Nov 24
Since redditors call me a spammer, I might as well become one.
I discovered a stupidly easy way to bypass Akismet. If for example, I had glowleaf.net blacklisted (which it is), every comment I post to other blogs will get deleted.
I just buy glowleaf.info, redirect it to my blog, and use it in the url box.
I just tested it, it bypasses akismet. Of course, if you are still posting spam nothing prevents the blogger from hiting the report spam link and nullifying your 2nd domain. But it works as a second chance. Or a third, a fourth, a fifth…
Now go spread some havoc and chaos.
Related Blogs
- Related Blogs on akismet bypass
- WTF Blog Clutter: The Death of the CAPTCHA
- Bypass Megaupload Download Limit « iD|Virtuoso’s
- Less spam, at least for now
- ccheapest ffxi gil » Blog Archive » cheap World of Warcraft power …
- comment on clean up in aisle 4! by graham
- Related Blogs on spam filter
- Colin Mercer On The Inter-Web
- yuyu1988 » Blog Archive » Eating up Spam
- What is Google Waiting For a Stable Version of Gmail? | Mehmet Ali …
- » ~6 month suspension « 勿忘我 – Don’t forget me
- Lambentpath » Email address
Popularity: 20% [?]
written by Glowleaf
\\ tags: akismet bypass, spam filter
November 24th, 2008 at 11:37 am
Do you have any info on the criteria Akismet has for defining spam? For example:
“same IP posting comments to many blogs in short time”
I only ask because I have an idea for a blog comment spammer which will give a decent chance of a comment sticking and being approved but I wonder if it will pass Akismet.
November 24th, 2008 at 12:27 pm
No idea. I just posted this because I stumbled on it. There are fora that deal with spam, you have to ask their members.
As for your comment script, if it does not pass akismet, its basically doomed.
November 24th, 2008 at 2:41 pm
That’s the thing, if Akismet doesn’t check for IP then I can see no way of it ever detecting me, but I think it’s fairly safe to assume it does.
November 25th, 2008 at 3:57 am
A glance at my spam comments today, and by some casual reverse engineering (if there is such a thing) with my morning coffee, tells me that akismet uses a lot of criteria to block spam.
The one pointed out here is a simple blacklist of domains. The second, more obvious is the flagging of spam words like “viagra”, and nowadays even “acai berry”.
Spam filters also use LSI to flag spam, that is why you commonly see awkward grammar in spam messages. No, the spammers are not Indians or anything, they are more educated than you think.
IP cannot be used for spam filtering simply because half the earth’s population has dynamic IP’s. Multiple comments from the same IP on the other hand, are definitely a red flag.
You have to understand that spam blocking is chopped down “OCR”, its handicapped artificial intelligence. There is no one way to bypass a spam filter simply because it would then be useless. Spam filters use heuristic algorithms optimized for speed (and efficiency, except in Norton’s case) and put different “weights” to different variables that raise a red flag or not.
November 25th, 2008 at 7:24 am
Sorry what is meant by LSI?
The only issue is posts from multiple IP’s, sure I could probably code a proxy rotator but you would need quite a bit list when spamming 1k+ blogs.
November 25th, 2008 at 10:49 am
LSI is latent semantic indexing, an explanation is here:
http://www.scottbowler.co.uk/search-engine-optimisation/latent-semantic-indexing-lsi-for-dummies-28.html
About proxy lists, I think Xrumer comes bundled with a script that locates proxies. Am I right? That might help.