1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

What kind of unethical shenigans is this? Hidden link...

Discussion in 'Black Hat SEO' started by GoogleAlchemist, Feb 24, 2012.

  1. GoogleAlchemist

    GoogleAlchemist Regular Member

    Joined:
    Nov 25, 2009
    Messages:
    249
    Likes Received:
    28
    Occupation:
    Bad Ass SEO Consultant
    Location:
    Wherever I want
    Home Page:
    So I took over a project for a client, the last 'seo expert' was just screwing them over.



    I found a strange link on the site which seemed to redirect to an outside site, before redirecting back to the clients site...was really weird. They had no idea who the website was or why they would be linking out to them.



    I almost didn't notice it. I click on the 'home' link, and watching the bottom left screen where it cycles thru all that info while navigating, I see it pop up the outside domain there, not on the visual screen itself, and then end up at the home page like it should



    Page source code shows this


    <meta name="robots" content="index, follow" />
    <meta name="copyright" content="Site title here" />
    <meta http-equiv="Content-Language" content="en-us" />
    <script src="http://www.SOMEONEELSESDOMAINHERE.com/awc.js" type="text/javascript"></script>
    <script src="swfobject.js" type="text/javascript"></script>

    <link href="sharp.css" rel="stylesheet" type="text/css" />



    This look familiar to anyone? Hows it work?



    Thanks
     
  2. Kickflip

    Kickflip BANNED BANNED

    Joined:
    Jan 29, 2010
    Messages:
    2,038
    Likes Received:
    2,465
    Do a google search of the code and you will probably be able to figure out why that code was on there. It doesn't sound malicious from the way you describe it, it doesn't sound like a redirect either. It sounds like a script that is needed for something within the page itself.
     
  3. TheMatrix

    TheMatrix BANNED BANNED

    Joined:
    Dec 20, 2008
    Messages:
    3,444
    Likes Received:
    7,279
    Are you using a nulled script? Do a virus scan of the other site, and find if it's malicious. If it is, chances are the site was hacked.
     
  4. Stupid Smurf

    Stupid Smurf Regular Member

    Joined:
    Dec 12, 2011
    Messages:
    337
    Likes Received:
    138
    Occupation:
    Watcher.
    Location:
    NY
    Home Page:
    Could be completely wrong here, but usinge imag src with a link, can give a hit to the link / website. This might be a more advanced version of that to just up the traffic numbers on the site?

    Just an idea, but I say try google too.
     
  5. Cnotey

    Cnotey Power Member

    Joined:
    Jun 25, 2010
    Messages:
    707
    Likes Received:
    912
    Location:
    Seattle
    Home Page:
    It's a javascript src lol. This means that this page is using a javascript file that is hosted on someone else's server. Happens all the time when you have a bad src reference. Shit, almost every one of my sites has that.

    U R Learnz Javascript?
     
  6. Virus1

    Virus1 Supreme Member

    Joined:
    Dec 13, 2010
    Messages:
    1,326
    Likes Received:
    1,409
    Occupation:
    destroyer of worlds...
    Location:
    Welcome to Black Hat World........................
    Home Page:
    There is a way to cookie stuff that looks a lot like that code.

    Basically a visitor goes to primary site.... then gets redirected to site the cookie stuffs.... then redirect right back at primary site... users just think that the website is kind of weird but they are being cookie stuffed....
     
  7. kvmcable

    kvmcable Supreme Member

    Joined:
    Dec 28, 2010
    Messages:
    1,355
    Likes Received:
    2,815
    Occupation:
    24 year business owner - old school dude
    Location:
    KFC - BW3
    Looks like the file might belong to MediaWiki; php open source wiki like software. Several references to that javascript file on their forum.

    Best regards