Link Injection Research

Hi guys!Sorry I haven’t had a chance to post lately. I got some great posts coming up, I just haven’t had a chance to sit down with ‘em yet. I was going to write today but alas…I didn’t

So to hold you over here’s a quick five minute black hat tip

Finding Link Injection Possibilities With Versions & Changes LogsSearch for popular file names that include version update information and changes logs that are typically found in downloadable website scripts.

Two good places to find them would be:

    1. Popular PHP and CGI scripts.2. Searching directly for the filenames.

Check the changes and version logs and look for vulnerability fixes that happened recently. These typically mean theres a possibility for a link injection or spamming possibilities.

Try to download the versions of the script before the bug was fixed.

Look for the vulernability and figure out a way to exploit it.

Search for sites using the same script and attempt to link inject on all of them.

Avoid hacking

New posts coming out soon