HOW TO: Cookie stuff without getting caught

Status
Not open for further replies.

bubbles

Domainers...
Apr 11, 2007
858
27
0
This popped up in my blogroll, thought it was pretty interesting.

guerillaCPA.com: Cookies is Nummy

How to cookie stuff without getting caught. Never tried it but here’s what I’d do:

1. Put up a webpage (yoursite.com/index.php) with some content and a link to the merchant, make it look legit, no funny business.

2. On index.php, read the referrer (i.e. read the referrer page content) and see if it contains your iframe (so we know if the visitor has arrived from your cookie stuff page) - if it does then do a javascript redirect to the merchant (causing the cookie to be put down), otherwise display the page normally (so when people just type in your URL they’ll see a normal page).

3. On the page you want to cookie stuff, instead of going iframe=merchant site, do iframe=yoursite.com/index.php

4. When the merchant checks the referrer for all the traffic you’re sending, they’ll see yoursite.com/index.php, NOT your cookie stuff page. When they visit the page, it won’t javascript redirect to the merchant site (giving the game away), it’ll just display your normal legit looking page.

I have to say, it’s quite funny to hear people describe cookie stuffing as fraud. I mean, the merchants aren’t losing out, to suggest they are is lunacy. They have to pay commissions to someone in the end. As for fraud, well, look it up in a frickin’ dictionary before using the term. At best cookie stuffing violates TOS.
 


Isn't it impossible to reference the same url in an iframe? Because if you do this, you will crash your browser because you have an infinite loop.
 
Status
Not open for further replies.