So, I run a (pr0n live webcam) website for around 8 years now, and it got tons of traffic, I never visit it cause it earns me money and I leave it be. It got around 30.000 visitors a day. Now, I though about some interesting idea I had last week:
I know I can use that traffic to run scripts for me. scripts that portscan other hosts, run remote exploits, and even Ddossing remote services.
The idea is simple:
I have my high traffic website, and in a hidden iframe I run a remote script, that script does what I want it to do. The surfer will not notice that I run it, unless they look in the source. But, the thing is, I could use that 30K traffic for very malicious uses. Cause when the remote script runs, it targets a host with all the browser info of the surfers which open my site.
But, next thing is javascript. Because javascript runs in the browser only, it is interesting to use it for maliciuos acts, because when I build a javascript portscanner, the time that the surfers opens my site, a remote host is targeted with his IP and browser info. the next thing is then that I make AJAX calls to store that info.
@Awesome, I can't say sorry, but it's a dutch one. (I have certain reasons for this) :)
Yeh I'm not 100% sure what to use it for, but I think it's interesting to try a couple examples which do basic portscanning first. But who knows it can come into use someday.
Well it's pretty easy to monetize that, or use them to spam on your behalf or use them to hack their own routers (again for building botnets for spamming or otherwise). I had no idea you ran pr0n sites. Very interesting. There are tons of ways to monetize pr0n, but it's a tough industry due to the chargeback ratios. Although I do have a lot of ideas on how to minimize chargebacks.
I thought about creating one once, but I'm not totally sure how to go about it in regards to keeping all the necessary legal information, and the rest of it.
Awesome AnDrEw - That's The Sound Of Your Brain Crackin'
http://www.awesomeandrew.net/
Well it's actually a site builded by me, but I'm just an affiliate. I don't have my own content or such. But, it earns me a good buck. I can pay my house rent from it so, why not.
But, like you said RSnake, there are ways to make more money from it. It could be my complete income, but I don't like doing that all day long. In any case I got tons of logs from that traffic I get, and maybe I go insert a little script which I can activate remotely when I need it. Like, if someone is targetting me I can use it for a counter attackers a couple of times.
EDIT: I did use that server a couple of times to scan other websites, because the server it runs on got thousands of subdomains op a certain IP range, so it's hard to trace back to me, and I signed up anonymously with that hosting account by forging my identity some years back, cause I knew I could use it one day.
Edited 1 time(s). Last edit at 04/01/2007 07:14AM by jungsonn.
"never visit it cause it earns me money and I leave it be." Haha, you are fooling no one dirty boy. I know, you know and everybody else knows, that you have your own spy script implemented, so that you can spy on peoples dirty private sessions :)
You can easily use the script to look for emails to create spam lists, I had thought of doing this with flash rather than javascript/ajax but either would work.
And I actually considered creating a virtual computer where you could use other people's computers to run your operations, although I'm still trying to figure how to achieve the virtual hard disk.
