Another way to get RSS Links

by admin on May 22, 2010 · 3 Comments
If you have caught on to the power of rss feeds for link building (hope you have), one of the things you probably struggle a little with is finding places that will allow you to dump your feed in and turn into links.
I HATE (and I mean hate) giving my content to other websites and linking to them.  It hurts me down deep somewhere.
Why?  Well mainly because other sites really only exist for me to pull traffic from, and bury my links, and to exploit for my benefit in some way.
(that’s all black hat seo is really)
So one of the first things I do is find a way to “make” things work so I get as much benefit as I can instead of working on someone else’s site.
So let’s say that you are using and abusing Rss Rebound like you should be.  You need a place to get those links crawled and spidered that YOU own.
Basically if you can create a database, and change permissions on two files you have a link building superstar.
http://www.kubelabs.com/phpdug/
I’ll say no more – except it can pull in “posts” from rss and from digg to populate itself.

Also I should note that there IS a small cross site vulnerability in phpdug.  Basically someone can add javascript to one of your links and do something.  It’s well known – but I’ve got a few dozen of these up and running prior to noticing the vulnerability and I’ve never had an issue.
Details on that:
Critical: Less critical
Impact: Cross Site Scripting
Where: From remote
Solution Status: Unpatched
Software:PHPDug 2.x
Description:
A vulnerability has been discovered in PHPDug, which can be exploited by malicious people to conduct cross-site scripting attacks.
Input passed to the “id” parameter in upcoming.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site.
The vulnerability is confirmed in version 2.0.0. Other versions may also be affected.
Solution:
Edit the source code to ensure that input is properly sanitised.
Original Advisory:
http://www.exploit-db.com/exploits/11017
No big deal though – these sites aren’t keepers anyway.  Don’t spend money making them look good, don’t spend money promoting them, etc…  Just get enough links out there that the spiders keep coming back to crawl through to your feeds.
Tagged with:
 
If you enjoyed this article, please consider sharing it!
Facebook Twitter Delicious Digg

3 Responses to Another way to get RSS Links

  1. Tony says:
    June 5, 2010 at 5:06 am

    Posted in the original 2008 version. Reposted here as not sure if that one is monitored.

    Tony says: Your comment is awaiting moderation.
    June 4th, 2010
    2:11 am

    Seems to be a lot missing from the script. The “latest version” 2.0 appears to be just an update. It doesn’t have all the links for “view” and “viewall” to add the feed items. So when you click on any other view or even the ‘view all’ buttons, or any of the categories there is no page there – a google oops. I don’t get any response from the site “support”. The demo site shows everything working, so there must be somewhere to get it! Anyone got a copy?

    Reply
  2. admin says:
    June 9, 2010 at 2:13 am

    Tony,

    They have zero support – in fact I suspect they are done and gone. One of these days I’ll have to tear into their script fix the vulnerability and correct the issues 2.0 seems to have.

    I’ll release it when I do – because I’ve been abusing that script for years.

    For now just hack into the template and remove the links that don’t work properly.

    Reply
  3. admin says:
    August 8, 2010 at 5:51 pm

    Fixed the cross site vulnerability here:
    http://www.blackhatdigest.com/online-tools/php-dug-2-0-vulnerability-fix/

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>