in our case "fuck", and convert it to hex. I tend to use http://www.snarkles.net/scripts/sneak/sneak.php to convert it.

Simple change "ASCII to binary" to "ASCII to hex" and type in whatever you want to be hexified. Fuck
would return 66 75 63 6b. This, however, wouldn't be parsed right away, you must put a % in front of each hex value, like %66%75%63%6b. Then you just replace "fuck" in the url with %66%75%63%6b.



^Eeyup. Try it, copy the location of that image and post it on the forums, and it should work.

> End notes
    While you can combine the two methods, ( http://*ipaddress*/*hex* ), you can't use hex in a domain name. Hex injection typically works due to PHP/javascript/whatnot filters only usually only have regexs for characters, and do not take into account hex values, which are parsed on the client side. However, it is entirely plausible that an anal retentative, fascist dev could add a filter that takes into account hex values, so it may not work in all cases.

If you want a copy/paste list of hex to replace censored words, here you go:


fuck = %66%75%63%6b
bitch = %62%69%74%63%68
whore = %77%68%6f%72%65
cunt = %63%75%6e%74
fag = %66%61%67


I'll add to/edit the list as needed. Also keep in mind that uppercase/lowercase letters have different hex values, so you'll have to change it accordingly.

Well, that concludes my blog, hopefully you find this useful. :cheers:
6:48 pm - 1 comments - 4 Kudos - Report!
Comments
due 07 wrote on Sep 30th, 2011 12:09am

Pretty cool.

quote

Post your comment
Expand