Register Members List Search Today's Posts Mark Forums Read

Reply
 
Mod Options
Cookie Stuffing Detector [Inside- What is Cookie Stuffing and Why you Should Care] Details »
Cookie Stuffing Detector [Inside- What is Cookie Stuffing and Why you Should Care]
Mod Version: 1.0, by sockwater (Coder) sockwater is offline
Developer Last Online: Jan 2018 I like it Show Printable Version Email this Page

This modification is in the archives.
vB Version: 3.7.x Rating: (3 votes - 5.00 average) Installs: 43
Released: 04 Sep 2008 Last Update: 04 Sep 2008 Downloads: 151
Supported Uses Plugins Auto-Template Is in Beta Stage  

This modification will help protect your boards against cookie stuffing scams.


What is Cookie Stuffing
From Wikipedia:
Cookie stuffing or cookie dropping is a Blackhat technique used to generate fraudulent affiliate sales. It involves placing an affiliate tracking cookie on a website visitor's computer without their knowledge, which will then generate revenue for the person doing the cookie stuffing. Income is generated when the affected user visits the target affiliate site and either creates an account or makes a purchase, depending on the terms of the affiliate agreement. This not only generates fraudulent affiliate sales, but also has the potential to overwrite legitimate affiliates' cookies, essentially stealing their legitimately earned commissions.

Operators of websites that allow user-generated content, such as forums that allow users to post, should be aware of this technique in order to protect their visitors from this attack. Cookie stuffing can be accomplished with as little as including an image in a forum post.
People can use your boards for this illegitimate practice if you don't protect yourself
There are several techniques for cookie stuffing, one of which works on most vBulletin forums. I'll put the following in code tags so only licensed vB owners can read it.
Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

If you don't want people doing this, read on.


What this mod does

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

Installation
Import the product XML file in your Product Manager, then visit the Options group "Cookie Stuffing Detector Options".

After installation, you can check if this is working by creating a post and ....

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

Future development
I am planning to expand this mod to:
  • Scan all posts in the database for possible cookie stuffing attempts.
  • Check posts when the user submits them for cookie stuffing attempts, and reject the post.
Known issues / Caveats
  • Broken images will cause false positives
  • This is marked as a 3.7.x mod, because that is what I developed it on and what I use it on. It has a good chance of working on 3.6.x as well, but I haven't tested that.
  • All admins and mods (even when viewing a forum they are not a mod in) will see the message in a post if it is a possible cookie stuffing attempt. This is by design.

Tested in... (on Windows XP)
  • Firefox 3
  • Internet Explorer 7
  • Opera 9.5
  • Safari 3
  • Google Chrome?!

Download Now

Only licensed members can download files, Click Here for more information.

Show Your Support

  • To receive notifications regarding updates -> Click to Mark as Installed.
  • This modification may not be copied, reproduced or published elsewhere without author's permission.
Similar Mod
Mod Developer Type Replies Last Post
vB Cookie Detector - Detects if user has cookies switched on in browser. Erwin vBulletin 2.x Full Releases 12 29 Jan 2004 00:32

Comments
  #2  
Old 04 Sep 2008, 03:36
FreshFroot's Avatar
FreshFroot FreshFroot is offline
 
Join Date: Aug 2005
awesome stuff.

I heard about the cookie stuffing issues at DP and ebay.

Good to see, there is a way to protect ourselves!

thanks a bunch.
Reply With Quote
  #3  
Old 04 Sep 2008, 04:48
Floris Floris is offline
 
Join Date: Jan 2002
This only works on bbcode that has a non image as image.
But you can use any image remotely hosted in the img tag and that img can be forced to be executed as a php file.

The remote image is actually php code that sets a cookie with the affiliate code, and then sets the mime via header and returns a real image.

example:

The img above is http://floris.vbulletin.com/stuff/vborgtest.jpg[/img] which is actually a php file that sets a cookie for floris.vbcom with user 'vborgtest'

hence: stuffing.

This plugin doesn't seem to check for real cookie stuffing, unless I am mistaken?
__________________
My community; http://wetalknation.net

Last edited by Floris; 04 Sep 2008 at 05:03.
Reply With Quote
  #4  
Old 04 Sep 2008, 05:30
sockwater's Avatar
sockwater sockwater is offline
 
Join Date: Apr 2008
Right, except that's not really what we're talking about since there is no monetary gain in that.


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

Reply With Quote
  #5  
Old 04 Sep 2008, 09:57
Merjawy's Avatar
Merjawy Merjawy is offline
 
Join Date: Sep 2002
Location: USA
Thanks..

