Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Ways to stop spam, detect robotic activity, and actually harm the spam trade, as well as how it works, how to circumvent filters, etc. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Manual Spamming Blogs
Posted by: rsnake
Date: July 18, 2008 08:52AM

Okay, this is my new favorite thing to hate:

83.26.205.84 - - [18/Jul/2008:05:48:06 -0500] "GET /blog/20070725/res-timing-attack/ HTTP/1.1" 200 14430 "http://www.google.com/search?hl=en&client=firefox-a&channel=s&rls=org.mozilla:pl:official&q=%22leave+a+reply%22&start=80&sa=N" "Mozilla/5.0 (Windows; U; Windows NT 6.0; pl; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14"

The part that's stupid about this is that it's manual. The person really is a real person, but instead of writing a robot like any normal person they are manually writing their comments. I've since changed some of the text on the page to make ha.ckers.org stop showing up in default text search queries like this, but still. So annoying!

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Manual Spamming Blogs
Date: July 18, 2008 12:59PM

I say we hunt him/her down tie them up and shove can after can of Spam down their throat and up their ass...but that's just me...

Options: ReplyQuote
Re: Manual Spamming Blogs
Posted by: thrill
Date: July 18, 2008 01:22PM

Well, if the economy dictates how low some people are willing to go, I think this type of thing is only going to get worse. :(

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote
Re: Manual Spamming Blogs
Posted by: Malkav
Date: July 20, 2008 04:14PM

manual spam, and manual captchas breakers are proliferating, and it's gonna be worse.

lagos. quickest growing city in nigeria. a whole lot of broadband access. a phat arsed unemployement curve. what should i do ? take the time and ressource to code a modular bot, to commentspam on blogs, with captchas breaking facilitie, liveid, openid, whatnotid compliance ? and loads of other stuff to take care of (hosting of campaign, using fast flux if possible to avoid being blacklisted, and blah and blih)
or i can take a bunch of guys, pay them $3 a day to manually spam with cheapodiscount early 90's computers on a shitload of blogs, all using paper listing.

as more cheap workforce will be accessible for these group, more mechanical turks will rise, the way sweatshops do moneyfarming for world of warcraft or such, and sell "10M GOLD CHEAP $19.95". (we are doomed, they're coming. oh noes !!11!!1!1!!!)

----------------------------------------------------------------------------------------------------------------

Those that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.
--Benjamin Franklin

Options: ReplyQuote
Re: Manual Spamming Blogs
Posted by: lpilorz
Date: July 21, 2008 12:18PM

It's worse than that. Recently I've been spammed with proposition of playing an online game where players compete who is faster in writing words from images. The funny thing is the game is paid. So people are actually paying to download the client and solve hunderds of CAPTCHAs for someone... ;)

Screenshot from the game site:
http://szybkitomek.pl/gfx/screenshot_full.jpg



Edited 1 time(s). Last edit at 07/21/2008 12:19PM by lpilorz.

Options: ReplyQuote
Re: Manual Spamming Blogs
Date: July 22, 2008 08:54AM

What a remarkable idea, Ipilorz.


Awesome AnDrEw - That's The Sound Of Your Brain Crackin'
http://www.awesomeandrew.net/

Options: ReplyQuote
Re: Manual Spamming Blogs
Posted by: Kyo
Date: July 26, 2008 05:05AM

Oh that's brilliant. It's just so... perfect

Options: ReplyQuote
Re: Manual Spamming Blogs
Posted by: rsnake
Date: August 02, 2008 09:29PM

Another one I got yesterday: 122.163.210.158 - - [02/Aug/2008:07:02:26 -0500] "GET /blog/20061207/orkut-email-address-disclosure/ HTTP/1.1" 200 11473 "http://www.google.co.in/search?hl=en&q=%2B%22Leave+a+Reply%22+%2B%22Name+(required)%22+%2BEmail+(required)&start=130&sa=N" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)"

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Manual Spamming Blogs
Posted by: Cagekicker
Date: September 24, 2008 06:52PM

Noob question incoming...and I know someone is bound to roll their eyes, but I ain't familiar with web app security much. :)

What does that string do exactly? I'm not asking for a technical breakdown of it,(unless you feel like throwing it into laymen's terms for me)...just what is it's purpose.

LOL. Sorry for my noobishness!

--------------------------------------------------------
Regarding gun carry laws: I'd rather be judged by 12 than carried by six...

Options: ReplyQuote
Re: Manual Spamming Blogs
Posted by: Malkav
Date: October 08, 2008 03:58AM

cage : it's an extract from an apache log. as you can see the method (GET) the url (/blog/20061207/orkut-email-address-disclosure/) and the http spec (HTTP/1.1). you have then the response from the serv (200, which is "ok"), the time spent servicing it, and then the referer (http://www.google.co.in/search?hl=en&q start=130&sa=N)

this is the interesting part : they come from a google search stating ""Leave a Reply"+"Name (required)"+"Email (required)""

hereby looking for site allowing freeform comments to post spam. (oh, and the last string is the user agent)

hope that helps :)

----------------------------------------------------------------------------------------------------------------

Those that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.
--Benjamin Franklin

Options: ReplyQuote
Re: Manual Spamming Blogs
Posted by: Cagekicker
Date: October 17, 2008 02:18PM

Thanks, Malkav! :)
Yeah, that does actually. Appreciate you taking the time to edumacate a nub. lol

--------------------------------------------------------
Regarding gun carry laws: I'd rather be judged by 12 than carried by six...

Options: ReplyQuote


Sorry, only registered users may post in this forum.