In a previous article, I have discussed how spammers spams your WordPress blog. To do so, they simply have to fill the $postfields array with the info they want to display and load the page.
Of course, this code is only for educationnal purposes.
Of course, this code is only for educationnal purposes.
<?php $postfields = array(); $postfields["action"] = "submit"; $postfields["author"] = "Spammer"; $postfields["email"] = "spammer@spam.com"; $postfields["url"] = "http://www.iamaspammer.com/"; $postfields["comment"] = "I am a stupid spammer."; $postfields["comment_post_ID"] = "123"; $postfields["_wp_unfiltered_html_comment"] = "0d870b294b"; //Url of the form submission $url = "http://www.ablogthatdoesntexist.com/blog/suggerer_site.php?action=meta_pass&id_cat=0"; $useragent = "Mozilla/5.0"; $referer = $url; //Initialize CURL session $ch = curl_init($url); //CURL options curl_setopt($ch, CURLOPT_POST, 1); //We post $postfields data curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields); //We define an useragent (Mozilla/5.0) curl_setopt($ch, CURLOPT_USERAGENT, $useragent); //We define a refferer ($url) curl_setopt($ch, CURLOPT_REFERER, $referer); //We get the result page in a string curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); //We exits CURL $result = curl_exec($ch); curl_close($ch); //Finally, we display the result echo $result; ?>
No comments:
Post a Comment