1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Retargeting within BHW - Will this get me banned?

Discussion in 'Black Hat SEO' started by Ste Fishkin, Oct 27, 2016.

  1. Ste Fishkin

    Ste Fishkin Jr. VIP Jr. VIP Premium Member

    Joined:
    May 14, 2011
    Messages:
    2,047
    Likes Received:
    10,423
    For the last month or so people have been telling me my signature was broken, no its not. My signature is doing exactly what I wanted it to do. This explains that...

    [​IMG]

    The broken image you saw was me cookie stuffing you so I can retarget you later on (with this thread in mind). If you refreshed my signature or saw it on another page you would see my @UnGagged.com banner (click for discount) like normal and you would not know the difference.

    So what is retargeting?

    [​IMG]
    Retargeting is the idea of leaving a cookie on your computer so that advertisers can bombard you with more adverts and follow you around the internet until you do the thing they want you to do (buy, sign up or download some shit).

    The image above demonstrates this. This is an image hosted on the internet, but if you check the source code it runs through my own website first (cashgrabkeywords.com/setcookie.gif). It runs a script and then you are redirected to where the image is hosted. If you want to see this in action now, take note of the image below and then refresh the page.

    [​IMG]

    You should have seen the image change from my UnGagged strippers and hoes banner, to a you got my cookie sucker banner... Cool right?

    So I'm not going to spend the next hour of my life showing you what you can do with this shit... if you are not creative enough to work it out yourself then I'm not willing to hold your hand and talk you through it, but here are some possibilities:
    • re-target users who viewed your BST or certain threads
    • show individual users different banners, just PM them something with the image referenced within it.
    • add extra banners on your own website so you can show a different landing page for BHW users compared to the rest of the internet.
    • or change your signature banner depending on if they have visited your own website or not
    And of course, it's not just BHW you can do this on. Any website that will let you post your own self hosted image is susceptible to this... which includes most forums on the internet, web 2.0's and some blogs even. In fact next time you send out your infographic to 1000's of blogs, why not cookie stuff the shit out of them and see what happens. As explained at the end this is not only good for retargeting, but these methods can also be used to pull analytics data from other peoples websites also.

    So how the fuck am I doing this magic?
    All together we can do this with 3 very simple scripts and a few .htaccess lines.

    .htaccess
    So for the htaccess file we need to do two things...
    1. set a redirect from a image we use to set the cookie
    2. set a redirect for the signature image
    Here is my full .htaccess file
    Code:
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    Options +FollowSymLinks
    
    RewriteRule ^signature.gif$ https://www.cashgrabkeywords.com/retarget.php [L,R=301]
    RewriteRule ^setcookie.gif$ https://www.cashgrabkeywords.com/setcookie.php [L,R=301]
    </IfModule>
    
    So basically, its redirecting all requests for signature.gif and setcookie.gif to php scripts elsewhere. Signature.gif and setcookie.gif do not exist, they are there to set your browser up to request files from my server, instead of doing this I run scripts and then forward your request to images hosted elsewhere so you don't see the stupid broken image x.

    setcookie.php
    For the next bit lets begin with setcookie.php, which we call when setcookie.gif is requested, you can do this just like any other image...
    Code:
    [IMG]http://www.cashgrabkeywords.com/setcookie.gif[/IMG]
    
    OR
    
    <img src="http://www.cashgrabkeywords.com/setcookie.gif"/>
    
    As saw the .htaccess file will redirect us to setcookie.php, which is below:
    Code:
    <?php
    //check if cookie has been set
    if($_COOKIE["retarget"] !== 1){
      //if cookie has not been set, set cookie
      setcookie("retarget", 1, time()+604800);
    }
    header("Location: https://qph.ec.quoracdn.net/main-qimg-3c45af619b25983ecc56d3bbe64e05a6?convert_to_webp=true");
    exit;
    ?>
    
    This is a super simple script which does the following:
    • checks if the cookie (retarget) has already been set
    • if it hasn't been set, it sets the cookie
    • it then redirects the request to the re-targeting diagram image I posted above so that you see an image and you don't suspect a thing...
    So once this runs the cookie we use will be set, and we're free to retarget them whenever we want... In this case I run my cookie for 1 week, to alter this just swap 604800 for the number of seconds you want to use instead.

    retarget.php
    So just like above, when we call signature.gif we are taken to this script.

