1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Image Hijack LOLs

Discussion in 'BlackHat Lounge' started by moralcode, Feb 23, 2017.

  1. moralcode

    moralcode Newbie

    Joined:
    Apr 9, 2014
    Messages:
    11
    Likes Received:
    2
    So be me, and look through new dev server logs.

    I notice there is a lot of traffic calling an image to a domain I do not own. The DNS was pointing to my server, though...

    Capture1.PNG

    Oh, I was annoyed at first but then.....Then i lit up. I Lit up like a child on Christmas. I saw the light; I started to laugh.

    Why?

    Because they are calling an image on my server....and image that I can make appear as whatever I want.

    Looking through my log, I could see what site the calls were coming from.

    It was some landing page for a fat burn pill in Brazil.

    Capture2.PNG

    Notice there is an image.... that cannot display because it is hotlinked from my server!

    Oh the joy! The joy of being able to add a pic on a site with high traffic... Now because I mostly deal with US, I have no reason to pop up an add as an image BUT, I found a fun solution....

    Capture3.PNG

    I went full on immature...

    How do you all suggest I monetize though? I'm only leaving that up for tonight...