1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Buy Viagra #1 Site, how they do it?

Discussion in 'Cloaking and Content Generators' started by sqhunter, Jan 26, 2010.

  1. sqhunter

    sqhunter Regular Member

    Joined:
    Jul 8, 2009
    Messages:
    385
    Likes Received:
    267
    Check this out:

    when you search the term buy viagra this site pops up: www.dc.umich.edu/grocs/ (you must go through G search)

    paste in browser manually www.dc.umich.edu/grocs/ a totally different site.

    How they do this? Did they hijack this .edu url and redirect? Its incredible
     
    Last edited: Jan 26, 2010
  2. marketingteam

    marketingteam Registered Member

    Joined:
    Oct 1, 2008
    Messages:
    87
    Likes Received:
    8
    they are displaying site based on refered. so, if user is from google, they might show the cart page.

    More info : If you copy the google URL and paste it in a new tab or window in browser you will note it takes you to the actual .edu page. They probably have control over the .edu site.
     
    • Thanks Thanks x 1
    Last edited: Jan 26, 2010
  3. blazen

    blazen Regular Member

    Joined:
    Mar 8, 2008
    Messages:
    471
    Likes Received:
    147
    This can be done by javascript or server-side code such as php. You can also use the .htaccess file as well.

    They have access to the server. (which they most likely hijacked or hacked). They check referrers to the page for search keywords. If a keyword is in the referrer, they display the viagra content.
     
    • Thanks Thanks x 1
    Last edited: Jan 26, 2010
  4. sqhunter

    sqhunter Regular Member

    Joined:
    Jul 8, 2009
    Messages:
    385
    Likes Received:
    267
    Well interesting, so they must have some kind of access to their server? is this a common practice? whats the name for this?
     
  5. legendoflink

    legendoflink Registered Member

    Joined:
    Oct 6, 2008
    Messages:
    70
    Likes Received:
    11
    It's easy. They use a php script that detects if the referer is from G. If it is, they copy the page from pillsed.com and display it in your browser. If not, it displays the normal blog. I've done it on my sites in the past.
     
    • Thanks Thanks x 2
  6. legendoflink

    legendoflink Registered Member

    Joined:
    Oct 6, 2008
    Messages:
    70
    Likes Received:
    11
    You don't need access to any server. This can be done with any site, including G.
     
    • Thanks Thanks x 1
  7. sqhunter

    sqhunter Regular Member

    Joined:
    Jul 8, 2009
    Messages:
    385
    Likes Received:
    267
    Ok, but that php script must be on that .edu server right? so they do need access to include it there or ?

    How can i read up more about this? does this falls under the category 'doorway' or 'cloaking' ???
     
  8. nightmarer

    nightmarer Registered Member

    Joined:
    Jul 20, 2008
    Messages:
    74
    Likes Received:
    20
    Interesting to learn it. If we can dominate 'buy viagra' for few weeks or couple months, there will be a lot money to be make. Or other buying niches.

    I notice they may also try to hack 'wakschallenge.rutgers.edu'. In search term
    'buy viagra' this site is in first page and rank #2. But when you click on this site, it will back to original site and not to viagra ads. Maybe, the site owner had known it and kick this hacker out....:)
     
    • Thanks Thanks x 1
  9. d3t0x

    d3t0x Jr. VIP Jr. VIP Premium Member

    Joined:
    Oct 28, 2008
    Messages:
    1,955
    Likes Received:
    780
    Location:
    Vancouver, BC
    You need access to the .edu site dude. You can't inject the php script unless you have access?
     
    • Thanks Thanks x 1
  10. marketingteam

    marketingteam Registered Member

    Joined:
    Oct 1, 2008
    Messages:
    87
    Likes Received:
    8
    Man, It's basically a php script on that edu site. They check for referer. If it's from google, they redirect to their main viagara site. Else, they just display the edu site page. It's cloaking + a php script combined, and I can set this up for free. It's simple stuff.
     
    • Thanks Thanks x 3
  11. Obay1

    Obay1 Regular Member

    Joined:
    Dec 20, 2009
    Messages:
    226
    Likes Received:
    10
    I do not understand why people actually have Viagra sites? And they're populated?
     
  12. sqhunter

    sqhunter Regular Member

    Joined:
    Jul 8, 2009
    Messages:
    385
    Likes Received:
    267
    I am also not sure why they have them viagara sites, maybe its because this guy makes 10-30k a day with his site in the #1 position?? ;)

    @ marketingteam

    if its a basic script then seems the biggest hurdle is to gain access to the server. Seems this can happen if you give youre ftp info out when you outsource your work and they leave a backdoor behind..