    This is just a simple if statement, if the cookie value (1) is set it takes you to one place, if it's not set it takes you to another.

    Code:
    <?php
    if($_COOKIE["retarget"] == 1){
      //this user needs retargeting
      header("Location: http://i.imgur.com/udRugJK.png");
    } else {
      //this user is not being retargeted
      header("Location: http://i.imgur.com/nTZq6HE.gif");
    }
    ?>
    
    signature.php
    But what use is updating the image if you can't update the link location... this script handles the link I put on the banner in my signature. It works in the exact same way as retarget.php

    Code:
    <?php
    if($_COOKIE["retarget"] == 1){
      //this user needs retargeting
      header("Location: https://www.youtube.com/watch?v=dQw4w9WgXcQ");
    } else {
      //this user is not being retargeted
      header("Location: https://www.eventbrite.com/e/ungagged-las-vegas-2016-tickets-21310002792?discount=STE");
    }
    ?>
    
    So what's next?
    So you can take this and do what you want but this is just the beginning, now you can see how simple it is to run scripts when images are called you should be able to see that you can do almost anything... including monitoring things like CTR, mining user data, monitoring impressions and before @Diamond Damien enabled https, you could pull referrer data and see what pages generated the most impressions/clicks or monitor which pages certain users saw our signature on with a combination of their IP and page referrals and cookies... But you can still run this on forums which haven't moved to https yet.

    The limit is endless, and unless this gets me banned for cookie stuffing BHW users I'll keep playing with it and seeing what I can do.

    Note: You will see @mickyfu runs the same signature as me, his is not cookie stuffing (unless he did this himself?)...
     
    • Thanks Thanks x 20
    Last edited by a moderator: Jan 25, 2017
  2. socialevilmedia

    socialevilmedia Jr. VIP Jr. VIP

    Joined:
    Nov 19, 2014
    Messages:
    233
    Likes Received:
    55
    Gender:
    Male
    Occupation:
    speculator
    Location:
    Chicago
    Home Page:
    Thats a bomb not a thread hahah :)
     
    • Thanks Thanks x 1
  3. thetrustedzone

    thetrustedzone Jr. VIP Jr. VIP

    Joined:
    Jun 15, 2010
    Messages:
    2,361
    Likes Received:
    1,917
    Home Page:
    Cookie stuffing related discussion isn't allowed on BHW i think .......
     
  4. MoneyEagle

    MoneyEagle Regular Member

    Joined:
    Nov 6, 2015
    Messages:
    325
    Likes Received:
    143
    Gender:
    Male
    Occupation:
    Internet Marketing
    Awesome share.
     
  5. Ste Fishkin

    Ste Fishkin Jr. VIP Jr. VIP Premium Member

    Joined:
    May 14, 2011
    Messages:
    2,047
    Likes Received:
    10,423
    This is retargeting not cookie stuffing.

    Cookie stuffing = fraud.

    This is just a neat little trick to push different banners to different people.
     
    • Thanks Thanks x 1
  6. thetrustedzone

    thetrustedzone Jr. VIP Jr. VIP

    Joined:
    Jun 15, 2010
    Messages:
    2,361
    Likes Received:
    1,917
    Home Page:
    I know it's retargeting ... but you started it as cookies stuffing related discussions ...i have np if mods kept your post ... it's nice post btw ...
     