Installed on 3.7.3 and when I checked "Print debug output" I can't browse to any thread.. IE7 loads the thread then I get a notice can't find the page and I go to 404

I used Google Chrome and its fine and see at the buttom it says
6 of 6 posts on this page checked for cookie stuffing

but why IE stuffed with the setting?


Thanks
Reply With Quote
  #6  
Old 04 Sep 2008, 11:40
Mecho's Avatar
Mecho Mecho is offline
 
Join Date: Aug 2006
so it just can happen if User post an image using [img] tag and that image has url ?!!
Reply With Quote
  #7  
Old 04 Sep 2008, 12:58
ArnyVee's Avatar
ArnyVee ArnyVee is offline
 
Join Date: Mar 2008
Gonna keep an eye on this one
Reply With Quote
  #8  
Old 04 Sep 2008, 18:24
sockwater's Avatar
sockwater sockwater is offline
 
Join Date: Apr 2008
Originally Posted by Merjawy View Post
Installed on 3.7.3 and when I checked "Print debug output" I can't browse to any thread.. IE7 loads the thread then I get a notice can't find the page and I go to 404
I used Google Chrome and its fine and see at the buttom it says
6 of 6 posts on this page checked for cookie stuffing
but why IE stuffed with the setting?
I don't think this mod can cause 404 not found errors and the like. It's just a bit of Javascript added to the page after it loads. I think the source of your problem lies elsewhere.

Originally Posted by Mecho View Post
so it just can happen if User post an ....
My reply is in [code] tags so that only license holders can see it.

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

Reply With Quote
  #9  
Old 04 Sep 2008, 19:15
Brandon Sheley's Avatar
Brandon Sheley Brandon Sheley is offline
 
Join Date: Mar 2005
Real name: Brandon
Originally Posted by ArnyVee View Post
Gonna keep an eye on this one
ditto
__________________
I've been offering vBulletin Support and Wordpress Optimization for 10+ years, Contact me if you have questions.
Check out The Best Forum Ever if you get bored.
Reply With Quote
  #10  
Old 04 Sep 2008, 22:58
cheat-master30's Avatar
cheat-master30 cheat-master30 is offline
 
Join Date: Mar 2007
Location: Information Classified
Real name: cheat-master30
This sounds good, and I'm considering installing it, but one question... wouldn't this flag up vBulletin album images because the image format is something like picture.php?id= or something?
__________________
Proud vBulletin supporter (cheat-master30 at official forum)
DS Ultimate- A Great Nintendo DS forum-
My Nintendo DS forum covering Mario Kart DS, Super Mario 64 DS and the like. Powered by the amazing vBulletin 3.7 software.
Reply With Quote
  #11  
Old 04 Sep 2008, 23:56
sockwater's Avatar
sockwater sockwater is offline
 
Join Date: Apr 2008
Originally Posted by cheat-master30 View Post
... wouldn't this flag up vBulletin album images because the image format is something like picture.php?id= or something?
Nope
Reply With Quote
  #12  
Old 05 Sep 2008, 04:25
Merjawy's Avatar
Merjawy Merjawy is offline
 
Join Date: Sep 2002
Location: USA
Well,, as soon I check the second option "Print Debug Outpit" I pop up says can't find the page and throws me into page can not be displayed . (just like 404)

as soon I uncheck it, forum goes back to normal
Reply With Quote
  #13  
Old 05 Sep 2008, 04:40
sockwater's Avatar
sockwater sockwater is offline
 
Join Date: Apr 2008
Originally Posted by Merjawy View Post
Well,, as soon I check the second option "Print Debug Outpit" I pop up says can't find the page and throws me into page can not be displayed . (just like 404)

as soon I uncheck it, forum goes back to normal
Can you tell me what the exact message in the popup is? Also, can you copy the page source code for a page that cannot be display and PM it to me or post it here? That will help me get to the bottom of this.
Reply With Quote
  #14  
Old 07 Sep 2008, 13:29
FiMeTi FiMeTi is offline
 
Join Date: May 2008
Great job mate!
I installed this - SECURITY GOES FIRST!

cheers

//edit

I posted the Test-Link wich you´ve offered at the top with a [img] tag in my forums,
but I dont get a Warning - just the checked information at the bottom:
1 of 1 posts on this page checked for cookie stuffing.

Last edited by FiMeTi; 07 Sep 2008 at 14:09.
Reply With Quote
  #15  
Old 07 Sep 2008, 16:04
PossumX's Avatar
PossumX PossumX is offline
 
Join Date: Oct 2006
Great concept, and will keep an eye on this one as it progresses.

PossumX <<TAGS>> mod.
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Mod Options

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


New To Site? Need Help?

All times are GMT. The time now is 04:01.

Layout Options | Width: Wide Color: