On Friday 11 August 2006 21:18, Al Musella, DPM wrote:
somehow set the referrer to be the action page.. but some set it to
Sending custom HTTP headers is trivial.
Referer should not be used as part of security.
the original form page also.. but the time never looks
right.. usually either 0
, 2006 9:18 AM
To: CF-Talk
Subject: RE: OT - Nice site I will recommend you to all my friends.
Tom or Andy,
Fill me in on this a little more. If I'm a hacker posting to a blog or
guestbook, what advantage is there to not waiting for the POST request to
return and googling for my text later? I'm
-
From: Brian Dumbledore [mailto:[EMAIL PROTECTED]
Sent: Friday, August 11, 2006 11:32 AM
To: CF-Talk
Subject: Re: OT - Nice site I will recommend you to all my friends.
One of my colleagues suggested a solution that almost works, On the form
page you have a form field which has the time when the form
, Inc.
[EMAIL PROTECTED]
615.370.1530 x737
--//-
-Original Message-
From: Bobby Hartsfield [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 10, 2006 4:55 PM
To: CF-Talk
Subject: RE: OT - Nice site I will recommend you to all my friends.
Once theyve ran it for a while
-Original Message-
From: Andy Matthews [mailto:[EMAIL PROTECTED]
Sent: Friday, August 11, 2006 8:10 AM
To: CF-Talk
Subject: RE: OT - Nice site I will recommend you to all my friends.
Ah...I gotcha. So they Google for the unique text they posted (on your site)
and if they find it, they know
: Friday, August 11, 2006 8:10 AM
To: CF-Talk
Subject: RE: OT - Nice site I will recommend you to all my friends.
Ah...I gotcha. So they Google for the unique text they posted (on your site)
and if they find it, they know that form is vulnerable?
Not only are they sneaky bastards, but they're lazy
On Friday 11 August 2006 14:17, Mark A Kruger wrote:
guestbook, what advantage is there to not waiting for the POST request to
return and googling for my text later? I'm trying to think of a scenario
where this would save time rather than waste time.
Because google do the indexing and
If you're not getting any text in the message it may be your naming
convention on the form
Nice site I will recommend you to all my friends. *is* the text.
That's why I was initially confused about this particular spam bot.
Seemed to serve no purpose.
I understand the bots that fill the
-Talk
Subject: Re: OT - Nice site I will recommend you to all my friends.
On Friday 11 August 2006 14:17, Mark A Kruger wrote:
guestbook, what advantage is there to not waiting for the POST request
to return and googling for my text later? I'm trying to think of a
scenario where this would save
Subject: Re: OT - Nice site I will recommend you to all my friends.
Having no link in the message of any kind threw me off at first. Why not
go ahead and try to post all the intended spam the first time around
instead of a two tiered attack? Twice the work to do it that way, right?
. unless there's
Don't most guestbooks or blogs automatically post the
message? Why would
you need to wait to check? Couldn't you check right away? I
must be missing
something.
I think it's because these guys are using software to post to thousands
of sites at once. It would be quite a job to manually go
On Friday 11 August 2006 15:02, Mark A Kruger wrote:
Don't most guestbooks or blogs automatically post the message? Why would
I think it is Blogger that goes so far as to say 'there may be a delay before
your message appears'
you need to wait to check? Couldn't you check right away? I must
Ah... I see... So they are now purchasing web forms... (sigh)
-Original Message-
From: Munson, Jacob [mailto:[EMAIL PROTECTED]
Sent: Friday, August 11, 2006 10:01 AM
To: CF-Talk
Subject: RE: OT - Nice site I will recommend you to all my friends.
Don't most guestbooks or blogs
One of my colleagues suggested a solution that almost works, On the form page
you have a form field which has the time when the form is loaded (now()), on
the action page, you make sure hte field exists, and then also see if now() now
is atleast 1-2 seconds more than the formfield value (hoping
I implemented something like that a few weeks ago ( checking time to
post and also the referrer) and it does help a lot... most of the bots
somehow set the referrer to be the action page.. but some set it to
the original form page also.. but the time never looks
right.. usually either 0
will recommend you to all my friends.
Nice site I will recommend you to all my friends.
Jezz, this is the newest spam that seems to be targeting my guestbook
and contact forms. 30 or 40 of them a day on one particular site! The
forms are all protected using various CF schemes and the spam doesn't
On Thursday 10 August 2006 14:52, Les Mizzell wrote:
Nice site I will recommend you to all my friends.
guess
It's a test to find vulnerable sites without bothering to wait for a POST of a
form to come back - just submit the request and check back at some future
point.
--
Tom Chiverton
, August 10, 2006 9:30 AM
To: CF-Talk
Subject: Re: OT - Nice site I will recommend you to all my friends.
On Thursday 10 August 2006 14:52, Les Mizzell wrote:
Nice site I will recommend you to all my friends.
guess
It's a test to find vulnerable sites without bothering to wait for a POST of
a
form
On Thursday 10 August 2006 15:44, Andy Matthews wrote:
What would they be waiting for?
Google to reindex the site.
--
Tom Chiverton
This email is sent for and on behalf of Halliwells LLP.
Halliwells LLP is a limited liability partnership
-Original Message-
From: Andy Matthews [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 10, 2006 10:44 AM
To: CF-Talk
Subject: RE: OT - Nice site I will recommend you to all my friends.
What would they be waiting for?
!//--
andy matthews
web developer
certified advanced
20 matches
Mail list logo
