Nov

24

Z-Blog URL Redirect Security Affected Spam Attacks

Filed Under blog |   

Z-Blog system contain a security issue that allows spam attack to Wikipedia by using url redirect.

The design of Z-Blog anti-spam encrypts the URL before redirect it. The name of the redirected file is c_urlredirect.asp. With the parameter of this page Z-Blog kann redirect to various pages. Sorrowfully the used encryption is very simple. One just need to put the odd characters together. With this methode blackhat SEO manipulates redirects from other Z-Blog websites to call its own website. Thus even if the original address is listed on the blacklist by Wikipedia, the manipulated redirect would still work and be used as spam.

The solution for this problem is not easy. The most simple way is to delete c_urlredirect.asp. But this method would also prevent the blogger himself make redirects.

Source . thanks for Wing translation

Related posts


Comments

3 Responses to “Z-Blog URL Redirect Security Affected Spam Attacks”

  1. Yee HER on November 30th, 2008 4:11 am

    So excellent a Chinese bilingual blogger William Long is!

  2. Daven on December 13th, 2008 10:33 pm

    well done, my z-blog don’t open this function at the moment, i will try it.
    Z-blog is very good in Chinese, but it is not very good in English, english z-blog rss is not easy to be acceptd by rss feed directory in englsih.

  3. Pakistan on June 4th, 2009 2:07 am

    Discover the beauty of pakistan. Learn the culture, heritage, traditions and landmarks of different parts of Pakistan especially sindh, punjab, balochistan and N.W.F.P and far northern areas.

Leave a Reply