Antibot Mod porting

Looking for a MOD? Have a MOD request? Post here for help. (Note: This forum is community supported; phpBB does not have official MOD authors)
Scam Warning
Locked
DreAdeDcoRpSE
Registered User
Posts: 196
Joined: Fri Dec 22, 2006 3:43 am

Antibot Mod porting

Post by DreAdeDcoRpSE »

Hello, I am coRpSE from the Evolutions Xtreme Nuke support and admin/mod writer/support over at clanthemes for the Nuke community, supporting RavenNuke and Nuke Evo Xtreme. Recently I have been contacted about porting my script called the Nuke Honeypot over so it would work with the phpbb3. I am guessing the captcha systems that come with this system has not been working for this person, which is not a surprise, because they have not been working great for us also. (ReCaptcha and other Captcha systems are being bypassed by a few bot systems). Even the "questions" can be bypassed for the most part.

Back about a year or so ago, I had originally developed a system of checks that had to be passed before proceeding. The checks were as follows:
  • Nuke Wait Script - This script puts in a function so if they click the "Continue" button to fast, it will kill there registration and stop them right in their tracks. Most bots will fill out the registration info within a few seconds, where a human will take between 25 - 60 seconds, if not more. So for the human aspect of it, there is a JS countdown timer over the "Continue" button that will tell them to please wait till the timer is done, then once the time is up, it will tell them they are okay to click the "Continue" button.
  • Hidden Form Field - This snip-it of a code that will be put in is a fake hidden form field. This hidden form field will remain blank and hidden to all users, if a bot answers the hidden question, it will again, stop him in his tracks and he will go no further.

    I also hid the code using JS because most bots which I been reading up and read the HTML aspect of input if it is hidden or not. I know I could have used CSS, but I wanted to make this as easy to install as I could with as little edits as possible.
  • Text Removal - This here is the latest addition to this script which puts in a section that has off to the left of it a flashing "Antibot" and the form field is pre-filled in with information telling them to "Delete All Of This Text!". I also named that field "company" in hopes that if a bot does remove the text, it will fill in the information with a company name or something. As long as there is something in that field, it will kill the operation and stop them in their tracks.
After I did the original concept of this on my site and found that it has stopped all bots that were attacking my site, I ended up getting with Noto from clanthemes, and him and I further developed the script that is available to the public to use on their nuke sites. We have since released it, only heard positive feed back. One example is a guy, he was getting constant attacks on his site, as he claims, it was about 30 - 50 per day, now has completely stopped since the installation of the HoneyPot. I have heard personally from over 100 people using this that it has helped them also, and that number grows every month.


The Request:
Now the request I am putting in is not really for me for I don't use phpbb3, and really have not looked at it since its release back when you guys had the triple disk failures and decided to release it, so instead of me trying to figure out the whole system and developing it, I figured it would be best to see if anyone that is familiar with the system like to take what I had made and port it over to work on phpbb3.

You can read more about it here: http://www.clanthemes.com/ftopicp-50989.html#50989

You can see a demo here working on my RavenNuke test site: http://www.headshotdomain.net/raventest ... _user.html

Overall, if you are interested in taking this on, feel free with using any portion of my code and feel free on taking full credits for it, I just ask to put a note that its based off the HoneyPot and let me know the outcome, if it ever gets done. It also has to remain free for all for it was developed to keep the communities stronger and safer from spam bots.

Feel free to contact me through http://www.clanthemes.com or my site, http://www.headshotdomain.net if you have any questions.

Master_Cylinder
Registered User
Posts: 761
Joined: Wed Jun 26, 2013 10:14 pm

Re: Antibot Mod porting

Post by Master_Cylinder »

I love the idea of stopping more spambots although blacklists (also stop some human spammers from registering/posting) and the NRU group (after the fact) does a pretty good job of that too.

I think that while it would help at first, if you have directions about waiting for timers and deleting text, that the bots will eventually be programmed to do just that like they're programmed to break bad/easy questions and captcha. Making a bot skip hidden fields should be trivial too, even if they don't do that yet.

