Spambot detector (with the use of this API)

diabolic.bg · 2008-12-14 4:15 pm

Hi, MysteryFCM!
Today I again decided to test your detector. Now I have installed only your soft in usercp_register.php (phpbb). Today all works properly with http://temerc.com/Check_Spammers/check_spammers_plain.php?name='.$username.'&email='.$email.'&ip='.$ip
but again I see some problems. The project HoneyPot again blocked Google search bots as spammers. - http://fspamlist.com/checkspammers/?nam … bmit=check

How can I exclude project HoneyPot and Spamhaus from my checks?
Thanks in advance!

P.S. I lightly correct your code in emailer's row "From"

"From: " . $board_config['board_email'] . "\r\n" .

Best regards,
diabolic.bg

MysteryFCM · 2008-12-14 4:30 pm

To exclude the DNSBL just append the following to the querystring;

&dbl=no

For example

http://temerc.com/Check_Spammers/check_spmmers_plain.php?name=.$username.&email=.$email.&ip=.$ip&dbl=no

diabolic.bg · 2008-12-14 4:36 pm

MysteryFCM wrote:

To exclude the DNSBL just append the following to the querystring;
&dbl=no
For example
http://temerc.com/Check_Spammers/check_spmmers_plain.php?name=.$username.&email=.$email.&ip=.$ip&dbl=no

Thank you!
And now I will check only in fSpamlist and StopForumSpam? This is good!
I trust only human edited directory.

EDIT
The new

$fspamcheck = file_get_contents('http://temerc.com/Check_Spammers/check_spmmers_plain.php?name=.$username.&email=.$email.&ip=.$ip&dbl=no');

caused

Content Encoding Error
The page you are trying to view cannot be shown because it uses an invalid or unsupported form of compression.

EDIT2
But

$fspamcheck = file_get_contents('http://temerc.com/Check_Spammers/check_spammers_plain.php?dbl=no&name='.$username.'&email='.$email.'&ip='.$ip);

don't get error and maybe works properly. The time and the tests will show this.

Last edited by diabolic.bg (2008-12-14 6:59 pm)

andyh2 · 2008-12-15 2:35 am

Does anyone know how I can implement this into phpBB? I'd like to block spammer IPs completely off my forum. Thanks!

diabolic.bg · 2008-12-15 6:06 am

Integrating the spam filter into phpBB2 - http://temerc.com/forums/viewtopic.php?f=71&t=6181

@MysteryFCM, I have questions.
Why with code

$fspamcheck = file_get_contents('http://temerc.com/Check_Spammers/check_spammers_plain.php?dbl=no&name='.$username.'&email='.$email.'&ip='.$ip);

I get only spammers IP? If I make tests, all data are included.
Maybe I have an error in code?

And how can I send data in your spam base?

Last edited by diabolic.bg (2008-12-15 12:36 pm)

MysteryFCM · 2008-12-15 1:54 pm

Can you post whats being passed and returned?

echo 'Name: '.$username.'<br>Email: '.$email.'<br>IP: '.$ip.'<br>';
$fspamcheck = file_get_contents('http://temerc.com/Check_Spammers/check_spammers_plain.php?dbl=no&name='.$username.'&email='.$email.'&ip='.$ip);
echo '<br><b>Return: '.$fspamcheck.'</b>';

MysteryFCM · 2008-12-15 1:58 pm

diabolic.bg wrote:

And how can I send data in your spam base?

This will be an option in a future release

diabolic.bg · 2008-12-15 2:40 pm

MysteryFCM wrote:

Can you post whats being passed and returned?

echo 'Name: '.$username.'<br>Email: '.$email.'<br>IP: '.$ip.'<br>';
$fspamcheck = file_get_contents('http://temerc.com/Check_Spammers/check_spammers_plain.php?dbl=no&name='.$username.'&email='.$email.'&ip='.$ip);
echo '<br><b>Return: '.$fspamcheck.'</b>';

Sorry I don't understand what you want to post and how I must use the code.

diabolic.bg wrote:

The project HoneyPot again blocked Google search bots as spammers. - http://fspamlist.com/checkspammers/?nam … bmit=check
How can I exclude project HoneyPot and Spamhaus from my checks?

