1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How did they do this?!?

Discussion in 'Black Hat SEO' started by speakeasy602, Sep 6, 2010.

  1. speakeasy602

    speakeasy602 Junior Member

    Joined:
    Aug 4, 2009
    Messages:
    126
    Likes Received:
    39
    I have a phpLD directory set up on one of my domains, and I installed a script that approves pending links every 24 hours using cron jobs. Recently, I decided to see how many listings were in my directory, and there's around 20k different listings. At fist, I wrote it off as spam, and didn't really care, but when I actually went in to see some of the links, I noticed that most of the links were "featured listings"...

    How did someone submit almost 20k links directly into the featured listings/categories. Some of the listings don't even have URLs, and that's a required field!

    I assume that this is a sql hack or something, but I'm not 100% sure.

    The only reason why I want to figure out how this was done is so I can do the same thing to other phpLD sites. Someone please help me answer this so I can exploit the hell out of it.
     
  2. rakka

    rakka Newbie

    Joined:
    Aug 14, 2010
    Messages:
    21
    Likes Received:
    7
    If you know when it happened and you have access to the server logs you might be able to figure it out from that. I'd say chances are pretty good that its a SQL injection hack of some sort.
     
  3. speakeasy602

    speakeasy602 Junior Member

    Joined:
    Aug 4, 2009
    Messages:
    126
    Likes Received:
    39
    I wish I knew. I was retarded setting up those cron jobs for every 24 hours. The site has been on autopilot for like 2+ years. I can probably look in mysql to see if they were date stamped and go from there. That's a great idea.