Check Mates

Check Mates22 Jun 2010 12:40 am

They stole your articles didn’t they?
You didn’t even know until they outranked you.

They jacked your $50 lander without a single thought to how you’d feel?
Insensitive pricks

They violated your salescopy with synonyms.
Probably didn’t even use a rubber.

They rank #8 and you rank #9 on EVERY KEYWORD!

Listen, why don’t you just relax. Have a seat over there and enjoy an Otterpop. You obviously Googled this article for a reason. No one reads this blog anymore. I haven’t even updated since November or so I hear. Literally, Someone had to tell me I haven’t updated since November. I didn’t check so I’m just going to assume they wouldn’t bullshit me. The point is you have anger issues and would like to turn those anger issues into an anger problem. That’s cool I’ll show ya how, but first lose your initital instinct to go troll a forum asking about ways to take down a competitors website which inevitably leads to trying to find a hacker. Don’t be stupid illegal shit will ruin you eventually. Instead join the vigilante team to be a real jerk about it.

How To Take Down A Competitor’s Site The Asshole Way
First create a free account on is a large anti-email spam service that I hear is secretly owned by Spamhaus (another free antispam service). It allows very bored antispam vigilantes (”spamcops”) to anonymously report email spam. From there they track down the host and server provider, tear out all the contact info so they can’t trace it back to you, and send them a report claiming you’ve been sending email spam. The fortunate and unfortunate thing about is they are very reputable despite having no method of verifying any of the reports are real. Hosts/server providers take their reports very seriously and often times after 3-4 reports in a short period will disconnect the targets server’s IP and a few more after that cancel their server keeping all their files. It really is a guilty until proven innocent scenario. The only way to win if someone is reporting fake spam against you is to really be a spammer and just shut down and move to a new host. If you’re a legit webmaster you’re pretty much fucked to say the least because they’ll just keep telling you to stop doing what you’re not doing and if they’re really patient they’ll ask you to prove you’re no longer doing what you were never doing. LOL

DMCA Notices Don’t Have Shit On Spam Reports
Once you create your account and login go to the Report Spam tab…


Copy and paste a few random spam emails currently in your inbox. Swap out the domains and ips (they even give you neat tools for this!) and send away.
If you do this every day for a week or two their server will eventually go offline. For them it becomes an uphill battle to keep from getting shut down.

This definitely isn’t a cool thing to do and isn’t in the spirit of competition nor is it affective against large sites like Wikipedia or Yahoo(DANG!). Likewise I wouldn’t recommend doing it, but unfortunately the tactic exists and is in play already. The problem is with reputation. Spamhaus and has a reputation as never being abused, but that’s only because no one ever bothers to check to see if it is abuse giving them a near perfect record. True recent story: I can’t say if my server really did send out spam or not originally because I just had no way of knowing, but I got this spam complaint. It was nearly worthless just had one of my domains as the links in the spammail and my server IP. I couldn’t find the problem so I told the server provider. That wasn’t acceptable with them so I made something up, saying umm yeah it was a sendmail hack or something. I fixed it. I fortunately could tell from some hidden code in the email that got skipped by the censors who the spam complaint came from. I thought it was over with but unfortunately I got complaints from him every day for about a week and a half. I fended them off till they eventually shut off my IPs with no warning and wouldn’t even give me access to the server to fix the problem. Haha oddly enough they said they wouldn’t turn it back on until I did fix the problem..idk. Anyways I said screw it and let the server stay down for two weeks. I come back and the guy is still sending spam complaints. Each one is dated for the current date. Basically he was spinning these emails and claiming my server was spamming him for two weeks without the server even being on. By the time I could even point this out it was too late, the servers and everything on them was pretty much dead.


So I definitely don’t feel bad if this information gets abused because it may eventually lead to a solution to a major problem that causes a lot of damage to the rest of us.

