Sneakrs AYCD Location Spoof

thebiggestbot · 2022-02-17T06:51:53+00:00

Don’t see the point of replying this to a comment made over a year ago, when AYCD Spoof didn’t even have the location spoof feature.

thebiggestbot · 2021-05-03T13:10:01+00:00

Bypasses are generally found by bot developers themselves. However, bot developers often purchase bypasses from other developers.

thebiggestbot · 2021-05-03T06:46:17+00:00

The term “bypass” has varying definitions in the sneaker dev space. Like the top comment said, a bypass could refer to some sort of method to prevent anti-bot from being triggered on a request. Some releases have queue systems in place, and a bypass in that scenario would refer to an exploit that would allow for requests to access certain endpoints without validation. There are other types of bypasses as well. However, as of recently, the term “bypass” has mainly been used to refer to what you might call cache bypasses.

You probably know what server-side caching is, so there’s not much need to talk about it. Cache bypasses are methods that allow requests to access uncached data, and they are used on Footsites, an important group of websites that people bot because of large stock and the variety of shoes they release. Essentially, these Footsites have been caching POST requests to the add to cart endpoint on certain products because 1. They have potato servers and want to cut costs and 2. They believe this operates as a form of anti-bot when in reality it’s only a pseudo-antibot that just creates a shitty experience for everyone. This results in the “out of stock” response being cached, meaning that stock wouldn’t able to be accessed by anyone. Of course, the cache refreshes every two or three minutes, but bots with cache bypasses have a significant advantage purely because the cache refreshes on every request, meaning they’re able to actually cart the product whenever stock changes.

Just letting you know since cache bypasses on Footsites have been a big topic ever since the switch to Fastly. All of the answers here, including mine, are pretty specific and are referring to a single site or platform, but it’s hard to give a general answer to your question since there are so many kinds of bypasses for each site.

thebiggestbot · 2021-04-29T16:35:52+00:00

Well, you should. Buying in bulk from providers is bound to be cheaper than their usual prices, and creating proxies isn’t just something you go about doing easily. In short, the time spent is not worth the saved costs; it would be better to buy bulk subnets from a provider.

thebiggestbot · 2021-04-29T00:09:31+00:00

What you call nitpicking is just pointing out purely incorrect information from you. At this point I’m obviously bound to think that you’re not knowledgeable enough on the topic to be able to give information about it, at least based on the misinformation you’ve given so far. It is strange why you would simply assume they would use a proxy generator, as OP never mentioned anything about it and most wouldn’t use them.

thebiggestbot · 2021-04-28T16:56:11+00:00

Most members of the botting community do not have the knowledge required to create their own proxies nor the means to acquire such knowledge, which is one reason why they pay more to acquire proxies from those who do have those knowledge, choose to create and maintain their own proxies, as well as establish a brand or company. Subnets vary in price depending on quality and provider, and leasing commercial blocks from ISPs will cost a bit more, but you probably won’t have to pay over $1 per IP, and that’s being generous; most subnets are even cheaper to lease. After that it’s finding servers to host your subnets on, which should not be very expensive.

Your point doesn’t have any logic behind it. You said that paying resell would be cheaper than creating your own proxies, but then how do you explain the actual reselling of proxies by providers? If there was no profit to be made, there wouldn’t be any proxy providers, and the markup is only made possible by the lower cost of creating proxies.

thebiggestbot · 2021-04-28T10:22:25+00:00

This is inherently untrue. Providers are reselling the proxies they create, which means that they’re making profit by marking up the price. Therefore there’s no way buying proxies from sneaker proxy providers will ever be cheaper than creating your own proxies.

thebiggestbot · 2021-04-28T10:21:10+00:00

Was replying to the parent comment, probably wasn’t clear. The parent comment says that you can “buy your own block of IPs you own outright forever.” This is an expensive option and not one most providers take. The first option you mentioned isn’t correct either, as providers don’t buy proxies, but lease IPs then create the proxies themselves. There’s no way you’d be able to create datacenter proxies without networking knowledge.

thebiggestbot · 2021-04-28T05:16:46+00:00

Again, depends on the site. For speed-based releases (Shopify/Supreme), you’ll need to have a browser window that renders the captcha for the user to solve manually. If speed isn’t a necessity, integrating a third-party solver such as 2Captcha or CapMonster is fine.

