Mean Toys for Bad Boys - Black Hat Tools on Steroids
I always take pride in finding at least somewhat ethical uses for techniques usually reserved to blackhatters only. From time to time though, you stumble upon on techniques and tools so deeply buried in the black hat mantra that it becomes almost impossible to find any ethical uses for them.
Today I will show you two such tools:
XRumer - The Ultimate Spamming Tool
A few years ago, a curious message begun popping on thousands of guestbooks, forums and blogs worldwide. It sounded like this: “Hi! I’m Xrumer. Where is my beer?!”. There were no links attached, so most webmasters simply scratched their head, shrugged and moved on. What this message really meant, would become obvious later on. It was the birth cry of one of the most formidable spamming tools ever invented.
The main breakthrough that Botmaster (the nickname of the Russian developer that made it) achieved was the software’s ability to crack Captcha protection systems. As the software has now reached version 5, the variety of Captchas it can break is nothing short of amazing. Here is a list made to prove this point.
But successful spamming does not rely on breaking the protection of a system only, they must also avoid deletion. One of the more devious features allows the start of a conversation and the introduction of the link in the 3rd or even 4th post made in a completely artificial and automatically posted thread. This makes the spam much tougher to detect.
The other major feature that XRumer is famous for is its ability to avoid Google’s duplicate content penalty, by introducing slight variations in each post made.
To make things worse, the entire software does its job through an everchanging list of anonymous proxies, thus making IP blacklisting useless.
The only reason for which XRumer has not become a widespread nightmare for every webmaster out there, is its cost. The software is sold for a cool half a grand and the hardware requirements are pretty tough.
Doorway Page Generator Pro - Gaming Google 1000 pages at a time
To understand what this program is about, you must first understand what doorway pages are. Basically a doorway page is one that behaves like a normal page when visited by a search engine spider and which acts like a redirect when visited by a browser. This means that these pages get spidered and can get high in Google SERPs for the specific keyword phrase they are built on.
Usually DPGP is used in conjunction with huge keyword lists, some relevant stolen articles and is built to link to the page the blackhatter wants to promote. The ultimate result is that the user obtains thousands of relevant backlinks from pages highly optimized for the keywords chosen by himself.
Unfortunately for the blackhatter, Google is getting better at detecting and fighting this trick through its speedlinking sandbox policy. An answer though exists. Through experimentation blackhatters have learned that the maximum number of doorway pages safe to deploy for a single website is between 1000 and 3000.
Final Verdict
It isn’t exactly difficult to see how these two tools could be used in conjunction. It would require a great stretch of imagination though to see how these tools could be used for anything but black hat tactics.
It is also worthy of mentioning that experienced blackhatters NEVER use these tools to directly promote their main website. They usually deploy one or more layers of intermediate websites such as splogs (spam blogs) before linking to their main website. Ultimately though I believe that if you use these tools you’re definitely in the black hat camp. If by any chance you figure out a way to use them for white hat or gray hat techniques, I would love to hear it.
Ah, spammers and the tools they weave - a blogger’s best friend
Having said that, I’ve yet to see a spam comment pass the Akismet spam filter that Wordpress and similar use. It uses an excellent algorithm to detect if the comment is spam or not, and so far has been 100% effective.
http://pricelesswriterdannybrown.com/2008/09/08/akismet-spam-filter-beating-the-spammers-for-free/
Perhaps the answer lies in the white/gray hatters combining with the black hatters to come up with a way that everyone can benefit?
[Reply]
Indeed, plugins like Akismet and Spam Karma make the blogs (at least in its WP variety) almost untouchable. This is perhaps why, spammers now focus on forums.
I can think of a way to fool Akismet though, but it would require a degree of subtlety which most spammers simply lack.
Regards, George
[Reply]
I don’t do much blogging so can’t really comment on the problem there. I am involved in a specialty website though, that allows users to post comments in certain areas. It’s funny because the spammers all seem to focus on the same area for several weeks. I’ve seen this in forums, too. My guess is that they have some big spammers list of targets out there somewhere that the scumsuckers draw from.
[Reply]
George Cozma Reply:
October 9th, 2008 at 5:24 am
That’s one of the hazards when dealing with mass posting software. You have to target the areas which are present on every site (such as the main chat or general chat).
As for the list of targets, indeed most software packages of this type do indeed come with a standard database. There are tools to expand it (such as Hrefer), but usually the spammers are too lazy to be bothered.
Thanks for dropping by.
Regards, George
[Reply]
Before you ask - no, I’m not a spam comment created by a russian dude
I kept thinking about those blackhats techniques and certainly can say that I didn’t find any possible “moral” use for them.
Personally, I’ve keeping myself away from blackhat. The dark side is powerful and tempting, but if you go there Vader will screw your brain out.
Great blog, btw! Found it here: http://forums.digitalpoint.com/showthread.php?t=1055487
[Reply]
George Cozma Reply:
October 9th, 2008 at 5:29 am
For me blackhatters are the equivalent of the 80’s and 90’s hackers. These are the guys that discover new vulnerabilities and new concepts and which are not afraid to get their hands dirty. I have a healthy dose of respect for them.
I don’t see an equivalence between blackhatters and spammers though. If the blackhatters are the hackers, then the spammers are the script kiddies.
Thanks for the visit.
Regards, George
[Reply]