1. GingerCoffee

    GingerCoffee Web Surfer Girl Contributor

    Joined:
    Mar 3, 2013
    Messages:
    18,385
    Likes Received:
    7,080
    Location:
    Ralph's side of the island.

    Curious: How do the spammers end up with profiles?

    Discussion in 'Support & Feedback' started by GingerCoffee, Nov 29, 2013.

    I notice the spammers have filled out the member profile enough to at least record gender. I get it how they are spamming their initial posts, but how is a bot filling out the profile? Has someone put the forum on a spam list that includes a code for filling out the profile along with the first post?
     
  2. Macaberz

    Macaberz Pay it forward Contributor

    Joined:
    Nov 19, 2012
    Messages:
    3,143
    Likes Received:
    300
    Location:
    Arnhem, The Netherlands
    The code would probably be a standard code for all xenForo forums. That is, that same but should be able to make a account on any XenForo powered board. A way to test if this is true would be for daniel to dive into the source code of the edit-profile page, change all the field names, then change the submission code accordingly and see if bots are still able to figure out which textfield represents what value. I'd wager not, but I may be wrong.

    See, the thing is, the textarea in which I can update my status is referred to from the code by the name "status". My bet is that if you were to change that name, the bot would try and look for a field by the name of "status" but be unable to find it, since we renamed it.
     
    GingerCoffee likes this.
  3. Wreybies

    Wreybies Thrice Retired Supporter Contributor

    Joined:
    May 1, 2008
    Messages:
    23,826
    Likes Received:
    20,815
    Location:
    El Tembloroso Caribe
    And some bots are better than others. BotarellaSac is the best one. (I give them names) She fills out everything to include job, where she lives and home page. Nearly always a female name with a two or three letter suffix beginning with a capital letter that looks like a truncated surname. BotarellaSac spoofs its IP out of various innocuous looking places in the U.S. and Canada. I've accidentally banned at least 3 real members thinking they were BoterallaSac. Alphabet Soup is the least apt, but the most prolific. Always pings out of Fujian, China and the handle looks like garbage. Alphabet Soup stopped botting us a couple of weeks ago. Maybe they realize when their attempts are being thwarted and they look elsewhere? Don't know. There's JoeJoe, TommyXYZ, XYZTommy, and various others. You get to know them by the algorithm they use to create their screen name.

    This actually sounds pretty much in line with the behavior you see many of the bot sources display when they try and sign up. A good number of the sources head directly to Announcements upon registering, others go to Articles or New Member Introductions. You never see a bot post in the Lounge or in Book Review or other areas. They're keying off of something.
     
  4. Macaberz

    Macaberz Pay it forward Contributor

    Joined:
    Nov 19, 2012
    Messages:
    3,143
    Likes Received:
    300
    Location:
    Arnhem, The Netherlands
    <dl class="ctrlUnit">
    <dt><label>Gender:</label></dt>
    <dd>
    <ul>
    <li><label for="ctrl_gender_male"><input type="radio" name="gender" value="male" id="ctrl_gender_male" checked="checked" /> Male</label></li>
    <li><label for="ctrl_gender_female"><input type="radio" name="gender" value="female" id="ctrl_gender_female" /> Female</label></li>
    <li><label for="ctrl_gender_"><input type="radio" name="gender" value="" id="ctrl_gender_" /> (unspecified)</label></li>
    </ul>
    </dd>
    </dl>


    Above is a piece of source code from the personal details page, I've highlighted all the 'tags' that a bot could be looking for. I think that by obfuscating these names, or generating them randomly on every page load could help in preventing a bot from finding which controls it has to manipulate. Obviously, this could be easily circumvented by a bot, as it might start to look for 'Male' and 'Female' first, then deduce from that to which control that text belongs, but it might be worth a try nevertheless.

    A much simpler solution would be to use reCaptcha on account creation and modification.

    EDIT: Okay so there's already a captcha-like bot preventer in place. I am not sure if SolveMedia's system is superior or inferior to reCaptcha so yea, I'll just leave that up as a suggestion.
     
