Was ist neu?

Geo-Targeted Image Based Cookie Stuffing

Lemon

- Royal Clan Member -
Geo-targeted Bilder basiertes Cookie Stuffing:D, meine Güte, was der digerti marketing blackhat sich alles einfallen lässt.

Digerati Marketing » Geo-Targeted Image Based Cookie Stuffing

Cookie Stuffing Techniken
iframes
Beispiel
<iframe src="http://www.cookiebasiertespartnerprogramm.com" style="border:0px #FFFFFF none;" name="dieweltistschoen" scrolling="auto" frameborder="0" align=aus marginheight="0px" marginwidth="0px" height="0" width="0"></iframe>

Diese Technik ist also ganz einfach, aber auch um so leichter zu entdecken.:eek:

Geo-targeting cookie stuffing
Okay, we’re going to have to intercept image requests and redirect them to a script to decide if and which cookie to stuff.

The below .htaccess file will grab requests that do not originate from your site or search bots and pass them to a serveimage php file.


Code:
Options +FollowSymLinks 

RewriteEngine on 

# Let's not cookie stuff our own visitors!

RewriteCond %{HTTP_REFERER} !^$ [NC]

# If the request is outside of your site

RewriteCond %{HTTP_REFERER} !^http://([^.]+\.)?mywebsite\.com/ [NC]

# If the request is not from a few bots (pretty basic, add to this!)

RewriteCond %{HTTP_USER_AGENT} !(googlebot-image|msnbot|psbot|yahoo-mmcrawler) [NC]

# Grab the image name, extension type, go to our serveimage.php file

RewriteRule ^images/([a-zA-Z0-9]+).(bmp|gif|jpe?g|png)$ /serveimage.php?img=$1&ext=$2 [L]
Cookie stuffing mit Bildern & PHP
Nun paassen wir Image Requests in der serveimage.php Datei wie folgt an:


Code:
<?php

//Get the image name from request
$ext = $_GET['ext'];
$path = "http://webroyals.net/forum/images/".$_GET['img'].".".$_GET['ext'];

// Decide if we should stuff our lucky visitor with a cookie

//Let's generate a random number
$rand = mt_rand(0, 1000); 

// See if it is a lucky request
// You can change percentage by changing $rand<??; 5=0.5%, 10=1%, 100=10% etc
// 10% chance to serve cookie instead of image

if ($rand<100) { cookie_stuff(); } else {spit_it_out($ext,$path);}

//Functions

// Forget it - serve them an image!

function spit_it_out($ext, $path) {
header("Cache-Control: no-cache");
header("Pragma: no-cache");
if ($ext=='jpeg'|$ext=='jpg') {
header("Content-type: image/jpeg");
} else if ($ext=='gif') {
header("Content-type: image/gif");
} else if ($ext=='bmp') {
header("Content-type: image/bmp");
} else {
header("Content-type: image/png");
}
readfile('http://'.$_SERVER["SERVER_NAME"].'/'.$path) or die("error!");
exit;
}

// We have a winner! Stuff a cookie

function cookie_stuff() {
$ip = $_SERVER['REMOTE_ADDR'];
if (isset($ip)) {

// Work out what country they are in
$country = file_get_contents("http://api.hostip.info/country.php?ip=$ip"); } else {$country="US";}
if ($country=="UK") {
header('Location: http://YOUR-UKAFFILIATE-LINK'); //UK
}
elseif ($country=="CA") {
header('Location: http://YOUR-CANADA-AFFILIATE-LINK'); //CANADA
}
else {
header('Location: YOUR-USA-AFFILIATE-LINK'); //US

// Add as many countries as you want: http://www.worldatlas.com/aatlas/ctycodes.htm

}
}

?>
Dieser PHP Code wird nun die Hotlinker verhindern und bei zu 10% affiliate cookies für das IP-Land des Besuchers und zu 90% korrekt das Bild ausliefern.

Bei country codes two letter three letter and numerical abbreviations bekommt man eine Country Code liste, die man entsprechend im obigen PHP Code berücksichtigen kann.

Andere Sicherheitsmaßnahmen um das Entdecken zu verhindern
Digerati Marketing » Geo-Targeted Image Based Cookie Stuffing
 

Raptor

- Royal Clan Member -
Super Beitrag aber fragen muss ich dennoch....Wenn ich das jetzt richtig verstehe, wird da beim User ein Bild angezeigt was in Wirklichkeit über nen Code ein cookie austauscht oder platziert damit dieser User beim Kauf irgendwo meinen Ref drinne hat und ich die Provision kassiere, richtig so?
 

Neue Themen

Oben