Sciencemadness Discussion Board
Not logged in [Login ]
Go To Bottom

Printable Version  
 Pages:  1  2  
Author: Subject: abuse of member registration
vulture
Forum Gatekeeper
*****




Posts: 3330
Registered: 25-5-2002
Location: France
Member Is Offline

Mood: No Mood

[*] posted on 21-5-2004 at 06:10


I've deleted about three over the past week. So yes, I have the p0w4h! :P;)



One shouldn't accept or resort to the mutilation of science to appease the mentally impaired.
View user's profile View All Posts By User
Polverone
Now celebrating 18 years of madness
*********




Posts: 3164
Registered: 19-5-2002
Location: The Sunny Pacific Northwest
Member Is Offline

Mood: Waiting for spring

[*] posted on 1-6-2004 at 22:05


The spamming signups have been very strong the last couple of days! In addition to the usual porn and gambling sites, there's one site that's registering repeatedly to promote plain-text reviews of video games. If harm were to befall this site (www.kahovsky.com) it would bring me satisfaction.

Does anyone have an idea of how much bandwidth costs in bulk, and therefore how much (say) an automated script that repeatedly sucks down a spamming porn site might eventually cost said site?




PGP Key and corresponding e-mail address
View user's profile Visit user's homepage View All Posts By User
axehandle
Free Radical
*****




Posts: 1065
Registered: 30-12-2003
Location: Sweden
Member Is Offline

Mood: horny

[*] posted on 2-6-2004 at 01:43


Quote:

Does anyone have an idea of how much bandwidth costs in bulk, and therefore how much (say) an automated script that repeatedly sucks down a spamming porn site might eventually cost said site?

Not really, but I volunteer to DDOS the site since I have a flat rate, and perhaps even to write the download script.

I know one price though: I know the the look in the site owner's face when he sees the bill: Priceless.




My PGP key, Fingerprint 5D96 E09E 365D 1867 2DF5 C2FE 4269 9C19 E079 CD35

\"Verbing nouns weirds the language!\"
View user's profile View All Posts By User
Esplosivo
National Hazard
****




Posts: 491
Registered: 7-2-2004
Location: Mediterranean
Member Is Offline

Mood: Quantized

[*] posted on 6-6-2004 at 06:30


Admins check out this user: coriho1sa
He's a new member. Well check out his homepage :P. He seems another of those automated subscriptions from porn-sites.

[Edited on 6-6-2004 by Esplosivo]




Theory guides, experiment decides.
View user's profile Visit user's homepage View All Posts By User
vulture
Forum Gatekeeper
*****




Posts: 3330
Registered: 25-5-2002
Location: France
Member Is Offline

Mood: No Mood

[*] posted on 6-6-2004 at 06:46


He wasn't the only one. Deleted three users.



One shouldn't accept or resort to the mutilation of science to appease the mentally impaired.
View user's profile View All Posts By User
Reverend Necroticus Rex
Hazard to Others
***




Posts: 196
Registered: 15-6-2004
Location: Right behind you.......
Member Is Offline

Mood: Poisonous

[*] posted on 5-7-2004 at 12:17


I have my suspicion about these users, they all have similar porn sites for their homapage:mad: I agree with the earlier statement that URLs should maybe need approval from a mod, although as the bots never log in, I'm not too sure if it would work.

tuzik
sauna
korole
damerq
gymgym
syber3
rainerz
krasotkax

[Edited on 5-7-2004 by Reverend Necroticus Rex]


We seem to be getting many bogus users from the site teen-hard-porno.com and affiliates/subsections thereof, of all the bogus users I have noticed, 100% of them are coming from here, would it be possible to filter the string "teen-hard-porno" or something like in the users sites in the profiles so as to dissallow this site from clogging up the board?

[Edited on 7-7-2004 by Reverend Necroticus Rex]




The sun is shining on a brand new day
Blackened corpses burn where they were slain
Self-flagellation prompts him to confess, Bless me father, for I made this mess.
View user's profile View All Posts By User This user has MSN Messenger
JC
Harmless
*




Posts: 17
Registered: 1-8-2004
Location: Dis-united Kingdom
Member Is Offline

Mood: 85% H2O

[*] posted on 1-8-2004 at 12:15


Hi all.

I could mod the page so that there was a simple extra code to enter that would have to be entered to get the registration to work. Something simple, like "To register, enter the answer to the following sum. 4+3=" and have the answer checked against whatever random number was added to 4.

It would keep some of the Kewls out too, I guess.

I would need to be sent a copy of the registration page, as well as the new user creation script, both of which are going to be .php files.

/talk/member.php seems to be the one, actually.

JC
View user's profile View All Posts By User
vulture
Forum Gatekeeper
*****




Posts: 3330
Registered: 25-5-2002
Location: France
Member Is Offline

Mood: No Mood

[*] posted on 1-8-2004 at 12:25


And this would be the perfect cloak for a hacker to get his way into MSDB....