Check Mates22 Mar 2008 10:54 pm

Here ya go. This is the captcha busted in Python.

import Image,time,random,glob,re,os,sys

train = raw_input("train? (y/n)")
if(train == "y") : train= True
else: train = False
fileName = ''.join(sys.argv[1:])
def getNeighbourhood(i,width,height,pixels):
	results = []
		if(pixels[i+1] != 0): results.append(i+1)
		if(pixels[i-1] != 0): results.append(i-1)
		if(pixels[i-width] != 0): results.append(i-width)
		if(pixels[i+width] != 0): results.append(i+width)
		if(pixels[i-width+1] != 0): results.append(i-width+1)
		if(pixels[i+width+1] != 0): results.append(i+width+1)
		if(pixels[i-width-1] != 0): results.append(i-width-1)
		if(pixels[i+width-1] != 0): results.append(i+width-1)
	return results
now = time.time()
captcha =
(width,height) = captcha.size
pixels = list(captcha.getdata())
for pixel in pixels:
	if (pixel == 2): pixels[i] = 0
toclean = []
for i in xrange(len(pixels)):
	neighbourhood = getNeighbourhood(i,width,height,pixels)
	if (len(neighbourhood) < 4) : 	pixels[i] = 0

lowestY,highestY,count = 0,10000,0
captchas = []
slant = 15
for x in xrange(width):
	hasBlack = False
	for y in xrange(height):
		thisPixel = captcha.getpixel((x,y))
		if(thisPixel != 0):
			if(started == False):
				firstX = x
				firstY = y
				lastX = x
			if(y > lowestY): lowestY = y
			if(y< highestY): highestY = y
			hasBlack = True
	if((hasBlack == False) and (started==True)):
		if((lowestY - highestY) > 4):
			croppingBox = (firstX,highestY,lastX,lowestY)
			newCaptcha = captcha.crop(croppingBox)
				text = raw_input(”char:n”)
				try: os.mkdir(”/home/dbyte/deliciousImages/” + text)
				text__ = “/home/dbyte/deliciousImages/” + text + “/” + str(random.randint(1,100000)) + “-.png”
				text_ = “/home/dbyte/deliciousImages/” + text + “/” + str(random.randint(1,100000)) + “-.png”
				text_ = “/home/dbyte/deliciousImages/” + text + “/” + str(random.randint(1,100000)) + “-.png”
				newCaptcha.resize((20,30)).rotate(360 - slant).save(text_)
				#text = str(count)
				#text = “tmp-delicious-” + text + “.png”

			lowestY,highestY = 0,10000
			count +=1
if(train == False):

	imageFolders = os.listdir(”/home/dbyte/deliciousImages/”)
	images =[]
	for imageFolder in imageFolders:
		imageFiles = glob.glob(”/home/dbyte/deliciousImages/” + imageFolder + “/*.png”)
		for imageFile in imageFiles:
			pixels = list(
			for i in xrange(len(pixels)):
				if pixels[i] != 0: pixels[i] = 1

	crackedString = “”
	for captcha in captchas:
		bestSum,bestChar = 0,”"
		captchaPixels = list(captcha.getdata())
		for i in xrange(len(captchaPixels)):
			if captchaPixels[i] != 0: captchaPixels[i] = 1
		for imageAll in images:
			thisSum = 0
			pixels = imageAll[0]
			for i in xrange(len(captchaPixels)):
					if(captchaPixels[i] == pixels[i]): thisSum+=1
				except: pass
			if(thisSum > bestSum):
				bestSum = thisSum
				bestChar = imageAll[1]
		crackedString += bestChar
	print crackedString
	#print “time taken: ” + str(time.time() - now)
Random Thoughts and Check Mates17 Mar 2008 11:03 pm

Guess what I’m in the mood to talk about? You guessed it. Captchas! In fact I feel like dedicating a whole week, maybe more depending on if any downtime occurs. :) to talking about nothing but captcha breaking. We’ll break every captcha in the book and even by the end of this post the captchas that haven’t been created yet. Furthermore, for this week only I am accepting any and all captcha related guest posts. So if you got a captcha solved or want to discuss techniques to breaking them feel free to write up a guest post and email it to ELI at BLUEHATSEO.COM in html form. You can stay anonymous and not only will I put it up but I’m also willing to put up any ad you’d like. Pick any text or banner ad you’d like to put up with your post and I’ll include it. With as many readers as this place has I’m sure it’ll get clicked. Also be sure to include your paypal address. If I really like your guest post I may even send you a $100 as a thank you. Also, all you bloggers are welcome to repost any of the captcha related posts on this blog. I now declare any captcha related posts on this blog public domain and republishable under full rights. For some odd reason I feel like blowing the captcha breaking industry the fuck up. Like my favorite saying goes, if you’re going to wreck a room you might as well WRECK it. Lets begin by visiting one of my first captcha related posts; the Army Of Captcha Typers.

