Create Inbound Links from Authority Sites with Exploit

A run down of XSS for link building.

Create Inbound Links from Authority Sites with Exploit

September
26th
2005
comments below

This threadwatch discussion talks about a more advanced way of making authority sites link to you than simply trying to get the Rojo or Google results for your site indexed.

1. A series of pages are created on a domain say www.mylittlewebsite.com and the links point to a search request on one of these sites . .
2. Notice the formatting using HEX code when surrounded by a standard HREF tag this translates the link properly when the request is made to the authority websites POST for search – the result is properly translated into basic html. This is a clever coding exploit, this format ensures the request is properly formatted in basic HTML.
3. Obviously the request is a negative search result on the authority website, however particularly site searches will cache all results of local searches, successful or otherwise.
4. If these search results are spiderable content, then a robot such as Googlebot will view the cache results and see inbound links from a high profile authority site point to the domain in question.

 

Sometimes hex is not required. You just enter the tags the same as if you were coding html but into the search field of a site with the vulnerability. Other times, a hex converter can come in handy.

I have seen instances that include javascrips and other elements. The red cross search results (long URL) page is a PR 0, but I’ve found up to a PR 6 (someone on TW said they had a 7). I picked the Red Cross as an example to hopefully encourage donations.

All I had to do was dig around for a bit to come up with a healthly list. If any registered seoblackhat readers would like a few more examples, just drop a comment or e-mail me.

Update: Sites with HTML injection Vernerabilities are now available only to members of the SEO Black Hat Forum.

bookmark this article:

Both comments and pings are currently closed.

66 Responses to “Create Inbound Links from Authority Sites with Exploit”

 
Scottie Says: September 26th, 2005 at 4:36 pm

How does one locate vulnarable search pages? Is there some sort of footprint that can be translated into a search on google?

waterwheel Says: September 26th, 2005 at 6:11 pm

Howzabout googling the term ‘Recent Searches’.That brings up a bunch.

Stop number two might be seeing what software people use for this, then googling for any software footprints (like ‘phpBB version 3.01). Third on my list would be a backlink check from any software vendor that provides the search software.

Anyway Mr. Seo Blackhat, I’d love to take you up on your offer of an email with some start phrases :) TIA.

amanzi Says: September 27th, 2005 at 2:13 am

I am keen to see extra sites

dan Says: September 27th, 2005 at 7:07 am

I’d like to see some also.

itsme Says: September 27th, 2005 at 10:40 am

I am interested too.

scrunter Says: September 27th, 2005 at 11:17 am

Great post! Been lurking a while, you’ve just made me register :) Would love to see the extra examples!

NJForever Says: September 27th, 2005 at 12:49 pm

I find your site an amazing wealth of information. I too would also be interested in more examples. Thank you.

IrishWonder Says: September 28th, 2005 at 5:49 am

Yes been looking at that thread myself wondering about different possibilities, very interesting indeed. I’d be interested in more examples as well (see I even registered for this :-) )

gchai Says: September 28th, 2005 at 10:56 am

I’d love to have a copy of your url list, that’ll be very handy.

Been a subscriber to your RSS feed since day one, great site!

toddieg Says: September 28th, 2005 at 12:49 pm

me too :)

jacksparrow Says: September 29th, 2005 at 7:50 am

Hi there!

Very nice article… would love to know more about your list

Tx

Jack

madmike Says: September 29th, 2005 at 5:03 pm

I would love your list :)

Love your articles btw, just getting into the whole blackhat scene

Harry Says: September 30th, 2005 at 8:34 am

Damn-it - I just love blackhat ways of doing things….

killerwolf Says: October 1st, 2005 at 2:22 am

i am a french guy and i am interested in such seo article, it brings knowledge about many things

mkT Says: October 1st, 2005 at 5:05 am

I’d like to see some also.

