Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Google 302 Exploit Knocks Sites Out

CmdrTaco posted more than 9 years ago | from the that-hurts-me dept.

Google 410

clsc writes "The exploit: Redirect via 302 to another page of your choice, then watch as the URL of your redirect script replaces the URL of that carefully selected page in Google's search results. Once this happens, feel free to redirect any visitor that is not Googlebot to any other page of your choice. Also applies to other search engines as well (not Yahoo! though)."

Sorry! There are no comments related to the filter you selected.

Yikes! (5, Funny)

LinuxGeek (6139) | more than 9 years ago | (#11942420)

Web wide malware. The return of Goatse cannot be far behind... Pun intended.

Bloggers again? (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11942421)

Is this exploit another work of Evil Bloggers?

danger! (3, Funny)

Neuropol (665537) | more than 9 years ago | (#11942428)

#15) Optional: For mischievous webmasters only: For any other visitor than "Googlebot", make the redirect script point to any other page free of choice.

heh. tubgirl abounds!

everybody uses 302 (-1, Troll)

Anonymous Coward | more than 9 years ago | (#11942432)


302's are hardly an "exploit" its standard practice for websites to use 302's to redirect people (using IP2country etc)

and this firm call themselves a research company ? iam still laughing

Re:everybody uses 302 (3, Insightful)

Junior J. Junior III (192702) | more than 9 years ago | (#11942460)

It's an exploit if you can't prevent someone from misusing 302, or to filter out malicious uses of 302 from legitimate ones.

Re:everybody uses 302 (5, Informative)

Anonymous Coward | more than 9 years ago | (#11942465)

Hey look! Someone forgot to RTFA!

You use 302 to hijack someone else's page in Google's search results. Your bogus ad infested page shows up instead of the actual content the user was searching for (and thought they were going to see), while the real website that you hijacked doesn't get any more Google traffic. That's the exploit.

Dumbass.

Anti-302 bill introduced in Congress (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11942587)

"We must keep the Internet safe for children and families," announced Senator Hillary Clinton (D-NY) today, with the introduction of the Keeping The Internet Safe for Children and Families by Outlawing 302 Redirects (KISCFO302) legislation to the floor of the Senate. "This administration has turned a blind eye to 302 redirects. We will not stand by and allow webmasters to simply use 302 redirects whenever they want, in the name of 'efficiency' or 'practicality'. Our children are our most precious resource."

Re:everybody uses 302 (0)

Anonymous Coward | more than 9 years ago | (#11942610)

Yeah, but that's not what the exploit is. The exploit replaces the victim's URL with your own in the google search results.

Splendid (5, Insightful)

Netsensei (838071) | more than 9 years ago | (#11942444)

1. post how to generate more traffic to one's website by exploiting a flow in google on /.
2. show a "random" ad (336px by 280 px) promoting 'google adsense' clearly stating "how to turn your website into a revenue generator in minutes" at said post.

...

3. $$$

Re:Splendid (0)

Anonymous Coward | more than 9 years ago | (#11942452)

ITYM

3. Profit!

goog (5, Funny)

kloidster (817307) | more than 9 years ago | (#11942447)

SELL SELL SELL SHORT!!!!

You will now be redirected to an SEC website (0)

Anonymous Coward | more than 9 years ago | (#11942569)

start satire
Your post to /. has been pre-monitored as a troll trying to manipulate stocks. You are now being redirected to an SEC website. You can either enter your confession in the text box or the FBI will be coming to your house immediately . . . end satire

yawn (5, Funny)

evenprime (324363) | more than 9 years ago | (#11942448)

boy, sending me to the wrong page is such a scary and horrible thing to do. Luckily my browser came equipped with the special "back button" anti-malware plugin.

Re:yawn (2, Insightful)

Chris Kamel (813292) | more than 9 years ago | (#11942462)

it will be when your 14 year old boy searches for something for his research paper and gets redirected to pr0n instead.

Re:yawn (5, Funny)

R.Caley (126968) | more than 9 years ago | (#11942476)

it will be when your 14 year old boy searches for something for his research paper and gets redirected to pr0n instead.

God knows, 14 year old boys need to be tricked to make them look at porn.

Re:yawn (0, Offtopic)

ip_freely_2000 (577249) | more than 9 years ago | (#11942632)

Damn, I wish I had a mod point, I would have pushed you to +5, Funny.

