Blackhat idea

seomanifest

seomanifest

Regular Member
Joined
Oct 5, 2008
Messages
363
Reaction score
81
Ok I don't know if this has been done before, but here goes. A lot of people are trying to work around captchas, what if one would create a forum that would allow ******** and leave it wide open to spammers, the only catch would be this, everytime a spammer wants to add a link they would have to fill in a captcha that would come from a remote service that you would need, you would use curl to do this and would retrieve the remote captcha image each time a new message is posted this way the spammer fills it in, and the same session would be used to send the result back to the service you need. You gain a captcha, the spammer gets a free link that will never get deleted.
 
Advertise on BHW
I've thought about the same thing, although using images or downloads as a "reward"

The CURL or what have you going out the back end would probably have to go through multiple proxies, to avoid triggering the secondary protection mechanisms.

Ideally, what you would create would simply be a CAPTCHA plugin that would allow itself to be pointed at the service you were targeting, so you could basically turn any software that employs CAPTCHA into a gateway for this method.
 
I definitely agree with the proxy method, there would be no way around that, I am sure that the spammers would be already grateful that in exchange for a captcha they gain a link that will never get deleted.
 
Eli at bluehatseo has a pretty ingenious post about this and using proxies to get people to solve them for you. It's not a new idea, but this spin on it has potential.

Of course spammers would either have to have an automated way to solve the captcha or they wouldn't bother spamming your site. Which means there's a way to automatically solve it, you just haven't found it yet. :)
 
I have not heard of anyone else coming up with this, but that is good news this means the idea does have potential, I have always been an automation freak in my 18 years in the IT industry. Could you be so kind as to give me the link to the post at bluehatseo?

Thanks

scubaslick said:
Eli at bluehatseo has a pretty ingenious post about this and using proxies to get people to solve them for you. It's not a new idea, but this spin on it has potential.

Of course spammers would either have to have an automated way to solve the captcha or they wouldn't bother spamming your site. Which means there's a way to automatically solve it, you just haven't found it yet. :)
Click to expand...
 
Adult sites use this sorta thing. Free stuff if you enter the captcha to "verify" your human.

It just puts the image url into a PHP variable, loads it based on that, then XSS's the user input to the remote server.

Of course, it's quite tedious to setup a checking script, but its very do-able (i.e. making sure the user enters the right code).
 
If you can't break it, how is the spammer going to. Unless of course it is manual spammers but that isn't going to allow you to get the volume that you want.
 
lowboman said:
If you can't break it, how is the spammer going to. Unless of course it is manual spammers but that isn't going to allow you to get the volume that you want.
Click to expand...

Well if you get your forum on Xrumer that would definitely help :-)
 
what do you gain for people typing in catchpa ?
 
Im already doing this
Its pretty hard to set up but its worth the effort
 
i think the adult site method could be a very good way to get around capthca's

i was reading a article the other day saying that soon alot of adult sites will be using this method toe draw in captcas getting users to enter them , making a spam post/ new email account/ so forth or similar


the porn user is happy as all there doing is entering a string to get free porn, the webmaster/ bh / spammer is happy as a person is sloving the captcha problem and hopfulling promoting some other offer that might make money or somthing


has anyone ever made a little script for this purpose on the forums, i run a hole bunch of adult sites that have thousands of vistors per day , (adult video sharing mainly) and i could quite esily put up a few pages that maybe use curl to post across message boards , newsgropus etc or even sign up for a bunch of free email accounts or similar, as these users enter my sites via a drawn in capactha


maybe i should look more into making something like this, i guess it could not be that hard to make
 
Probably the best thing would be to have two different entrances to the site, one would be the "honeypot" where the people who want something for free would come in (this would be the main entrance), and another (possibly on a different domain), which would be a market where people could bid on CAPTCHA cracking. Basically, they could offer an amount per cracked CAPTCHA, at any of a series of supported locations, and they would be presented with an API which would grant their processes access. If they bid low, they will not get as much access, or will have to wait until higher priority bids get processed. Still this will allow the price per CAPTCHA to sort itself out organically.
 
I really like the bidding idea, would anyone be interested in doing this? I can probably provide the remote captcha script, if someone is willing to do the bidding part, if interested send me a PM

mattstrike said:
Probably the best thing would be to have two different entrances to the site, one would be the "honeypot" where the people who want something for free would come in (this would be the main entrance), and another (possibly on a different domain), which would be a market where people could bid on CAPTCHA cracking. Basically, they could offer an amount per cracked CAPTCHA, at any of a series of supported locations, and they would be presented with an API which would grant their processes access. If they bid low, they will not get as much access, or will have to wait until higher priority bids get processed. Still this will allow the price per CAPTCHA to sort itself out organically.
Click to expand...
 
Advertise on BHW
You must log in or register to reply here.
Sign up now!

Main Menu

Home Main Forum List Black Hat SEO White Hat SEO BHW Newbie Guide Blogging Black Hat Tools Social Networking Downloads

Marketplace

Content / Copywriting Hosting Images, Logos & Videos Proxies For Sale SEO - Link building SEO - Packages Social Media Social Media - Panels Web Design Misc

Making Money

Affiliate Programs Hire a Freelancer Making Money Pay Per Click Site Flipping

BlackHatWorld

BHW Merch Forum Suggestions & Feedback Introductions Lounge Dispute Resolution

Other

Domain Name Forum IM Journeys Web Hosting Newsletter
Back
Top