Hello everyone
I am VAF.
It's normal to update from time to time. Don't rush!
One
Analysis of the current situation of gambling industry
In recent years, the gambling industry has become more and more rampant, involving huge gambling capital, which has driven the development of several black industry chains and caused social unrest. White hat and some people familiar with the matter told us that there are about 50 common templates and about 20 templates collected by the author.
According to the sampling analysis and mapping of the gambling template of the New York Yule lottery, 17396 spinach sites using the template were found, and 8082 survived. Excluding no unusual template samples, rough statistics of the whole network spinach website is estimated to be about 500000. According to the functions of its website and SEO keywords, the gambling websites are classified into four categories, and the structure and business process of gambling websites are analyzed in depth.
Two
Classification of gambling websites
Spinach platform is divided into: Gambling platform, video platform, spinach navigation website, spinach source website.
In the past, spinach websites were often made more delicate and simple, with less playing methods. For example: baccarat, horse racing, pressure size, etc.
With the development of web technology, the current spinach website architecture is relatively perfect, and the acceptable traffic is higher. So there are new ways to play, such as E-sports betting, sports betting, gambling games and so on.
Now the platforms of all sizes can basically cover most playing methods, so the author classifies them by platform type.
The most famous gaming platforms are: BBIN (Boeing platform), AG (Asian Games Entertainment Platform), OG (OG entertainment platform), Bet365, etc. these platforms are legal in some countries and regions and have legal business licenses, but they are not allowed by law in China.
(1) , spinach navigation website
Take the bbin platform, an overseas platform known as having legal formalities, as an example. Search keywords by fofa
body= "script/hlduilian.js"
There are eight results. This is the navigation of bbin. Most of its entertainment gambling sites are based on the bbin platform. Such navigation sites are not directly related to gambling, and most of them are for promotion and drainage.
Search keywords:
body="\x3e\u70b9\u51fb\u76f4\u63a5\u8fdb\u5165\x3c\x2f\x61\x3e\x3c\x2f\x64\x69\x76\x3e"
There are 22 navigations for such templates. According to statistics, there are about 10 types of navigation templates and more than 100 template websites.
(2) . gaming platform
Bbin is not legal in China, but because it is a legal gambling group outside China, it appears in the form of agency and cooperation at home. Many large domestic platforms directly act as agents for foreign gambling groups. This spinach platform looks "normal". Because of its large traffic and the video interface of foreign fact gambling, most gamblers will choose such platforms.
The other is that the non agent platform generally does not have the same gambling rules as the official ones, and has its own gambling rules. Although some spinach platforms are licensed with official live video, only this spinach result is the same as that of the official. Others have their own procedures to produce the prize results, which we call the prize opener. The smaller platform is the docking of Chongqing shihuacai. In addition to the same data of the shihuacai prize and the official data, others are the results of the operation of their own prize opener.
Many domestic platforms, in order to prevent being hit by the Internet surveillance, rent overseas computer rooms in Southeast Asian countries such as Cambodia and the Philippines. Many people have been recruited to take charge of the operation and maintenance of the website, customer service management, and some special staff. In China, small platforms often change domain names to prevent some anti phishing and spinach defense platforms from blocking, such as 360 malicious website detection and no thieves in the world.
This kind of website "died very quickly" in China, and soon it was attacked by relevant departments or security companies, or died naturally. The so-called natural death is as follows:
1. User traffic has dropped to a very low level, unable to continue to make profits
2. Domain name and server are attacked by hackers
(3) Video platform
This kind of video platform, like navigation, does not provide content directly related to gambling, but provides an interface to spinach platform. Provide video interface to domestic spinach website, and charge a certain amount of rent every month, generally 5-10W, etc., similar to booth.
According to statistics, this kind of video platform is about 4-6 types of templates. The most commonly used systems are systems a l b e t, C a l i b e t, etc.
Search keywords:
body="tutorial/index.html?lang="
There are 14 results, which are allbet.
(4) , spinach source website
This kind of website only provides the website source code, does not provide the gambling service.
According to the known keywords and templates, there are about 300 such websites.
The common keywords in gambling are "baccarat", "entertainment city", "eball", "Macau sands", "casino", "Macau Galaxy", etc. The key words are classified according to the website surviving from the template of the New York Yule lottery.
Get the following data, the most frequent keywords are: Entertainment City, 2603. Second: Macau sands, 1933. The key words of some relatively unknown gambling platforms are all in proportion.
Three
The structure of gambling platform
First of all, it's drainage. If you want a website to have traffic, you have to drain it from all channels. Only when the traffic goes up will players put their bets into gambling. Drainage methods include:
1. Agency promotion
2. SEO optimization
3. Advertising space
(1) Agency promotion
The agent promotion is mainly about the gambling platform. Please invite some teams to release some soft articles and relevant consultation promotion in the comment area of each post bar, forum comment area, UC headline and today's headline.
(1) Post Bar
First of all, we should mention the post bar. Many terms come from the great post bar, especially our Li Yi bar. Post it for talents from ancient times~
In this mixed land of fish and dragons, there are naturally a lot of user traffic, and the users of the post have a kind of exploration and curiosity.
In QQ group search, you can see a lot of groups about the promotion of the post bar, in which you can use some automatic software to post, reply and explode the building in the post bar and forum.
Because many gamblers, sex wolves and other psychological problems
Therefore, it has derived "stop gambling", "stop color", "stop rolling", etc.
The number of users of the gambling bar is about 8.92 million, and the amazing traffic can be obtained by drainage. Here are some examples of drainage:
The way of drainage is becoming more and more sophisticated. Rarely do you directly send web addresses or hard and broad ones, basically, you are concerned about some official account numbers, some platforms, etc. Even some large platforms directly apply for the official account of enterprises. Unless they are infiltrated into the social workers, the difficulty of tracing the source is very high.
(2) QQ promotion
Through QQ to add friends, some logical loopholes lead team to use batch software to add friends, or even become friends directly. Most of them are attracted by erotic content, driving, porn and other forms.
Or in the form of QQ group:
After entering the group, we will share a few yellow pictures and small movies. After that, we will discuss mostly spinach related topics, and most of the resources we will share are soft articles that drain
(2) SEO bidding ranking optimization
Through more familiar ways in the industry: black chain, jump and so on. The following is a black chain display:
For example: http://www.xinyouda.net/zgnv/20170528005121891542.html was linked with a black chain, and some of them were URL hopped on the homepage.
(3) Advertising space
The person in charge of the gaming platform will often choose the yellow website with high traffic and spinach navigation for advertising, so as to achieve the purpose of drainage.
Then there are products. As mentioned above, some large domestic platforms are acting as agents for some foreign legal platforms, or calling their interfaces for "opening". The important thing is the products, such as bbin, Ag, Bet365 and other platforms. Most of the gaming product headquarters are in foreign countries, but there are sales companies in every gaming country, and the sales companies will continue to sell the agent line, and the agent may have subordinate agents.
The small platform will call some interfaces, such as Chongqing time color interface, and use the reptile technology to synchronize in real time. Other betting projects are controlled by themselves.
Deep understanding can see the source code, spinach website architecture is divided into three parts: Web (computer), WAP (mobile), prize opener.
The web end is the main traffic port, and now some medium and large platforms have a lot of traffic in the mobile end, mainly in the form of app. The prize opener is JS script or program that can adjust probability. Some small platforms are basically in and out, and users can't withdraw when recharging.
After entering the group or registering users on spinach's official website, of course, you need to find a way to start the game with money.
Drainage is not the ultimate goal, but how to turn it into benefits. First, the users who are drained are recharged on the platform or given small wagers by the platform. In the middle of QQ group, most of the customer service is "trust", which incites users to recharge and follow the trend to bet and recover costs. Customer service is the face of a website, which is essential. Mainly to solve the problems encountered by the players, we will not talk about it here.
Small platform: users lose money, transfer and recharge. Users earn money to withdraw cash, customer service directly pay. (in order to attract large fish, spinach platform can generally withdraw small amount of cash). Large platform: automatically connect with the third-party payment platform, call the API of the third-party payment platform, complete self-service recharge and withdrawal, and realize one-stop operation.
Common third party payment platforms include: Mobao, Yinbao, kuaifu, zhipay, Huichao payment, etc
A certain amount of money will be added to an account, and there will be a certain flow platform for you to come out. The general platform will reconcile and view your account flow.
Four
In depth exploration of spinach industry
Select one of the source code, analyze and audit it, and find that there are some vulnerabilities. With the help of fofa platform for surveying and mapping, the number of the whole network of the system is 2500.
According to the vulnerability, we obtained the management rights of webshell and server, and found that there are still 1 million gambling streams per month in the small platform.
Give some addresses where the vulnerability exists:
http://**.51.***.25:8080/
http://www.****888.net/
http://47.**.39.71
http://103.***.123.70/
http://www.n**6.com/
http://45.**.249.38/
http://47.89.**.1*2/
And you can get webshell permission or server permission.
According to the analysis of the website of yishitou color source studio, we find that its CMS has injection vulnerability, which can obtain background permissions.
The following URLs are mapped via fofa and POC is integrated in fofascan.
103.**.18.66
198.**.163.130
198.**.163.50
103.**.18.98
198.**.163.133
69.**.69.188
198.**.163.134
103.2**.18.98
198.**.163.133
43.**5.56.94
198.**.163.134
118.**.190.80
118.**.154.133
198.**.163.132
In addition, through fofa mapping, it is found that some gambling websites are built by some common CMS, such as WordPress, Metinfo, discuz, etc. A large number of sites have been verified to be vulnerable.
The gambling industry has driven the development of some black industry chains. On the other hand, the fight against the gambling industry can effectively fight against the black industry and the occurrence of network crimes.