Using Cross Site Scripting to perform blackhat SEO tricks is well known in the
blackhat seo underground and documented
on sites such as seoblackhat.com.
This method is rather useful however easily traced back, and has the side
effect of indexing the attack in google (making
it easy to find sites that 'url spammer A' has *attacked* with cross site
scripting). While a spider indexing an XSS
attack isn't really an 'attack' per say, it does index the issue and can allow
it to be discovered and utilized for other
purposes.
- Robert A.
admin_@__@cgisecurity.com
http://www.cgisecurity.com/ Website Security news and More
http://www.cgisecurity.com/index.rss [RSS Feed]
--===============0933257983==
Content-Type: multipart/alternative;
boundary="----=_Part_23543_14605182.1152584454174"
------=_Part_23543_14605182.1152584454174
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
PageRank is a formula developed by Google Search Engine to determine a web
pages "inbound link ranking" which affects its postion in search results.
To keep it basic we can say the more inbound link your webpage has, the
higher is its pagerank.
As you all can guess, the inbound links are calculated during the crawling
process of googlebot. The trick comes to place in this part.
Lets say we have a page A, and a page B which is indexed by Google and
another page C which we dont own.
What if we put some links like below on the "Page B":
<a href="
http://www.pagec.com/somepagewithxss.php?i=%3E%3Ca%20href%3D%22http%3A//www.pagea.com/pagea.html%22%3Euberalle%3C/a%3E
"></a>
As you guess when googlebot will follow the link on Page B and index page C,
it will see a link like:
<a href="http://www.pagea.com/pagea.html";>uberalle</a>
And so inbound link count of "Page A" will increase, which will finally
increase the PR of "Page A" with the repeat of this process with different
pages that contains css flaws.
All this information is theoretic, and I never had time to spend for trying
this.
You can find the original version of this advisory on:
http://www.hoccam.com/pr.html
Cumhur Onat
cumhuronat@php.net
cumhuronat@gmail.com
------=_Part_23543_14605182.1152584454174
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
<font size="-1">PageRank is a formula developed by Google Search Engine to
determine a web pages "inbound link ranking" which affects its
postion in search results.</font><br>To keep it basic we can say the more
inbound link your webpage has, the higher is its pagerank.
<br>As you all can guess, the inbound links are calculated during the
crawling process of googlebot. The trick comes to place in this part.<br>Lets
say we have a page A, and a page B which is indexed by Google and another
page C which we dont own.
<br>What if we put some links like below on the "Page B":<br><a
href="<a
href="http://www.pagec.com/somepagewithxss.php?i=%3E%3Ca%20href%3D%22http%3A//www.pagea.com/pagea.html%22%3Euberalle%3C/a%3E";>http://www.pagec.com/somepagewithxss.php?i=%3E%3Ca%20href%3D%22http%3A//www.pagea.com/pagea.html%22%3Euberalle%3C/a%3E
</a>"></a><br>As you guess when googlebot will follow the link
on Page B and index page C, it will see a link like:<br><a href="<a
href="http://www.pagea.com/pagea.html";>http://www.pagea.com/pagea.html
</a>">uberalle</a><br>And so inbound link count of "Page
A" will increase, which will finally increase the PR of "Page
A" with the repeat of this process with different pages that contains
css flaws.
<br>All this information is theoretic, and I never had time to spend for
trying this.<br>You can find the original version of this advisory on: <a
href="http://www.hoccam.com/pr.html";>http://www.hoccam.com/pr.html</a><br>
<br>Cumhur Onat<br><a
href="mailto:cumhuronat@php.net";>cumhuronat@php.net</a><br><a
href="mailto:cumhuronat@gmail.com";>cumhuronat@gmail.com</a><br>
------=_Part_23543_14605182.1152584454174--
--===============0933257983==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--===============0933257983==--
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
