1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

FREESelf-Hosted Referer BlankerJohnsonDaniel's Latest Share

Discussion in 'Black Hat SEO' started by JohnsonDaniel, Jul 17, 2011.

  1. JohnsonDaniel

    JohnsonDaniel Regular Member

    Joined:
    May 16, 2008
    Messages:
    389
    Likes Received:
    1,385
    Location:
    In a bright place---------------------------------
    My latest share is a self-hosted referer blanking script :)

    I'd like to ask for something in exchange though...

    Please, if you are grateful or you find a use for it, and you feel driven to thank me, do NOT post a "thanking post", just hit the button, it's what it's there for.

    Otoh, if you have contributions to the code, test results, or anything else, of interest to the users of my script, then you are encouraged to post, and I'd be grateful if you would :)

    So, on to the script...

    Instructions:

    1. Save the following file as index.php.
    2. Upload it to a folder on your hosting space.
    3. Send traffic for which you want to blank the referer to:

    http://whereveryouuploaded/?http://theLinkyouwanttoSendthemto

    If you uploaded to mydomain.com, then replace "whereveryouuploaded" with mydomain.com.
    If you uploaded to a folder named "x" on mydomain.com, then replace "whereveryouuploaded" with mydomain.com/x


    NOTES:

    1. At the moment, Opera cannot be blanked, so this script includes a fallback url. It will catch any traffic for which the referer has not been successfully removed, and dump that traffic there.
    It's currently set to g*o*o*g*l*e, you can change it to wherever YOU want to dump your non-blanked traffic.

    2. Although Opera does not get blanked, it only transfers the script's location, NOT the original referer, so, if you don't mind disclosing the script's location, feel free to remove the fallback function from the code.

    3. This script will pass parameters and values in the destination link, including dynamically appended ones, such as those generated by Content Lock Pro and Prosper202.

    NO-ONE has openly shared a referer blanking script before, since the days of DMR's. You are NOT allowed to sell this, nor are you allowed to remove the attribution in the source code. If you use this within your script or software, please respect the attribution, and leave my name, and "Content Lock Pro" intact.

    Respect for the above paragraph will encourage me to continue sharing, if I find it is ignored the gravy train will reach its final stop.
    Thanks for understanding :)

    PHP:
    <?php
    /* 
    JohnsonDaniel's Referer Blanking Script
    Content Lock Pro, Next Generation Content Locker, Treble your Income from Locking.
    Website: http://ContentLockPro.com
    Email:   http://scr.im/clpro
    URL Construction:
    http://scriptdomain.com/folder/?http://destinationlink.com?parameters=values
    */

    // Extract URI minus http://scriptdomain.com
    $req_url $_SERVER['REQUEST_URI'];

    function 
    selfURL() { $s = empty($_SERVER["HTTPS"]) ? '' : ($_SERVER["HTTPS"] == "on") ? "s" ""$protocol strleft(strtolower($_SERVER["SERVER_PROTOCOL"]), "/").$s$port = ($_SERVER["SERVER_PORT"] == "80") ? "" : (":".$_SERVER["SERVER_PORT"]); return $protocol."://".$_SERVER['SERVER_NAME'].$port.$_SERVER['REQUEST_URI']; }
    function 
    strleft($s1$s2) { return substr($s10strpos($s1$s2)); }
    $full_url selfURL();

    // Extract the urls which we need
    $script_name $_SERVER['SCRIPT_NAME'];
    $current_file basename(__FILE__);
    $dir str_replace($current_file,'',$script_name);
    $dir .= '?';
    $offer str_replace($dir,'',$req_url);
    $offer remove_attempt($offer);

    $fallback 'http://www.google.com/'

    if (!isset(
    $_REQUEST['attempt'])) $_REQUEST['attempt'] = 0;

    switch (
    $_REQUEST['attempt']) {
        case 
    0:
            echo 
    method0($offer,$full_url);
            break;
        case 
    1:
            echo 
    method1($offer,$full_url);
            break;
        case 
    2:
            echo 
    method2($offer,$full_url);
            break;
        case 
    3:
            echo 
    method3($offer,$fallback);
            break;
        default:
            echo 
    method0($offer,$full_url);
    }

    function 
    method0($offer,$full_url) {
        
    $txt '';
        
    $referer '';
        if (isset(
    $_SERVER['HTTP_REFERER'])) $referer $_SERVER['HTTP_REFERER'];
        if (
    $referer == '' ) {
           