Re:yawn (4, Funny)

eno2001 (527078) | more than 9 years ago | (#11942703)

That's OK. I had mod points and I did it. Oh wait... ;P

Re:yawn (2, Insightful)

Ziviyr (95582) | more than 9 years ago | (#11942483)

Gotta be nuts to let kids roam unsupervised about the net.

Re:yawn (1, Insightful)

Anonymous Coward | more than 9 years ago | (#11942619)

It really depends on if you consider 14 year olds children or not. I know I was unsupervised even before 5th grade. I'm fairly certain that it was too early for me, but 14 sounds old enough to me.

Re:yawn (0)

Anonymous Coward | more than 9 years ago | (#11942681)

I'm sure there are people who question your lack of supervision even today.

Re:yawn (5, Insightful)

Anonymous Coward | more than 9 years ago | (#11942581)

I don't know if you're a father or something, but I was less than 10 years old when I first looked at porn and it was love at first sight! That did not make me a sick pervert: I'm a engineer now and I don't regret a second having looked at porn magazines in my youth.

Re:yawn (2, Funny)

Gruneun (261463) | more than 9 years ago | (#11942711)

it will be when your 14 year old boy searches for something for his research paper and gets redirected to pr0n instead.

Is that what he told you? "No, Dad, I was just trying to do a research paper. I had nothing to do with it!"

Re:yawn (5, Insightful)

MadMartigan2001 (766552) | more than 9 years ago | (#11942719)

Hmmm, lets see if we can calculate this...

Research paper = good
Porn = bad
Young boy = Becomming a sexual being

Grand total = Neurotic young man who feels guilty for acknowledging his sexual feelings.

Why is it so hard for some people to acknowledge the simple fact that young people of all ages have sexual feelings that are natural. And to repress those feelings and smother them in guilt is a very very damaging thing to do.

OH ya, I forget, all the fundamentalist (pick any religion) know exactly how we are all supposed to feel. Excuse me while I go puke!

Re:yawn (1, Interesting)

Anonymous Coward | more than 9 years ago | (#11942788)

You believed your 14 year old boy when he told you that? My kids feel the wrath of a transparent squid proxy with logging. They know I can and do watch everything they do, maybe not in real time and may not confront them immediately when I noticed sonething strange but they will get caught.

Re:yawn (5, Funny)

goldspider (445116) | more than 9 years ago | (#11942473)

Obviously you've never tripped a well-concealed Goatse landmine. No browser is equipped to deal with that kind of damage!

Re:yawn (2, Interesting)

LiquidCoooled (634315) | more than 9 years ago | (#11942505)

Actually, Lynx [browser.org] is.

But then again, I'm just being pedantic.
This hijacking thing is becoming a real PITA, and his recommendations to the search engines at the end of the article are reasonable.

The fix i personally recommend is simple: treat cross-domain 302 redirects differently that same-domain 302 redirects. Specifically, treat same-domain 302 redirects exactly as per the RFC, but treat cross-domain 302 redirects just like a normal link.

Re:yawn (1, Funny)

EvanED (569694) | more than 9 years ago | (#11942869)

I don't think Lynx is "equipped" to deal with that so much as not equipped to do anything else on the web ;-)

Fake Banks (4, Insightful)

Anonymous Coward | more than 9 years ago | (#11942481)

The use of the exploit isn't just to childishly send people to Goatse - it's about money. What happens when you go to your bank's website and get redirected to an identical-looking website that steals your information?

Re:Fake Banks (4, Interesting)

SmurfButcher Bob (313810) | more than 9 years ago | (#11942526)

You need to OWN the site that was searched. This is no different than keyword bombing tricks of old; it is merely a bait-and-switch.

Not news.

Re:Fake Banks (4, Informative)

That's Unpossible! (722232) | more than 9 years ago | (#11942705)

You need to OWN the site that was searched. This is no different than keyword bombing tricks of old; it is merely a bait-and-switch.

Not news.


I agree it's old, even the guy that wrote the article admits it goes back a few years. But you are wrong about how it works. These aren't just extra pages ... these pages can actually REPLACE yours in the search results, since Google sees the two pages as duplicates of each other, but doesn't realize it has been "tricked."

Re:Fake Banks (1)

smitty_one_each (243267) | more than 9 years ago | (#11942544)

I, for one, have a hard time feeling any mercy for the perpetrators of such crime.
Tie the (unambiguously) guilty to a post, give each victim one rock.
Not exactly a modern, liberal answer, but the question remains: does disapassionate, white-collar crime deserve mercy?
Hang 'em high, say I.

Re:Fake Banks (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11942682)

By your logic, clinton would have been stoned to death.
Repeatedly.

Re:Fake Banks (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11942701)

Bill or Hellary? Or both?

Re:Fake Banks (-1)

Anonymous Coward | more than 9 years ago | (#11942826)

Why just point out clinton? Why not cheney and the rest of the GOP good ole' boys?

Re:Fake Banks (3, Informative)

Taladar (717494) | more than 9 years ago | (#11942545)

You can do nothing with this that couldn't be done better with DNS Spoofing so it is not as if the problem was a new one...

Re:Fake Banks (1)

Raphael (18701) | more than 9 years ago | (#11942730)

I agree that the problem is not a new one. However, think about the following scenario:

  • A malicious user registers a dozen domain names using various incorrect spellings based on the name of some bank (typosquatters).
  • For a while, all of these fake domains redirect to the real bank.
  • The Googlebot indexes all of them and eventually one of these sites replaces the official web site at the top of the Google results (according to the "duplicate removal" described in the article).
  • Once the malicious user sees that one of his sites has replaced the official one, he stops the redirection for all visitors but the Googlebot.

Result: most visitors will now get a fake site. The official site is gone from the Google rankings.

So although there is nothing new here, the fact that the fake site using a 302 redirection replaces the real site is a golden opportunity for all phishers...

I think that the solution suggested in the article (treating cross-domain 302 temporary redirections as normal links) could be a good workaround, even if this means that Google would not be following the HTTP standard defined by RFC 2616.

Re:Fake Banks (3, Insightful)

vperez (162398) | more than 9 years ago | (#11942862)

Anyone who uses Google to search for their bank instead of getting the URL from their bank statement needs to be taught better.

Users need to be a lot less trusting of things online, especially if its the result of a search.

Re:Fake Banks (2, Insightful)

jwin1020 (148430) | more than 9 years ago | (#11942744)

Of course hacking the root DNS servers is just a _little_ harder than putting up a web page with a redirect.

Re:Fake Banks (4, Insightful)

millette (56354) | more than 9 years ago | (#11942550)

euh, ssl certificates ?

Re:Fake Banks (1)

R.Caley (126968) | more than 9 years ago | (#11942567)

What happens when you go to your bank's website and get redirected to an identical-looking website that steals your information?

You get what you deserve for going to your bank via Google?

Re:Fake Banks (2, Informative)

kryonD (163018) | more than 9 years ago | (#11942684)

"You get what you deserve for going to your bank via Google?"

I use google all the time if I'm on someone else's computer since my bank has a strange URL.

However, if you search for say "Chevy Chase Bank" and then click on a link where the address clearly has nothing to do with Chevy Chase...well, Darwin had some things to say about that.

Re:Fake Banks (5, Insightful)

R.Caley (126968) | more than 9 years ago | (#11942721)

I use google all the time if I'm on someone else's computer since my bank has a strange URL

You access your bank from a computer you don't have complete control of?

Have you considered tapdancing in minefields as an alternative?

Re:Fake Banks (1)

ocelotbob (173602) | more than 9 years ago | (#11942859)

Unless you're going to something like ww.wchevychasebank.com, which depending on the font, etc, looks close enough to fool a surprising number of people.

Re:Fake Banks (1)

cybermage (112274) | more than 9 years ago | (#11942811)

What happens when you go to your bank's website and get redirected to an identical-looking website that steals your information?

Jesus! I sure hope people aren't using a search engine to find their bank's website. The horror!

Re:yawn (2, Funny)

fshalor (133678) | more than 9 years ago | (#11942537)

Just as long as M$ or someone else doesn't patent the use of the "back" button for evading this sort of ware attack. All it would take was calling it the anti-malware function or something, and we're tanked.

I'm sure google will straighten themselves out in a few days. It's what they do. :)

Re:yawn (1)

jim_redwagon (845837) | more than 9 years ago | (#11942726)

i doubt it would be Microsoft, I'd say Amazon is the more likely serial patenter of common sense.

Re:yawn (1)

jwin1020 (148430) | more than 9 years ago | (#11942645)

It's a scary thing for a marketing manager who is watching site traffic drop while all the people searching for his product are instead being redirected to a competitor's site.

Google can't be wrong (5, Funny)

Anonymous Coward | more than 9 years ago | (#11942449)

Insert MS blame here

Re:Google can't be wrong (0)

Anonymous Coward | more than 9 years ago | (#11942855)

It's a MS Feature, not an error! Just because everyone else does not include these easy, free features is no reason to knock MS.

/Me reads through article (1)

TychoCelchuuu (835690) | more than 9 years ago | (#11942451)

Yessir, whatever you say sir. I don't think Slashdot should be so commanding; we're going to have a legion of nerds who actually think that CmdrTaco wants them to do this because of the way it's written. Hehe.

The dark path (2, Insightful)

lanc (762334) | more than 9 years ago | (#11942457)


sure. Do some 302 redirect-statistic-hack. Make money. Cheat your customers. No it's no excuse that other ones are doing it as well, bad attitude.

We are the Borg of LiarMarketing. Resistance is futile, human.

come on - get a life, be straight.

Re:The dark path (5, Insightful)

filmmaker (850359) | more than 9 years ago | (#11942511)

This is totally true.

There are basically two schools of thought in SEO as I've seen it. You can either try and be everywhere (spamming by creating zillions of pages and links) or you can be interesting (like this blog; people want to come here, instead of needing to be tricked).

Unfortunately, most people are about as interesting as watching grass grow, and they know it. So they spam the search engines and aim for the lowest common denominator. Sad, really.

Everyone is interesting (1, Insightful)

Anonymous Coward | more than 9 years ago | (#11942589)

Everyone is interesting about something.
It is when they get greedy that they start to suck.

How interesting is watching grass grow? (1)

xmas2003 (739875) | more than 9 years ago | (#11942671)

You decide - watching grass grow ... ;-) [komar.org]

Oracle Application Server (3, Interesting)

sinator (7980) | more than 9 years ago | (#11942459)

Oracle 9iAS and 10gAS are VERY heavy on the 302 redirects (as a way to moderate traffic using mod_oc4j).

Most of the redirects are innocuous, for example with an application whose context-root is /foo, you'd see a redirect from http://www.example.com/foo to http://www.example.com/foo/, but I can see this product borking up search results as its use becomes pervasive in the enterprise.

Since the product can't be changed, I'd probably change Google's behavior.

But are they to a *different* domain? (1)

NigelJohnstone (242811) | more than 9 years ago | (#11942509)

Maybe its just me, but if the 302 is to a different domain, do you have to assign it across?

I see lots of 302s used for country shifts e.g. a French visitor is shifted from www.foo.com to fr.foo.com, but its under the same domain foo.com.

For the ones shifted to other domains, does it matter if you ignore the 302 and take visitors directly to fr.foo.com?

WTF (2, Interesting)

anthony_dipierro (543308) | more than 9 years ago | (#11942466)

How is this hijacking? How is this any different from me simply adding the text and title of the other page to my page? Sure, I can change the redirect later, or change it for anyone except for googlebot, but I can do that with the content just as easily (more easily, in fact).

Furthermore, I suspect google has at least a few bots which don't announce themselves as googlebots just to check for such discrepancies.

Re:WTF (5, Insightful)

LiquidCoooled (634315) | more than 9 years ago | (#11942547)

If the googlebot scans the redirected page and assigns weights based on the end result page, but assigns the ranking to your original page, then you are essentially stealing pagerank from the proper host.

That is my understanding of the problem, and part of the reason why redirects appear to get higher rankings than simply copy and pasting somebodies content.

As for covert googlebots, I'm sure they exist as R&D items, but doubt they would be setup in the manner you describe.

Re:WTF (1)

Mr_Silver (213637) | more than 9 years ago | (#11942832)

If the googlebot scans the redirected page and assigns weights based on the end result page, but assigns the ranking to your original page, then you are essentially stealing pagerank from the proper host.

Since no physical property is involved don't you mean "you are essentially copyright infringing pagerank from the proper host"?

Hang on a minute, that doesn't sound right ...

Re:WTF (4, Informative)

gl4ss (559668) | more than 9 years ago | (#11942565)

from tfa:
*it allows a hijacking website to replace pages belonging to target websites in the Search Engine Results Pages*

that's what it does. think about it for a while. sure they could have protection but at the time it seems they DO NOT.

*What does it look like?
The Search Engine Results Pages ("SERPs") will look just like normal results to the searcher when a page hijack has occured. On the other hand, to a webmaster that knows where one of his pages used to be listed, it will look a little different. The webmaster will be able to identify it because (s)he will see his/her page listed with an URL that does not belong to the site. The URL is the part in green text under listings in Google.*

a lot of people use google as a sort of bookmarks page(with keywords they remember), potentially this could hurt them. what it more likely happens if it isn't fixed is that advertisers start to pollute the results even more, eventually leading google to be useless.

Re:WTF (3, Funny)

slimak (593319) | more than 9 years ago | (#11942689)

a lot of people use google as a sort of bookmarks page(with keywords they remember)

I didn't even realize that I did this until I read your post. Not that anyone cares, but I only have 4 or 5 regular bookmarks; the rest of the pages I need to goto I either a) remember because the url is so easy or i go there so much (e.g., slashdot, orderyourrussianwife.com, etc) b) do a search for them as needed (e.g. martin vetterli's homepage), or c) use the url auto-complete in the browser.

Re:WTF (1)

zeath (624023) | more than 9 years ago | (#11942850)

people use google as a sort of bookmarks page(with keywords they remember)

Keyword-driven bookmark system? Sounds like a patent you'd read about in a /. article being used as a bully tactic against high-volume barely-applicable products.

RTFA (1)

the_mighty_$ (726261) | more than 9 years ago | (#11942749)

It is hijacking because you can switch any page (i.e. the page ranked #1 for 'online poker') with the URL of your choice. i.e. your URL will be in the #1 position.

Seems like (4, Funny)

kc0re (739168) | more than 9 years ago | (#11942468)

Seems like all the hackers are struggling now-a-days. There are no "good" exploits coming out anymore. No directory Unicode transversals.. No Code Red, No Nimda. Not even SQL Slammer...
We haven't had a good exploit/0day in how long? Since the Webdav exploit? Or the RPC DCOM? Now we have to use Google, phishing techniques, and URL redirection. We are scraping the bottom of the barrell apparently.

Did it you have. (-1)

Anonymous Coward | more than 9 years ago | (#11942488)

Something wicked this way comes...

Re:Seems like (1)

winse (39597) | more than 9 years ago | (#11942515)

I've noticed this as well. My hypothesis is that good exploits are an inverse function of IT employment numbers. There seems to be a better place to channel energy lately.

Two words (2, Insightful)

Anonymous Coward | more than 9 years ago | (#11942716)

Windows firewall.

Windows firewall apparently put the rubber on any bugs out there spreading rapidly. Don't lose all hope though there's plenty of viruses that can spread the old fashioned way, through email and MSN. Not even by exploiting vulnerabilities, just by suckering people.

"Visit this URL and download and run this cool file"

I expect a nasty IM virus someday.

Follow the advice (2, Insightful)

Redwin (805980) | more than 9 years ago | (#11942472)

In the article is says:

"For this to happen, we need to put some pressure on the search engines."

Such as posting it on /. I'm sure that would create attention!

It's not popular pressure that'll do it... (1)

PornMaster (749461) | more than 9 years ago | (#11942670)

Google's been aware of this problem for months. 20000 geeks aren't going to be what will make them change it. It's when a Fortune 50 company is a victim long enough to sue.

Can I use this to knock out a fraudulent site? (4, Interesting)

Buran (150348) | more than 9 years ago | (#11942506)

A site registered and hosted using stolen funds from my credit card is still online following phoned and faxed demands for revocation and refund sent to the registrar/host. Can I somehow use this to send an entire domain to a black hole until the hosting/domain are revoked? It wouldn't be hacking, but it would make me feel a lot better to see the scammers knocked offline. If no one can get to them on google, they can't get any scam income. And what are they going to do -- sue me? That just would result in my slapping them with *criminal* charges as well as a motion for dismissal and a countersuit.

Re:Can I use this to knock out a fraudulent site? (0)

Anonymous Coward | more than 9 years ago | (#11942704)

Call your CC company. They'll be more than happy to at least take the money out of the ISPs merchant account. The ISP will in turn kill the site.

