mtrp Posted March 9, 2010 Share Posted March 9, 2010 Hi guys I'm now working on php bot that can submit you website to many directory But the problem now is the Security Question like tihs How To avoid this Question because i want my bot to submit website Automatically without answer the question i Searched in google and found some threads that talk about Bypass Session so Is this true ؟ anyway i downloaded the directory script And found that it uses a simple Session Here is Session code for Add-Site,php Page > session_start(); if($_POST['code'] != $_SESSION['captchacode'] OR $_SESSION["captchacode"]=='') { tpl_header("Error"); if($showblocks == 1){ echo "<div class='indexw'> <table border='0' width='100%' id='AutoNumber10'> <tr> <td width='10%' valign='top'>"; right_blocks(); echo "</td><td width='80%' valign='top'>"; $ssss = "<div class='divmessage'>Error , Invalid Answer <a href='javascript:history.back(1)'>BACK</a></div>"; //tpl_table("ERROR",$ssss); echo "<fieldset> <legend><span class='aa'>ERROR</span></legend> <div align='center'>$ssss</div> </fieldset>"; echo "</td><td width='10%' valign='top'>"; left_blocks(); echo "</td></tr></table></div>"; }else{ $ssss = "<div class='divmessage'>Error.Please Try Agine <a href='javascript:history.back(1)'>back</a></div>"; echo "<div class='indexw'><fieldset> <legend><span class='aa'>error</span></legend> <div align='center'>$ssss</div> </fieldset></div>"; } Of course this is only captcha SECUIRTY question code not the entire page also there is another code in function.php page function addsite() { global $htmlorphp,$numbercharcomments,$typeaddcheck,$_SESSION,$textadd,$name_site; $text1 = rand(0,9); $text2 = rand(0,9); $text3 = "Type The Answer ".$text1." + ".$text2.""; $text4 = $text1 + $text2; $_SESSION["captchacode"] = $text4; if($htmlorphp==1){ $z = "insert-site.html"; }else{ $z = "add.php?action=insert"; } Can anyone help me to bypass the Session ? or is there is any other method to bypass the Security Question thanksHow To Bypass PHP Session To Avoid Security Question Quote Link to comment https://forums.phpfreaks.com/topic/194635-how-to-bypass-php-session-to-avoid-security-question/ Share on other sites More sharing options...
Adam Posted March 9, 2010 Share Posted March 9, 2010 Security like that is put in place to stop you doing what you're doing. Quote Link to comment https://forums.phpfreaks.com/topic/194635-how-to-bypass-php-session-to-avoid-security-question/#findComment-1023637 Share on other sites More sharing options...
aeroswat Posted March 9, 2010 Share Posted March 9, 2010 Security like that is put in place to stop you doing what you're doing. This... You are the type of people that create annoying ads and shit that are difficult to avoid. I wouldn't help you if you paid me Quote Link to comment https://forums.phpfreaks.com/topic/194635-how-to-bypass-php-session-to-avoid-security-question/#findComment-1023641 Share on other sites More sharing options...
mtrp Posted March 9, 2010 Author Share Posted March 9, 2010 why is that ? this is not a spam and i will use it for arabic project any webmaster Wishes to make his directory script bigger so whats wrong with this? anyway thanks guys i will Cancel this project please close the topic Quote Link to comment https://forums.phpfreaks.com/topic/194635-how-to-bypass-php-session-to-avoid-security-question/#findComment-1023646 Share on other sites More sharing options...
abazoskib Posted March 9, 2010 Share Posted March 9, 2010 its possible. not enough info given about it to determine exactly how Quote Link to comment https://forums.phpfreaks.com/topic/194635-how-to-bypass-php-session-to-avoid-security-question/#findComment-1023647 Share on other sites More sharing options...
aeroswat Posted March 9, 2010 Share Posted March 9, 2010 why is that ? this is not a spam and i will use it for arabic project any webmaster Wishes to make his directory script bigger so whats wrong with this? anyway thanks guys i will Cancel this project please close the topic It is spam. You are spamming sites that are looking for legitimate traffic. The sites you are "botting" are trying to get recognition to people that have websites with meaning. What you are creating is a bot that will let every tom dick and harry selling a penis pump or creating massive amounts of scamming sites easy access to spam the shit out of these websites. There is a reason why registration is not automatic at sites and that is because when it is abused it could have destructive consequences such as overloading the databases or a number of other things. Quote Link to comment https://forums.phpfreaks.com/topic/194635-how-to-bypass-php-session-to-avoid-security-question/#findComment-1023651 Share on other sites More sharing options...
mtrp Posted March 9, 2010 Author Share Posted March 9, 2010 It is spam. You are spamming sites that are looking for legitimate traffic. The sites you are "botting" are trying to get recognition to people that have websites with meaning. What you are creating is a bot that will let every tom dick and harry selling a penis pump or creating massive amounts of scamming sites easy access to spam the shit out of these websites. There is a reason why registration is not automatic at sites and that is because when it is abused it could have destructive consequences such as overloading the databases or a number of other things. As I said before This project for arabic site and the directory script am talkin about is arabic too The bot will be installed on one site and will never be sold about spammers Of course, there will be control over the visitors on the content of thier sites thanks for reply and sorry for bad english Quote Link to comment https://forums.phpfreaks.com/topic/194635-how-to-bypass-php-session-to-avoid-security-question/#findComment-1023659 Share on other sites More sharing options...
Adam Posted March 9, 2010 Share Posted March 9, 2010 any webmaster Wishes to make his directory script bigger Yeah mine is pretty big... By that are you referring to yourself or the tagret website's owner(s)? I fail to see how you scraping their website content makes anything better for them. The only thing you do is use their content to improve your own traffic... whilst adding annoyance to their users for being forced to go through some extra, completely unnecessary website just to see what they wanted. Update Fair enough you may have some-what decent intentions, but that doesn't change the fact that you crawling their website could easily cause them performance issues, whether you meant to or not. Quote Link to comment https://forums.phpfreaks.com/topic/194635-how-to-bypass-php-session-to-avoid-security-question/#findComment-1023661 Share on other sites More sharing options...
MadTechie Posted March 9, 2010 Share Posted March 9, 2010 Agreed, the Security Question was added to stop bots, so if you want to use a bot then your need to add a script to the sites you wish to use the bot on, other than that.. i won't help either harry selling a penis pump Oooow you got a link for on of these ?? (just kidding) Quote Link to comment https://forums.phpfreaks.com/topic/194635-how-to-bypass-php-session-to-avoid-security-question/#findComment-1023685 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.