Create Inbound Links from Authority Sites with Exploit

This threadwatch discussion talks about a more advanced way of making authority sites link to you than simply trying to get the Rojo or Google results for your site indexed.

1. A series of pages are created on a domain say www.mylittlewebsite.com and the links point to a search request on one of these sites . .
2. Notice the formatting using HEX code when surrounded by a standard HREF tag this translates the link properly when the request is made to the authority websites POST for search – the result is properly translated into basic html. This is a clever coding exploit, this format ensures the request is properly formatted in basic HTML.
3. Obviously the request is a negative search result on the authority website, however particularly site searches will cache all results of local searches, successful or otherwise.
4. If these search results are spiderable content, then a robot such as Googlebot will view the cache results and see inbound links from a high profile authority site point to the domain in question.

Sometimes hex is not required. You just enter the tags the same as if you were coding html but into the search field of a site with the vulnerability. Other times, a hex converter can come in handy.

I have seen instances that include javascrips and other elements. The red cross search results (long URL) page is a PR 0, but I’ve found up to a PR 6 (someone on TW said they had a 7). I picked the Red Cross as an example to hopefully encourage donations.

All I had to do was dig around for a bit to come up with a healthly list. If any registered seoblackhat readers would like a few more examples, just drop a comment or e-mail me.

Update: Sites with HTML injection Vernerabilities are now available only to members of the SEO Black Hat Forum.

Both comments and pings are currently closed.

66 Responses to “Create Inbound Links from Authority Sites with Exploit”

  1. Scottie says:

    How does one locate vulnarable search pages? Is there some sort of footprint that can be translated into a search on google?

  2. waterwheel says:

    Howzabout googling the term ‘Recent Searches’.That brings up a bunch.

    Stop number two might be seeing what software people use for this, then googling for any software footprints (like ‘phpBB version 3.01). Third on my list would be a backlink check from any software vendor that provides the search software.

    Anyway Mr. Seo Blackhat, I’d love to take you up on your offer of an email with some start phrases :) TIA.

  3. amanzi says:

    I am keen to see extra sites

  4. dan says:

    I’d like to see some also.

  5. itsme says:

    I am interested too.

  6. scrunter says:

    Great post! Been lurking a while, you’ve just made me register :) Would love to see the extra examples!

  7. NJForever says:

    I find your site an amazing wealth of information. I too would also be interested in more examples. Thank you.

  8. IrishWonder says:

    Yes been looking at that thread myself wondering about different possibilities, very interesting indeed. I’d be interested in more examples as well (see I even registered for this :-) )

  9. gchai says:

    I’d love to have a copy of your url list, that’ll be very handy.

    Been a subscriber to your RSS feed since day one, great site!

  10. toddieg says:

    me too :)

  11. jacksparrow says:

    Hi there!

    Very nice article… would love to know more about your list

    Tx

    Jack

  12. madmike says:

    I would love your list :)

    Love your articles btw, just getting into the whole blackhat scene

  13. Harry says:

    Damn-it – I just love blackhat ways of doing things….

  14. killerwolf says:

    i am a french guy and i am interested in such seo article, it brings knowledge about many things

  15. mkT says:

    I’d like to see some also.

  16. GoogleVixen says:

    I’d like the list of authority sites, too. TY

  17. Just a guy says:

    I’ve read elsewhere that you have to link to the results page for it to do any good, since the page created is not permanent but is dynamic.

    Therefore a link to it from a currently spidered site is required. Is this true?

    Vic
    ____________

    Yes – quadszilla

  18. skime says:

    I’d love to have a copy of your url list too, please.

  19. charless says:

    I have been reading since day 1, although never registered. I, too, am also interested in the list. Thank you.

  20. Me too says:

    Very interesting.
    I’d like to see your list. :-)

  21. blackhelmet says:

    Been lurking for a long time but registered today for the list. Thanks.

  22. xuron says:

    i would like to see the other examples too

  23. Franz says:

    I would love to see more examples.

    Thanks

    Franz

  24. sandbox says:

    I would love to see some examples. Thanks for sharing.

  25. Baracuda says:

    Count me in, awesome, please forward me the list as well.

  26. jerome says:

    yeah, me too

  27. Adam says:

    I would be interested in your list as well.
    Btw I found a PR7 result page here:
    http://www.cdc.gov/

  28. LuckyLuke says:

    Excellent post – please send me more examples :-)

  29. BigMatthew says:

    Super, can I get some more info on the list? Thanks.

  30. BigMatthew says:

    I noticed with the G toolbar version 3.0.126 the cdc.gov site will not show a pr and with version 3.0.126 it will show a pr, any input on that?

