Antispam bypassed?

Get help with installation and running phpBB 3.2.x here. Please do not post bug reports, feature requests, or extension related questions here.
User avatar
axe70
Registered User
Posts: 83
Joined: Sun Nov 17, 2002 10:55 am
Location: Italy
Contact:

Antispam bypassed?

Post by axe70 » Thu Jul 19, 2018 12:25 pm

This question is little hard, i can't figure out if this is possible, but asking myself why this kind of behavior.
I see that i can change whatever i want into Spambot countermeasures settings,
but any kind i choose, included Google Recaptcha or Question & Answer, i get spam users registrations into phpBB.
This get me annoyed to see that exactly ever the same algorithm, find the way to break Spambot countermeasures (i can note this because kind of fake emails are +- ever with the same fake domain extension).

So asking to cool guys, if they know what happen and how to resolve.

Or i should think that there is a real person that every day like to register 5/6 fake accounts manually. That's not reliable ... or maybe yes, the world is full of stupids.
Best regards.

User avatar
Mick
Support Team Member
Support Team Member
Posts: 19723
Joined: Fri Aug 29, 2008 9:49 am
Location: Watching cricket probably . . .

Re: Antispam bypassed?

Post by Mick » Thu Jul 19, 2018 12:31 pm

Can we have a link to your board please?

You should be looking at the WP integration as well if thats what you’re using.
"The more connected we get the more alone we become" - Kyle Broflovski

There are no ‘threads’ in phpBB, they are topics.

User avatar
KevC
Support Team Member
Support Team Member
Posts: 68149
Joined: Fri Jun 04, 2004 10:44 am
Location: Oxford, UK
Contact:

Re: Antispam bypassed?

Post by KevC » Thu Jul 19, 2018 12:33 pm

The easy way to check if anything is being bypassed is to set the Q&A to ask people to enter a code, but have the only acceptable answer as something completely different.
Enter the code 123456 (but the only possible right answer is WHFURNOFCY)

More likely is that they are being solved.
Q&A works fine as long as you don't give it things you can find with a web search. So, don't ask maths questions, general knowledge, colours, etc. Ask something specific about your board such as what is in the logo.

All of the captchas with wobbly letters have been beaten now.
-:|:- Support Request Template -:|:-
Image
Cheap UK Hosting
"In the land of the blind the little green bloke with no pupils is king - init!"

User avatar
axe70
Registered User
Posts: 83
Joined: Sun Nov 17, 2002 10:55 am
Location: Italy
Contact:

Re: Antispam bypassed?

Post by axe70 » Thu Jul 19, 2018 12:34 pm

Yes! Iframed into wordpress:
https://www.axew3.com/w3/forum
full url not iframed:
https://www.axew3.com/w3/forums/index.php

User avatar
Mick
Support Team Member
Support Team Member
Posts: 19723
Joined: Fri Aug 29, 2008 9:49 am
Location: Watching cricket probably . . .

Re: Antispam bypassed?

Post by Mick » Thu Jul 19, 2018 12:40 pm

Yep, you’re Q&A is far too easy, you must not be able to google the answer. See Kevs reply above.
Mick wrote:
Thu Jul 19, 2018 12:31 pm
You should be looking at the WP integration as well
"The more connected we get the more alone we become" - Kyle Broflovski

There are no ‘threads’ in phpBB, they are topics.

User avatar
axe70
Registered User
Posts: 83
Joined: Sun Nov 17, 2002 10:55 am
Location: Italy
Contact:

Re: Antispam bypassed?

Post by axe70 » Thu Jul 19, 2018 12:47 pm

You should be looking at the WP integration as well
that's right ... i will
More likely is that they are being solved.
Q&A works fine as long as you don't give it things you can find with a web search. So, don't ask maths questions, general knowledge, colours, etc. Ask something specific about your board such as what is in the logo.
Yes i can imagine then i maybe have not too much fantasy.
The previous one was something like:
"What's the meaning of www" answer -> word wide web
"write the contrary of eefr" answer -> free
the actual is:
"You can see the sun on daytime, while you can see what by night?:" answer -> moon or MOON

i know maybe these are too easy ... ok i will try with something like the suggested ...
are days that i ask myself what would be a new way to fake any spammer ... but i know this is an hard answer that all would like to know.

User avatar
Mick
Support Team Member
Support Team Member
Posts: 19723
Joined: Fri Aug 29, 2008 9:49 am
Location: Watching cricket probably . . .

Re: Antispam bypassed?

Post by Mick » Thu Jul 19, 2018 12:54 pm

You could try Obscre Registration Code (SPAM stopper), it’s [RC] but I’ve been testing it for a couple of months and I’ve only had one spam attempt.
"The more connected we get the more alone we become" - Kyle Broflovski

There are no ‘threads’ in phpBB, they are topics.