  7. Shady Rasmy

    Shady Rasmy Newbie

    Joined:
    Oct 11, 2016
    Messages:
    38
    Likes Received:
    8
    Gender:
    Male
    WOW
     
    • Thanks Thanks x 1
  8. elavmunretea

    elavmunretea BANNED BANNED

    Joined:
    May 14, 2016
    Messages:
    1,579
    Likes Received:
    2,092
    Interesting share, I clicked you banner a few times and didn't notice anything.

    Not sure why this wouldn't be allowed on an international forum, seems like an incredible marketing strategy to me!
     
  9. Sandman1972

    Sandman1972 Junior Member

    Joined:
    Feb 18, 2016
    Messages:
    133
    Likes Received:
    41
    It becomes even more powerful when you re-target users who have already seen your video :)
     
  10. Taegn

    Taegn Junior Member

    Joined:
    Jul 22, 2016
    Messages:
    171
    Likes Received:
    32
    Craaazzy hair man!
     
  11. WesF.

    WesF. Newbie

    Joined:
    Oct 27, 2016
    Messages:
    26
    Likes Received:
    3
    Gender:
    Male
    This is a powerful tool man. A few scripts and some ingenuity goes a long way.
     
  12. tb303

    tb303 Power Member

    Joined:
    Dec 18, 2011
    Messages:
    734
    Likes Received:
    388
    hahaha the most blackhat thing been posted on blackhatworld in a long long time and it was a @Ste Fishkin post.
     
  13. Neon

    Neon Jr. VIP Jr. VIP

    Joined:
    Nov 3, 2013
    Messages:
    2,709
    Likes Received:
    6,365
    Gender:
    Male
    Occupation:
    Traveling the world
    Location:
    Berlin
    Actually there was a meteorite cookie stuffer in Stonehenge, but someone stole it.
     
  14. Asif WILSON Khan

    Asif WILSON Khan Executive VIP Jr. VIP

    Joined:
    Nov 10, 2012
    Messages:
    11,486
    Likes Received:
    32,436
    Gender:
    Male
    Occupation:
    Fun Lovin' Criminal
    Location:
    London
    Home Page:
    Decent thread Ste

    Hanging out with Rand got him pumped.
     
    • Thanks Thanks x 1
  15. Ste Fishkin

    Ste Fishkin Jr. VIP Jr. VIP Premium Member

    Joined:
    May 14, 2011
    Messages:
    2,047
    Likes Received:
    10,423
    He pumped me to a whole new level.
     
    • Thanks Thanks x 2
  16. mickyfu

    mickyfu Jr. VIP Jr. VIP

    Joined:
    Dec 14, 2011
    Messages:
    6,900
    Likes Received:
    19,803
    Occupation:
    King Of Crypto C
    Location:
    Solihull Young Offenders
    Pumped in the arse?
     
    • Thanks Thanks x 4
  17. freekingzoo

    freekingzoo Newbie

    Joined:
    Oct 28, 2016
    Messages:
    5
    Likes Received:
    2
    Gender:
    Male
    This whole cookie thing always confuses me.
     
  18. coitza

    coitza Jr. VIP Jr. VIP Premium Member

    Joined:
    Oct 26, 2007
    Messages:
    2,686
    Likes Received:
    696
    Occupation:
    freelancer
    Home Page:
    A great read, I cant' believe how easy this is :D damn...
     
  19. sachin_panwar1996

    sachin_panwar1996 Newbie

    Joined:
    Nov 7, 2016
    Messages:
    6
    Likes Received:
    1
    Gender:
    Male
    @Ste Fishkin cant we use google re-marketing code instead in setcookie.php
     
  20. Ste Fishkin

    Ste Fishkin Jr. VIP Jr. VIP Premium Member

    Joined:
    May 14, 2011
    Messages:
    2,047
    Likes Received:
    10,423
    OOOOOOOOOOOOOOOOOOOOOOOOO

    Ok give me until after I'm back from vegas and I shall tell you, but I suspect you can.