1. GingerCoffee
    Offline

    GingerCoffee Web Surfer Girl Contributor

    Joined:
    Mar 3, 2013
    Messages:
    17,604
    Likes Received:
    5,877
    Location:
    Ralph's side of the island.

    Curious: How do the spammers end up with profiles?

    Discussion in 'Support & Feedback' started by GingerCoffee, Nov 29, 2013.

    I notice the spammers have filled out the member profile enough to at least record gender. I get it how they are spamming their initial posts, but how is a bot filling out the profile? Has someone put the forum on a spam list that includes a code for filling out the profile along with the first post?
     
  2. Macaberz
    Offline

    Macaberz Pay it forward Contributor

    Joined:
    Nov 19, 2012
    Messages:
    3,146
    Likes Received:
    297
    Location:
    Arnhem, The Netherlands
    The code would probably be a standard code for all xenForo forums. That is, that same but should be able to make a account on any XenForo powered board. A way to test if this is true would be for daniel to dive into the source code of the edit-profile page, change all the field names, then change the submission code accordingly and see if bots are still able to figure out which textfield represents what value. I'd wager not, but I may be wrong.

    See, the thing is, the textarea in which I can update my status is referred to from the code by the name "status". My bet is that if you were to change that name, the bot would try and look for a field by the name of "status" but be unable to find it, since we renamed it.
     
    GingerCoffee likes this.
  3. Wreybies
    Offline

    Wreybies The Ops Pops Operations Manager Staff Contest Administrator Supporter Contributor

    Joined:
    May 1, 2008
    Messages:
    18,859
    Likes Received:
    10,035
    Location:
    Puerto Rico
    And some bots are better than others. BotarellaSac is the best one. (I give them names) She fills out everything to include job, where she lives and home page. Nearly always a female name with a two or three letter suffix beginning with a capital letter that looks like a truncated surname. BotarellaSac spoofs its IP out of various innocuous looking places in the U.S. and Canada. I've accidentally banned at least 3 real members thinking they were BoterallaSac. Alphabet Soup is the least apt, but the most prolific. Always pings out of Fujian, China and the handle looks like garbage. Alphabet Soup stopped botting us a couple of weeks ago. Maybe they realize when their attempts are being thwarted and they look elsewhere? Don't know. There's JoeJoe, TommyXYZ, XYZTommy, and various others. You get to know them by the algorithm they use to create their screen name.

    This actually sounds pretty much in line with the behavior you see many of the bot sources display when they try and sign up. A good number of the sources head directly to Announcements upon registering, others go to Articles or New Member Introductions. You never see a bot post in the Lounge or in Book Review or other areas. They're keying off of something.
     
  4. Macaberz
    Offline

    Macaberz Pay it forward Contributor

    Joined:
    Nov 19, 2012
    Messages:
    3,146
    Likes Received:
    297
    Location:
    Arnhem, The Netherlands
    <dl class="ctrlUnit">
    <dt><label>Gender:</label></dt>
    <dd>
    <ul>
    <li><label for="ctrl_gender_male"><input type="radio" name="gender" value="male" id="ctrl_gender_male" checked="checked" /> Male</label></li>
    <li><label for="ctrl_gender_female"><input type="radio" name="gender" value="female" id="ctrl_gender_female" /> Female</label></li>
    <li><label for="ctrl_gender_"><input type="radio" name="gender" value="" id="ctrl_gender_" /> (unspecified)</label></li>
    </ul>
    </dd>
    </dl>


    Above is a piece of source code from the personal details page, I've highlighted all the 'tags' that a bot could be looking for. I think that by obfuscating these names, or generating them randomly on every page load could help in preventing a bot from finding which controls it has to manipulate. Obviously, this could be easily circumvented by a bot, as it might start to look for 'Male' and 'Female' first, then deduce from that to which control that text belongs, but it might be worth a try nevertheless.

    A much simpler solution would be to use reCaptcha on account creation and modification.

    EDIT: Okay so there's already a captcha-like bot preventer in place. I am not sure if SolveMedia's system is superior or inferior to reCaptcha so yea, I'll just leave that up as a suggestion.
     
