bbAntiSpam: Discuss how to stop web spam

The forum is retired.

bbAntiSpam Forum Index - phpBB spam - Textual Confirmation

Author Message
John Macdonald
Guest
Posted: Fri Apr 09, 2010 12:52 pm    Post subject: Textual Confirmation  
Hello. As you no doubt have heard already, your Textual Confirmation hack has recently been cracked by spammers. Do you have an update planned?
admin
Site Admin


Joined: 18 Apr 2006
Posts: 805
Location: Saint-Petersburg, Russia
Posted: Sat Apr 10, 2010 3:33 am    Post subject:  
Not, I haven't heard about it. And I'm not sure that the claim is true: there is nothing in Textual Confirmation to crack. Most likely, spammers just collected the most often used questions and answers, and use them.
_________________
Oleg Parashchenko, bbAntiSpam
Do you love our tools? Please sponsor further development!
John Macdonald



Joined: 12 Apr 2010
Posts: 3
Posted: Mon Apr 12, 2010 6:42 am    Post subject:  
That's interesting Oleg.

My Textual Confirmation worked perfectly until about 2 weeks ago and since then I get between 1 and 3 registrations a day from spammers which aren't filtered out (though I still get spammers that are filtered out as well)

I changed all the questions and that made no difference at all, not even on the day I changed them.
admin
Site Admin


Joined: 18 Apr 2006
Posts: 805
Location: Saint-Petersburg, Russia
Posted: Tue Apr 13, 2010 2:44 am    Post subject:  
Hi John,

I'm sad to hear that the spam registrations anyway come in. Is the tool cracked, or do you get manual submissions? I don't know. The both cases are unresolvable.

As an update, I'd suppose to try Advanced Textual Confirmation, which is installed also on this forum. I anyway get spam time to time, but I believe it is submitted manually, not by an automated program.
_________________
Oleg Parashchenko, bbAntiSpam
Do you love our tools? Please sponsor further development!
John Macdonald



Joined: 12 Apr 2010
Posts: 3
Posted: Tue Apr 13, 2010 8:01 am    Post subject:  
Hi again Oleg

Since you have no other similar reports and the registrations appear to be from bots, I'm working on the theory that someone is exploiting a loophole in the server of my hosting provider and has gained access to the forum database. First step: I've changed the db password - lets see what happens. Yesterday I had 5 spam registrations, today none so far - though they usually come in the afternoon or evening.

John
admin
Site Admin


Joined: 18 Apr 2006
Posts: 805
Location: Saint-Petersburg, Russia
Posted: Wed Apr 14, 2010 6:35 am    Post subject:  
Quote:
someone is exploiting a loophole in the server of my hosting provider and has gained access to the forum database.

Sounds intriguing. Hard to believe, but as long it helps, one can't reject this possibility.

Good luck!
_________________
Oleg Parashchenko, bbAntiSpam
Do you love our tools? Please sponsor further development!
John Macdonald



Joined: 12 Apr 2010
Posts: 3
Posted: Thu Apr 15, 2010 7:42 am    Post subject:  
I'm now down to one spammer a day - but that may be coincidence, it's only over 2 days. Time will tell...

I came up with the database theory because the spam registrations are already activated although I have set manual admin approval on new registrations.

Ok.