    I am in no way implicating that i am looking for a script like this on an .edu site somewhere but if someone has one laying around well let me know..
     
  13. nightmarer

    nightmarer Registered Member

    Joined:
    Jul 20, 2008
    Messages:
    74
    Likes Received:
    20
    @Legendoflink, you must know well to do that. If you don't mind could you share the steps to do it without acces to any server.

    Or maybe, you can write an e-book about that and I'am sure, blackhatters will like and buy it. Who doesn't want to rank #1 for high targeted keywords just for few weeks or even just for few days...? :eek:
     
    • Thanks Thanks x 1
  14. Iluminatul

    Iluminatul Junior Member

    Joined:
    Jan 24, 2010
    Messages:
    103
    Likes Received:
    6
    Either he doesn't know what he's talking about or I don't know.. maybe he's illuminated into server hijacking but still..
     
  15. load8

    load8 Newbie

    Joined:
    Oct 21, 2009
    Messages:
    25
    Likes Received:
    7
    Its reallyreally easy

    If someone followed a link to your site in php the variable $_SERVER['HTTP_REFERER'] will contain the address from which the user was referred.
    You just need a simple If/then clause to decide what to show the user based on his referer.

    small example:

    Code:
    $referer = getenv( "HTTP_REFERER" );
    
    [B]$tapps_referer = "http://www.google.com";
    [/B] 
    // referer check
        if (isset($tapps_referer) && $tapps_referer!="")
        {
            
            if ($i=strpos($referer,"?"))
            {
                $referer= substr($referer,0,$i);
            }
            if ($tapps_referer != $referer) 
    
            {
                
    header ("Location: www.normalsite.com");[B]
    // if referer is not google it will go to normalsite.com[/B]
            }
                             else
                             {
                               header ("Location: viagra.php");
    [B]//if referer is google..  it'll show viagra.php [/B]
                             }
            
        }
    if referer is google.. it'll show viagra.php
    if referer is not google it will go to normalsite.com

    you can also make sure it only happens for certain keywords by adding the q variable to $tapps_referer which will be a lil bit more complicated.
    adding geotargeting etc might also be an interesting twist. for example if you know where the admins are located, stop their ip-ranges from seeing it even with the right referer etc etc
     
    • Thanks Thanks x 2
    Last edited: Jan 28, 2010
  16. nightmarer

    nightmarer Registered Member

    Joined:
    Jul 20, 2008
    Messages:
    74
    Likes Received:
    20
    Guys, today I check on google 'buy viagra' and this site still page 1 and rank #1.
    But what happen when you click on this site you will see the message "Forbidden
    You don't have permission to access / on this server...."

    It's clearly for me that the webmaster has caught this hacker and it's clear that you must have acces to the server or hack into the server to do that. So, I doubt if @Legendoflink said, he can do it without acces to server.
     
  17. Megalodon

    Megalodon BANNED BANNED

    Joined:
    Nov 22, 2009
    Messages:
    82
    Likes Received:
    9
    Welcome to the 21 century! This has been going on for years on google.The casino and rx/online pharmacy fields are crowded with russians that use hacked .edu's and .gov's to rank.Sometimes they use xrumer, sometimes they don't, depending on how good the host is.They do it because they make at least $1-2 for every click and that is if they send it to PPC. Most of them make much more since they run and operate their own online pharmacies (which is easy and doesn't cost anything).
     
  18. buzzinusa

    buzzinusa Registered Member

    Joined:
    Nov 5, 2009
    Messages:
    76
    Likes Received:
    34
    Location:
    India
    Any body can get into details, how these guys are doing???Any working example other than this??
     
  19. hpv222

    hpv222 Power Member

    Joined:
    Feb 8, 2010
    Messages:
    736
    Likes Received:
    274
    bingo - and the edu craze was much bigger a year or two ago, now you only see this happening every now and then; also it won't last, but I'm pretty sure that they'll make a buck or two ;)
     
  20. wheaties

    wheaties Newbie

    Joined:
    Aug 9, 2008
    Messages:
    20
    Likes Received:
    12
    Location:
    USA
    Search this site for Project Black Mask
    Download
    Search the PDF for
    Fast Action Blueprint #2: The Affiliate Slam

    Explains it all.