    Last edited: Nov 29, 2013
    Wreybies likes this.
  5. Duchess-Yukine-Suoh
    Offline

    Duchess-Yukine-Suoh Girl #21 Contributor

    Joined:
    Aug 29, 2013
    Messages:
    2,319
    Likes Received:
    743
    Location:
    Music Room #3
    Is this also the one that always titles her posts"just an ordinary girl" or something like that?
     
  6. Wreybies
    Offline

    Wreybies The Ops Pops Operations Manager Staff Contest Administrator Supporter Contributor

    Joined:
    May 1, 2008
    Messages:
    18,859
    Likes Received:
    10,035
    Location:
    Puerto Rico
    BotarallaSac is the one that makes its way to the New Member Introductions a random number of days after having joined (never, ever on the same day as joining) and does the "I'm happy I now registered" and "I'm the new guy" or "I'm the new girl" spam posts. I was really diligent on this one and all the others, but this one is the one that caused me to unfortunately ban real, honest to goodness, members who had just joined up. I backed up a little off this one because I would rather zap a spam post that gets through and then ban the bot than ban real people who could be great, contributive members. *shrug* Sometimes you gotta' pick the lesser of two evils. Such is life. ;)
     
    cutecat22 likes this.
  7. Duchess-Yukine-Suoh
    Offline

    Duchess-Yukine-Suoh Girl #21 Contributor

    Joined:
    Aug 29, 2013
    Messages:
    2,319
    Likes Received:
    743
    Location:
    Music Room #3
    Oh, that one. So annoying.
     
  8. thirdwind
    Offline

    thirdwind Contributing Member Contest Administrator Reviewer Contributor

    Joined:
    Jul 17, 2008
    Messages:
    7,351
    Likes Received:
    2,891
    Location:
    Boston
    On the plus side, I don't see a lot of spammers these days, so kudos to the mods.
     
    Wreybies likes this.
  9. Wreybies
    Offline

    Wreybies The Ops Pops Operations Manager Staff Contest Administrator Supporter Contributor

    Joined:
    May 1, 2008
    Messages:
    18,859
    Likes Received:
    10,035
    Location:
    Puerto Rico
    Thank you! That's very much appreciate. :) I'm sure I speak for @minstrel as well when I say that it's a boring, tedious, never ending task getting rid of bots. I like to think that diligent whacking at the bots as they came in finally made at least a few of the more prolific spambot sources look elsewhere.
     
  10. Cogito
    Offline

    Cogito Former Mod, Retired Supporter Contributor

    Joined:
    May 19, 2007
    Messages:
    35,935
    Likes Received:
    2,043
    Location:
    Massachusetts, USA
    Although it's also fair to say it has talen its tolls on mods. More than one reached his or her limit during spam floods.
     
  11. DrWhozit
    Offline

    DrWhozit Banned

    Joined:
    Nov 19, 2013
    Messages:
    581
    Likes Received:
    67
    Location:
    Close to Indy, USA
    It's ironic that this subject was just written into "The Good Wife" as a problem for getting injunctions. Your server, if they are dominated by Google, may be in a food chain position where they won't be able to set their own server functions to even let a captcha work at all. In reality, it may be dependent on how much you pay them and how much Gmail they allow to your particular site. Some hosts will use this as a way to rip off new website owners. This forum has been around long enough to resist, but nobody is totally safe.
     
  12. Macaberz
    Offline

    Macaberz Pay it forward Contributor

    Joined:
    Nov 19, 2012
    Messages:
    3,146
    Likes Received:
    297
    Location:
    Arnhem, The Netherlands
    How much Gmail they allow to this site? Either I am overlooking the obvious, or you are throwing technical buzzwords at me with purpose of...impressing? I dunno, but I am a computer programmer, and what you just said made very little sense to me.
     
    Wreybies likes this.
  13. Duchess-Yukine-Suoh
    Offline

    Duchess-Yukine-Suoh Girl #21 Contributor

    Joined:
    Aug 29, 2013
    Messages:
    2,319
    Likes Received:
    743
    Location:
    Music Room #3
    I am very deeply baffled and confuzzled by this statement.
     
