Spambots posting in threads

pakalolo

Toolbag v1.1 (candidate)
Staff member
Sure, we've been under attack by spammers for several weeks. For every one that successfully posts, I've deleted at least two that didn't complete registration. I think that a spambot starts an account but there has to be a human to confirm the process. They attack in the middle of the night my time (Eastern) so the threads stay up for a few hours. They are using VPNs that are also widely used by real members, so we can't just block their providers. Even if that would work, @vtac would have to do it and he's not available.

Moving this to Community Discussion where it belongs.
 

GreenHopper

20 going on 60
@pakalolo

I don't know if this is helpful or not but thought I'd pass on the intel.

Below is a Xenforo community forum thread that's quite old but I think relevant to this forums platform.

I'm assuming as mods you'll likely have access to the 'Options > Spam Management' features.

Block spam COMPLETELY with no addons

Might be worth a look.

Sorry if the info is out of data or irrelevant to the issue at hand.
 

tepictoton

Well-Known Member
Thanks for reply. Hope a way is found to stop this, first and foremost so the mods can spend their time moderating and not just deleting these fake accounts.

Guess it is not said enough, so I will just say thx moderators for keeping this place 'clean'
 
Yeah, that happens with boards. LOL

Most boards I visit are terribly under protected. We are using version 1.5.13 here and it has more than a couple exploits. A user with some hacking knowledge could easily escalate his privs to admin and look around the private forum and the mod forum to see what's going on. Then, return his privs to user and no one would know ;)

I'm sure the mods will clean it up.
 
Hackerman,

pakalolo

Toolbag v1.1 (candidate)
Staff member
@pakalolo

I don't know if this is helpful or not but thought I'd pass on the intel.

Below is a Xenforo community forum thread that's quite old but I think relevant to this forums platform.

I'm assuming as mods you'll likely have access to the 'Options > Spam Management' features.

Block spam COMPLETELY with no addons

Might be worth a look.

Sorry if the info is out of data or irrelevant to the issue at hand.

Thanks for the tip, but only @vtac has the powers needed to change those options.

@tepictoton, your gratitude is appreciated. Today was excessive.
 
!! No active administrator??? Really? That's not great. LOL

I was doing a little reading and this forum appears to be terribly out of date. If one of the mods want me to, I could probably escalate your privs to admin so you can clean this up.

Still, the forum needs upgraded to version 2.x. This version is still supported but I am reading more and more about weaknesses and exploits in this version.

And, https should be considered anyway. In case you haven't noticed, most forums have gone that way already.

Just keep hoping that no one here pisses off a decent hacker and they decide to shut the entire site down. I'll bet I could do it in less than 24 hours and I don't do much hacking any more. Someone with current knowledge of this program could probably do some serious damage... as well as stealing all the user data and passwords from the database.

(just a quick note on that topic to all users. Please do not use the same username and password from site to site. It is really bad practice. If an unprotected site gets hacked and your username and password are compromised, a good hacker will try those same un/pw combinations on ebay, paypal, and wherever they can get to your financial account info. If you are using the same un/pw combination at unprotected and weak sites as you are on paypal and your banking and credit card sites like Capital One, I suggest you change it.... today. LOL Just a word of caution from an old retired hacker... LOL)

Good luck.
 
Last edited:
This forum is so weak and full of exploits. I have tried to warn several mods about it but ......

These are just bots. If you all knew what I could do to this forum, you would totally freak out. And, it IS going to happen. Not IF.... WHEN.

I don't want to scare everyone but let me give some advice.....

Do NOT use the same username and password on weak sites like this as you use on eBay or Paypal or, heaven forbid, your banking sites. The first thing a hacker will do with your un/pw is try that combination at eBay, Paypal and Citicorp.

Let's take a theoretical situation. Let's say a new user with vast hacker experience joins here and buys a product that you all recommend. When he gets the item it is substandard and the new user posts here about it.

All the fan boys bash him and call him a liar. He gets pissed.....

OK, first thing he would do is escalate his account to admin. Real easy here. Then he would reduce all mods and admins privs to USER and then delete their accounts. SO, no mods to stop him now.

Then, just for kicks a favorite trick of mine was to make all members an admin. This was always fun as you would see the straight acting members like the guitar noodler reading everyone else's PM's LOL

Then, the database is downloaded and decrypted. There are web sites all over that specialize in storing hackers data for them so other hackers can share. Jorge's site's database is dumped and loaded there. I posted about that some time ago. This is why you see one bot got through and then he told the other bots so more came along within 20 minutes to an hour. If it's not stopped there will be more bots than members in a few days.

So, now all your personal data, all you private messages, all your posts info and data are out there for anyone to use.

I don't mean to be a scare monger but these things are all happening every day to sites everywhere. I used to do them just for kicks. There are still plenty of people out there doing this. Fact is, when you all pissed me off, you were only about 2 keystrokes from all this happening.

Just a word to the wise....

DO NOT use similar passwords at secure sites

DO NOT put personal information in Private Messages

DO NOT think you are secure on the internet. YOU'RE NOT.

Use common sense and remember what the internet is each time you use it. It can be a wonderful thing but it can also be a major nightmare. Just think if this forum were compromised and the database destroyed. Think of all the information that would be lost.

When was the last time the database for this forum was backed up?

Feel free to ask questions. I'll help in any way I can.
 
Last edited:

pakalolo

Toolbag v1.1 (candidate)
Staff member
I assume I'm doing right by reporting these Chinese spammers as soon as I see them in the morning. I do notice that they usually all get deleted within a short time after I report the new member spammer

Please continue to report them. We do examine every new registration but sometimes a spammer slips through and starts posting threads.
 
I always hesitate to report spam posts. If there have only been 2 or 3 views of the post, I will report it.

However, if there have been like 30 views, I hate to click the 'report' icon and report it because I feel like the mods have already received 20 reports already from the 30 viewer and me sending one more report is like spamming the mods. LMAO

Does that make sense? LOL
 

Magic9

Plant Enthusiast
Is it possible to remove the timer for reporting spam? When someone is posting a lot of spam, I have to wait X amount of time before reporting a new one. Does it even matter? Should I just report one of the messages since I'm assuming the account gets banned. Or is reporting them all beneficial?
 

pakalolo

Toolbag v1.1 (candidate)
Staff member
Is it possible to remove the timer for reporting spam? When someone is posting a lot of spam, I have to wait X amount of time before reporting a new one. Does it even matter? Should I just report one of the messages since I'm assuming the account gets banned. Or is reporting them all beneficial?

I didn't know there was such a timer. :o

Reporting one thread per spammer is enough. It doesn't matter if you report more than one, but it's not necessary. I don't know if that timer can be changed, but even if it can we won't have the ability to do it until @vtac returns.
 
Top Bottom