I have been using entrecard on a few blogs and thought I would test out its vulnerability. Not being a coder my ability is limited to html so i put together this simple page to see how easy it would be to get lots of impressions:
Untitled Document
Now I admit I got caught out because i clicked on the same ad 5 times (removed) and it eventually caught on.
I think anyone with basic coding ability could
1) create a scraper to crawl the entrecard site and capture URLs
2) query whois and pull the I.P to create a fake referer
3) randomly create a page like mine with random ads to drop
4) click away until you get your 300 credits a day (should only take a min)
The main problem is the cards are not encrypted or randomised so they all run in a numbered string.
Untitled Document
Now I admit I got caught out because i clicked on the same ad 5 times (removed) and it eventually caught on.
I think anyone with basic coding ability could
1) create a scraper to crawl the entrecard site and capture URLs
2) query whois and pull the I.P to create a fake referer
3) randomly create a page like mine with random ads to drop
4) click away until you get your 300 credits a day (should only take a min)
The main problem is the cards are not encrypted or randomised so they all run in a numbered string.