Long term, the only really good solution is RBLs...

Another anti-spam MOD, in the meantime, won't hurt anything though... ;)

User avatar
Lumpy Burgertushie
Registered User
Posts: 67378
Joined: Mon May 02, 2005 3:11 am
Contact:

Re: Antibot Mod porting

Post by Lumpy Burgertushie »

nice work. I didn't know anyone was still using NUKE.

just so you'll know. each of those things you mention that your script does has already been worked out for phpbb3 and is available to users as a MOD.

however, the main thing that is working these days is a simple question and answer available in the default setup.

you just have to make it a good question that can not be guessed or one that has not been added to the BOT's lists of questions and answers.

if you can find the answer in google then it is no good. if it is a yes/no it is not good, if it is any kind of math problem it is no good, etc.

The most effective questions are something specific to the site or the subject of the site.


luck,
robert
I'm baaaaaccckkkk. still doing work on donation basis. PM your needs.

Premium phpBB 3.3 Styles by PlanetStyles.net

If nobody is in the forest, does a tree really fall?

DreAdeDcoRpSE
Registered User
Posts: 196
Joined: Fri Dec 22, 2006 3:43 am

Re: Antibot Mod porting

Post by DreAdeDcoRpSE »

Master_Cylinder wrote:I love the idea of stopping more spambots although blacklists (also stop some human spammers from registering/posting) and the NRU group (after the fact) does a pretty good job of that too.

I think that while it would help at first, if you have directions about waiting for timers and deleting text, that the bots will eventually be programmed to do just that like they're programmed to break bad/easy questions and captcha. Making a bot skip hidden fields should be trivial too, even if they don't do that yet.

Long term, the only really good solution is RBLs...

Another anti-spam MOD, in the meantime, won't hurt anything though... ;)
I find the black list, (RBLs), also blocks legit people for most black list use a IP ban and username ban, which, overall, sucks. Most IP's are dynamic so though one day they may be under one IP, then next, under a different, and eventually someone legit may have that IP that was blocks and guess what, they can't get on your site. I have also seen them start using proxy, so that could also cause some issues there. That's why I did with the Honeypot not to do any banning or blocking by username or IP, it just catches a failed response and stops them in the tracks. I watched a youtube video of someone that was showing what their bot program can do so they could generate more sales of the program, and that's when I saw that it was registering on sites in matter of seconds. It registered on 10,000 sites and made a post on each in 15 min. and that was with sites using captcha systems like re-captcha and other various ones out there.

Most bots what I have researched do skip hidden fields, that are using CSS to hide them. But most of them out there don't use JS so if you hide it with JS, then they will be visible to the bots. Granted, there are some that already considered that and make workarounds for that, that is why I put in 3 checks.

The timer and the text removal field are the two that I have noticed stops the most. I do know eventually, if it becomes mainstream way to blocking their software, then they will build in a system that will bypass it, but for now, what I have seen, it is not being used or being part of the bot system. Overall, it will be an endless battle between bot program developers and web developers.

Overall, the best way I can say how this system work is as follows, You fail any one of the 3 checks, it will bring you to the next page but instead of letting you continue, it will display a message saying you were blocks, and what for. It also writes your info to the DB where it records the username, real name, IP, email, that you tried using, as well as records the date and time, caught by, and what the reason was for. So if you did it to fast, it will say you were caught by the "Wait Script" and the reason would be "Submitted in 4 sec.". That is just an example.

All that info is visible in the ACP of the site so admins can see if there was a bot attack, and they want to proceed further, then they have the info that is needed to submit to a blacklist, or add them to their own blacklist.

Lumpy Burgertushie wrote:nice work. I didn't know anyone was still using NUKE.

just so you'll know. each of those things you mention that your script does has already been worked out for phpbb3 and is available to users as a MOD.

however, the main thing that is working these days is a simple question and answer available in the default setup.

you just have to make it a good question that can not be guessed or one that has not been added to the BOT's lists of questions and answers.

if you can find the answer in google then it is no good. if it is a yes/no it is not good, if it is any kind of math problem it is no good, etc.