    // If blank redirect
          
    header('Location: '.$offer);
        } else {
            
    // Use method 0 to blank -> works mostly for IE and FF
            
    $txt '<meta http-equiv="refresh" content="0; url='.$full_url.'&attempt=1">'
        }
        
        return 
    $txt;
    }

    function 
    method1($offer,$full_url) {
        
    $txt '';
        
    $referer '';
        if (isset(
    $_SERVER['HTTP_REFERER'])) $referer $_SERVER['HTTP_REFERER'];
        if (
    $referer == '' ) {
           
    // If blank redirect
           
    header('Location: '.$offer);
        } else {
            
    // Use method 1 to blank
            
    $txt '<script>
              function go(){
            window.frames[0].document.body.innerHTML=\'<form target="_parent" method="post" action="'
    .$full_url.'&attempt=2">';
            
    $txt .= '</form>\';
                window.frames[0].document.forms[0].submit()
              }   
            </script>
            <iframe onload="window.setTimeout(\'go()\', 99)" src="about:blank" style="visibility:hidden"></iframe>'
    ;
        }    
            
        return 
    $txt;
    }

    function 
    method2($offer,$full_url) {
        
    $txt '';
        
    $referer '';
        if (isset(
    $_SERVER['HTTP_REFERER'])) $referer $_SERVER['HTTP_REFERER'];
        if (
    $referer == '' ) {
           
    // If blank redirect
           
    header('Location: '.$offer);
        } else {
            
    // Use method 2 to blank
            
    $txt '<iframe src="javascript:parent.location=\''.$full_url.'&attempt=3\'" style="visibility:hidden"></iframe>';
        }    
            
        return 
    $txt;
    }

    function 
    method3($offer,$fallback) { // All methods tried
        
    $referer '';
        if (isset(
    $_SERVER['HTTP_REFERER'])) $referer $_SERVER['HTTP_REFERER'];
        if (
    $referer == '' ) {
           
    // If blank redirect
           
    header('Location: '.$offer);
        } else {
           
    // No methods remaining -> send to fallback
           
    header('Location: '.$fallback);
        }    
            
        return 
    $txt;
    }

    function 
    remove_attempt($url) {
        
    $i strpos($url,'&attempt=');
        if (
    $i $url substr($url,0,$i);
        
        return 
    $url;
    }

    function 
    create_parameters($url) {
        
    $p1 strpos ($url'?');
        
    $p = array();

        if (
    $p1 ) {
            
    $url_no_par substr ($url 0$p1);
            
    $p1 $p1 1;
            
    $url_par substr ($url $p1);
            
    $paryval explode ('&'$url_par);
            foreach (
    $paryval as $value) {
                
    $p[] = explode ('=',$value);
            }
        }
        
        return 
    $p;
    }

    ?>
     
    • Thanks Thanks x 65
    Last edited: Jul 17, 2011
  2. HackZu

    HackZu Junior Member

    Joined:
    Nov 6, 2009
    Messages:
    115
    Likes Received:
    53
    Your referer:
    No referer / Hidden

    Another amazing share by JohnsonDaniel! Thanks and +rep given.

    Kind regards


    HackZu
     
    Last edited: Jul 17, 2011
  3. the1sun

    the1sun Newbie

    Joined:
    Jul 18, 2011
    Messages:
    20
    Likes Received:
    0
    thnks
     
  4. HFlame7

    HFlame7 Regular Member

    Joined:
    Jun 20, 2011
    Messages:
    277
    Likes Received:
    156
    "You must spread some Reputation around before giving it to JohnsonDaniel again."

    Ah, looks like I've given you too much rep for your excellent shares. So I'll just say thanks again for another excellent share Daniel!

    Edit: Forgot to put the test results in! See new post.
     
    Last edited: Jul 18, 2011
  5. JohnsonDaniel

    JohnsonDaniel Regular Member

    Joined:
    May 16, 2008
    Messages:
    389
    Likes Received:
    1,385
    Location:
    In a bright place---------------------------------
    PLEASE read that again...the day will come where you'll just get banned for posting these silly "thanks" posts.
    Folks, THERE IS A BUTTON if thanks is all you have to say - USE IT!

    It's not that I don't appreciate the thanks, because I do, but the whole value of threads gets horribly diluted when it just becomes pages and pages of silly thanking posts.
     
