{"id":258,"date":"2006-08-21T07:51:55","date_gmt":"2006-08-21T14:51:55","guid":{"rendered":"http:\/\/www.pdxtc.com\/wpblog\/archives\/258"},"modified":"2014-12-04T13:46:01","modified_gmt":"2014-12-04T20:46:01","slug":"getting-easy-gov-links-in-a-few-minutes","status":"publish","type":"post","link":"https:\/\/www.pdxtc.com\/wpblog\/viruses-and-scams\/getting-easy-gov-links-in-a-few-minutes\/","title":{"rendered":"Getting Easy .gov Links in a Few Minutes"},"content":{"rendered":"<p>When I saw the title of an <a href=\"http:\/\/www.seomoz.org\/\">SEOmoz<\/a> blog post in my feedreader, I tried to make it the first story of the day. When I clicked to read it however, the article was gone. Hoping to read the cached copy, I searched on Google, but the text was not found.<\/p>\n<p>Still, I was able to find it, and it was an interesting read. It was a &#8220;black hat&#8221; (claimed as research) step by step demonstration of an exploitation known as &#8220;URL injection&#8221; where it&#8217;s possible to use a websites own &#8220;search form&#8221; to create links on their site, pointed wherever they like.<\/p>\n<p>The author gave 20 examples of having actually done so, on various government websites from the EPA to NASA, and the links are still there. At the <a href=\"http:\/\/memory.loc.gov\/ammem\/browse\/ListSome.php?category=War,+Military%3Ch1%3ELook,%20I%20made%20content%20inside%20an%20h1%20tag%3C\/h1%3E%3Ca%20href=http:\/\/www.example.com%3ELook,%20I%20made%20a%20link%3C\/a%3E%3Cbr%20\/%3E%3Cimg%20vspace=15%20hspace=15%20%20src=http:\/\/evil.seesaa.net\/common\/cat.gif%3E%3Cbr%20\/%3E%3Ch1%3EKitties%20love%20links%3C\/h1%3E\">Library of Congress, he even added a funny photo too<\/a>.<br \/>\nThe last paragraph of the story probably sums up why it was removed, where the author points out that if you can add any pictures and text you like to an official website, then  it would be relatively easy to make up a phishing scam, posting the stolen data to the bad guys&#8217; server, and the user would never even know they&#8217;d been scammed until it&#8217;s way too late.<br \/>\nThis blog post was clearly a case of providing too much information that could be used for evil, and &#8220;hats off&#8221; so SEOmoz for removing it. Unfortunately, if I could still find it, so can the bad guys.<\/p>\n<p>I&#8217;m not providing the link to the story for obvious reasons&#8230;<\/p>\n<p>***update &#8211; They have put the post back up after checking with their attornies, but I have to disagree with this course of action. Just because you can legally\u00a0 tell someone exactly how to build a bomb, doesn&#8217;t mean it&#8217;s the right thing to do. It should generate a lot of inbound links though for SEOmoz&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>When I saw the title of an SEOmoz blog post in my feedreader, I tried to make it the first story of the day. When I clicked to read it however, the article was gone. Hoping to read the cached copy, I searched on Google, but the text was not found. Still, I was able [&hellip;]<\/p>\n","protected":false},"author":76,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[16,12],"tags":[],"class_list":["post-258","post","type-post","status-publish","format-standard","hentry","category-seo","category-viruses-and-scams"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Getting Easy .gov Links in a Few Minutes<\/title>\n<meta name=\"description\" content=\"When I saw the title of an SEOmoz blog post in my feedreader, I tried to make it the first story of the day. When I clicked to read it however, the\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.pdxtc.com\/wpblog\/viruses-and-scams\/getting-easy-gov-links-in-a-few-minutes\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Getting Easy .gov Links in a Few Minutes\" \/>\n<meta property=\"og:description\" content=\"When I saw the title of an SEOmoz blog post in my feedreader, I tried to make it the first story of the day. When I clicked to read it however, the\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.pdxtc.com\/wpblog\/viruses-and-scams\/getting-easy-gov-links-in-a-few-minutes\/\" \/>\n<meta