<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<meta http-equiv=Content-Type content="text/html; charset=UTF-8">
<title>OnlineMarketingReport - SPAM 2.0 - Comment Spamming WordPress Blogs</title>
<style type="text/css">
body{background:#cccccc; text-align:center; margin:20px; font-family:arial; font-size:12px}
td{font-family:arial; font-size:12px}
input{width:300px}
textarea{width:300px}
</style>
</head>
<body>
<div style="margin:auto; background:white; border:1px solid black; width:400px; padding:10px">
<?php
if(!isset($_GET["start"])){
print("Shall we <a href=\"?start\">BEGIN</a>?");
}else if(!isset($_POST["comment"])){
$keywords=array("age","air","anger","animal","answer","apple","area","arm","art","atom","baby","back","ball","band","bank","bar","base","bat","bear","beauty","bell","bird","bit","block","blood","blow","board","boat","body","bone","book","bottom","box","boy","branch","bread","break","brother","call","camp","capital","captain","car","card","care","case","cat","cause","cell","cent","century","chair","chance","change","character","chick","chief","child","children","chord","circle","city","class","climb","clock","cloud","coast","coat","cold","colony","color","column","company","condition","consonant","continent","copy","corn","cost","cotton","country","course","cover","cow","crop","cross","crowd","cry","current","cut","dad","dance","danger","day","dead","deal","death","decimal","degree","design");
$urls=array();
$key=$keywords[rand(0,count($keywords)-1)]."+".$keywords[rand(0,count($keywords)-1)];
for($ind=0;$ind<3;$ind++){
$num=$ind*100;
$return="";
$header="GET /search?n=100&va_vt=any&p=".$key."+site%3Awordpress.com&b=".$num." HTTP/1.0\r\n";
$header.="Host: search.yahoo.com\r\n";
$header.="Connection: close\r\n";
$header.="\r\n";
$con=fsockopen("search.yahoo.com",80);
fwrite($con,$header);
while(!feof($con))$return.=fread($con,2048);
fclose($con);
$return=explode("<a class=yschttl href=\"http://",$return);
if(count($return)>5){
for($ind1=1;$ind1<count($return)-1;$ind1++){
$return[$ind1]=explode("\">",$return[$ind1]);
$url=explode(".",$return[$ind1][0]);
$url=$url[0];
$urls[$url]=$url;
}
}else $ind=5;
}
$count=count($urls);
$urls=implode("|",$urls);
print("I have found <strong>".$count."</strong> blogs that contain those words: <strong>".str_replace("+"," </strong>or<strong> ",$key)."</strong><hr />");
print("<form action=\"\" method=\"post\">");
print("<table style=\"margin:auto\">");
print("<tr><td>name: </td><td><input type=\"text\" name=\"author\" /></td></tr>");
print("<tr><td>email: </td><td><input type=\"text\" name=\"email\" /></td></tr>");
print("<tr><td>url: </td><td><input type=\"text\" name=\"url\" /></td></tr>");
print("<tr><td>comment: </td><td><textarea name=\"comment\"></textarea></td></tr>");
print("</table>");
print("<input type=\"hidden\" name=\"urls\" value=\"".$urls."\" />");
print("<input type=\"submit\" value=\"SPAM THEM!\" />");
print("</form>");
}else if($_POST["author"]!="" and $_POST["email"]!="" and $_POST["url"]!="" and $_POST["comment"]!="" and $_POST["urls"]!=""){
$urls=explode("|",$_POST["urls"]);
print("If commens are not moderated,<br /> you can see your comments here: <br />\n<div style=\"text-align:left\"><ul>\n");
for($ind=0;$ind<count($urls);$ind++){
$return="";
$query="author=".$_POST["author"]."&email=".$_POST["email"]."&url=".$_POST["url"]."&comment=as-94783-sa\n\n".$_POST["comment"]."&comment_post_ID=".rand(10,30);
$header="POST /wp-comments-post.php HTTP/1.0\r\n";
$header.="Host: ".$urls[$ind].".wordpress.com\r\n";
$header.="Content-type: application/x-www-form-urlencoded\r\n";
$header.="Content-length: ".strlen($query)."\r\n";
$header.="Connection: close\r\n";
$header.="\r\n";
$con=fsockopen($urls[$ind].".wordpress.com",80);
fwrite($con,$header.$query);
while(!feof($con))$return.=fread($con,2048);
fclose($con);
if(ereg(" 302 Found",$return) and ereg("Location: http://".$urls[$ind].".wordpress.com/",$return)){
$spammed=explode("\r\nContent-type: ",$return);
$spammed=explode("Location: ",$spammed[0]);
$spammed=$spammed[1];
print("<li><a href=\"".$spammed."\">".substr($spammed,0,50)."...</a></li>\n");
}
}
print("\n</ul></div>");
print("<br /><br /><a href=\"?start\">Do it again!</a>");
}else{
print("Why don't you just fill all fields? Hit browser's back button");
}
?>