  6. HFlame7

    HFlame7 Regular Member

    Joined:
    Jun 20, 2011
    Messages:
    277
    Likes Received:
    156
    Whoops, I actually read that part and then forgot to post my test results -- which I actually did before sending a thanks. Tested it out, and it works great! The only thing I have to decide is whether I want to use this one, your fake referrer script, or maybe a combination of both. Hmmm the decisions :D
     
  7. JohnsonDaniel

    JohnsonDaniel Regular Member

    Joined:
    May 16, 2008
    Messages:
    389
    Likes Received:
    1,385
    Location:
    In a bright place---------------------------------
    LOL, yep, the decisions are the most awkward part of the whole process!

    Maybe this thread will help:

    [DISCUSS] ★ Referers ★ Blanking vs Faking ★ Time to Settle This OFA!

    When you DO decide, maybe you'll add your vote to the poll...
     
  8. xpwizard

    xpwizard Junior Member

    Joined:
    Nov 6, 2010
    Messages:
    198
    Likes Received:
    122
    Hey JD,

    I like how the script works (meta, iframe, and then js).
    I've made a couple simple changes:

    #1 - Made it so the script will work with any filename (previously if the filename was not index.php the script would error).
    #2 - Removed the echo's in the switch statement (these are not needed).
    #3 - Added in a browser check for Opera. This way if the browser is Opera it will go straight to the fallback url (saves execution time).
    #4 - Made a nicer title/header bar for you (and changed spelling of "Treble") :)

    PHP:
    <?php
        
    /**
        * JohnsonDaniel's Referer Blanking Script
        * Content Lock Pro, Next Generation Content Locker, Treble your Income from Locking.
        * Website: http://ContentLockPro.com
        * Email: http://scr.im/clpro
        * URL Construction:
        * http://scriptdomain.com/folder/?http://destinationlink.com?parameters=values  
        */

        // Extract URI minus http://scriptdomain.com
        
    $req_url $_SERVER['REQUEST_URI'];

        function 
    selfURL() { $s = empty($_SERVER["HTTPS"]) ? '' : ($_SERVER["HTTPS"] == "on") ? "s" ""$protocol strleft(strtolower($_SERVER["SERVER_PROTOCOL"]), "/").$s$port = ($_SERVER["SERVER_PORT"] == "80") ? "" : (":".$_SERVER["SERVER_PORT"]); return $protocol."://".$_SERVER['SERVER_NAME'].$port.$_SERVER['REQUEST_URI']; }
        function 
    strleft($s1$s2) { return substr($s10strpos($s1$s2)); }
        
    $full_url selfURL();

        
    // Extract the urls which we need
        
    $script_name $_SERVER['SCRIPT_NAME'];
        
    $current_file basename(__FILE__);
        if (
    $current_file === "index.php") { 
            
    $dir str_replace($current_file,'',$script_name); 
            
    $dir .= '?';
            
    $offer str_replace($dir,'',$req_url);
        } else { 
            
    $dir $script_name.'?';
            
    $offer str_replace($dir,'',$req_url);
        }
        
    $offer remove_attempt($offer);

        
    // set fallback URL
        
    $fallback 'http://www.google.com/';

        if (!isset(
    $_REQUEST['attempt'])) $_REQUEST['attempt'] = 0;

        switch (
    $_REQUEST['attempt']) {
            case 
    0:
                
    getBrowser($offer,$full_url,$fallback);
                break;
            case 
    1:
                
    method1($offer,$full_url);
                break;
            case 
    2:
                
    method2($offer,$full_url);
                break;
            case 
    3:
                
    method3($offer,$fallback);
                break;
            default:
                
    getBrowser($offer,$full_url,$fallback);
        }

        
    // if browser is Opera, go straight to fallback
        
    function getBrowser($offer,$full_url,$fallback) {
            
    $u_agent $_SERVER['HTTP_USER_AGENT'];

            if(
    strpos($u_agent'Opera') !== false) {
                
    header('Location: '.$fallback);
            } else {
                
    method0($offer,$full_url);  
            }
        } 

        function 
    method0($offer,$full_url) {
            
    $txt '';
            
    $referer '';
            if (isset(
    $_SERVER['HTTP_REFERER'])) $referer $_SERVER['HTTP_REFERER'];
            if (
    $referer == '' ) {
                
    // If blank redirect
                
    header('Location: '.$offer);
            } else {
                
    // Use method 0 to blank -> works mostly for IE and FF
                
    $txt '<meta http-equiv="refresh" content="0; url='.$full_url.'&attempt=1">'
            }

            return 
    $txt;
        }

        function 
    method1($offer,$full_url) {
            
    $txt '';
            
    $referer '';
            if (isset(
    $_SERVER['HTTP_REFERER'])) $referer $_SERVER['HTTP_REFERER'];
            if (
    $referer == '' ) {
                
