x
This website is using cookies. We use cookies to ensure that we give you the best experience on our website. More info. That's Fine
HPC:Factor Logo 
 
Latest Forum Activity

SwizzleDude
SwizzleDude Page Icon Posted 2016-08-30 7:11 PM
#
Status:
It's pretty obvious that we have a massive problem with spammers. which is pretty annoying
Can anybody think of a method to stop them effectively?
 Top of the page Quote Reply
Alt Bass Page Icon Posted 2016-08-31 2:00 AM
#
Avatar image of Alt Bass
H/PC Sensei

Posts:
1,160
Location:
Russia
Status:
Dunno really, maybe switch from prehistoric captcha requested upon registration to newer version?

Edited by Alt Bass 2016-08-31 2:01 AM
 Top of the page Quote Reply
stingraze Page Icon Posted 2016-08-31 2:10 AM
#
Avatar image of stingraze
H/PC Vanguard

Posts:
3,390
Location:
Japan
Status:
Agreed... Spammer tools have long conquered that captcha system used here...
 Top of the page Quote Reply
C:Amie Page Icon Posted 2016-08-31 7:50 PM
#
Avatar image of C:Amie
Administrator
H/PC Oracle

Posts:
17,498
Location:
United Kingdom
Status:
I'm afraid that as excited as you want to get over this, the simple truth is that it isn't bot traffic causing the posts.

Bots cannot get around the registration system. They're scummy little maggots with no life using browser tab opener services to batch load the registration and post pages pages (http://www.urlopener.com/homepage.html).

The current one started at
2016-08-31 10:56:55
and ended at
2016-08-31 11:45:26

You can see them in the log clicking through the site after starting with the URL opener services. Bots take seconds to post, not minutes and hours.

Edit: I've set some code in place that will 403 the traffic. Should upset them for a few hours.
 Top of the page Quote Reply
Alt Bass Page Icon Posted 2016-08-31 10:09 PM
#
Avatar image of Alt Bass
H/PC Sensei

Posts:
1,160
Location:
Russia
Status:
So, the uniqueness of forum software prevents them?

You could probably limit the per user thread creation rate if there is such.
 Top of the page Quote Reply
C:Amie Page Icon Posted 2016-09-01 5:22 PM
#
Avatar image of C:Amie
Administrator
H/PC Oracle

Posts:
17,498
Location:
United Kingdom
Status:
I customised the registration system completely a few years ago after the site was first attacked. I've never seen any conclusive proof that SPAM has come from bot attacks.

There is no such option. I would have to re-write the site to do it. I basically just do not have the time these days and the site generates no income to pay for its own operating expenses, let alone time
 Top of the page Quote Reply
SwizzleDude
SwizzleDude Page Icon Posted 2016-09-01 5:53 PM
#
Status:
Wow, are you serious?
 Top of the page Quote Reply
SwizzleDude
SwizzleDude Page Icon Posted 2016-09-01 5:55 PM
#
Status:
Rangid Gupta? Is that his actual name???
 Top of the page Quote Reply
C:Amie Page Icon Posted 2016-09-01 6:02 PM
#
Avatar image of C:Amie
Administrator
H/PC Oracle

Posts:
17,498
Location:
United Kingdom
Status:
Ironic spam post cleaned

No of course not. Some low IQ idiot trying to do a bad job of being paid to copy paste someone else's XSS onto the site. The big one is a really lame attempt to obfuscate JavaScript by reversing the string and copping the code into 2-4 character chunks.

Looking at the code he was attempting to use JavaScript to execute lookup that would have forced everyone's web browser to download a ransomware virus https://www.reddit.com/r/Malware/comments/4qsjqy/locky_ransomware_ca...

Yay for retardation and cheap labour that doesn't know what it's doing.
 Top of the page Quote Reply
SwizzleDude
SwizzleDude Page Icon Posted 2016-09-01 8:19 PM
#
Status:
Quote
C:Amie - 2016-09-01 6:02 PM

Ironic spam post cleaned

No of course not. Some low IQ idiot trying to do a bad job of being paid to copy paste someone else's XSS onto the site. The big one is a really lame attempt to obfuscate JavaScript by reversing the string and copping the code into 2-4 character chunks.

Looking at the code he was attempting to use JavaScript to execute lookup that would have forced everyone's web browser to download a ransomware virus https://www.reddit.com/r/Malware/comments/4qsjqy/locky_ransomware_ca...

Yay for retardation and cheap labour that doesn't know what it's doing.


Yeah, that JScript he wanted people to run looks exactly like the ones from my spam inbox. Good job, Rangid!
 Top of the page Quote Reply
CE Geek Page Icon Posted 2016-09-05 9:57 AM
#
Avatar image of CE Geek
Global Moderator
H/PC Oracle

Posts:
12,573
Location:
Southern California
Status:
I just cleaned out 30 SPAM posts that came in over a three-minute span. Clearly done manually given the time span, which was slower at the beginning - all in the same forum (News & Editorials, which is on the top of the index page) except one - and that one must've had a script error somewhere, cuz it displayed as text rather than hyperlinks. I had just happened to log onto the site three minutes after the last post, immediately banning the spammer before deleting the posts. Third time over the past several months that I caught SPAM posts just a few minutes after they were made. What would Ye Administrator do without me?
 Top of the page Quote Reply
Yoldering Page Icon Posted 2016-09-05 2:42 PM
#
Avatar image of Yoldering
H/PC Vanguard

Posts:
2,579
Location:
The Lone Star State
Status:
Just wanted to take a moment to thank C:Amie, the other administrators and moderators! Thank you for all you do for this site!!!
 Top of the page Quote Reply
C:Amie Page Icon Posted 2016-09-05 3:27 PM
#
Avatar image of C:Amie
Administrator
H/PC Oracle

Posts:
17,498
Location:
United Kingdom
Status:
Fortunately is shouldn't be possible for these scum to post code onto the board; which if any of them bothered to check they would realise that they are wasting their time completely trying to XSS us.

I am not sure whether blocking the multi-link referral sites has made any difference I'm seeing less in the morning when I check by first thing?
 Top of the page Quote Reply
PDXMark Page Icon Posted 2016-09-06 7:06 PM
#
Avatar image of PDXMark
H/PC Philosopher

Posts:
388
Location:
Portland, Oregon
Status:
I agree! Many of the other tech forums I visit are much more inundated with spam; some of them are pretty much worthless. Thanks for all your efforts here!


Quote
Yoldering - 2016-09-05 6:42 AM

Just wanted to take a moment to thank C:Amie, the other administrators and moderators! Thank you for all you do for this site!!!
 Top of the page Quote Reply
HPC:Fan Page Icon Posted 2016-09-07 1:55 AM
#
Avatar image of HPC:Fan
H/PC Sensei

Posts:
843
Location:
Europe/USA
Status:
I stopped a lot using the IP range method of banning. See this thread (a little old) over at the Adminforums: https://theadminzone.com/threads/banning-by-ip-range.88782/

Granted, you could be blocking out honest to goodness visitors which is a downside. I had a little info page that popped up if blocked that said, "Oops, looks like you're blocked! If you're not a spammer, Sorry! Sometimes we just don't know the difference! Fill out the form below if you wish to use our website and we'll usher you right in!". It had a simple contact block with a simple question. If the question wasn't answered when it was sent it, it didn't go through. Many spammers don't feel like taking an EXTRA step when registering and realize the game is up and move on. I would then add them manually to the user database.

 Top of the page Quote Reply
1 2
Jump to forum:
Seconds to generate: 0.359 - Cached queries : 65 - Executed queries : 12