usenet posting techniques

[pokitisme]

ok so ive started this thread to get some basics of the new life of usenet posting.ive posted for quite awhile on the old groups the common technique or taking a folder and adding it to rar/zip files with a certain amount of split files and par files for those split rar files.and posting or creating .sfv / .nfo /.txt files for information and in some cases using gspot for additional info in the nfo.so heres my issue in this new usenet world----- how do u get dsjfsdfsdkfk.rar.056 from star wars1.rar.001---- in other ways what is the encryption method used to convert such files of good to unrecognizable gibberish and getting the pars to work in the new order as well.i would suspect u rar up the files par them then encrypt the rars and pars but the encryption thing so far eludes me due to lack of effort on my part.but this is a question that confounds me and causes time of pause in the posting community--i still post but not in a way thats so flamboyant .so i pose this querry to yonder mods and admin types and those regular posters.if once things have been summarily explaind i give all permission to lock said thread but suspect others of less intelect will have additional questions such as whats a rar as opposed to .rar.thanks moddies and adminers .

[SgtMajor]

In simple terms, here is how I have seen it done

Prepare rar files
Create par2 files
Using Better File Rename or your choice:
Rename ALL files, filename only, not extension (I use the password generator of lastpass, 32 chars long, lowercase letters & numbers, or use this https://identitysafe.norton.com/password-generator/# )
Sgtmajor.rar converts to frucran5spa3amud.rar
Sgtmajor.par2 converts to frucran5spa3amud.par2
Now rename the rar file extension files only to 001, 002, 003 etc again using better file rename (this hides the fact your files are indeed rar files on the servers)
frucran5spa3amud.rar converts to frucran5spa3amud.001
frucran5spa3amud.par2 stays the same as do all the par2 files

Make a folder copy then run the par2 file and it will rename all the files (less the par2 files though) if you want to verify your work

Upload the frucran5spa3amud group of files to the groups you want, I still use camelpost powerpost programme, it will create a nzb file for you,
Share the nzb file when complete

Maybe others have a different way?

[Admiral_Crunch]

So...it's common for the groups to use an idiot code? By which I mean, the obfuscated filenames are chosen at random, not encrypted versions of the original filenames?

[ZEROdayO]

depend which grp, for example into inner-sanctum posting omgwtfnzbs which use md5 technique to subject only and par2 files

[Beck38]

Here's my basic 'routine', you can take the advice or lump it:

1. Forget about using PowePost or the many clones out there (like camelpost). Use something that does post/verify, like JBinUp (it also has built-in SSL, plus the ability to check either on the server you are actually posting to or a secondary.) I have it set up 'normally', checking with the posting server, then...

2. Check propagation; if you're using one of the 'major' plants to post (Astra, Giga, etc.) then check on one of the other majors, and if you're using a more secondary service, STILL check on one of the majors.

3. After the post is completed, check fully by using NZBcc on a plant that you have unlimited d/l'ing so use the best validation method.

4. If your ISP is known to be using DPI (deep packet inspection) or you want more protection, use a good vpn.

5. Scrambling hints: For posting names, keep it simple. Making folks jump though x hoops just to figure out the actual name of the file may look good at first, but really limits it. Same with encrypting the rar's, unless you want to go the private pay-walled route.
Take a look at how the major indexers (NZBIndex and binsearch) treat your posts, and go from there.

[pokitisme]

yea all good ideas i think i would rename it a variation on my nym so as to keep it civil in the fact that my post would be known even if the nfo was encrypted---thanks for all ur guys help---ill test it when i have more space---2 tb drives full and no dvd's to burn

[pokitisme]

well right now im having a issue posting thru the ssl ports of newshosting-i will post some updates as they come.they have given me ssl ports but when i try it hangs and times out.so ive fired off another email and ill post what goes on here.im using powerpost A@A v11b

[Beck38]

im using powerpost A@A v11b

I cannot stress more than what I listed as Numero 1 on my list above. Toss powerpost and get JBinup no matter what, it will fix two things that a program thats 15+ years old (powerpost) doesn't do, first has ssl built in, second, does posting verification, which virtually eliminates 'skips' and 'fades' occurring during the posting process.

[Beck38]

Rename ALL files, filename only, not extension (I use the password generator of lastpass, 32 chars long, lowercase letters & numbers, or use this https://identitysafe.norton.com/password-generator/# )
Sgtmajor.rar converts to frucran5spa3amud.rar
Sgtmajor.par2 converts to frucran5spa3amud.par2

Maybe others have a different way?

The main problem with that technique, is that there is no 'reverse engineering' of the filename unless and until one d/l's the entire package and subjects it to processing. I don't think anyone is going to spend the time and the bits to grab something they have absolutely no clue as to what it is, beforehand.

Obviously, those utilizing 'secret' web sites where that scrambled filename is listed (pay-walled or not) is a fools errand. The 'bad guys' will eventually get into those sites, get the 'keys' so to speak, and WACK it's gone. No fuss, no muss, virtually zero time wasted. From reports here on this site and elsewhere, that's already happening.

Any scheme needs to have two main elements, to my way of thinking:

1. The 'true' filename needs to be easily and quickly figured out. I've shown many people here how to do it by using the most powerful site on earth (maybe hyperbole) to retrieve it.

2. To retrieve and confirm the payload, one must go through the entire d/l process (parity check, decryption, unrar).

3. Plain text nfo's are posted to allow searching by the major search engines (Binsearch or NZBIndex or many others) and there is a simply 'trick' (fully combined with step 1) to find the posting and retrieve.

Perfect? No, nothing in this life is, especially when going up against organized crime.

Does it work? So far, it requires a lot of work by the Guido's and even if they do that work and take down the posting, if one is doing their due diligence one can simply post again with a small tweak in the process.

Been on usenet for 30 years, been binary posting for well over 15 of those, and since the 'new' regime of hyper-DMCA (say the last couple of years) I'm still batting 1000 ZERO takedowns. And a fair amount of that is material that has been aggressively targeted and taken down which was posted by others, with non-reliable obfuscation techniques.

Then again, a lot of what I get (yes I do leech!) is totally 'in the clear', in newsgroups one would think are especially targeted (a.b. teevee being a good example) but have never had a problem, and I'm 'slow on the trigger' on most of that (i.e., it may takes days to get it).

So the vast amount of these pay-walled encrypted postings, I say the h*ll with them. It's probably overrun with pre-wrestling and the like.

[Admiral_Crunch]

The main problem with that technique, is that there is no 'reverse engineering' of the filename unless and until one d/l's the entire package and subjects it to processing. I don't think anyone is going to spend the time and the bits to grab something they have absolutely no clue as to what it is, beforehand.

Obviously, those utilizing 'secret' web sites where that scrambled filename is listed (pay-walled or not) is a fools errand. The 'bad guys' will eventually get into those sites, get the 'keys' so to speak, and WACK it's gone. No fuss, no muss, virtually zero time wasted. From reports here on this site and elsewhere, that's already happening.

That's why I always assumed that the obfuscated file names were encrypted versions of the real ones. But apparently, according to folks here, some posters do use random "idiot codes" gotten out of a password generator.

So there is a real danger that, if the site goes down, all the posted content is effectively lost. Disheartening...