The Army of Captcha Typers is a great technique because it doesn’t require loads of programming and is 100% adaptable to any captcha. I suggest you go back and reread it, but in interest of keeping this short here’s a quick summary.

You use a service, I used a proxy site as an example, to get the users to type in the captchas for you. It records what the user typed in as the solution to the captcha and you use that to solve it. The more pageviews the service provides per user the more effective it is to breaking captchas. Why pay Indians or tediously code it yourself?

Normally I like to leave most of the code and creative portion out of the written technique in interest of not ruining the technique and to help the methods be more effective through use of spins and unique code. I don’t write this blog to ruin techniques, and those people who claim I do are just insecure and like to claim they already know everything. As common sense as most of the stuff I post is, I haven’t met a person yet who hasn’t in some way learned something from this blog. That truth brags a lot louder than most SEO blogs I’ve seen. But! If we’re going to wreck something lets wreck it. In that spirit I see no reason why every newbie on the planet shouldn’t be able to easily throw up their own web proxy site that solves captchas for them so here’s the script to do it.

Captcha Solving Web Proxy

This a modified version of CGIPROXY that I mentioned in the post. Basically you install it following the included instructions (README file). Then you setup your web proxy site. Target a niche such as kids behind a school proxy or something similar. There is an extra file included called captcha.cgi. Upload it to the cgi-bin in the same folder as the nph-proxy.cgi and give it 755 chmod permissions. Make a folder one directory below your cgi-bin called captchas. Give it read/write permissions (777 should work all else fails). Then anytime you got a captcha to solve upload it to that directory with a unique filename. This can be done automatically with whatever script you’re using to spam a captcha protected site. On the very next pageview the webproxy will require the person to type in the captcha and disguise it as a human check to prevent abuse. Any captcha works. Once it gets their response it’ll delete the captcha from the folder and write out the solution along with the filename to a new file called solved.txt. Format: characters|image.jpg\n . Remember to make some kind of reminder or code for the filename so you know which image is which when you go to use the solutions. Get enough users to your webproxy (which is very easy) and you can solve any captcha in moments.


Check Mates13 Apr 2007 07:05 pm

Perfectly Optimized Google Image Code
<p><img s rc=”images/keyword.jpg” alt=”keyword” />

Top Determined Factors
1) Keyword in same table cell as image.
2) Keyword below or above image in DIV or floating DIV.
3) Keyword in ALT tag.
4) Keyword in image name and image meta file summary.
5) Keyword in same paragraph as image.

Acceptable Code
<div style=”float:right”><img s rc=”image/keyword.jpg” /><br>keyword in more than 4 words and less than 10.</div>
<p>text blah blah</p>

Factors In Order Of Apparent Importance
1) Factors 2 and 5 equal
2) Factor 1
3) Factor 4
4) Factor 3
*Factor 3 assumed because it showed no distinguishable results in controlled tests.

Automatically Remove The Google Frame
<script language=”JavaScript1.1″ type=”text/JavaScript”>
if (parent.frames.length > 0) top.location.replace(document.location);</script>

Perfect Sizes
Small: 150×150 or smaller.
Medium: Larger than 150 x 150 and smaller than 500 x 500.
Large: 500 x 500 and larger.

Google Image Traffic Redirection

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http:\/\/images\.google\. [NC]
RewriteRule .*\.$ cgi-bin/redirect.cgi [R,NC]
*If google images is sending you traffic you don’t want, you can use this code to redirect to a targeted advertiser. I have an affiliate site that sells lingerie. It gets tons of porn related traffic from Google images. They usually just realize it’s not a porn site and they quickly leave. So I looked at the most popular keywords used in Google Images traffic they send me and found a related porn sponsor and started redirecting all the users to my affiliate link. What do you know? Conversions!

*Check Mate*

Update: I didn’t even realize this, but there is a great write up by EMP over at Blind Ape SEO. Worth checking out.