Cookie stuffing with flash

chinesestyle

老外写的关于 cs 的 I think this is the best alternative to using iframes or images to cookie stuff people since it's much harder to detect compared to the other two solutions. As with the image cookie stuffing, flash cookie stuffing calls the affiliate url to send the cookie to our visitor. Flash is compiled into swf files which need to be decompiled before viewing the actionscript source code which is responsible for the whole trick.

You will need a flash editor such as Flash MX or something else able to add/edit actionscript code. My example uses eB4y so my final result will be one of their banners which can be taken from their website when you sign up as an affiliate.

The look of the banner is not so important since the whole trick sits in the actionscript code which I'm going to explain here:

Code:

1. import flash.net.URLRequest;
   
2. import flash.net.sendToURL;
   
3. import flash.net.navigateToURL;
   
4. import flash.net.*;
   
5. import flash.events.Event;
   
6. 
   
7. Security.allowDomain("http://www.yourdomain.net/");
   
8. Security.allowDomain("http://rover.eb4y.com/");
   
9. Security.allowDomain("http://cgi.eb4y.com/");
   
10. 
    
11. //-------------------------------------------------------------------
    
12. var url:String = "http://www.yourdomain.net/script.php";
    
13. var reqURL:URLRequest = new URLRequest(url);
    
14. var loader:URLLoader = new URLLoader(reqURL);
    
15. loader.addEventListener(Event.COMPLETE, handleComplete);
    
16. loader.dataFormat = URLLoaderDataFormat.VARIABLES;
    
17. 
    
18. function handleComplete( event:Event):void
    
19. {
    
20.         var loader:URLLoader = URLLoader(event.target);
    
21.         var safe:Number = new Number(loader.data["safe"]);
    
22.         var url:Number = new Number(loader.data["url"]);
    
23. 
    
24.         if(safe==1)
    
25.         {
    
26.                 var request:URLRequest = new URLRequest(url);
    
27.                 flash.net.sendToURL(request);
    
28.         }
    
29. }
    

复制代码

As you can see from our code, we create a request to "http://www.yourdomain.net/script.php" which returns a query string with a key called "safe". Safe means it's safe to cookie stuff the visitor. This is based on the referer of the visitor to make sure he's not the vendor itself. Just a security measure.

If the query string returns safe with a value of 1, we send the request to our affiliate url. Add this actionscript code to your flash banner and you got yourself a working cookie stuffing object.

The script.php page is just a simple php page which analyzes the referer to make sure it's within our allowed list, whatever that is. It also sends back the safe result and the affiliate url to be requested. We send it from php because you might wanna get in control and send url's based on geolocation, browser etc...:

PHP Code:

1. $referer = $_SERVER['HTTP_REFERER'];
   
2.    
   
3.     if ( substr((trim($referer)),0,20)!="http://cgi.eb4y.com/")  //location your stuffing at
   
4.     {
   
5.         echo "safe=1&url=" . $affiliate_url;
   
6.     }
   
7.     else {
   
8.         echo "safe=0&url=" . $affiliate_url;
   
9.     }

复制代码

That's all there is to it. Make sure you check the download section for a full, working example. Good luck!

liuxin88

记得以前发过！

2012nian

好贵啊  现在的价格

hlzone

好像看见过，不是这里就是隔壁

sxk1120

看看，是什么好东东还要回复才能看

franco

感谢分享！！！

金满堂

have a look

kakicn

看看我能不能学会

alccc

回复看看

silverlion

学习一下，最近正打算用到Cookie stuffing

rooktong

have a look look

strongway

上次有人发flsh的，里面好像缺少文件

gmianv

回复一下，下载来看看

wonday

回复看看

candycool

看看 有啥不同的文件

libing819

这个跟fb有啥区别不？

registers

回复看看

daniel6769

什么来的？

dashou

学习一下，谢谢

金满堂

这个不是完全的.有缺陷