    Macaberz likes this.
  14. DrWhozit
    Offline

    DrWhozit Banned

    Joined:
    Nov 19, 2013
    Messages:
    581
    Likes Received:
    67
    Location:
    Close to Indy, USA
    b
    I had it happen to me. The host claimed Drupal compatibility yet claimed they could not change their server settings when my site was shut down because a series of Google bots spammed my site to no end when I had the captcha in place. Drupal support told me to fire my web hosting company.
     
  15. Macaberz
    Offline

    Macaberz Pay it forward Contributor

    Joined:
    Nov 19, 2012
    Messages:
    3,146
    Likes Received:
    297
    Location:
    Arnhem, The Netherlands
    And configuring robots.txt wouldn't have helped? I trust your sincerity, but its a very odd story to say the least.
     
    Wreybies likes this.
  16. DrWhozit
    Offline

    DrWhozit Banned

    Joined:
    Nov 19, 2013
    Messages:
    581
    Likes Received:
    67
    Location:
    Close to Indy, USA
    My programming experience is for the PC and not the web. on top of that, the question would be where? Knowing say... PhP very well might be a plus, but I work in Pascal and now Python mostly. I used to do Assembly and C/C++, but found that just focusing on OWL and Windows API is enough to keep a fellow busy whose primary job is physics, not programming.


    Unfortunately the food chain is more important than ethics. There are those out there who will sell out the little guy in a heartbeat. next time I try a dot something site, it'll be through a Front Page, wysiwyg type of site builder instead of online builders like Drupal and cpanel.
     
  17. Cogito
    Offline

    Cogito Former Mod, Retired Supporter Contributor

    Joined:
    May 19, 2007
    Messages:
    35,935
    Likes Received:
    2,043
    Location:
    Massachusetts, USA
    robots.txt is useless against roque spiders. It is only effective with cooperating search engines.
     
  18. DrWhozit
    Offline

    DrWhozit Banned

    Joined:
    Nov 19, 2013
    Messages:
    581
    Likes Received:
    67
    Location:
    Close to Indy, USA
    I find it eye-blinking shocking that the www has become this. It was originally created as a means for scientists to share their work. Since it has become a wonderful medium for all arts. Unfortunately we have so many who intrinsically have no intent but to rape the net itself and beyond. It seems that some of this is being done to further the art-of-hacking-for-hacking-art's-sake. Certainly the CIA wants to be able to decrypt something dangerous to us all, but when those algorithms leave the government sector, we have just reason to complain.
     
  19. Cogito
    Offline

    Cogito Former Mod, Retired Supporter Contributor

    Joined:
    May 19, 2007
    Messages:
    35,935
    Likes Received:
    2,043
    Location:
    Massachusetts, USA
    Seriously? Any technology can be exploited, and there will always be some people who dedicate their time to doing exactly that.
     
  20. DrWhozit
    Offline

    DrWhozit Banned

    Joined:
    Nov 19, 2013
    Messages:
    581
    Likes Received:
    67
    Location:
    Close to Indy, USA
    Exactly that. Well said. The trick we all hope to pull out of our hats is to keep a step ahead of it all.
     
  21. cutecat22
    Offline

    cutecat22 The Strange One Contributor

    Joined:
    Feb 20, 2014
    Messages:
    2,434
    Likes Received:
    1,063
    Location:
    England
    Why do I suddenly have an image of you two playing a new version of the old fashioned whack-a-mole game but it's called whack-a-bot ...?
    LOL
     
  22. cutecat22
    Offline

    cutecat22 The Strange One Contributor

    Joined:
    Feb 20, 2014
    Messages:
    2,434
    Likes Received:
    1,063
    Location:
    England
    There's good and bad in everything but when you stop and think about it, it's actually quite amazing just what we can get computers to do.

    Apart from in the field of robotics. I know we now have a robot that can actually run and walk up/down stairs (I watch QI) but I still think it will be a very long time before we are able to build something that can actually mirror human movements measure for measure.
     

Share This Page