    Last edited: Nov 29, 2013
    Wreybies likes this.
  5. Duchess-Yukine-Suoh

    Duchess-Yukine-Suoh Girl #21 Contributor

    Joined:
    Aug 29, 2013
    Messages:
    2,318
    Likes Received:
    750
    Location:
    Music Room #3
    Is this also the one that always titles her posts"just an ordinary girl" or something like that?
     
  6. Wreybies

    Wreybies Thrice Retired Supporter Contributor

    Joined:
    May 1, 2008
    Messages:
    23,826
    Likes Received:
    20,815
    Location:
    El Tembloroso Caribe
    BotarallaSac is the one that makes its way to the New Member Introductions a random number of days after having joined (never, ever on the same day as joining) and does the "I'm happy I now registered" and "I'm the new guy" or "I'm the new girl" spam posts. I was really diligent on this one and all the others, but this one is the one that caused me to unfortunately ban real, honest to goodness, members who had just joined up. I backed up a little off this one because I would rather zap a spam post that gets through and then ban the bot than ban real people who could be great, contributive members. *shrug* Sometimes you gotta' pick the lesser of two evils. Such is life. ;)
     
    cutecat22 likes this.
  7. Duchess-Yukine-Suoh

    Duchess-Yukine-Suoh Girl #21 Contributor

    Joined:
    Aug 29, 2013
    Messages:
    2,318
    Likes Received:
    750
    Location:
    Music Room #3
    Oh, that one. So annoying.
     
  8. thirdwind

    thirdwind Member Contest Administrator Reviewer Contributor

    Joined:
    Jul 17, 2008
    Messages:
    7,851
    Likes Received:
    3,339
    Location:
    Boston
    On the plus side, I don't see a lot of spammers these days, so kudos to the mods.
     
    Wreybies likes this.
  9. Wreybies

    Wreybies Thrice Retired Supporter Contributor

    Joined:
    May 1, 2008
    Messages:
    23,826
    Likes Received:
    20,815
    Location:
    El Tembloroso Caribe
    Thank you! That's very much appreciate. :) I'm sure I speak for @minstrel as well when I say that it's a boring, tedious, never ending task getting rid of bots. I like to think that diligent whacking at the bots as they came in finally made at least a few of the more prolific spambot sources look elsewhere.
     
  10. Cogito

    Cogito Former Mod, Retired Supporter Contributor

    Joined:
    May 19, 2007
    Messages:
    36,161
    Likes Received:
    2,827
    Location:
    Massachusetts, USA
    Although it's also fair to say it has talen its tolls on mods. More than one reached his or her limit during spam floods.
     
  11. DrWhozit

    DrWhozit Banned

    Joined:
    Nov 19, 2013
    Messages:
    580
    Likes Received:
    67
    Location:
    Close to Indy, USA
    It's ironic that this subject was just written into "The Good Wife" as a problem for getting injunctions. Your server, if they are dominated by Google, may be in a food chain position where they won't be able to set their own server functions to even let a captcha work at all. In reality, it may be dependent on how much you pay them and how much Gmail they allow to your particular site. Some hosts will use this as a way to rip off new website owners. This forum has been around long enough to resist, but nobody is totally safe.
     
  12. Macaberz

    Macaberz Pay it forward Contributor

    Joined:
    Nov 19, 2012
    Messages:
    3,143
    Likes Received:
    300
    Location:
    Arnhem, The Netherlands
    How much Gmail they allow to this site? Either I am overlooking the obvious, or you are throwing technical buzzwords at me with purpose of...impressing? I dunno, but I am a computer programmer, and what you just said made very little sense to me.
     
    Wreybies likes this.
  13. Duchess-Yukine-Suoh

    Duchess-Yukine-Suoh Girl #21 Contributor

    Joined:
    Aug 29, 2013
    Messages:
    2,318
    Likes Received:
    750
    Location:
    Music Room #3
    I am very deeply baffled and confuzzled by this statement.
     
