HankaRobotics
Newbie
- Jan 22, 2022
- 12
- 12
[ First, let's get something straight, 100% airgap anonymity isn't achievable. If the attacker is funded and motivated enough, he'll get ya. If you found this thread trying to commit anything wildly illegal, you'll get caught eventually. ]
![image3[1].jpeg](https://www.blackhatworld.com/data/attachments/522/522576-cfb3685d3111a0e40c8d1491b0ac86ae.jpg?hash=z7NoXTERoO "image3[1].jpeg")
Hi guys,
I've launched myself into this project : trying to find a way to create a Discord account but in a truly anonymous manner AND without triggering anti-bot measures. That's a nice privacy challenge, especially considering that https://spyware.neocities.org/articles/discord.html. So we'll use Discord inside the browser to do this.
I'll start from the assumption that VPN alone or proxy alone isn't sufficient. Being wrong on this would make things so much easier lol.
The Part 1 of this project will just be to create ONE account without raising any attention from Discord and still being extremely hard to trace. Part 2 will be to automate the process.
Let's begin.
Account verification - Email & SMS
First you'll need a traceless email and phone number for verification purposes. That's the easiest part to solve. Ctemplar / Tutanota + https://www.blackhatworld.com/seo/no-voip-juicysms-com-sms-verification-real-numbers-cheap-api-automatic.1364829/ or https://www.blackhatworld.com/seo/smskings-net-text-sms-verifications-over-180-countries-tons-of-different-sites-we-offer.1343107/page-4. Always pay with crypto that couldn't be linked back to you.
For email privacy, avoid Protonmail. https://restoreprivacy.com/protonmail-logs-users/.
The problem resides in the networking and fingerprinting.
IP Address / DNS / Fingerprinting ...
So, in my quest to anonymity, TailsOS seems to be the most relevant solution because it roots all traffic through the TOR port (127.0.0.1:9050) by default. If I don't succeed with Tails, I'll try Whonix who's a valid alternative.
The problem is that with my traffic coming out from a Tor exit node, Discord will flag me instantly and every action will require an hCaptcha.
All TOR exit nodes are publicly known and https://blog.torproject.org/browser-fingerprinting-introduction-and-challenges-ahead/ so it isn't surprising that any TOR user is immediately flagged as highly suspicious by anti-bot detection measures. Fair enough.
The goal here is to take advantage of TOR's anonymity and then look like any user with a natural fingerprint. Thus, I'm currently trying to find a way to do https://tails.boum.org/support/faq/index.en.html#vpn.
So the route would be Tails → Tor → Private Residential Proxy or VPN. ( This is probably not the only option. I guess a mobile 4g proxy would work too because https://www.blackhatworld.com/seo/anti-fingerprint-browser.1336790/post-14443323 )
I think you get the idea. Use TOR to anonymise myself and then some residential proxy or fingerprint spoofing technique to pass as a regular user.
From what I've read, Proxychains could help me with this.
I've found these ressources :
> https://medium.com/@nima.nikjoo/hide-tor-exit-node-38d7dc4cd7ab
> https://www.privacyaffairs.com/vpn-with-tails/
> https://forkdrop.io/installing-and-using-proxychains-utility-on-tails-live-boot
> https://www.linuxfordevices.com/tutorials/linux/proxychains-and-tor
But I'm not sure about all of this, I'm a bit lost tbh. Could anyone here confirm that this makes sense ?
Maybe there's probably another (simpler) method too.
------
To anyone reading this, I hope you'll be able to get some value out of this thread and mostly from the people who will answer to it. There's certainly some mistakes here so please DYOR, I'm in no way an expert on this subject, I just find all of this fascinating. I'll be glad if anyone can correct me on what I've wrote.
Here are some ressources that might interest you :
"The Hitchhiker’s Guide to Online Anonymity" - A literal GOLDMINE of informations about Opsec, this is crazy
> https://anonymousplanet.org/guide.html#getting-an-anonymous-vpnproxy
Anti-detect browsers thread :
> https://www.blackhatworld.com/seo/anti-fingerprint-browser.1336790/
( https://incogniton.com/ seems to be a good starting point )
Fingerprint switcher :
> https://fingerprints.bablosoft.com/#home
( Which is part of the https://bablosoft.com/shop/BrowserAutomationStudio project )
Learn about the different types of proxies
> https://proxyway.com/
And this thread hasn't even started on automation yet, which is the next step for this project. I'd like to thanks the BHW members like @FatBee @lucky.sparks and @Machairodont for all the valuable informations they've shared on the forum about this, I can't wait to start automating this once I'll have the privacy part figured out.
