Slightly Shady SEO | Blackhat is Back, Baby.

What Are Proxy Hijackers?
Proxy hijackers are myspace/youtube/facebook CGI/PHP based proxies that people use to get around website blocks their schools put up. They are monetized by trying to get the content they view indexed /(as if it’s their own) and throwing up adsense ads and the like on the resulting pages.

Obligatory Disclaimer:
I have never tested this. I have used the proxies to dig around, to the point where I’m reasonably sure it would work. This is for educational purposes, and I’m unsure of the legality. I do not reccomend you do it. But perhaps before you start your own obnoxious ass proxy, you’ll think twice. Beyond that, I’m not 100% sure this works. I’ve seen a few examples of it accidentally occuring in the wild(a concerted effort will have more effect), so I’d say I’m 99% sure… Just use it to get your own mental gears turning. I don’t feel like trouble.

XMCP, Why Do you Hate Proxy Hijackers?
For me, the redeeming factors of blog farms is the creativity that goes into creating them. Spinning unique content, or for that matter modifying it so as not to run into dupe content filters, that interests me, and requires a certain skill to create properly(that said, at this time I do not run a blog farm, but have several thousand registered just in case).
CGI-Proxies require NO skill to create. Just a little bit of time to market, and buttload of bandwidth on cheap hosting. Beyond that, they DESTORY dupe content rules, by copying the HTML 100%, making it an exact dupe. Sometimes, it appears ahead of the real site in SERPs(a rare feat for most splogs). So no skill, much more intense penalizations for dupe content, somewhat obnoxious owners(though not in all cases). I see no point in creating something you don’t learn from. And they jack my content(you know who you are, and you have only yourself to blame for this entry). Oh yeah, and often they strip out MY ads, replacing them with theirs.

An awesome article is available over at seofaststart about it. He lists a fix to not get de-listed as a result of these sites. This method is a way to stop them from putting the dupe content out there in the first place, by overworking them. It kind of exceeds the whole de-listing thing.
The Weaknesses of CGI-Proxies - They have a few weaknesses that make them fun to play with.

1. They Use a Lot of Processor/Bandwidth - Their server limitations are their weakness. They provide a low profit, so the greatest challenge of proxy operation is that they need a lot of bandwidth to operate. And a lot of processor space. So people are normally just barely under the proper limit. Sometimes dozens run on one VPS.
2. Their Owners are Not Technically Minded(for the most part) - These guys are not going to update their software. They do not forsee the problems with scraping angry webmasters content, without modifying the content enough to pass dupe inspection
3. Duplicate Content - While their greatest strength is dupe content(it’s where their traffic comes from), it is equally their greatest weakness. Within one site, Google does not enjoy seeing dozens of copies of the same site. Even worse so if the HTML is identical. Even worse so if the IP is the same(in my experience). We’ll get into this later.
4. They Update Pages When The Search Engine Crawls Them - Whenever Google checks a page, proxies go back to that page, and relay the content, often acting like Googlebot. Yeah. It’s a bandwidth/cpu hog. Heh.
5. They Directly Modify ALL Links on a Given Page - If you search Google with proxyexample1.com(and if that existed) it would replace all the urls in Google’s search results with its own URLs, so that you stay within the proxy, and if Google checks on it later, it will find a plethora of “internal” urls of jacked content.

The Concept
Have you ever wondered what happen if Google undid it’s robots.txt, and started crawling itself? Especially it’s own cache? What about when it got around to the cache of that cache? Yeah. It goes on infinitely. That’s what we’re going to do with proxies.
Could You Make This Method Simple?
The method I’m about to describe is one that could be made more simple. It can actually be done with one proxy, but if I did that, it would make it far too easy for the creators to update their software to protect against this. So we’re going to use 2 different proxies for it, and make it unblockable.