    // If blank redirect
                
    header('Location: '.$offer);
            } else {
                
    // Use method 1 to blank
                
    $txt '<script>
                function go(){
                window.frames[0].document.body.innerHTML=\'<form target="_parent" method="post" action="'
    .$full_url.'&attempt=2">';
                
    $txt .= '</form>\';
                window.frames[0].document.forms[0].submit()
                }   
                </script>
                <iframe onload="window.setTimeout(\'go()\', 99)" src="about:blank" style="visibility:hidden"></iframe>'
    ;
            }    

            return 
    $txt;
        }

        function 
    method2($offer,$full_url) {
            
    $txt '';
            
    $referer '';
            if (isset(
    $_SERVER['HTTP_REFERER'])) $referer $_SERVER['HTTP_REFERER'];
            if (
    $referer == '' ) {
                
    // If blank redirect
                
    header('Location: '.$offer);
            } else {
                
    // Use method 2 to blank
                
    $txt '<iframe src="javascript:parent.location=\''.$full_url.'&attempt=3\'" style="visibility:hidden"></iframe>';
            }    

            return 
    $txt;
        }

        function 
    method3($offer,$fallback) { // All methods tried
            
    $referer '';
            if (isset(
    $_SERVER['HTTP_REFERER'])) $referer $_SERVER['HTTP_REFERER'];
            if (
    $referer == '' ) {
                
    // If blank redirect
                
    header('Location: '.$offer);
            } else {
                
    // No methods remaining -> send to fallback
                
    header('Location: '.$fallback);
            }    

            return 
    $txt;
        }

        function 
    remove_attempt($url) {
            
    $i strpos($url,'&attempt=');
            if (
    $i $url substr($url,0,$i);

            return 
    $url;
        }

        function 
    create_parameters($url) {
            
    $p1 strpos ($url'?');
            
    $p = array();

            if (
    $p1 ) {
                
    $url_no_par substr ($url 0$p1);
                
    $p1 $p1 1;
                
    $url_par substr ($url $p1);
                
    $paryval explode ('&'$url_par);
                foreach (
    $paryval as $value) {
                    
    $p[] = explode ('=',$value);
                }
            }

            return 
    $p;
        }      

    ?>
     
    • Thanks Thanks x 3
    Last edited: Jul 23, 2011
  9. JohnsonDaniel

    JohnsonDaniel Regular Member

    Joined:
    May 16, 2008
    Messages:
    389
    Likes Received:
    1,385
    Location:
    In a bright place---------------------------------
    Thanks, me too :) Although a newer version is just about ready for release.

    The reason for using index.php is so you can construct using whereveryouuploadedto/? or whereveryouuploadedto/foldername/?.

    If you use myfile.php instead of index.php, the urls need to be constructed using:
    whereveryouuploadedto/myfile.php? or whereveryouuploadedto/foldername/myfile.php?

    Nevertheless it seems fair enough to provide choice for people :)

    They were useful for testing, and I'd be keen to retest without them before dropping them altogether.

    I debated about this. It's by-the-by now, as the script has changed to blank most versions of Opera also.
    Nevertheless, in my own debate in my mind, I opted not to go for sending Opera users direct to the fallback url, as obtaining the browser via getbrowser() and the user_agent is notoriously unreliable, so, personally, I preferred the extra execution time ;)

    I see the extra asterisks, which, although they appear a bit nicer, are unnecessary, however I don't see any change made to the way I spelt "Treble"...

    Will create another thread, possibly later on today, but definitely no later than Monday, with the updated version of the blanker.
    The updated version goes as far as Referer.us (i.e. most versions of Opera also, but not the latest).
     
  10. xpwizard

    xpwizard Junior Member

    Joined:
    Nov 6, 2010
    Messages:
    198
    Likes Received:
    122
    Yep, this was the first thing that stuck out to me (If I implement this, then I want it in my working dir, so index wouldn't cut).

    With the echo's, since you are using a return in all of the functions it's not needed.

    I've never had any problems with the getbrowser function, although I have heard of them (which is also why I used strpos instead of a preg_match -> preg has played up in the past for me).

    Although I didn't know that it was only certain versions of Opera that wouldn't work. Otherwise I wouldn't of bothered with this.

    That would be my mistake with "Treble", did a late edit with a local file instead of the one on my server.

    Looking forward to it. Always nice to have someone who doesn't mind sharing code :)

    Hit me up if you need any extra testing/help.
     