  31. BigMatthew says:

    The search result page in G toolbar 3.0.126 will show a pr, but in the new version, it does not show a pr on the actual page your link appears.. so is the page a benefit for incoming link or not.

  32. Adam says:

    Watch out for zope-based websites.

  33. gr says:

    I’d love to see your “healthy list” too as a good starting point. Great site by the way.

  34. joseph29 says:

    I want that list… thanks!

  35. anjur says:

    I would really like the list too!

    Here is a refinement on ‘prequalifying’
    search G for something like
    inurl:site_search.asp mode=allwords
    That tells you if G spiders the pages

  36. cowenpa says:

    Would be interested in getting hold of your healthy list

    “I have seen instances that include javascrips and other elements. The red cross search results (long URL) page is a PR 0, but I’ve found up to a PR 6 (someone on TW said they had a 7). I picked the Red Cross as an example to hopefully encourage donations.

    All I had to do was dig around for a bit to come up with a healthly list. If any registered seoblackhat readers would like a few more examples, just drop a comment or e-mail me”

  37. Ozh says:

    Send me the list too :)

  38. mickmcmac says:

    I would like to see the list as well please. Thanks for sharing!

  39. Kusuma says:

    I would like to see the list as well please…… thanks! :)

  40. Tony says:

    I want that list…but I also need some info on how to make it happen, just like the sample website (like the red cross site). Btw, the http://www.cdc.gov/ is PR9 now.

    Thanks!:)

  41. Genus says:

    Simply excellent info on this site. Please forward me the list. Many thanks

  42. kanton says:

    Hello my friend. Excellent info as always.

    I could swear there was nothing on this post about a list the first time I read it (when it was posted). But I might be wrong. I keep forgetting this is NOT the usual trash talk copycats blogs. All the info here, all the sentences, all the words are precious! Fast reading is a no-no miss the best fate in here.

    Any way, would be grateful for receiving the list :)

  43. littlericki says:

    I would like to see that list. You have a great site with incredible work.

  44. DaveB says:

    Fascinating information.

    I also would appreciate the list and more examples.

  45. whip says:

    i’am impressed!!!
    i would like to see the other examples too, please.

  46. ech0 says:

    I would appreciate the list just aswell.

  47. daveseo says:

    Very interesting. I am a registered reader and would also really appreciate the list…

    Thank you!!!

  48. spublish says:

    Great Post!!!!

    I would love to see more sites like that myself or the process you are using to find the sites.

  49. Nobody says:

    I just came across this site today… very interesting, to say the least.
    You’re a smart Mother F’er. Nice Exploit! …Some of it is a bit over my head. :(

    -Nobody

  50. ryanryan says:

    I’ve been optimizing sites for a little over a year now, and upon research I learned that many of my top methods are considered “un-ethical” I am so glad to have finally found a group that understands the importance of a starving artist’s need to exploit. Could I please get the list of authority sites. Keep up the good work

  51. kazoone says:

    If your offer is still valid, I’d like to take you up on that list.

    thanks.

  52. edoc says:

    I’d like a copy of that list too please :)
    Nice exploit.

  53. Will says:

    Really useful web site. This advice is worth it’s weight in gold keep up the great work and sharing of web promotion ideas.

  54. elprogramero says:

    Great article!!! This site is awesome, I have spent 2 years, on ethical SEO… But there is no $$$ in it. I just LOVE SeoBlackHatz…. You are the best!
    Can I have a list of authority site please?

    See ya muchachos.

  55. elprogramero says:

    Fantastic INFO, really useful, please send me a list. :)

    Tnx.

  56. Jose says:

    Very interesting. I am a registered reader and would also really appreciate the list…

    Thank you!!!

  57. MRamirez says:

    Me too, 2 years white hat SEO and still poor, now I’m trying grey techniques with great results…
    Please send me more example
    Thx

  58. blackmagic says:

    Hey quadszilla, I appreciate your hat color .. and your generosity .. I’d love that special list of yours as well .. I have begun to compile one of my own as well .. a clever trick indeed.

  59. sunboya says:

    I love this article

  60. free-ps3.co.uk says:

    i would also love a list

  61. esoomllub says:

    Sorry to revive an old comment thread, but this seemed very intriguing to me. It took less than 15 minutes to find another site that this worked on (not a real authority site, but just a schmuck site). I actually turned this around and tested my sites. I found one of my sites that is at least partially vulnerable (oh to clean it up now!)

  62. hammertime says:

    you awesome i’ve traded my white hat for a black one. Would love the list too but if not . I was wondering if you were looking for work I have a campaign I and pay consultants. You are the best. Thanx for the info.

  63. [...] A Dig at a Doug who’s a Heel with an XSS exploit on one of the Heel’s Client’s Site. That just might be the “Best. XSS. Ever.” [...]