Certainly if this is your only post...




One shouldn't accept or resort to the mutilation of science to appease the mentally impaired.
View user's profile View All Posts By User
Blind Angel
International Hazard
*****




Posts: 845
Registered: 24-11-2002
Location: Qu├ębec
Member Is Offline

Mood: Meh!

[*] posted on 1-8-2004 at 13:17


PHP code isn't that hard to read, you just have to look or ask to someone who can code in PHP (if i can, surely some admin too) to detect fail
View user's profile View All Posts By User This user has MSN Messenger
MadHatter
International Hazard
*****




Posts: 1300
Registered: 9-7-2004
Location: Maine
Member Is Offline

Mood: Enjoying retirement

[*] posted on 1-8-2004 at 15:05
Type in the number you see


Blind Angel, you referred to the method that keeps out automatic
registration. I think it's a good idea if it can be implemented. It's bad
enough that my e-mail gets flooded with a rash of these damn things
along with the scams and other crap spam that no one cares about !
Now they want access to all forums ?




From opening of NCIS New Orleans - It goes a BOOM ! BOOM ! BOOM ! MUHAHAHAHAHAHAHA !
View user's profile View All Posts By User
JC
Harmless
*




Posts: 17
Registered: 1-8-2004
Location: Dis-united Kingdom
Member Is Offline

Mood: 85% H2O

[*] posted on 3-8-2004 at 13:55


I stand by my offer. I'm trustworthy. It would be a simple matter to tweak a few lines, but as for stealing passwords, well, I could put a mailto: into the code and trap any new registrations, sending them to somewhere else, but why would I bother?

Besides, all you do is a comparison of the before and after versions. Anything I changed would be really obvious, but I would comment it properly, and, since it's a trivial change and PHP is easy to read, I would be wasting my time to "try" anything.

Is this just because I never got banned from RS, unlike some people?

Edit: Actually, it's quite complex, this one. I can't find the exact place that generates the actual HTML output part, as it is built up from so many places. I've got the testing of the answer done, and the "error bounce" too. I just can't quite work out where to get the HTML inserted to ask the question!

I d/l'd the BB last night and it's installed on my laptop now, under Apache and MySQL.

[Edited on 4-8-2004 by JC]

Chemleo, well, Vulture seems very harsh, since I offered free help. He seems very upset that he got banned from RS, but it isn't anything to do with me. I objected to a few bans, then NBK2000 said that if I mentioned it again, I would be banned too. At that point, I left it alone.

As for quiz questions, well, I could ask anything - what are the suggestions? I would rather only have one or two smple questions, though - none of this "name this with DEAC Rules - W3F5OH3CH" stuff! ;)

[Edited on 4-8-2004 by JC]
View user's profile View All Posts By User
chemoleo
Biochemicus Energeticus
*****




Posts: 3005
Registered: 23-7-2003
Location: England Germany
Member Is Offline

Mood: crystalline

[*] posted on 3-8-2004 at 14:33


Well, you can download the forum software from xmb, do the modifications as you deem necessary, and then send it to Polverone.
It's then up to him whether to implement it or not, and to decide whether the code is safe or not.

But why bother? In my opinion the abuse of member registrations is not a problem enough to require immediate attention. Most members are still genuine.
And the spam I get... well it's my spam account anyway. A few more or less won't make a difference :)

>Is this just because I never got banned from RS, unlike some people?

I don't see the relevance. Surely little snides like that are not helpful to the discussion.. are they?

[Edited on 3-8-2004 by chemoleo]




Never Stop to Begin, and Never Begin to Stop...
Tolerance is good. But not with the intolerant! (Wilhelm Busch)
View user's profile View All Posts By User
Ramiel
Vicious like a ferret
****




Posts: 484
Registered: 19-8-2002
Location: Room at the Back, Australia
Member Is Offline

Mood: Semi-demented

[*] posted on 3-8-2004 at 16:46


I like the idea of a quiz like JC suggested. If I could put in my two pence, how about a chemistry related quiz, such as: "what is the name of this functional group ...". That would stop bot-registrations I guess, and also stop people who would register only to let us all in on a few secrets on making black powdar (sic).

- D




Caveat Orator
View user's profile View All Posts By User This user has MSN Messenger
JC
Harmless
*




Posts: 17
Registered: 1-8-2004
Location: Dis-united Kingdom
Member Is Offline

Mood: 85% H2O

[*] posted on 4-8-2004 at 08:00
Mission completed


Right, the edit is done.

I eventually sussed it out, the templates are actually stored in the database.