I've just joined BHW but man is this interesting.
Hi guys,
I've launched myself into this project : trying to find a way to create a Discord account but in a truly anonymous manner AND without triggering anti-bot measures. That's a nice privacy challenge, especially considering that https://spyware.neocities.org/articles/discord.html. So we'll use Discord inside the browser to do this.
I'll start from the assumption that VPN alone or proxy alone isn't sufficient. Being wrong on this would make things so much easier lol.
The Part 1 of this project will just be to create ONE account without raising any attention from Discord and still being extremely hard to trace. Part 2 will be to automate the process.
Let's begin.
Account verification - Email & SMS
First you'll need a traceless email and phone number for verification purposes. That's the easiest part to solve. Ctemplar / Tutanota + https://www.blackhatworld.com/seo/no-voip-juicysms-com-sms-verification-real-numbers-cheap-api-automatic.1364829/ or https://www.blackhatworld.com/seo/smskings-net-text-sms-verifications-over-180-countries-tons-of-different-sites-we-offer.1343107/page-4. Always pay with crypto that couldn't be linked back to you.
For email privacy, avoid Protonmail. https://restoreprivacy.com/protonmail-logs-users/.
The problem resides in the networking and fingerprinting.
IP Address / DNS / Fingerprinting ...
So, in my quest to anonymity, TailsOS seems to be the most relevant solution because it roots all traffic through the TOR port (127.0.0.1:9050) by default. If I don't succeed with Tails, I'll try Whonix who's a valid alternative.
The problem is that with my traffic coming out from a Tor exit node, Discord will flag me instantly and every action will require an hCaptcha.
All TOR exit nodes are publicly known and https://blog.torproject.org/browser-fingerprinting-introduction-and-challenges-ahead/ so it isn't surprising that any TOR user is immediately flagged as highly suspicious by anti-bot detection measures. Fair enough.
The goal here is to take advantage of TOR's anonymity and then look like any user with a natural fingerprint. Thus, I'm currently trying to find a way to do https://tails.boum.org/support/faq/index.en.html#vpn.
So the route would be Tails → Tor → Private Residential Proxy or VPN. ( This is probably not the only option. I guess a mobile 4g proxy would work too because https://www.blackhatworld.com/seo/anti-fingerprint-browser.1336790/post-14443323 )
I think you get the idea. Use TOR to anonymise myself and then some residential proxy or fingerprint spoofing technique to pass as a regular user.
From what I've read, Proxychains could help me with this.
I've found these ressources :
> https://medium.com/@nima.nikjoo/hide-tor-exit-node-38d7dc4cd7ab
> https://www.privacyaffairs.com/vpn-with-tails/
> https://forkdrop.io/installing-and-using-proxychains-utility-on-tails-live-boot
> https://www.linuxfordevices.com/tutorials/linux/proxychains-and-tor
But I'm not sure about all of this, I'm a bit lost tbh. Could anyone here confirm that this makes sense ?
Maybe there's probably another (simpler) method too.
------
To anyone reading this, I hope you'll be able to get some value out of this thread and mostly from the people who will answer to it. There's certainly some mistakes here so please DYOR, I'm in no way an expert on this subject, I just find all of this fascinating. I'll be glad if anyone can correct me on what I've wrote.
Here are some ressources that might interest you :
"The Hitchhiker’s Guide to Online Anonymity" - A literal GOLDMINE of informations about Opsec, this is crazy
> https://anonymousplanet.org/guide.html#getting-an-anonymous-vpnproxy
Anti-detect browsers thread :
> https://www.blackhatworld.com/seo/anti-fingerprint-browser.1336790/
( https://incogniton.com/ seems to be a good starting point )
Fingerprint switcher :
> https://fingerprints.bablosoft.com/#home
( Which is part of the https://bablosoft.com/shop/BrowserAutomationStudio project )
Learn about the different types of proxies
> https://proxyway.com/
And this thread hasn't even started on automation yet, which is the next step for this project. I'd like to thanks the BHW members like @FatBee @lucky.sparks and @Machairodont for all the valuable informations they've shared on the forum about this, I can't wait to start automating this once I'll have the privacy part figured out.
I've just joined BHW but man is this interesting.