property=\"og:site_name\" content=\"Scott Hendison&#039;s Old Search Commander Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/SearchCommander\" \/>\n<meta property=\"article:published_time\" content=\"2006-08-21T14:51:55+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2014-12-04T20:46:01+00:00\" \/>\n<meta name=\"author\" content=\"Scott\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@shendison\" \/>\n<meta name=\"twitter:site\" content=\"@shendison\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Scott\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/viruses-and-scams\\\/getting-easy-gov-links-in-a-few-minutes\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/viruses-and-scams\\\/getting-easy-gov-links-in-a-few-minutes\\\/\"},\"author\":{\"name\":\"Scott\",\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/#\\\/schema\\\/person\\\/3142c7d28dc676725ac62cd6c9de8371\"},\"headline\":\"Getting Easy .gov Links in a Few Minutes\",\"datePublished\":\"2006-08-21T14:51:55+00:00\",\"dateModified\":\"2014-12-04T20:46:01+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/viruses-and-scams\\\/getting-easy-gov-links-in-a-few-minutes\\\/\"},\"wordCount\":321,\"commentCount\":1,\"articleSection\":[\"SEO\",\"Viruses and Scams\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/viruses-and-scams\\\/getting-easy-gov-links-in-a-few-minutes\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/viruses-and-scams\\\/getting-easy-gov-links-in-a-few-minutes\\\/\",\"url\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/viruses-and-scams\\\/getting-easy-gov-links-in-a-few-minutes\\\/\",\"name\":\"Getting Easy .gov Links in a Few Minutes\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/#website\"},\"datePublished\":\"2006-08-21T14:51:55+00:00\",\"dateModified\":\"2014-12-04T20:46:01+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/#\\\/schema\\\/person\\\/3142c7d28dc676725ac62cd6c9de8371\"},\"description\":\"When I saw the title of an SEOmoz blog post in my feedreader, I tried to make it the first story of the day. When I clicked to read it however, the\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/viruses-and-scams\\\/getting-easy-gov-links-in-a-few-minutes\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/viruses-and-scams\\\/getting-easy-gov-links-in-a-few-minutes\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/viruses-and-scams\\\/getting-easy-gov-links-in-a-few-minutes\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Getting Easy .gov Links in a Few Minutes\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/#website\",\"url\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/\",\"name\":\"Scott Hendison&#039;s Old Search Commander Blog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.pdxtc.com\\\/wpblog\\\/#\\\/schema\\\/person\\\/3142c7d28dc676725ac62cd6c9de8371\",\"name\":\"Scott\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/ba275e23c0aad37526141e715b54cd3eeac27b071e4395b2b39e801ca68355d6?s=96&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/ba275e23c0aad37526141e715b54cd3eeac27b071e4395b2b39e801ca68355d6?s=96&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/ba275e23c0aad37526141e715b54cd3eeac27b071e4395b2b39e801ca68355d6?s=96&r=g\",\"caption\":\"Scott\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/shendison\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Getting Easy .gov Links in a Few Minutes","description":"When I saw the title of an SEOmoz blog post in my feedreader, I tried to make it the first story of the day. When I clicked to read it however, the","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.pdxtc.com\/wpblog\/viruses-and-scams\/getting-easy-gov-links-in-a-few-minutes\/","og_locale":"en_US","og_type":"article","og_title":"Getting Easy .gov Links in a Few Minutes","og_description":"When I saw the title of an SEOmoz blog post in my feedreader, I tried to make it the first story of the day. When I clicked to read it however, the","og_url":"https:\/\/www.pdxtc.com\/wpblog\/viruses-and-scams\/getting-easy-gov-links-in-a-few-minutes\/","og_site_name":"Scott Hendison&#039;s Old