Right, here goes:

In "member.php" you want to insert the following code, on line 239 (after the bit about the username):


Code:
// JC edit to stop bot registrations // Added few lines to registration page (in database, Table xmb_templates, id= 87) to ask what is 3 + 4) if($botcheck != '7') { // If not '7' then tell them they got the password test wrong end_time(); $message = "< b>$lang_error:< /b> ".$lang_pwnomatch.""; eval("$header = "".template("header")."";"); eval("$error = "".template("error")."";"); eval("$footer = "".template("footer")."";"); echo $header; echo $error; echo $footer; exit(); } // End of JC edit


and then in the db, go to your forum database, and table xmb_templates. Select row 87, with name = member_reg (The name is important, rather than the number)
Hit edit, and scroll down to the line above $pwtd, then insert the following:

Code:
< !-- JC edit start --> < !-- bot jammer --> < tr> < td bgcolor="$altbg1" width="22%" class="tablerow" >Bot jammer - What is 3 + 4?< /td> < td bgcolor="$altbg2" class="tablerow">< input type="text" name="botcheck" size="2" maxlength="2" />< /td> < /tr> < !-- JC edit end -->
is the new entry.

Copy both sections into your editor of choice, and remove the spaces after every < or the code will not run (it was the only way to get it to display right here - I think the XMB code has a bug in the [ code] implementation) then it will work.

Obviously you can change the question to whatever you like, as long as the answer is 7. If you want to change that, the
if($botcheck != '7') {
bit should have the 7 changed to whatever. (Put it in single quotes for safety)
JC


[Edited on 4-8-2004 by JC]

[Edited on 4-8-2004 by JC]
View user's profile View All Posts By User
vulture
Forum Gatekeeper
*****




Posts: 3330
Registered: 25-5-2002
Location: France
Member Is Offline

Mood: No Mood

[*] posted on 4-8-2004 at 08:41


Quote:

Chemleo, well, Vulture seems very harsh, since I offered free help. He seems very upset that he got banned from RS, but it isn't anything to do with me. I objected to a few bans, then NBK2000 said that if I mentioned it again, I would be banned too. At that point, I left it alone.


Getting personal are we? First of all, I don't know any E&W member called JC, furthermore if I did, there are many other people here that aren't banned from RS and I don't throw vicious comments at them everyday like you just did.

Take a look at my post count at RS, then take a look why I was banned. Then kindly STFU before you say something that you might regret.

You really seem thrustworthy to me now, yes...*rolleyes* certainly because your loyalty to RS.

[Edited on 4-8-2004 by vulture]




One shouldn't accept or resort to the mutilation of science to appease the mentally impaired.
View user's profile View All Posts By User
JC
Harmless
*




Posts: 17
Registered: 1-8-2004
Location: Dis-united Kingdom
Member Is Offline

Mood: 85% H2O

[*] posted on 4-8-2004 at 14:42


No, just saying what I see.

Rightly or wrongly, you got banned. A hell of a lot of people did, many for no obvious reason. If it ever comes back, I might find myself not welcome there for saying this, on this board.

I nearly got banned when I suggested that if NBK disliked a certain thread about the issues that America seems to have with itself and others, he should just skip reading that thread. He didn't appreciate it.

I feel this place is a little more enlightened when it comes to people talking freely, in some ways.

I have seen your post count, and I am not trying to offend anyone.

I offered a little help with modding the board, which took me a few hours last night trying to get to grips with, and half an hour today when I realised what I had missed at 1am. I have offered my help in the most transparent way I can, that of clearly visible public review. Anyone who can read code can tell what the two small changes I made do, and that they are not harmful.

Besides, why would I want to fight a Belgian? I used to date a very pretty Belgian girl, and once took a *great* roadtrip there.

I only registered on this site after RS bought the farm, but I had visited a few times before. Regardless, I am not one to pick fights. Please accept my apologies. I perhaps ascribed incorrect motives to your response to my original post. Sorry.
----
I am Jack's Complete lack of suprise...
View user's profile View All Posts By User
Sarevok
Harmless
*




Posts: 33
Registered: 16-12-2003
Member Is Offline

Mood: No Mood

[*] posted on 4-8-2004 at 14:47


Don't be unjust, JC. Vulture is not upset about being banned from Roguesci. From ALL the people who got banned from there, he is one of the few who accepted it without getting upset.

[Edited on 4/8/2004 by Sarevok]




View user's profile View All Posts By User
JC
Harmless
*




Posts: 17
Registered: 1-8-2004
Location: Dis-united Kingdom
Member Is Offline

Mood: 85% H2O

[*] posted on 4-8-2004 at 14:52


That's why I apologise.

I realise that I ascribed the wrong motives to his comment about how I was untrustworthy.

I feel that is still unfair - I am unproven, not untrustworthy. I feel the difference is important.
View user's profile View All Posts By User
vulture
Forum Gatekeeper
*****




Posts: 3330
Registered: 25-5-2002
Location: France
Member Is Offline

Mood: No Mood

[*] posted on 5-8-2004 at 03:49


Ok, ok let's forget this little incident and carry on.