User avatar
axe70
Registered User
Posts: 83
Joined: Sun Nov 17, 2002 10:55 am
Location: Italy
Contact:

Re: Antispam bypassed?

Post by axe70 » Thu Jul 19, 2018 1:05 pm

Ok maybe still is easy:

Code: Select all

If: 0=k and 1=a and 3=f and 4=e in what can be translated 3104?
thank @Mick, i'm sure it is working fine, i will try if in some day more i can't figure out a new way to resolve.
That's practically impossible maybe. Maybe not. I'm also thinking to some line of javascript that maybe will fire in a not common way that can't be bypassed. Really hard to imagine.

User avatar
KevC
Support Team Member
Support Team Member
Posts: 68149
Joined: Fri Jun 04, 2004 10:44 am
Location: Oxford, UK
Contact:

Re: Antispam bypassed?

Post by KevC » Thu Jul 19, 2018 1:26 pm

Now that's a clever one. Not seen people use that before. It would be good for you to post back your success/failure findings with that in a week or so.
-:|:- Support Request Template -:|:-
Image
Cheap UK Hosting
"In the land of the blind the little green bloke with no pupils is king - init!"

User avatar
axe70
Registered User
Posts: 83
Joined: Sun Nov 17, 2002 10:55 am
Location: Italy
Contact:

Re: Antispam bypassed?

Post by axe70 » Thu Jul 19, 2018 1:46 pm

Yes! thank you! But i like you, can imagine an easy code that can bypass it.
Maybe not still used, but still really easy to resolve.
It is necessary something different ... i'm thinking on it from days now ... but of course, still no solution in mind ...

User avatar
Kigana
Registered User
Posts: 18
Joined: Mon May 28, 2018 3:50 pm

Re: Antispam bypassed?

Post by Kigana » Thu Jul 19, 2018 2:18 pm

Ask something stupid that is easy for a human, but hard for a Computer:

You can see an apple, a cherry, salt and a lollipop on the table. Which of them does not taste sweet? (salt)

Time flies like an arrow, fruit flies like a banana. What is the normal color of that fruit? (yellow)

You have a box with a Rubic's Cube, a cork and a marble in it. You take out the marble. How many items are left inside the box? (two, 2)

User avatar
KevC
Support Team Member
Support Team Member
Posts: 68149
Joined: Fri Jun 04, 2004 10:44 am
Location: Oxford, UK
Contact:

Re: Antispam bypassed?

Post by KevC » Thu Jul 19, 2018 2:21 pm

That last one is unlikely to be effective. Things that need a number answer get beaten quickly as they'll try 0,1,2,3,4,5,6 without even blinking.

Colour questions traditionally are not good either as it's likely to be blue, green, red, yellow. There's only so many answers it's likely to be and they see the word colour in the question and just go with typical options.
-:|:- Support Request Template -:|:-
Image
Cheap UK Hosting
"In the land of the blind the little green bloke with no pupils is king - init!"

User avatar
axe70
Registered User
Posts: 83
Joined: Sun Nov 17, 2002 10:55 am
Location: Italy
Contact:

Re: Antispam bypassed?

Post by axe70 » Thu Jul 19, 2018 6:35 pm

good solutions ok, but also the problem is that maybe, not all users know the same language.
So hard questions can't maybe be understood by all immediately, if not using a translator, or the question need to be presented in different languages.
a cork and a marble
if i ignore what it mean in italian, i need to translate it before, that can still be ok as method. Some cms is coded to do this kind of work around.
But what i would like to be invented by someone, is a stupid easy thing, that can fake stupid spammers all the time.

User avatar
HiFiKabin
Community Team Member
Community Team Member
Posts: 3056
Joined: Wed May 14, 2014 9:10 am
Location: Swearing at the PC, UK
Name: James
Contact:

Re: Antispam bypassed?

Post by HiFiKabin » Thu Jul 19, 2018 6:38 pm

Have a look at this extension viewtopic.php?f=456&t=2468221

Working perfectly in testing both by myself and others

User avatar
John connor
Registered User
Posts: 1623
Joined: Fri Nov 14, 2014 5:14 pm
Location: U S Of A
Contact:

Re: Antispam bypassed?

Post by John connor » Fri Jul 20, 2018 1:55 am

There's all kinds of methods to the madness. I list two in my Sig below. In addition to that, check out CIDRAM at Github.

You may also want to ban all temp email sites. There are lists on the Internet. I've done just that as a layer. So not only do you have to bypass CloudFlare, CIDRAM, the Sortables captcha and the Stop Forum Spam IP query, you need to also have a valid email addy. And then all first time posts are held in moderation que. They don't even get that far. :lol: :lol: :lol:

Post Reply

Return to “[3.2.x] Support Forum”