The most effective questions are something specific to the site or the subject of the site.


luck,
robert
There are still allot out there that use nuke, but we only support Raven and Evo for those two have taken security to be a main factor in their CMS where the standard phpnuke has not. Though we do get the occasional phpnuke user, we try our hardest to get them to upgrade mostly for security reasons.

I don't follow what goes on here so I did not know if they were already in mods or not. I just was contacted by someone to see if I can port what I developed for the nuke community to phpbb3. But with me never actually using this system, it would take some time just to figure out how it works. The last phpbb I used was php v.2.0.21 if I remember right. Now that I know that there is already a bunch of stuff over here already, is there a specific link to a thread that contains a list of the mods?

I know about that question one, but, I have seen that cause more issue with legit people then not. The trick with that for the web owner to come up with a question that is not confusing or difficult for a human to answer correctly, but also on the other hand be something that can't be looked up. Problem with that is there may be actual humans that can't answer it or may have trouble answering it. Though the concept is sound, I have seen bots eventually get past them which would require you to create a new question, and sometimes, that's the trickier thing to do.

I also was looking at that a little bit, when you go to use that, can you also have that with one of the captcha systems also. It looked to me during the brief few seconds of looking over it, that it was one or the other. If that is the case, why not having several layers of protection than just one. I may be wrong on this so nobody bit my head off is I mis viewed this, like I said, I only looked at if for about 30 seconds. But at first glance, it, to me by default was one or the other, which sort-of defeats what your trying to do, which is stop bots.

Single layer security to me is poor practice, and having several layers is practical. I know on my main site, I have about 6 layers of protection from bots and hackers, (Not including the standard stuff with the CMS), most not visible to users, but work on the back end.

Master_Cylinder
Registered User
Posts: 761
Joined: Wed Jun 26, 2013 10:14 pm

Re: Antibot Mod porting

Post by Master_Cylinder »

I haven't had much a problem with false positives but a whitelist should take care of the few that popup. Of course where a person lives and the location/focus of the forum can make a difference too. If you run a forum in/for china/russia, for example, you wouldn't want blacklists.

Virtually anything that a human can solve a bot can be programmed to solve eventually. A blacklist of reported spammers is the only real solution. When it's too hard to spam because they're blacklisted everywhere they'll eventually give up because it won't be cost efficient to do it anymore.

User avatar
RMcGirr83
Recognised Extension Developer
Posts: 21034
Joined: Wed Jun 22, 2005 4:33 pm
Location: Your display
Name: Rich McGirr
Contact:

Re: Antibot Mod porting

Post by RMcGirr83 »

Master_Cylinder wrote:If you run a forum in/for china/russia, for example, you wouldn't want blacklists.
A blacklist of reported spammers is the only real solution.
Uhmmm, huh? I guess those that live in China and russia just shouldn't have forums then? :?
In times of change, learners inherit the earth, while the learned find themselves beautifully equipped to deal with a world that no longer exists - Eric Hoffer
Former Modifications/Extensions Team Member | My extensions
Appreciate the extensions/mods/support then buy me a beer
All requests for support via PM will be ignored

Master_Cylinder
Registered User
Posts: 761
Joined: Wed Jun 26, 2013 10:14 pm

Re: Antibot Mod porting

Post by Master_Cylinder »

RMcGirr83 wrote:
Master_Cylinder wrote:If you run a forum in/for china/russia, for example, you wouldn't want blacklists.
A blacklist of reported spammers is the only real solution.
Uhmmm, huh? I guess those that live in China and russia just shouldn't have forums then? :?
You're not even close. * personal attack removed *
Last edited by marian0810 on Sun Feb 09, 2014 8:01 pm, edited 1 time in total.
Reason: https://www.phpbb.com/rules/#respectful-posting

Locked

Return to “[3.0.x] MOD Requests”