1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Weird Backlinks (new backlink tricks?)

Discussion in 'Black Hat SEO' started by googlemonster, Jul 28, 2010.

  1. googlemonster

    googlemonster Supreme Member

    Joined:
    Nov 15, 2008
    Messages:
    1,400
    Likes Received:
    525
    Can anyone decipher what is going on with these backlinks:

    example 1

    example 2

    example 3

    Like this site

    I can't work it out, thought maybe sql injections but it's just random stuff or yahoo answers also, so not sure what's going on.
     
  2. BlackDiamondfast

    BlackDiamondfast Newbie

    Joined:
    May 24, 2010
    Messages:
    9
    Likes Received:
    1
    They look fine whats the problem?
     
  3. googlemonster

    googlemonster Supreme Member

    Joined:
    Nov 15, 2008
    Messages:
    1,400
    Likes Received:
    525
    lol what's fine about them? Go to the TLD.
     
  4. tmarksinc

    tmarksinc Newbie

    Joined:
    Jul 28, 2010
    Messages:
    15
    Likes Received:
    1
    hmm, that's odd
     
  5. googlemonster

    googlemonster Supreme Member

    Joined:
    Nov 15, 2008
    Messages:
    1,400
    Likes Received:
    525
  6. Entrepreneur

    Entrepreneur Regular Member

    Joined:
    Oct 12, 2007
    Messages:
    438
    Likes Received:
    379
    I have to say I have absolutely no idea what you're on about. Maybe you should be more clear. Are these links pointing to you? Are you puzzled by the links of those pages? From what you've said and shown I see nothing strange - beyond the useless spammy sites anyway.
     
  7. _Chip_

    _Chip_ Senior Member

    Joined:
    Jun 28, 2009
    Messages:
    847
    Likes Received:
    256
    Occupation:
    Student
    Location:
    Depends on my vpn
    i second this
     
  8. sdesignb

    sdesignb Junior Member

    Joined:
    May 7, 2008
    Messages:
    107
    Likes Received:
    24
    it looks like a RFI (Remote File Inclusion) with spamy links to the linkwheel some1 created for a keyword.
     
    • Thanks Thanks x 1
  9. googlemonster

    googlemonster Supreme Member

    Joined:
    Nov 15, 2008
    Messages:
    1,400
    Likes Received:
    525
    ^ what he said, no the links aren't pointing to me, but other sites in my niche I see a few patterns: zen cart, phpmyvisites and oscommerce, all these pages are sat on top of random domains such as car tuning, some condom site and a DJ site, a lot are a mishmash of yah00 answers and blogs, heavy outlinking to certain sites. I presume this is automated so wanted to know more.
     
  10. sdesignb

    sdesignb Junior Member

    Joined:
    May 7, 2008
    Messages:
    107
    Likes Received:
    24
    yahoo answer is for content and I am more than 100% sure it is a RFI because of this:
    Code:
    This content is located in the file at:  /languages/english/html_includes/classic/define_main_page.php
    
    You can quickly edit this content via Admin->Tools->Define Pages Editor, and select define_main_page from the pulldown.
    
    NOTE: Always backup the files in /languages/english/html_includes/your_template
    found at:
    Code:
    http://www.skirnir.net/test/zen/index.php/?bqlp=family+watch+dog
    This is no longer BH this is hacking read more if you want:
    Code:
    http://en.wikipedia.org/wiki/Remote_File_Inclusion
     
  11. moonswamp

    moonswamp Regular Member

    Joined:
    Oct 22, 2007
    Messages:
    295
    Likes Received:
    44
    Home Page:
    yes, weird, how they list these links???sql injection?
    but all links from different site, why they inject and link to other's sites???
     
  12. googlemonster

    googlemonster Supreme Member

    Joined:
    Nov 15, 2008
    Messages:
    1,400
    Likes Received:
    525
    I presume multiple file includes :s
     
  13. sdesignb

    sdesignb Junior Member

    Joined:
    May 7, 2008
    Messages:
    107
    Likes Received:
    24
    just 1 file included with a lot of html in it.
     
  14. googlemonster

    googlemonster Supreme Member

    Joined:
    Nov 15, 2008
    Messages:
    1,400
    Likes Received:
    525
    Just a mismash of sites thought thats what I dont get the sites with these links are ranking 1st and 2nd
     
  15. ron.ray

    ron.ray Jr. VIP Jr. VIP Premium Member

    Joined:
    May 24, 2010
    Messages:
    878
    Likes Received:
    401
    Home Page:
    absolutely RFI ,
    an attacker can search for security fixes on the net , find a security update that literally announce the world that this system have a security hole in it
    (google define_main_page.php vulnerability) and now the race begins ... who will strike first ? you can guess it ...


    BTW 1 - updating after someone triggered a RFI attack against you is not enough , because even if the hole is sealed the file is already injected. you should restore from a backup .

    BTW 2 - there's almost no way of avoiding this (as a webmaster) simply because when you're using a software it might have a security hole , and when it is found - it will get reported and hackers will found out about this (usually when there's a fix)
    so the really good way of avoiding this is to be quick to respond and keep your software/platform/web modules updated.