The Process

• Step 1: Find your proxies. A search for myspace proxy, youtube proxy, etc is more than enough to find these sites. Click a link. Look around the page to find out if they link to their own other proxies on that page. This technique is a lot more effective if proxies are on the same hosting account. Copy both of these URLs down. If you can’t find 2 on one page, just pick another from the search engine. For this example, we’ll use unblock*.tld(I’m avoiding saying the TLD to prevent giving them traffic, and for legal shit), and myspaceproxy*.tld (henceforth referred to as proxy1.com, and proxy2.com)
• Step 2: Use one proxy to visit the other. So we have gone to proxy1.com, and viewed proxy2.com with it.
• Step 3: We now use our 2-layer proxy setup to visit our dear friend Google. Go to advanced search, and tell it to return search results only indexed within the past week/month(it can be upped or lowered if you’d like). Your search query is (w/o quotes) “site:proxy1.com” This returns everything indexed within the past week. Now, Google truncates the search result URL that is displayed. Copy it if you’d like, and compare it to the same search done without the proxy. The URLs start the same, but end with several dozen more characters. That means they’re indexable. As is the Google cache. As is the various pages of the search result. In some cases, the translation feature is indexable as well.
• Step 4: Post the link somewhere. A wordpress blog you started for this, your own blog(although I’m unsure of how Google looks at this), wherever. Even manually submit it to Google. Just make sure it gets indexed.
• Step 5: Wait.

What Does this Achieve?
Allow me to explain. When Google finally crawls it’s own search result page through the proxy, one of two things will happen, depending on if(and how long) the proxy caches the data for.

1. If the proxy does NOT cache data(which most don’t), then the below infinitely-looping dupe content issue listed below remains the same(you’ll get there in a second). In Addition it should go like this:
   Proxy1 Loads Proxy2 which loads the search result page.
   The moment Google attempts to crawl one of the unique URLs in the results page, it should query proxy1, which queries proxy2, which has to query proxy1 again to get the page, and then THAT will return the real content.
   But wait, there’s more.
   As this effect compounds on itself, the number of queries per request increases exponentially. After there’s 6 layers of unique URLs for example, it will suddenly be executing 12 CPU/Bandwidth intensive queries to get back to that original page every single time Google crawls them. Effectively raping that poor shared hosting account that the proxy was using. The effect continues until the proxy caves in on itself, or Google decides to stop crawling.
2. If the proxy Caches Data(or Not) it will simply return the search result page of it’s own content(which will eventually expire and change), and then Google will start indexing duplicate copies of the site’s content. Each time it does that, it will create yet another piece of duplicate content that will discredit the site. This will continue for a bit, until eventually the time period we set(7-30 days) on our search expires. Then, our new pages (AKA Google’s search result pages) will begin to show up everywhere. When it recrawls those, it will go through the FIRST proxy we used. That will change the URL.
   For example: If the 1st entry in the search engine is http://proxy1.com/94hhrnabnab08u4hbjka, our proxy we were browsing via the first proxy alters that to http://proxy2.com/gjonrae0u409nkjbvna. But having received that, proxy1.com switches the URL back to it’s domain, and as it doesn’t recognize proxy2.com’s unique URL it just created(as a result of the original unique url that was in the search results), and creates yet another unique URL to index. This continues in an infinite loop.

Extra Points: Eventually they’ll also crawl their own caches, and the cached copies Google keeps of their own result pages.

Why Use Multiple Proxies to Achieve This?
If you use just 1 proxy, the proxy author could update the software, and teach it to recognize it’s own domain, and use an old link. This way, they’d need a list of every single proxy on the internet in order to stop this technique.

What Happens if They Just Stop Modifying Google Searches?
Then the fun is not over. Google’s search box is ALL over the web. Find one of those, and do the same thing I described here.

OMGZ YOU SUCK I <3 MY PROXYYYYY
Then learn to code and fix it. As a blackhat, I’d be a hypocrite if I spoke out against annoying people online. But that doesn’t mean I can’t tell you to adapt your shit to deal with this.

Posted on Thursday, December 27th, 2007 at 5:28 pm in the category:Grow Some Balls, Randomness. Comment RSS 2.0 feed. Comment it , or trackback this post.