    Macaberz likes this.
  14. DrWhozit

    DrWhozit Banned

    Joined:
    Nov 19, 2013
    Messages:
    580
    Likes Received:
    67
    Location:
    Close to Indy, USA
    b
    I had it happen to me. The host claimed Drupal compatibility yet claimed they could not change their server settings when my site was shut down because a series of Google bots spammed my site to no end when I had the captcha in place. Drupal support told me to fire my web hosting company.
     
  15. Macaberz

    Macaberz Pay it forward Contributor

    Joined:
    Nov 19, 2012
    Messages:
    3,143
    Likes Received:
    300
    Location:
    Arnhem, The Netherlands
    And configuring robots.txt wouldn't have helped? I trust your sincerity, but its a very odd story to say the least.
     
    Wreybies likes this.
  16. DrWhozit

    DrWhozit Banned

    Joined:
    Nov 19, 2013
    Messages:
    580
    Likes Received:
    67
    Location:
    Close to Indy, USA
    My programming experience is for the PC and not the web. on top of that, the question would be where? Knowing say... PhP very well might be a plus, but I work in Pascal and now Python mostly. I used to do Assembly and C/C++, but found that just focusing on OWL and Windows API is enough to keep a fellow busy whose primary job is physics, not programming.


    Unfortunately the food chain is more important than ethics. There are those out there who will sell out the little guy in a heartbeat. next time I try a dot something site, it'll be through a Front Page, wysiwyg type of site builder instead of online builders like Drupal and cpanel.
     
  17. Cogito

    Cogito Former Mod, Retired Supporter Contributor

    Joined:
    May 19, 2007
    Messages:
    36,161
    Likes Received:
    2,827
    Location:
    Massachusetts, USA
    robots.txt is useless against roque spiders. It is only effective with cooperating search engines.
     
  18. DrWhozit

    DrWhozit Banned

    Joined:
    Nov 19, 2013
    Messages:
    580
    Likes Received:
    67
    Location:
    Close to Indy, USA
    I find it eye-blinking shocking that the www has become this. It was originally created as a means for scientists to share their work. Since it has become a wonderful medium for all arts. Unfortunately we have so many who intrinsically have no intent but to rape the net itself and beyond. It seems that some of this is being done to further the art-of-hacking-for-hacking-art's-sake. Certainly the CIA wants to be able to decrypt something dangerous to us all, but when those algorithms leave the government sector, we have just reason to complain.
     
  19. Cogito

    Cogito Former Mod, Retired Supporter Contributor

    Joined:
    May 19, 2007
    Messages:
    36,161
    Likes Received:
    2,827
    Location:
    Massachusetts, USA
    Seriously? Any technology can be exploited, and there will always be some people who dedicate their time to doing exactly that.
     
  20. DrWhozit

    DrWhozit Banned

    Joined:
    Nov 19, 2013
    Messages:
    580
    Likes Received:
    67
    Location:
    Close to Indy, USA
    Exactly that. Well said. The trick we all hope to pull out of our hats is to keep a step ahead of it all.
     
  21. cutecat22

    cutecat22 The Strange One Contributor

    Joined:
    Feb 20, 2014
    Messages:
    2,780
    Likes Received:
    1,424
    Location:
    England
    Why do I suddenly have an image of you two playing a new version of the old fashioned whack-a-mole game but it's called whack-a-bot ...?
    LOL
     
  22. cutecat22

    cutecat22 The Strange One Contributor

    Joined:
    Feb 20, 2014
    Messages:
    2,780
    Likes Received:
    1,424
    Location:
    England
    There's good and bad in everything but when you stop and think about it, it's actually quite amazing just what we can get computers to do.

    Apart from in the field of robotics. I know we now have a robot that can actually run and walk up/down stairs (I watch QI) but I still think it will be a very long time before we are able to build something that can actually mirror human movements measure for measure.
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice