| Author |
 Topic  |
|
|
Panhandler
Average Member
USA
783 Posts |
 Posted - 09 April 2007 : 19:02:42
|
This user just signed up and is entirely inappropriate to the forum's special interest group.
I've not seen the error shown and wonder what's up?
Any ideas what is going on here?
|
"5-in-1 Snitz Common Expansion Pack" - five popular mods packaged for easy install
". . .on a mote of dust, suspended in a sunbeam. . ."
HarborClassifieds
Support Snitz Forums
|
|
|
daveo
New Member
97 Posts |
Posted - 09 April 2007 : 19:20:47
|
| add the catcha anti-spam like I did. Got rid of the bots that are signing up. You will find this account setup on thousands of forums if you google it. Lock or delete the account. |
http://copdforum.portalone.us/ |
 |
|
|
MarcelG
Retired Support Moderator
Netherlands
2625 Posts |
Posted - 10 April 2007 : 03:54:01
|
Panhandler: what's being processed on line 226 of your inc_func_member.asp?
It seems the spambot-registration has been completed with a value not being checked correctly, and I think we need to make sure that that does not happen more often. |
portfolio - linkshrinker - oxle - twitter |
Edited by - MarcelG on 10 April 2007 03:54:28 |
|
|
|
StephenD
Senior Member
Australia
1044 Posts |
Posted - 10 April 2007 : 04:29:27
|
| Beat me to it Marcel. |
|
|
|
Classicmotorcycling
Development Team Leader
Australia
2084 Posts |
Posted - 10 April 2007 : 04:46:24
|
I get the exact same spambot at one of my sites, even with the Anti-Spam Mod installed, so it reads the image that is generated and proceeds. I have the e-mail validation and notify Admin of the new registration and kill them off. The robot is passing some unknown data to the date field in the DOB, and can not grab my DB to check what it is, that is being posted, plus running out of time to do things I want to has stopped me from doing something sooner.
I will post later with the fix. |
Cheers,
David Greening |
|
|
|
pdrg
Support Moderator
United Kingdom
2897 Posts |
Posted - 10 April 2007 : 08:04:20
|
| probably trying to pass a date in the wrong format (european vs american) so it's posting March 31st as '1', '31' into the wrong fields (as there's no 31st month, just 12), so cdate function is borking? That would be the opening to my enquiries personally... |
|
|
|
Panhandler
Average Member
USA
783 Posts |
|
|
SPulley
Starting Member
USA
46 Posts |
Posted - 11 April 2007 : 14:58:52
|
This is more than a spam bot.. This user was created on my forum with Admin rights. I had to go into the database and manually change them down to a regular user. Anyone know how they are able to do this by just posting to register.asp? Here's the excerpt from the IIS log when the account was registered.
quote:
2007-04-08 07:18:54 89.149.205.145 - 205.208.253.36 80 POST /forum/register.asp mode=DoIt 200 3657 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1) - http://google.com
|
Have fun and be good!!
Shad Pulley
www.mylargescale.com/forum |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 11 April 2007 : 15:09:24
|
quote:
Originally posted by SPulley
This is more than a spam bot.. This user was created on my forum with Admin rights. I had to go into the database and manually change them down to a regular user. Anyone know how they are able to do this by just posting to register.asp? Here's the excerpt from the IIS log when the account was registered.
quote:
2007-04-08 07:18:54 89.149.205.145 - 205.208.253.36 80 POST /forum/register.asp mode=DoIt 200 3657 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1) - http://google.com
What forum version are you running?
Is there any more info on the log that we can use?
|
Snitz 3.4 Readme | Like the support? Support Snitz too |
|
|
|
SPulley
Starting Member
USA
46 Posts |
Posted - 11 April 2007 : 16:19:46
|
ruirib,
Check your email. |
Have fun and be good!!
Shad Pulley
www.mylargescale.com/forum |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
|
|
HuwR
Forum Admin
United Kingdom
20584 Posts |
Posted - 11 April 2007 : 17:25:47
|
quote:
Originally posted by SPulley
This is more than a spam bot.. This user was created on my forum with Admin rights. I had to go into the database and manually change them down to a regular user. Anyone know how they are able to do this by just posting to register.asp? Here's the excerpt from the IIS log when the account was registered.
quote:
2007-04-08 07:18:54 89.149.205.145 - 205.208.253.36 80 POST /forum/register.asp mode=DoIt 200 3657 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1) - http://google.com
You need to either update to the latest forum version, or apply ALL security updates since the version you have installed. |
|
|
| |
Topic |
|
Topic Locked