GoogleVixen Says: October 1st, 2005 at 7:22 pm

I’d like the list of authority sites, too. TY

Just a guy Says: October 2nd, 2005 at 2:20 pm

I’ve read elsewhere that you have to link to the results page for it to do any good, since the page created is not permanent but is dynamic.

Therefore a link to it from a currently spidered site is required. Is this true?

Vic
____________

Yes - quadszilla

skime Says: October 4th, 2005 at 9:35 am

I’d love to have a copy of your url list too, please.

charless Says: October 4th, 2005 at 1:56 pm

I have been reading since day 1, although never registered. I, too, am also interested in the list. Thank you.

Me too Says: October 5th, 2005 at 8:05 am

Very interesting.
I’d like to see your list.
:-)

blackhelmet Says: October 5th, 2005 at 5:18 pm

Been lurking for a long time but registered today for the list. Thanks.

xuron Says: October 5th, 2005 at 10:22 pm

i would like to see the other examples too

Franz Says: October 6th, 2005 at 8:56 am

I would love to see more examples.

Thanks

Franz

sandbox Says: October 6th, 2005 at 2:43 pm

I would love to see some examples. Thanks for sharing.

Baracuda Says: October 6th, 2005 at 11:23 pm

Count me in, awesome, please forward me the list as well.

Adam Says: October 7th, 2005 at 5:48 am

I would be interested in your list as well.
Btw I found a PR7 result page here:
http://www.cdc.gov/

LuckyLuke Says: October 7th, 2005 at 8:13 am

Excellent post - please send me more examples :-)

BigMatthew Says: October 9th, 2005 at 1:25 am

Super, can I get some more info on the list? Thanks.

BigMatthew Says: October 9th, 2005 at 11:57 am

I noticed with the G toolbar version 3.0.126 the cdc.gov site will not show a pr and with version 3.0.126 it will show a pr, any input on that?

BigMatthew Says: October 9th, 2005 at 7:15 pm

The search result page in G toolbar 3.0.126 will show a pr, but in the new version, it does not show a pr on the actual page your link appears.. so is the page a benefit for incoming link or not.

Adam Says: October 10th, 2005 at 2:46 am

Watch out for zope-based websites.

gr Says: October 10th, 2005 at 5:18 pm

I’d love to see your “healthy list” too as a good starting point. Great site by the way.

joseph29 Says: October 19th, 2005 at 11:12 am

I want that list… thanks!

anjur Says: October 25th, 2005 at 8:59 am

I would really like the list too!

Here is a refinement on ‘prequalifying’
search G for something like
inurl:site_search.asp mode=allwords
That tells you if G spiders the pages

cowenpa Says: October 29th, 2005 at 1:43 am

Would be interested in getting hold of your healthy list

“I have seen instances that include javascrips and other elements. The red cross search results (long URL) page is a PR 0, but I’ve found up to a PR 6 (someone on TW said they had a 7). I picked the Red Cross as an example to hopefully encourage donations.

All I had to do was dig around for a bit to come up with a healthly list. If any registered seoblackhat readers would like a few more examples, just drop a comment or e-mail me”

Ozh Says: October 31st, 2005 at 12:39 am

Send me the list too :)

mickmcmac Says: October 31st, 2005 at 9:45 pm

I would like to see the list as well please. Thanks for sharing!

Kusuma Says: November 2nd, 2005 at 7:33 am

I would like to see the list as well please…… thanks! :)

Tony Says: November 2nd, 2005 at 7:45 am

I want that list…but I also need some info on how to make it happen, just like the sample website (like the red cross site). Btw, the http://www.cdc.gov/ is PR9 now.

Thanks!:)

Genus Says: November 4th, 2005 at 6:55 am

Simply excellent info on this site. Please forward me the list. Many thanks

kanton Says: November 6th, 2005 at 8:54 pm

Hello my friend. Excellent info as always.