If the code works, fine. It's just that there are so many possible exploits for PHP code that I'm always a bit paranoid about such things.

Also, we once got hacked by a PHP (although remote) exploit. I like to err on the safe side.
It's just that a new poster to the board directly offering such help is usually too good to be true.




One shouldn't accept or resort to the mutilation of science to appease the mentally impaired.
View user's profile View All Posts By User
JC
Harmless
*




Posts: 17
Registered: 1-8-2004
Location: Dis-united Kingdom
Member Is Offline

Mood: 85% H2O

[*] posted on 5-8-2004 at 15:15


Ok, cool.

To go through the code really carefully:

The conditional statement if($botcheck != '7';) {
simply means that if the variable $botcheck is not equal to 7, run the code between the { } brackets.
The ' (single quotes) are to ensure nothing "clever" gets sent in and evaluated, should anyone hack the page.

The actual code between the curly braces is actually the password comparison code from just next to it in the script.

For the next part, that's just normal HTML. The < tr>< td> is a new table cell, and
< input type="text" name="botcheck" size="2" maxlength="2" />
is just the usual HTML for a new input cell. It's limited to a maximum length of 2 characters, in a length 2 box.
The < /td>< /tr> is just closing off the HTML.


For the record, the code for this board omits one important thing in the input sections checking code, which is rather dangerous, and on a mis-configured server could allow arbitary code to be executed. Of course, it would also allow me to get my proper username, since the single quote isn't allowed, but now I can, except my email address is bound to the username...

Who should I email/u2u about it?

Also, there is a slight oddity, in that I simply added the new variable, and didn't have to tweak any declarations. I'm not sure whether that's a problem or not. I can see that some variables are passed via the URL string, and so, now, someone looking at this bit of code could perhaps use that variable name to attack the system.

Of course, just tweak both the variables so they are the same, but new and hidden from everywhere else. :cool:

The code is freely available, as pointed out above, of course!




I am Jack\'s Complete lack of suprise...
View user's profile View All Posts By User
Haggis
Hazard to Others
***




Posts: 238
Registered: 1-12-2002
Location: Mid-America.
Member Is Offline

Mood: Lacrymating

[*] posted on 8-8-2004 at 21:56


Woo Woo!

Looks we got a 'maturehousewife' looking for some sweet chem action. Get her while she's still here!.

http://www.sciencemadness.org/talk/member.php?action=viewpro...




Great ideas often receive violent opposition from mediocre minds.
<b> <a href=\"http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xEE41A2B1\">PGP Key</a> </b> 0C0A 7486 B97F 92EE AE50 A98C A4F3 087E 8CE9 A782
View user's profile View All Posts By User This user has MSN Messenger
Esplosivo
National Hazard
****




Posts: 491
Registered: 7-2-2004
Location: Mediterranean
Member Is Offline

Mood: Quantized

[*] posted on 15-9-2004 at 06:29


Vulture, check out the latest guest - freepasswords. Seems to be another with those pretty websites.



Theory guides, experiment decides.
View user's profile Visit user's homepage View All Posts By User
vulture
Forum Gatekeeper
*****




Posts: 3330
Registered: 25-5-2002
Location: France
Member Is Offline

Mood: No Mood

[*] posted on 15-9-2004 at 10:03


freepasswords, xxxxxx69, xxxfree, nfsof4r, rreettt, bbw_lucker and nylonfeet have been deleted.



One shouldn't accept or resort to the mutilation of science to appease the mentally impaired.
View user's profile View All Posts By User
axehandle
Free Radical
*****




Posts: 1065
Registered: 30-12-2003
Location: Sweden
Member Is Offline

Mood: horny

[*] posted on 20-9-2004 at 11:16
ArrrrgggghhH!!!!


EDIT: Deleted


[Edited on 2004-9-20 by axehandle]




My PGP key, Fingerprint 5D96 E09E 365D 1867 2DF5 C2FE 4269 9C19 E079 CD35

\"Verbing nouns weirds the language!\"
View user's profile View All Posts By User
BromicAcid
International Hazard
*****




Posts: 3185
Registered: 13-7-2003
Location: Wisconsin
Member Is Offline

Mood: Rock n' Roll

[*] posted on 20-9-2004 at 13:51


I've come to the conclusion that it is really not necessary to tell the moderators when an automated service puts up a sex site. They all check though the list periodically and delete them without me adding to this thread.

And axe, wouldn't posting their web address in this thread serve the same purpose as them making their own profile, you know, by increasing the number of pages the adress is on and therefore increasing their google ranking?




Shamelessly plugging my attempts at writing fiction: http://www.robvincent.org
View user's profile Visit user's homepage View All Posts By User
 Pages:  1  2  

  Go To Top