Spam bots on the webpage
09-01-2006, 12:46 PM
#4
1.5 BAR
Join Date: Dec 2002
Posts: 1,065
Re: Spam bots on the webpage
Originally Posted by 2stockrocketz
what made the spam ***** come here all of a sudden?? i've been on here for years and never saw spam...but now it's daily
09-01-2006, 01:06 PM
#5
0.0 BAR
Join Date: Feb 2003
Posts: 0
Re: Spam bots on the webpage
There's a forum update that adds verification scripting, but it requires a back up in case things go and get themselves completely fucked. The powers that be haven't had the time, but it's coming in the next couple weeks.
09-01-2006, 01:35 PM
#6
3.0 BAR
Join Date: May 2006
Posts: 5,322
Re: Spam bots on the webpage
Originally Posted by Joseph Davis
There's a forum update that adds verification scripting, but it requires a back up in case things go and get themselves completely fucked. The powers that be haven't had the time, but it's coming in the next couple weeks.
09-01-2006, 02:23 PM
#8
0.0 BAR
Thread Starter
Join Date: Feb 2005
Posts: 0
Re: Spam bots on the webpage
The bots use expolits in the forum script to run text/ini files as code to register their names and post messages.
The bots scan through IP ranges looking for webservers trying all of the get command exploits they know on a given server
if the server runs the script then it makes the post
the bot probably logs the ip adress of sucessfull connections
all you have to do is find what exploit is allowing access and change the name, or download the scripts they're using on yoru computer and change the action name on the form
say change
https://www.homemadeturbo.com/forum/...ction=register
to
https://www.homemadeturbo.com/forum/...?action=nignog
it wouldn't be able to run its premade register scripts anymore
It looks something like this, sorry for the huge screen shot, but i couldn't paste the text because the forum software was trying to hyperlink all of those IP's and it woudn't post.
The verification warped numbers thing might not do much because the bots dont nessiciaiy go that route to register. they get the server to run code on its self to register.
Whats in the red is the file containing the code of the expolit they're trying to run.
this ---- is easy to counter. most of those get's even in the yellow are attemps to exploit the server, but i just highlighted that one specific thing
edit, piece of ---- photobucket
The bots scan through IP ranges looking for webservers trying all of the get command exploits they know on a given server
if the server runs the script then it makes the post
the bot probably logs the ip adress of sucessfull connections
all you have to do is find what exploit is allowing access and change the name, or download the scripts they're using on yoru computer and change the action name on the form
say change
https://www.homemadeturbo.com/forum/...ction=register
to
https://www.homemadeturbo.com/forum/...?action=nignog
it wouldn't be able to run its premade register scripts anymore
It looks something like this, sorry for the huge screen shot, but i couldn't paste the text because the forum software was trying to hyperlink all of those IP's and it woudn't post.
The verification warped numbers thing might not do much because the bots dont nessiciaiy go that route to register. they get the server to run code on its self to register.
Whats in the red is the file containing the code of the expolit they're trying to run.
this ---- is easy to counter. most of those get's even in the yellow are attemps to exploit the server, but i just highlighted that one specific thing
edit, piece of ---- photobucket
09-01-2006, 05:28 PM
#10
3.0 BAR
Join Date: Apr 2003
Posts: 2,579
