[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-Disclosure] Simple but Effective Spam Harvester Solutions
- To: full-disclosure@xxxxxxxxxxxxxxxx
- Subject: [Full-Disclosure] Simple but Effective Spam Harvester Solutions
- From: Andrew Smith <stfunub@xxxxxxxxx>
- Date: Fri, 8 Oct 2004 23:09:13 +0100
Not entirely sure if this is appropriate for full-disclosure. Ah Well.
As you may well know there are programs that scour the internet
looking for email addresses, some people attempt to thwart them
writing emails like "my_email (AT) mydomain (DOT) com". These don't
really work, so i figured some of my own out. They appear to have been
successful, i will share them with you now.
Using HTML Escape characters is a popular method, eg:
<a href="mailto:escchar@shiz.biz">contact me</a>
This works quite well but is easy to defeat (more on HTML escape
chars:
http://www.theukwebdesigncompany.com/articles/entity-escape-characters.php)
I then started toying with JavaScript, this worked great. Here are
some examples:
<script>
document.write('<a href="mailto:js1');
document.write('@shiz.biz');
document.write('">contact me</a>');
</script>
<script>
var a="@shiz.biz"
document.write('<a href=mailto:');
var b="js2"
document.write(b);
document.write(a);
</script>
>contact me</a>
<script language="Javascript" src="a.htm"></script>
<script language="Javascript" src="b.htm"></script>
<script>
document.write("<a href=mailto:");
document.write(a+b);
</script>>contact me</a>
Also, worked pretty well. As it gets more complicated it's far harder to defeat.
Then i found PHP could be used, creating a file called 'mail.php' and entering:
<?php
header("Location: mailto:form2@xxxxxxxx")
?>
into it, meant that linking to mail.php would launch an email.
Anyways, more info can be found here: http://www.wheresthebeef.co.uk/?p=hat
I hope some people have found this useful.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html