Sciencemadness Discussion Board

Hey guys, I hacked in some code for a spambot trap. Just need Polverone to implement it.

Melgar - 26-8-2018 at 16:25

I have a virtual machine running here:

http://35.185.63.230:8080/smtalk/

It's using the test database. Try and register as a new user, and note the very last question it asks you.

I haven't written PHP in like ten years, and XMB apparently stores PHP code inline with text and HTML in the MySQL database, which makes modifying any part of its functionality really frustrating. My goal was to have all the changes occur in the member.php file so that Polverone wouldn't have to mess around with editing the contents of SQL tables, and could only drop in one file. The modified member.php file is here:

http://35.185.63.230:8080/member.php.txt

The original is here:

https://github.com/mattbernst/xmbforum/blob/master/member.ph...

I then learned that streety had coded a fix already, but it hasn't been implemented. Hopefully someone can get ahold of Polverone and get him to swap this file out. I basically just replaced the captcha string that was already there with a hardcoded one, then threw an error if the question isn't answered. So I guess now Polverone has two choices of fixes to implement? Either one would go a long way toward fixing this problem. I'm going to try emailing him, maybe. Does anyone know if the email in his profile here is right?

[Edited on 8/27/18 by Melgar]

diddi - 26-8-2018 at 18:56

i get "You have already registered today, you can re-register again in 24 hours."

wg48 - 26-8-2018 at 20:12

Quote: Originally posted by diddi  
i get "You have already registered today, you can re-register again in 24 hours."


I got the same error message.

I get the same massage no matter how I answer the question and now I can not connect the site.

I would think the spammer would just get the bot to answer the question, dont you need a question that is not know in advance?

[Edited on 27-8-2018 by wg48]

streety - 27-8-2018 at 03:35

Oops! :)

The way parts of the site is cached in the database took me a while to figure out as well. Quite a frustrating process.

There are now actually three implementations of this functionality. AndrewSmart posted a link on my pull request with an even more polished implementation.

The issue has been getting in contact with Polverone to get one of them deployed. He has not been seen on the forum in over a month. I haven't tried contacting him recently so please do send him an email, U2U, pull request etc. Hopefully he will see it.

Edited to add, since writing the mod for the forum I have written a script to monitor spam on the forum and have been adapting it to more aggressively escalate spam reports while operating on any computer. The idea being it would not need Polverone to be implemented.



[Edited on 27-8-2018 by streety]

Melgar - 27-8-2018 at 06:32

When spam is reported, it sends U2U messages to every single mod registered here. So if a mod came here after not being here for a while, they'd have thousands of new messages, which might not be a very nice thing to arrive to. So I wonder if that might be one of the things keeping Polverone away?

I couldn't figure out why that message kept being triggered in the code, since it even seemed to happen when I'd shut down the virtual machine entirely and start it back up. The code should only have been run if that value was greater than zero, but when I'd look at it in the database, it was always zero. It worked the first 1-2 times I tried it though, which is weird.

The spammers just use bots that use search engines that look for template text that common to XMB sites, then automatically register accounts there. I promise you, there is essentially zero human oversight. I did something similar at a bulletin board I used to run. The spambot software was even able to figure out captchas, but only when sites used the default fonts and backgrounds that came with the software. All I had to do was pull a few different fonts and background images off the internet, and that stopped virtually all of them immediately. Basically, any configuration that's unique to your site will stop them.

[Edited on 8/27/18 by Melgar]

Texium - 27-8-2018 at 06:41

Spam reports are usually automatically deleted with their associated threads, so Polverone's inbox shouldn't be too bad. I don't know why some refuse to be automatically deleted though.