Blue Hat Technique #14 – Other Spammers: The Ultimate Proxy

So since my last lame post on What Are Proxy Servers? the inexperienced promoters are now hopefully caught up with the wonderful world of proxy servers and loving them right about now. So I think this would be a great time for me to fuck up that pretty little proxy planet you’re on and teach you how to exploit spammers using proxies to your own little spammy or even nonspammy purposes.

Cruel IntentionsThe intent behind this post will be to teach you how to use massive amounts of trusting spammers to help do your own little spam. Every good spammer knows public proxies are real hit and miss. Some work many don’t. Yours will work, it’ll just accomplish your work not the spammers. I’m going to assume that you’ve already done your research and know about public proxies. I’m also going to assume that you are well aware of the many public proxy lists out there. Every good web spammer has a huge solid list of proxies, and we’re just going to fuck it up for the rest of them. Sound like fun? Good it will be.

First Things First 1. Create yourself a public proxy. There are tons of proxy software out there.CC Proxy is a good Windows based one.A few open source proxy server softwareThere are also TONS of good ones for linux. I recommend using linux if you are able to do so. Just feel free to do a bit of research on this step before you take the plunge.

2. Make the proxy server open. This means don’t make it anonymous. Anonymous proxy server means your IP shows up for every request. Make it so their ip directly makes the pull on every request. This is perfectly acceptable. Most spammers don’t bother filtering their lists for ones that claim to be anonymous yet aren’t. They just slam and clean the list from failures.

3. Block EVERYTHING with your proxy server. You can easily block sites and domains with your new kick ass proxy server. You may also set what default site they are redirected to everytime they make a request through your server and have it result in a successful pull. So just block everything and focus on the page all their requests will return with. I will call this page your “return blocked page” because many proxy servers have different terms for it. Wanna see an example? Try using proxy on port 80. It’ll result in every site you go to returning with CAL Community School District website.

4. Build your return blocked page. This page will be your weapon. Whatever you would normally do through a proxy can be accomplished or even redirected through this page. Want to slam an advertisers form? Want to post to guestbooks or blogs? How about just slamming a referrer list or even having them post a fake post on your forum? Whatever and however you want! The world is yours. Their IP accomplishes the task. No worries about cpu usage or failed proxy connections. The spammers ip and scripts does all the work. Your server just sends the redirect. Since you will eventually have hundreds to thousands of spammer using your server the page pulls will seem natural and randomly timed. Aside from the absolute huge amounts of them of course. If creativity isn’t your strong suite and you can’t think of a good way to utilize this step just settle with using it to raise your Alexa rank or even have it search for your terms in one IFrame with Yahoo or something then have it click on your link in another iframe. This should help Yahoo see your site as getting a higher CTR on your search terms. That got you grinning didn’t it? How about having it bookmark your site in social bookmark sites for quick indexing? *waves to SEOStomp*

5. Submit your awesome new “anonymous” public proxy server to some repositories. This will get it some normally unwanted attention and give it a little bit of time to spread around like cancer. Just remember to advertise it as a anonymous server. Most won’t ever double check that. Infact their scripts will report back a successful pull everytime on your server. It won’t be until they actually check the content that they will stand a chance of figuring removing your server from their list.Here’s a few hundred to start out on.

There ya go. I could spend the next 100 pages giving you ideas on what to do with your now ultimate proxy server. By ultimate proxy server i didn’t mean your actual server i meant the chumps using your server and their virgin ip addresses. Just remember, no one EVER manually goes through their proxy lists and checks for these things. They may check the returned content to see if its what they expected to get, but if it doesn’t chances are they won’t sit there and manually pull it and find out what your doing. However if you are paranoid about them knowing about the technique your using then feel free to be a little sneaky about your redirect or frames.

If you are a complete white hat and just want to have a little fun. Feel free to boost your friends population on their forums and such by having every single spammer you catch inadvertantly signup Hell, I won’t condone it but it would be pretty funny to have them automatically email their ISP with the what they are trying to do. Remember email spammers use proxies to.

PS. I lied I didn’t sell out I’ll keep writing Blue Hat Techniques as long as people keep finding use for them.