Re:Can I use this to knock out a fraudulent site? (2, Funny)

That's Unpossible! (722232) | more than 9 years ago | (#11942714)

A site registered and hosted using stolen funds from my credit card is still online following phoned and faxed demands for revocation and refund sent to the registrar/host. Can I somehow use this to send an entire domain to a black hole until the hosting/domain are revoked?

No, only posting their link on Slashdot would have that effect.

Re:Can I use this to knock out a fraudulent site? (1)

PeteDotNu (689884) | more than 9 years ago | (#11942808)

That would be a great idea, if it wasn't the OP's credit card being used to pay the hosting fees.

I hope Google et al don't support IDN (2, Interesting)

G4from128k (686170) | more than 9 years ago | (#11942512)

In the Google example shown in TFA, its "easy" to spot a hijack by looking at the URL. But if Google or other search engines were to support IDN (Internationalized Domain Names), then it would be even easier for a criminal to hijack a bank's login page with the IDN browser exploit [slashdot.org] .

No 302? (2, Informative)

Anonymous Coward | more than 9 years ago | (#11942533)

Sheesh. What a description. Couldn't he just say:

Create page that, when accessed by Googlebot, creates its own HTTP connection to a different, highly ranked page, and returns its contents to the Googlebot, but retuns your contents to everyone else than Googlebot.

Ooops - no 302 needed? Houst^H^HGoogle, we have a problem.

Re:No 302? (1)

Barny (103770) | more than 9 years ago | (#11942666)

Because your site is NOT the site that has the most links to it, the one you "mirror" is.

What this 302 does is says "oh wait, i am not the page you are after, this one is" and does it on such a level that it is transparent to bots/browsers, the bot then outsmarts itself, it says "well, if your site (the real one) is being 302ed by hacksite (the bad people) then we replace the real entry with the hack one" ruhrow, you now (as far as google searchers are concerned) that web site.

Then (as the original message says) just make a check on whether the accessing browser is a googlebot and bingo :)

Fun (4, Interesting)

stang7423 (601640) | more than 9 years ago | (#11942534)

Wow. That's a fun exploit... I can't wait to go tell my boss why our site links to a pron site on google.

All kidding aside this could be a major problem for some of the more controversial websites. Akin to the Googlebombing [slashdot.org] that was just mentioned yesterday this could be the next major attack scheme on the net. Imagine a pro-life site subverting a pro-choice site, Neo-nazi's subverting a site intended for Jewish children, the US government subverting Al Jazera...

Not a whole lot of fun IMHO. I trust google to return what I search for, if this changes I and a whole lot of other nerds are going to be left wandering aimlessly around the net.

Duplicate content (2, Interesting)

tfountain (619557) | more than 9 years ago | (#11942685)

I've seen this effects of this first hand and it's a slightly nastier problem than people realise.

It's not uncommon for search engines to penalise sites for duplicate content, i.e. identical content on multiple domains. So with this problem all it takes is a couple of other sites to link to you, completely innocently with a 302, and *bang*, your site disappears down the listings.

Further Reading (5, Informative)

mike2R (721965) | more than 9 years ago | (#11942554)

The main thread about this on WebMasterWorld [webmasterworld.com] is over 500 posts now.. lots of good info there.

Bippity, boppity, boo? (0)

Anonymous Coward | more than 9 years ago | (#11942555)

The real question is: is this theft, copyright infringement, or fraud?



R I P k l e r c k

GoogleJapan.Com (-1)

Anonymous Coward | more than 9 years ago | (#11942557)

Does that site of theirs also suffer from the 302?

Quote from Link: (1)

sandstorming (850026) | more than 9 years ago | (#11942572)

For this to happen, we need to put some pressure on the search engines. What i did not tell you above is that this problem has been around for years. Literally (see, eg. bottom of page here). The search engines have failed to take it seriously, and hence their results pages are now filled with these wrong listings. It is not hard to find examples like the one i mentioned above.


Nothing puts on pressure like a good /. !

Are you trying to /. Google? (1)

PornMaster (749461) | more than 9 years ago | (#11942628)

Google, of all sites, really isn't subject to a regular Slashdotting. Though it uses quite a different methodology, it's not too far to say that Google is a "Beowulf cluster of search engines".