I could swear there was nothing on this post about a list the first time I read it (when it was posted). But I might be wrong. I keep forgetting this is NOT the usual trash talk copycats blogs. All the info here, all the sentences, all the words are precious! Fast reading is a no-no miss the best fate in here.

Any way, would be grateful for receiving the list :)

littlericki Says: November 17th, 2005 at 8:35 am

I would like to see that list. You have a great site with incredible work.

DaveB Says: November 24th, 2005 at 2:34 am

Fascinating information.

I also would appreciate the list and more examples.

whip Says: December 5th, 2005 at 2:20 am

i’am impressed!!!
i would like to see the other examples too, please.

ech0 Says: December 7th, 2005 at 7:08 pm

I would appreciate the list just aswell.

daveseo Says: December 7th, 2005 at 9:03 pm

Very interesting. I am a registered reader and would also really appreciate the list…

Thank you!!!

spublish Says: December 8th, 2005 at 8:24 am

Great Post!!!!

I would love to see more sites like that myself or the process you are using to find the sites.

Nobody Says: December 10th, 2005 at 9:39 pm

I just came across this site today… very interesting, to say the least.
You’re a smart Mother F’er. Nice Exploit! …Some of it is a bit over my head. :(

-Nobody

ryanryan Says: December 19th, 2005 at 7:46 am

I’ve been optimizing sites for a little over a year now, and upon research I learned that many of my top methods are considered “un-ethical” I am so glad to have finally found a group that understands the importance of a starving artist’s need to exploit. Could I please get the list of authority sites. Keep up the good work

kazoone Says: December 21st, 2005 at 11:21 am

If your offer is still valid, I’d like to take you up on that list.

thanks.

edoc Says: December 23rd, 2005 at 1:47 am

I’d like a copy of that list too please :)
Nice exploit.

Will Says: January 2nd, 2006 at 8:01 pm

Really useful web site. This advice is worth it’s weight in gold keep up the great work and sharing of web promotion ideas.

elprogramero Says: January 9th, 2006 at 3:02 pm

Great article!!! This site is awesome, I have spent 2 years, on ethical SEO… But there is no $$$ in it. I just LOVE SeoBlackHatz…. You are the best!
Can I have a list of authority site please?

See ya muchachos.

elprogramero Says: January 9th, 2006 at 3:11 pm

Fantastic INFO, really useful, please send me a list. :)

Tnx.

Jose Says: January 15th, 2006 at 11:44 pm

Very interesting. I am a registered reader and would also really appreciate the list…

Thank you!!!

MRamirez Says: January 16th, 2006 at 7:56 pm

Me too, 2 years white hat SEO and still poor, now I’m trying grey techniques with great results…
Please send me more example
Thx

blackmagic Says: February 1st, 2006 at 3:20 am

Hey quadszilla, I appreciate your hat color .. and your generosity .. I’d love that special list of yours as well .. I have begun to compile one of my own as well .. a clever trick indeed.

sunboya Says: February 9th, 2006 at 7:53 am

I love this article

free-ps3.co.uk Says: March 28th, 2006 at 9:49 am

i would also love a list

esoomllub Says: May 12th, 2006 at 1:02 pm

Sorry to revive an old comment thread, but this seemed very intriguing to me. It took less than 15 minutes to find another site that this worked on (not a real authority site, but just a schmuck site). I actually turned this around and tested my sites. I found one of my sites that is at least partially vulnerable (oh to clean it up now!)

hammertime Says: June 9th, 2006 at 4:12 pm

you awesome i’ve traded my white hat for a black one. Would love the list too but if not . I was wondering if you were looking for work I have a campaign I and pay consultants. You are the best. Thanx for the info.

Best. XSS. Ever. SEO Black Hat: SEO Blog Says: September 18th, 2006 at 12:48 am

[…] A Dig at a Doug who’s a Heel with an XSS exploit on one of the Heel’s Client’s Site. That just might be the “Best. XSS. Ever.” […]

  • Posted by QuadsZilla