Jump to content

contacts page bot hackers

nadeemshafi9

By nadeemshafi9
in PHP Coding Help

 Share

Recommended Posts

nadeemshafi9 Advanced Member

nadeemshafi9

Posted
Posted

hi guys

 

i constantly get a bot trying it on with my contacts pages in some sites, it first does a file path injection attempt 5 or 6 times just on random page urls in my site i capture all of these and block them,

 

then it does a contacts page attack it attacks  which looks like this

 

nZTvOS lieacsxplwqv, crciyajsrbpc, [link=http://fupwozqfonds.com/]fupwozqfonds[/link], http://lhituuaajxzu.com/

 

the urls are made up but we fear that it may be temporary or it may be sennding out email

 

any ideas ?

 

im gona try and check the mail log or somthing any ideas on how to do that ?

Link to comment
https://forums.phpfreaks.com/topic/123236-contacts-page-bot-hackers/
Share on other sites
JonnoTheDev Regular Member

JonnoTheDev

Posted
Posted

There are plenty. I prefer to use my own as it is a security measure so no one else actually knows how it is working, rather than taking an off-the-shelf approach. Depends on your skillset really. You will need to make sure you have the GD libraries available on your php installation as you will be working with images.

nadeemshafi9 Advanced Member

nadeemshafi9

Posted
  • Author
Posted

There are plenty. I prefer to use my own as it is a security measure so no one else actually knows how it is working, rather than taking an off-the-shelf approach. Depends on your skillset really. You will need to make sure you have the GD libraries available on your php installation as you will be working with images.

 

i know how to use GD and PHP, how would i do this then ? if i was to wite it, i mean i used GD functions to manipulate images im not fully aware of its full capabilities, i coudlk emagine creasting a weak CAPTCHA in php by naming the alphabet images random numbers but that could be cracke easily by a bot, just out of curiosity could u give me a quick over view of the working using GD nothing complex just an idea. i will probably end up using a free b and backwards engineering it, but il never probs need to write it.

JonnoTheDev Regular Member

JonnoTheDev

Posted
Posted

For a bot to crack a CAPTCHA it needs to read the letters / numbers using OCR techniques. The weakest captchas are alphanumerics on a plain coloured background with little or no skew on their positioning. Even worse are those who think people are thick enough not to realise that the captcha code is stored in a hidden field in the HTML form. Check this out: http://www.afreearticle.com/signup.php

 

The best captchas use noise within the background and skew the characters. The actual code will be encrpted along with some kind of secret key so its impossible for a bot to decrypt this. When the page is reloaded it will change so there is no chance of grabbing, reading and submitting as the code will change. Your best bet is to download an implementation and then refactor. Some good ones found at http://www.phpclasses.org

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.