Search Commander Blog","article_publisher":"https:\/\/www.facebook.com\/SearchCommander","article_published_time":"2006-08-21T14:51:55+00:00","article_modified_time":"2014-12-04T20:46:01+00:00","author":"Scott","twitter_card":"summary_large_image","twitter_creator":"@shendison","twitter_site":"@shendison","twitter_misc":{"Written by":"Scott","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.pdxtc.com\/wpblog\/viruses-and-scams\/getting-easy-gov-links-in-a-few-minutes\/#article","isPartOf":{"@id":"https:\/\/www.pdxtc.com\/wpblog\/viruses-and-scams\/getting-easy-gov-links-in-a-few-minutes\/"},"author":{"name":"Scott","@id":"https:\/\/www.pdxtc.com\/wpblog\/#\/schema\/person\/3142c7d28dc676725ac62cd6c9de8371"},"headline":"Getting Easy .gov Links in a Few Minutes","datePublished":"2006-08-21T14:51:55+00:00","dateModified":"2014-12-04T20:46:01+00:00","mainEntityOfPage":{"@id":"https:\/\/www.pdxtc.com\/wpblog\/viruses-and-scams\/getting-easy-gov-links-in-a-few-minutes\/"},"wordCount":321,"commentCount":1,"articleSection":["SEO","Viruses and Scams"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.pdxtc.com\/wpblog\/viruses-and-scams\/getting-easy-gov-links-in-a-few-minutes\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.pdxtc.com\/wpblog\/viruses-and-scams\/getting-easy-gov-links-in-a-few-minutes\/","url":"https:\/\/www.pdxtc.com\/wpblog\/viruses-and-scams\/getting-easy-gov-links-in-a-few-minutes\/","name":"Getting Easy .gov Links in a Few Minutes","isPartOf":{"@id":"https:\/\/www.pdxtc.com\/wpblog\/#website"},"datePublished":"2006-08-21T14:51:55+00:00","dateModified":"2014-12-04T20:46:01+00:00","author":{"@id":"https:\/\/www.pdxtc.com\/wpblog\/#\/schema\/person\/3142c7d28dc676725ac62cd6c9de8371"},"description":"When I saw the title of an SEOmoz blog post in my feedreader, I tried to make it the first story of the day. When I clicked to read it however, the","breadcrumb":{"@id":"https:\/\/www.pdxtc.com\/wpblog\/viruses-and-scams\/getting-easy-gov-links-in-a-few-minutes\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.pdxtc.com\/wpblog\/viruses-and-scams\/getting-easy-gov-links-in-a-few-minutes\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.pdxtc.com\/wpblog\/viruses-and-scams\/getting-easy-gov-links-in-a-few-minutes\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.pdxtc.com\/wpblog\/"},{"@type":"ListItem","position":2,"name":"Getting Easy .gov Links in a Few Minutes"}]},{"@type":"WebSite","@id":"https:\/\/www.pdxtc.com\/wpblog\/#website","url":"https:\/\/www.pdxtc.com\/wpblog\/","name":"Scott Hendison&#039;s Old Search Commander Blog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.pdxtc.com\/wpblog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.pdxtc.com\/wpblog\/#\/schema\/person\/3142c7d28dc676725ac62cd6c9de8371","name":"Scott","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/ba275e23c0aad37526141e715b54cd3eeac27b071e4395b2b39e801ca68355d6?s=96&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/ba275e23c0aad37526141e715b54cd3eeac27b071e4395b2b39e801ca68355d6?s=96&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/ba275e23c0aad37526141e715b54cd3eeac27b071e4395b2b39e801ca68355d6?s=96&r=g","caption":"Scott"},"sameAs":["https:\/\/x.com\/shendison"]}]}},"_links":{"self":[{"href":"https:\/\/www.pdxtc.com\/wpblog\/wp-json\/wp\/v2\/posts\/258","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.pdxtc.com\/wpblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.pdxtc.com\/wpblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.pdxtc.com\/wpblog\/wp-json\/wp\/v2\/users\/76"}],"replies":[{"embeddable":true,"href":"https:\/\/www.pdxtc.com\/wpblog\/wp-json\/wp\/v2\/comments?post=258"}],"version-history":[{"count":0,"href":"https:\/\/www.pdxtc.com\/wpblog\/wp-json\/wp\/v2\/posts\/258\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.pdxtc.com\/wpblog\/wp-json\/wp\/v2\/media?parent=258"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.pdxtc.com\/wpblog\/wp-json\/wp\/v2\/categories?post=258"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.pdxtc.com\/wpblog\/wp-json\/wp\/v2\/tags?post=258"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}