• Home
  • About
  • Piqq.us Invite Feed
  • The Lazy Man’s Link Spamming Program

    Ok, so lately I’ve been working on a lot of internal tools I can’t really talk about here(or they’d become useless), so I thought I’d talk about an old internal tool that I haven’t used in a bit that served me well for getting things indexed quickly. Yes it’s using other blackhats to profit, but hey. Most would do the same in a similar situation.
    Edit: Keep in mind this article is discussing HTTP proxies, NOT cgi proxies/myspace proxies. Also keep in mind most server hosts will not be ok with this, so find one that is if you want to do it. Sorry, I can’t recommend any.

    The Basics
    A large percentage of the people using link spammers like XRumer use lists of open proxies to spam forums/guestbooks/whatever. Now I have a couple IPs I don’t care about getting listed on akismet on hosts that don’t care about link spam.
    So what we’re going to try and do is get a list of places to link spam, and indeed drop our links, without bothering to scrape footprints.

    A Quick Understanding of HTTP Proxies
    So the protocol for HTTP proxies is very, very similar to that of normal proxies. Essentially the difference is that you have the domain in the get request. So it’s relatively easy to code an HTTP proxy. All you’re doing is opening a port, reading in the domain and page you’re requesting, getting it, and sending the information back. Not hard at all, right?

    The Software Modification
    Make a slight change to the software. Have it so when it’s reading the request from the client IP, it parses out the GET and POST requests. You’re looking for URLs so that you can substitute your own URL into the post/get data, assuming it’s posting a link somewhere if it’s including a URL. So here’s what you’re looking for:

    • Fields that start with http:// and have no spaces
      These are text fields generally. So if someone is signing up at a forum through the proxy and sets their profile website to be “http://www.TheirLinkSpamDomain.com”.
    • Fields with HTML and a <a href
      These are a bit trickier to parse properly, since you have to not only remove their link, but change the anchor text to reflect your own.
    • Fields with a URL in a GET variable
      A lot of these are dynamic output, so whatever’s in the get variable will get linked to on the page.

    So a query that may have initially been
    POST http://www.targetforum.com/register2.php HTTP/1.1
    (junk header info here)

    Ends up getting modified to instead be

    POST http://www.targetforum.com/register2.php HTTP/1.1
    (junk header info here)

    Get it? You’re not solving captchas, you’re not scraping places to post. Just altering data everyone else’s software is giving to you.

    So How Do Other People Find my Fake Proxy?
    Search Google for “online proxy checker”. You’re looking for sites like http://www.checker.freeproxy.ru/checker/ that check the proxy online and return whether it’s working or not. These checkers are used by the companies that made them to gather up proxies via their checker, which are then freely available to some, and sold to some customers. Submit to several of these sites, and make sure you pass the validation. Over time, other proxy sites will scrape the ones you’ve submitted to(and some have web scanners that will find you naturally), and people will begin to use it. And you can switch domains of every link anyone tries to submit through you.

    The End Result
    Eventually your server will max out to whatever level you allow it. A dedicated server should be able to easily handle a sizable amount of simultaneous connections. Just let it run for a few days at a time. By the end of it, not only will your links be everywhere on the net from your substitutions, but you’ll have a sizable list of places to link spam.

    Benefits and Disadvantages to this Method
    While the benefits are completely passive link dropping, a link spamming list that builds itself, and some pretty killer indexing time, it’s not to say it’s a perfect method. First off, you lose control of where you’re dropping links, which means a lot of the links are going to be horrible. In addition, it uses up an arseload of bandwidth, and it’s a bit tricky to keep the security angle tightened up. It’s not appropriate for most mainstream sites(especially since you lose control of the link anchor text pretty frequently) but does quite good on junk autogenned sites.

    Validation Precautions
    Watch the first several requests(of the proxy list services) and the first few XRumer proxy checks to make sure you’re validating as a proxy correctly. If someone is testing using a link, you may want to add that in as a request that won’t be modified. For example, a lot of xrumer requests involve the string “proxyc” in the url.

    Security  Precautions
    This is obviously a big security risk if it’s not handled properly. Record every domain accessed through your proxy, and in a seperate list keep the ones where you were told to post. Over time, start disallowing certain domains.
    The first thing you’re looking for is sites like yahoo mail and gmail. There’s something called an internal mailer that e-mail spammers use to push mail out of webmail services. You don’t want to be the IP the webmail provider sees as spamming, so disallow these sites early.
    The other thing you’re looking for is any type of e-commerce site, to make sure people don’t try and use fraudulent credit cards and whatnot. It’s a good idea to build up a keyword blacklist as well, so you can disconnect IPs that request pages with certain content (credit card numbers, etc). It’s important to note I’ve never seen anyone do this on a proxy I’ve run. The closest was some ticket scalper automating ticketmaster.

    Also, many of the security issues can be solved by simply not coding to allow HTTPS connections. If you restrict to port 80, standard HTTP communication, most sites that are a security risk are unusable anyways, so you don’t have to worry.

    Hope yall liked it,

    11 Responses to “The Lazy Man’s Link Spamming Program”

    1. diggalive says:

      Dam , nice in depth post as usual. I’m starting up some email marketing campagns soon as I get back from Vegas, this will be extremely helpful!

    2. Gab Goldenberg says:

      Clever stuff dude! Nice to see u blogging again. Sphunn:

    3. Tangy says:

      As always, very insightful. I was doing this for a while but as you mentioned, I had trouble controlling the link anchor text so gave up on it.

    4. uGuX SEO says:

      Nice, parasitic blackhatting.

    5. Find Niches Online says:

      Excellent content here and a nice writing style too – keep up the great work!

    6. LinkLaunder.com says:

      I love the way your posts make me twist my mind and think more out of the box. Thank you once again.

    7. Gabriel Goldenberg says:


      Something you might like.

    8. How To Start A Business In South Carolina says:

      Great way to get backlinks. I guess I am old fashion. I read blogs and if I want to make a comment then I post a link. If I don’t then I move on to another blog.

      Great stuff

    9. Gabriel Goldenberg says:

      this may also appeal t you

    10. Windtalker says:

      Great stuff XMCP!

    11. machinecontrol says:

      Damn, that’s clever. Guess I’ll have to be careful of where I get my xrumer proxies from now on.

    Leave a Reply

    XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

    Marketing & SEO Blogs - Blog Top Sites