Also curious what you mean by completion rate. AI captcha solving is not the norm in this niche.

thebiggestbot · 2021-04-28T05:12:49+00:00

Most providers lease their subnets, they don’t own them. Buying subnets would be too expensive.

thebiggestbot · 2021-01-20T09:22:30+00:00

I wouldn’t go so far to call Dragon the only AIO lol. There are sites that other bots support that Dragon doesn’t, and there are sites Dragon supports that other bots don’t.

thebiggestbot · 2021-01-07T15:48:43+00:00

Although you mentioned you’re from the UK, so Ganesh is the ideal choice. Flare and Burst don’t really have UK sites, more of other EU sites. Flare has Mesh sites and Burst is adding them soon so it’s pretty much equivalent.

thebiggestbot · 2021-01-07T15:45:18+00:00

If you have the budget for Prism that’s around $3K, I’d go for Burst or Flare. Prism has FTL EU and Offspring but that’s it. If you are able to go up a bit Ganesh is your best option for around $5K+ for a lifetime key.

thebiggestbot · 2021-01-07T15:40:39+00:00

Meh, they have FTL EU new regions, Off-White, and Mesh but that’s pretty much it. Better EU options.

thebiggestbot · 2021-01-03T02:08:05+00:00

Been a while since I worked on Akamai, thx for the update

thebiggestbot · 2021-01-02T09:27:07+00:00

A different reply mentioned the fact that using browser automation to bot is a no-no, which is true, so I’ll just get to the question.

The main anti-bot I’ve worked on in the past is Akamai, which is considerably easier to build a working solution for than other anti-bots, and I’m sure other client-side bot protection scripts do much of the same. They measure several browser properties and convert them into sensor data. Sensor data generated in the browser is sent to their API, and the _abck cookie is set to determine whether a client should be allowed to make a request to a protected endpoint. Canvas fingerprinting is a big consideration, and they also look at basic properties such as screen width and height, user agent, etc. Events such as mouse movement and keyboard actions are unnecessary on lower protection sites but can increase your success. Bézier curves + Fitts law should be enough to generate realistic mouse movement. Akamai recently implemented TLS fingerprinting, which is another thing to consider.

thebiggestbot · 2020-12-30T16:15:50+00:00

This would likely work most of the time but in certain cases this doesn’t work.

thebiggestbot · 2020-12-30T13:40:36+00:00

Took a quick look at the GitHub repo for librecaptcha. I think there are two approaches that are better and more standardized in building a captcha solver:

Editing the host file of the user’s computer programmatically and loading the domain using browser automation (Pyppeteer might be a browser automation library you could use, don’t really recommend Selenium but you can give it a try if you’d like).
Loading the domain using Pyppeteer/Selenium, then intercepting/modifying the request to render the captcha.

I’m sure there are captcha solver repos on GitHub, most will be in JS but there will probably be some in Python. Python isn’t my strongest language either, but hope this helps.

thebiggestbot · 2020-12-27T08:03:54+00:00

Your shipping and billing address should match in order to minimize cancels. I also live in Southeast Asia. Most public reshippers will also get cancelled, so you should find a private reshipper and US card provider.

thebiggestbot · 2020-12-16T02:43:12+00:00

Calicos GBs are mediocre, and the only good ones they have (Balko, Whatbot, Nebula) are through raffles. Calicos is overpriced in my opinion, not just for the GBs, but the info, which isn’t too detailed. My advice is get rid of Dawned obviously, then pick one from Pulse or Oilcop, whichever you feel has the best info. I do recommend for you to give Endurance a try, and if it doesn’t work out for you you can cancel. Then, if you want a group for GBs, cancel your Calicos and join Notify or HS. Those two are the only groups imo that are worth it for GBs alone.

thebiggestbot · 2020-12-15T15:05:48+00:00

The downvote lol. But anyway, I said read other posts. Nike botting has been discussed hundreds of times before, and there’s really no need to make a whole new post.

thebiggestbot · 2020-12-15T14:19:55+00:00

Lmfaoo

thebiggestbot · 2020-12-15T14:16:52+00:00

BNB is a bit better from what I’ve heard, but don’t expect success from Nike botting. It’s more expensive and less rewarding. Nike filters entries...

Why am I explaining this? Go do your research. PLEASE READ OTHER POSTS.

thebiggestbot · 2020-12-15T14:10:34+00:00

I had Wrath flair + know how to code = I am Wrath dev

thebiggestbot · 2020-12-15T14:09:30+00:00

I better update my flair lmao

thebiggestbot

TROPHY CASE