But now maybe it doesn't matter. After my last post (edit) I ponder over the scripts. In fact in my robots.txt for all search bots I disallow profile.php (this include profile.php?mode=register&agreed=true). And what will look for Googlebot in my usercp_register? Maybe this is masked spammer or hacker?

At the end I place your original code and now wait for real tests.

MysteryFCM · 2008-12-15 2:48 pm

You'd have needed to replace the original "$fspamcheck = " line, with the code posted previously.

If you've told Google not to access profile.php, then chances are high that it's someone trying to disguise themselves.

Last edited by MysteryFCM (2008-12-15 2:48 pm)

diabolic.bg · 2008-12-15 3:02 pm

Thanks for the quick answer!
I will keep your new code for next tests, if I have another doubts.

MysteryFCM · 2008-12-15 3:28 pm

No worries

diabolic.bg · 2008-12-15 5:54 pm

MysteryFCM, I want to tell you good news.
Before one hour I successfuly installed your Spambot detector on my site. With v.0.10 I don't have any problems with my PHP version as was before. This way I will be independent if I lose line to your site in any time. I got HoneyPot API too and all is OK.

Excellent work! Thank you!

MysteryFCM · 2008-12-15 6:09 pm

hehe nice one, cheers for letting me know

diabolic.bg · 2008-12-15 6:20 pm

This is the first real test. http://fspamlist.com/checkspammers/?nam … bmit=check

Mail to admin:

The following was blocked by the fSpamlist & StopForumSpam filter

Username:

Email:

IP: 89.222.193.71

What is your advice?

Now I wiil place this code:

echo 'Name: '.$username.'<br>Email: '.$email.'<br>IP: '.$ip.'<br>';
$fspamcheck = file_get_contents('http://xxxxxxxxxx.com/check_spammers/check_spammers_plain.php?name='.$username.'&email='.$email.'&ip='.$ip);
echo '<br><b>Return: '.$fspamcheck.'</b>';

Where I can see results?
EDIT
The result is:
Content Encoding Error
The page you are trying to view cannot be shown because it uses an invalid or unsupported form of compression.

Last edited by diabolic.bg (2011-09-09 8:25 am)

MysteryFCM · 2008-12-15 6:29 pm

Can you post a link to the code for your usercp_register.php file, or e-mail it to;

sfs AT it-mate DOT co DOT uk

diabolic.bg · 2008-12-15 6:45 pm

I have a doubt in another mod. I will check it and will post again later.

Last edited by diabolic.bg (2008-12-15 7:12 pm)

MysteryFCM · 2008-12-15 6:59 pm

No problem

diabolic.bg · 2008-12-15 7:13 pm

If I test the result is:
The following was blocked by the StopForumSpam filter

Username: occubrofs

Email: mail@mail.in

IP: 192.168.0.1 (I'm behind a router).

I think so:
In my board I have installed Unique Registration Hash.
MOD Description: This MOD changes the "agreed=true" part of the registration form to a unique identifier to help stop spam bots from registering.
The bot cann't click to agreed link and create hash.
If the bot place link http://wasteland-bg.com/phpbb2/profile. … greed=true (without the HASH) it cann't open register form but in this moment your detector scan his IP and send mail to admin.
But maybe I have a mistake.
This is a test from my friend - the nic is eneniaSap and mail: patrickztop@tmail.com from SFS BL. And again:

The following was blocked by the ProjectHoneyPot (127.6.7.1) Spamhaus (PBL - Spamhaus Maintained) filter

Username:

Email:

IP: xx.xxx.xxx.xx (I replaced IP).

Here is my usercp_register: http://wasteland-bg.com/usercp_register.txt

Last edited by diabolic.bg (2008-12-15 7:21 pm)

MysteryFCM · 2008-12-15 7:24 pm

The reason the e-mail doesn't contain the username and e-mail address is because they aren't being passed to the usual vars (in phpBB2 this is $username, passed via HTTP_POST_VARS['username']).

