How do you hide connections between websites?

How can search engines track you?
There are many characteristics that you, as an internet user, can be identified with. There are also characteristics that belong to your website. Both of these types of characteristics are used to see what other spammy tactics you have used on other websites that also need to be penalized. I will list a few very important characteristics, but there may be more, depending on what other utilities you use that search engines can detect characteristics from (for instance the Google toolbar or MSN Hotmail).

Your own characteristics:

1. Your IP address and access provider: Your IP address is the easiest way to detect who you are and it remains the same over time (most broadband users have a static IP address). Because IP’s might be shared or people might use more than one computer (IP), this doesn’t identify a single user.
2. Your search engine cookies: Most search engines track visitors by placing a cookie in your browser. When people use multiple browsers (and computers), clear cookies or don’t even accept them, this doesn’t identify a single user that well either.
3. Your search engine accounts: If you’ve logged in to for instance your Google account, Google can track everything you do within their websites. Because you probably don’t share your account, this is the best way to identify a single user. Because search engines also own services like Flickr, Blogger and Youtube, these users can be tracked as well.
4. Your search engine toolbar: Most seach engines offer their own toolbar that you can install in your browser. Besides the helpfull tools a toolbar might offer, it continuously sends all your http requests to for instance Google. There is no easier way for a search engine to find out what you do online. And when you are logged into your search engine account, they know that they are tracking an individual user.

Your website’s characteristics:

1. Domain whois information: Since Google is an ICANN-accredited registrar they can do unlimited whois requests for .com, .net and .org domains. For other domains (TLDs) they can’t do an unlimited amount of automated whois queries, but when a human editor checks you out, whois information becomes very important. Search engines can for instance look at contact-, registry- and DNS information and the whois change history.
2. Server IP and netblock: By looking at your IP address and netblock you can be associated with other websites that share these with you. Use tools like Netcraft and press the netblock owner link to find out what other domains share it.
3. Registry, nameservers and hosting provider: Just as netblock information, using he same hosting provider links you to other websites. But only when a registry, nameserver or netblock owner has just a small amount of websites sharing them it is used to link websites to each other
4. Content and links on your website: Sharing content, listing the same owner or address on websites or extreme interlinking all link websites to each other. Keep in mind that human editors need to be fooled and not a simple algorithm.
5. The way you code, link, design and other characteristics that are common over multiple of your websites also link them together. Try to use a common style that isn’t unique for just your websites. The combination of multiple characteristics that are simular in more of your websites make it a footprint.

Using different identities
As you see there are many things a human editor can check to link you to your spam. To make sure only the penalized website gets hurt, use different fake identities for every website at risk. But how do you hide an identity effectively?

1. Don’t use a toolbar (like the Google toolbar) when doing anything related to your spamming website. Even better, don’t use one at all. To see how much personal info a toolbar sends, install the liveHTTPheaders plugin for Firefox.
2. Use a unique IP with every identity and be extremely consequent in using it. Using a public anonymous proxy like one listed here might slow your connection and the IP’s might be blocked in some sites. Using multiple access providers also gives you different IPs, but that can cost you too much. Using paid proxy services (like these or this) is cheaper than separate connections and faster and more anonymous than public proxies. Use different services for every identity if you want even less ways to track you down.
3. The quickest way to change all browser settings like cookies and used proxy server is to link them to a Windows or Mac user. These settings are already stored at a user level, so you won’t easily mess up your settings.
4. Use little or no other services from search engines. Although this is getting harder now Google owns everything, only use the services from your real identity. They won’t read your personal email, but I’d even recommend not to use Gmail to recieve email from different identities.

Hiding website connections
Hiding the links between websites is easy when you consequently use your different identities. Just make sure you use entirely different hosting providers and domain owners. The domain owners should use a different address and name. But should you use fake identities or real people as domain owner? That is a question I still don’t have a real answer to.

You can’t use a fake identity for certain TLDs and in some cases you’re breaking the law when doing so. When the domain becomes valuable it will be harder to claim ownership and sell it.

Using someone real makes them the owner. Always use a contract with that person that makes you the real owner. The drawback is that you probably have to pay the person and you get linked to their other domains and activities.

There could also be certain footprints in your programming or SEO tactics. When you consequently code a certain way that is slightly unique to just you, it is fairly easy for search engine spamcops to link your websites to each other. They can probably search in the indexed html sources and they have certain tools to look for your signature. Make your code, urls and linking sources and structures as common as possible and try to change them somewhat with all your websites.