    Last edited: Jul 23, 2011
  11. Mindanao

    Mindanao BANNED BANNED

    Joined:
    Jun 12, 2011
    Messages:
    400
    Likes Received:
    76
    Tested and worked like a charm. :) Anyway do you have any new version of this script? need to bypass opera. :D
     
  12. JohnsonDaniel

    JohnsonDaniel Regular Member

    Joined:
    May 16, 2008
    Messages:
    389
    Likes Received:
    1,385
    Location:
    In a bright place---------------------------------
    I haven't yet released the newer version, and I'm currently undecided as to whether I will or not...
    However, it will only blank versions of Opera prior to the latest one - the latest cannot yet be blanked, and you'll find that even Referer.us can't blank it.
     
  13. parkingcash

    parkingcash Newbie

    Joined:
    Mar 25, 2011
    Messages:
    25
    Likes Received:
    1
    Hi JD ,

    First of all thanks for you amazing job! it's so great to share source code .


    I did some tests yesterday , I found a problem with the blanker .
    If put the blanker code in iframe . it will not work .

    For example :


    <iframe src="BLANKER's CODE" width="0" height="0" frameborder="0" scrolling="no"></iframe>


    And the code will do nothing there , and will not reidirect to target page .
    I spend a whole nit trying to fix it , but no sucess .
     
  14. parkingcash

    parkingcash Newbie

    Joined:
    Mar 25, 2011
    Messages:
    25
    Likes Received:
    1
    JD , you there ?

    Please help . I would like to pay some cash to solve this problem .
    I also email you . you didn't reply :(
     
  15. parkingcash

    parkingcash Newbie

    Joined:
    Mar 25, 2011
    Messages:
    25
    Likes Received:
    1
    JD , you there ?

    Please help . I would like to pay some cash to solve this problem .
    I also email you . you didn't reply :(



    I found that , the script doesn't work if you put it into an iframe on a hosting .
    For example , you put it into an iframe , saved as 123.htm . by opening 123.htm directly on your local PC, it works . But if you upload 123.htm to a website . and visit that url link . then it doesn't work
     
    Last edited: Sep 10, 2011
  16. JohnsonDaniel

    JohnsonDaniel Regular Member

    Joined:
    May 16, 2008
    Messages:
    389
    Likes Received:
    1,385
    Location:
    In a bright place---------------------------------
    Been offline due to a technical issue for the last couple of days. Am now in touch with you directly, though :)
     
  17. parkingcash

    parkingcash Newbie

    Joined:
    Mar 25, 2011
    Messages:
    25
    Likes Received:
    1


    Yes :) I got your email .
    Now , Waiting for your update , bro . :D
     
  18. Captain Midnight

    Captain Midnight Newbie

    Joined:
    Sep 30, 2009
    Messages:
    31
    Likes Received:
    7
    Location:
    USA
    Thanks JD -- This script actually works pretty well.

    My usage may be different from most here as I am using it for parking. The big G says that you can no longer redirect for obvious reasons (redirecting from a crap domain with traffic to a good domain with high PPC value). They are now requiring you to use your parking services name servers.

    My solution to my problem is that like before I needed (or would like to) "tag" my traffic with a bit more data, such as GA and maybe my own footer, etc. while I still iframe in the parking services content and this is just 1 more layer to help with the referer issue, so thanks. I never did redirect from crap domains -> good domains.

    I was curious though, in order to work like referer.us does, they say "...we use quadplex referer removing tactics, which include Meta Refresh, Javascript Location Replace, iFrame Parent Post and Flash getURL Function."

    I found a swf flash redirect bit out there and didn't know if that would be part of the new update... No hurry, but when will you post the latest update?

    Thanks again,
    CM
     
  19. JohnsonDaniel

    JohnsonDaniel Regular Member

    Joined:
    May 16, 2008
    Messages:
    389
    Likes Received:
    1,385
    Location:
    In a bright place---------------------------------
    Hi,

    I'd like to test it some more before releasing, and I'm also still undecided about how/when to release. Needless to say, v2 of CLP is my priority at the moment, and that will include the latest version of the blanker (which uses quadplex like referer.us).
     
  20. JohnsonDaniel

    JohnsonDaniel Regular Member

    Joined:
    May 16, 2008
    Messages:
    389
    Likes Received:
    1,385
    Location:
    In a bright place---------------------------------
    Just as info for other people, Parkingcash and I got talking, and the issue is with the server he is using, and the way it's configured (it's a Windows server).
    What he wanted to do with the iframes was tested on my server (standard LAMP) and worked just fine.