You need to find out how the mod is passing these if it's not using the usual vars. Once you know this, you could then change;

$username = $HTTP_POST_VARS['username'];
$email = $HTTP_POST_VARS['email'];

To;

$username = $HTTP_POST_VARS['username'];
$email = $HTTP_POST_VARS['email'];
if($username ==''){
    $username = {VAR_THE_MOD_IS_USING};
    $email = {VAR_THE_MOD_IS_USING};
}

MysteryFCM · 2008-12-15 7:35 pm

diabolic.bg wrote:

Here is my usercp_register: http://wasteland-bg.com/usercp_register.txt

I can't see anywhere in there where it's modifying or using something else, to store the username/e-mail.

I'll take a look at the mod itself and see if I can find out where it's storing it.

diabolic.bg · 2008-12-15 7:37 pm

Are you sure in this code? I get error:

Parse error: parse error in C:\xAmp\xampp\htdocs\phpbb2\includes\usercp_register.php on line 84

Are you need from my file any more?
If no, I will replace with another...

Last edited by diabolic.bg (2008-12-15 7:43 pm)

MysteryFCM · 2008-12-15 7:43 pm

What do you have on that line #?

diabolic.bg · 2008-12-15 7:47 pm

MysteryFCM wrote:

What do you have on that line #?

Where is it?
Sorry, maybe you see my replaced usercp_register.txt
Now again you can see the original.

Last edited by diabolic.bg (2008-12-15 7:48 pm)

MysteryFCM · 2008-12-15 7:53 pm

Line 84 on the current usercp_register contains;

!empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : getenv('REMOTE_ADDR') );

On the one with thre new code it should contain;

    $username = {VAR_THE_MOD_IS_USING};

If it's this causing it, check the {} aren't present and VAR_THE_MOD_IS_USING has actually been replaced with the var itself (e.g $mymodifiedvar).

diabolic.bg · 2008-12-15 7:58 pm

Sorry I don't understand you.
Give me the ready code please!

Last edited by diabolic.bg (2008-12-15 8:01 pm)

#51 2008-12-14 4:15 pm

Re: Spambot detector (with the use of this API)

#52 2008-12-14 4:30 pm

Re: Spambot detector (with the use of this API)

#53 2008-12-14 4:36 pm

Re: Spambot detector (with the use of this API)

#54 2008-12-15 2:35 am

Re: Spambot detector (with the use of this API)

#55 2008-12-15 6:06 am

Re: Spambot detector (with the use of this API)

#56 2008-12-15 1:54 pm

Re: Spambot detector (with the use of this API)

#57 2008-12-15 1:58 pm

Re: Spambot detector (with the use of this API)

#58 2008-12-15 2:40 pm

Re: Spambot detector (with the use of this API)

#59 2008-12-15 2:48 pm

Re: Spambot detector (with the use of this API)

#60 2008-12-15 3:02 pm

Re: Spambot detector (with the use of this API)

#61 2008-12-15 3:28 pm

Re: Spambot detector (with the use of this API)

#62 2008-12-15 5:54 pm

Re: Spambot detector (with the use of this API)

#63 2008-12-15 6:09 pm

Re: Spambot detector (with the use of this API)

#64 2008-12-15 6:20 pm

Re: Spambot detector (with the use of this API)

#65 2008-12-15 6:29 pm

Re: Spambot detector (with the use of this API)

#66 2008-12-15 6:45 pm

Re: Spambot detector (with the use of this API)

#67 2008-12-15 6:59 pm

Re: Spambot detector (with the use of this API)

#68 2008-12-15 7:13 pm

Re: Spambot detector (with the use of this API)

#69 2008-12-15 7:24 pm

Re: Spambot detector (with the use of this API)

#70 2008-12-15 7:35 pm

Re: Spambot detector (with the use of this API)

#71 2008-12-15 7:37 pm

Re: Spambot detector (with the use of this API)

#72 2008-12-15 7:43 pm

Re: Spambot detector (with the use of this API)

#73 2008-12-15 7:47 pm

Re: Spambot detector (with the use of this API)

#74 2008-12-15 7:53 pm

Re: Spambot detector (with the use of this API)

#75 2008-12-15 7:58 pm

Re: Spambot detector (with the use of this API)

Board footer