Bollox (2, Insightful)

pgregg (185457) | more than 9 years ago | (#11942576)

It doesnt replace the URL at all. My reading is that google simply adds a new page in the database for the url you gave it. In this regard, how is this any different to a wget --mirror on the attempted "hijacked" site? Maybe more efficient but the net result is you are just trying to blag google hits of someone else's content.

PageRank _should_ sort this out as I'm sure lots more people will be linking to news.bbc.co.uk than to r.example.tld/foo/rAndoMLettERS (from the example).

Storm in a [child's] teacup.

Re:Bollox (2, Insightful)

julesh (229690) | more than 9 years ago | (#11942815)

My understanding is that it adds the PageRank of the page you redirect to, and applies it to your site. So, you appear in the listing right next to the site you linked to, above it if you have a pagerank of your own to add. If you just copied the content, then you'd end up with your own page rank only, throwing you down at the bottom of the list somewhere...

This is just plagiarism/cloaking (2, Informative)

manmanic (662850) | more than 9 years ago | (#11942590)

"Sometimes the target page will win, sometimes the redirect script will win. Specifically, if the PageRank of the target page is lower that the PageRank of the hijacking page, it's most likely that the target page will drop out of the SERPs"

This means that you can't reliably hijack the page unless you have a higher PR than it. But if you have a higher PR than that page then could just as well copy its content, then wait till you're spidered, then substitute for whatever you want.

In other words, this is nothing more than another way to exploit two existing problems: (a) that you can steal anyone's content on the web (though see this [copyscape.com] for a way to detect it) and (b) you can cloak your site for the search engines (though I'm sure they notice that too).

In summary, there is nothing new in this whatsoever.

So you mean... (1, Funny)

Snaller (147050) | more than 9 years ago | (#11942605)

...a webmaster can redirect people on his own site? Wow, the horror. (You can't place redirects on someone elses pages)

RTFA (n/t) (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11942686)

Please mod down as flamebait.

easy and not new, it's called cloaking (1)

free2 (851653) | more than 9 years ago | (#11942611)

Cloaking: providing a different content to search engines bots in order to get a better rank

You can achieve this by looking at the UserAgent string or, more surely, at the remote IP.

This really is a big deal. (4, Interesting)

bigtallmofo (695287) | more than 9 years ago | (#11942616)

Anyone that wants to steal your traffic can take advantage of this. Nearly all the sites that I have created in the last year have been purposely hijacked by this and don't show up in any Google rankings. I've learned to live with it despite contacting the jerk responsible who pleaded innocent and said he wasn't very technical and didn't know what was going on.

Historically, good content meant good search engine placement. Now that this little trick is being more publicized, it just decreases the amount of time required for someone to hijack your entire site and remove it completely from the search engine results.

Wikipedia Article (1)

Angafirith (825501) | more than 9 years ago | (#11942652)

I wonder if someone could redirect that Wikipedia Online Poker article to point to something else...

'Dem nasty spider thingies... (1)

asciimonster (305672) | more than 9 years ago | (#11942659)

6. It receives a "302 Found" status code and goes "yummy, here's a nice new page for me"

Human-yfied computer terms, Now that's the way to a non-nerd heart!

Wait... (5, Funny)

zBoD (86938) | more than 9 years ago | (#11942665)

Do you mean this is not www.kuro5hin.org ??

I would read TFA... (2, Funny)

eno2001 (527078) | more than 9 years ago | (#11942674)

...if I COULD get to the page. But it's being redirected with a 302. ;P

Google Search Results Redirected to Ebay (4, Interesting)

Junior Samples (550792) | more than 9 years ago | (#11942713)

I've noticed that a lot of my google searches get redirected to an Ebay search page even though the displayed url in the search results is a non-ebay url. I checked the Google cached result and it was not the same as the re-directed page.

It's very annoying as I haven't been able to figure out what is going on. The same Ebay search results show up under dozens of urls in the Google search results

Better than 503 slashdot error (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11942774)

pun intended.

One has to ask... (0)

Anti Frozt (655515) | more than 9 years ago | (#11942789)

Given the difficulty in getting a story posted on the front page, how does this exploit compare, in terms of ease of implementation, to the /. exploit for knocking sites out?

mod d0wN (-1, Troll)

Anonymous Coward | more than 9 years ago | (#11942868)

see. The number opinion in other be on a wrong turned over to yet disgust, or bben first avoid going
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?