Get exclusive CAP network offers from top brands

View CAP Offers

Forum Spam

[bsa_pro_ad_space id=2]
  • This topic is empty.
Viewing 13 posts - 1 through 13 (of 13 total)
  • Author
    Posts
  • #721995
    vladcizsol
    Member

    Cant read it if you arent a member…

    #721999
    Anonymous
    Inactive

    Geez, I got enough mess as it is.

    #722001
    Anonymous
    Inactive

    can anyone post this here? i also can not read it because i am not a member

    #722005
    Anonymous
    Inactive

    It is a pretty long post…. So I will try to get the meat out of it:

    Quote:
    XRumer is here – for those of you who are keen on some serious ‘link building’

    Heres the features:

    Automatically post your messages to forums, guestbooks, bulletin boards.
    Multi threaded submitting
    Propriertary Question Answer system

    And much, much more….

    UNIQUE features: CAPTCHA recognition (in milliseconds), e-mail confirmation, built-in “question-answer” system, self-learning sytem, proxy refreshing and a lot of others.

    The system is fully user-independent and requires minimum skills to handle: you only need to choose the proper links database, create a message text with one or several hyperlinks and hit the ‘Start’ button. THAT IS ALL.

    XRumer software package includes the Hrefer program and databases with links to more than 102,000 forums.

    Go take a look [=xxxxhttp://www.botmaster.net/more1]xxxxhttp://www.botmaster.net/more1[/]

    That is the meat of it.

    #722008
    vladcizsol
    Member

    Yep thats a nasty little bugger.

    #722011
    Anonymous
    Inactive

    thanks for letting us know. any way to prevent against this?

    #722015
    Anonymous
    Inactive

    Didn’t say in there.

    They have a new password routine there though, you have to sign in twice. I suppose keeping their own forum safe….

    #722036
    Anonymous
    Inactive

    I have no idea if there is something to stop it, but would assume that each forum would likely come out with something or already has some type of spam stopper.

    #723418
    Anonymous
    Inactive

    This explains why my casino and also politics forum have been hit majorly by spam merchants. It has got so bad on the Online Casino Reviewer Forum that I have had to set it, so I manually approve new members.

    Major bummer!

    #723422
    Anonymous
    Inactive

    If I have understood this right you can rename some files in your forum and this would stop this kind of automatic spam. The software only looks for the common filenames on the signup and post url´s.

    I don´t know how to explain this better but you understand…:shhh:

    #723426
    Anonymous
    Inactive
    Webzcas wrote:
    This explains why my casino and also politics forum have been hit majorly by spam merchants. It has got so bad on the Online Casino Reviewer Forum that I have had to set it, so I manually approve new members.

    Major bummer!

    Well a bit of understatement wouldn’t you thing webzcas? I could not believe the amount of spam you were receiving around the Holiday season. It made me want to gag. PHP is and always will be highly exploitable because its’ a language based on so many sub languages. Easy to find holes because of this reason.

    I hope things are getting better for ya now. I haven’t been back yet figuring perhaps I attracked these buggers in.

    greek39

    #723435
    Anonymous
    Inactive

    Most of the ‘holes’ in the Open Source softwares that allow auto posting and auto registering are really not ‘holes’ per se.

    In this example, it appears that they are looking for a particular login file (maybe register.php) and registering via php by filling in the form and submitting.

    They have then figured out how to either read the CAPTCHA or (maybe more likely) try as many times as necessary until they run through the list of images that the forum has to offer for CAPTCHA.

    After this is complete, I would assume that they use POP to activate the account by using the activation link in the email.

    After all that – It would be simple to fill out a post in any forum you want since most forums use indexing to point to the forums. All they would have to do is find forum with index 1 and create a post.

    So – not much of an exploit in order to get the job done on this one. Just someone spending a lot of time just to spam the shit out of people. It is pretty disgusting if you ask me.

    Anyway – I would have to agree with Waz and say that if you were to change the common filenames (register.php to signup.php or something like that) – it would foil this type of spammer.

    However – that may be a lot harder than you think with some of the forum software.

    #723478
    Anonymous
    Inactive

    I guess my terminology is a bit old school. A hole in open source software I would consider to be exploitable. If the would be attacker or agent is finding vulnerabilities and using to their own end this would be an exploit. Spam/ forum spam I consider an exploit for the same reason.

    Perhaps I use the word exploit in the broadest sense. In regards to PHP I consider it to be a stacked layered program. What I mean by this is it relies on several other languages for it to function. One language stacked on top of another in a continuous succession. This is what makes it so easy to exploit.

    A language such as Unix is just the opposite, very little stacking and very if not impossible to find vulnerabilities. The closer your programming gravitates towards Unix the safer it becomes.

    I have a forum on stand by. I am still trying to figure out how I can make it spam free.

    Just my 2 cents to clarify.

    Greek39:cheers:

Viewing 13 posts - 1 through 13 (of 13 total)