A few things before you read this:
1) This is blackhat
2) You do this at your own risk
3) I’m only writing it because I think it’s interesting
4) If you don’t like it, take it as the information it was meant as, not as a recommendation what you should do!
With all that said. There’s an exploit for PHP versions 4.4.3 > 4.4.6 lurking around in the phpinfo() files. You can find all of the affected sites by doing this Google search.
Basically, itâ??s an XSS vulnerability in the phpinfo() function which gives unescaped output for all user-submitted arrays in GET, POST and Cookies. (More info can be found here)
If you find one of the URLs and add this on the end:
Replacing the YOURWEBSITE.COM for your URL an entering YOUR ANCHOR TEXT (with %20 as spaces). Hit enter, then scroll down to “PHP Variables” and you’ll see you’ve injected two of your links on the page. All that you need to do then is get them indexed. Boom, there’s some backlinks.
Like this article? Then subscribe to the feed!
Increase your SERPs click-through »
« Exploiting LSI to rank higher