Summary
Using different identities to cover your tracks is getting more and more important as search engines get smarter. Spamcops have a great arsenal of tools and information to track you down. Especially when doing blackhat SEO, you need to use different identities. You need to hide your IP, be consequent with your users and use a different domain owner for every website. These factors will probably only be checked when you’ve already triggered enough red flags, so stay under the radar and you won’t need them.

P.s. I took the identity of Roger Horn once to do reputation management for another roger horn.

How can you get Googlebot to hack for you?

POST to GET
Most forums accept commands from both POST and GET methods. When a normal visitor sends his command (for instance posting a comment) it’s mostly with the POST method, but if you convert the same formfields to GET variables the script will still run.
The webdeveloper plugin for Firefox has a simple function to convert all POSTs to GETs (Forms -> Convert Form Methods -> POSTs To GETs).

Searchbots
Searchbots follow links (they grab the URLs you link to and que them for spidering). This means every URL you link to will be visited by for instance Googlebot.

Cloaking to provide access
Some websites use a database that contain IP adresses and hostnames of most searchbots to show other content to these bots then to normal visitors (aka cloaking). Because searchbots don’t use cookies, some content might be unreadable by them. You can detect if a visitor is a bot and let them bypass the need of a cookie (or password). This form of “cloaking” is condoned by Google.

Let’s put it all together

• Find a forum that is indexed by Google, but restricted for you.
• Find out which URL posts a comment on that URL. Find out what forum software is used if you can’t visit the forum itself, so you know which variables are needed. Use the webdeveloper plugin for Firefox if you want to easily convert POSTs to GETs.You might get something like:
  http://www.vdgraaf.info/wp-comments-post.php?author=Peter&email=peter%40vdgraaf.info&url=&comment=This%20blog%20sucks&submit=Submit+Comment&comment_post_ID=158
• Link the URL from a place Google visits, but make sure the link will not be clicked by normal visitors.
• And there you have it:
  Googlebot has placed an untracable comment (at least not to you) in a restricted area!

How to hack your comment into Wordpress

Alot of functions in blogs are based on variables passed in the URL string. As long as the moderator is logged in, he is allowed to do various tasks just by clicking on the right link. Wordpress is one of the safer blog scripts, but it has its vulnerabilities. The instructions below show how you can pass the right commands to auto moderate your comment in someone elses blog.

1. Find a blog that uses Wordpress where you would want a comment the moderator would never alow.
2. Make a webpage that contains some info, but also a very small iframe. Keep the URL of the iframe empty for now.
3. On the blog you want to hack find out what the wp-login.php directory is. Most of the time it’s the same directory as the blog itself.
4. Enter the comment you want to have moderated and don’t press submit yet. Look in the pagecode for the id of the last comment: <li class=”" id=”comment-7″> your comment will get the next value (in this case 7+1=8). And look for the post id <div class=”post” id=”post-10″> (in this case 10).
5. Now edit the webpage with the iframe and set the iframe target to:
   http://(blog directory)/wp-admin/post.php?action=mailapprovecomment&p=10&comment=8
6. Submit the first comment and on another post on the blog you make a comment with an enticing reason to visit the URL of your webpage with the hidden iframe. You can also include the link to your webpage in the first comment without doing a second one.
7. You’re done! Now the following should happen.
8. The moderator logs in to his control panel and starts moderating his comments.
9. He sees your comment with the link and visits your page. Unknowingly he also visits his own url through the iframe and approves the comment you want added.
10. Maybe he finds out but he would only be confused because he could have accidentally pushed the link himself. Cover your tracks by removing the iframe and you’re done.

In stead of point 4. and 5. you can also have the owner of the blog make a comment without realising it.

4. Look at the sourcecode of the comment form. and look for the action=”". Copy the URL to your clipboard. Then look for the comment_post_ID.

5. Make a new page and enter the following:

<HTML>
<BODY>
<form name='f' method='post' action='http://www.mattcutts.com/blog/wp-comments-post.php' style="display:none;"><!-- enter the url -->
<textarea name="comment">We at Google are liars. Regards Matt Cutts (demo blogspam)</textarea><!-- enter your message -->
<input name="submit" type="text" value="Submit Comment" />
<input type="hidden" name="comment_post_ID" value="215" /><!-- enter the right number -->
<input name='s' type='submit' value='submit' />
</form>
<script>
document.f.s.click();
</script>
</BODY>
</HTML>

Place this code in a page that you request as your iframe.

As you see hacking can be easy. Use the force wisely and don’t give in to the dark side!

Total body Scan hack