Advanced search  


cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.

Pages: [1]   Go Down

Author Topic: SPAMBOTS WAR  (Read 2206 times)

0 Members and 1 Guest are viewing this topic.


  • Translator
  • Coppermine frequent poster
  • **
  • Offline Offline
  • Gender: Male
  • Posts: 107
« on: January 20, 2007, 07:32:14 pm »

Hi to all

now the new spambots are equips with OCR systems and normally read the content of the captcha.
I've a idea:
I've foud this experimental code and I trying it in order to hide the captcha content at the OCR.
This is like a "Scratch and Wins" system ;o)
But is necessary to find the way to integrate it in register.php in order to not be baypass.

Finally stop at the spambots registration?

some suggestion?

Main code:

Code: [Select]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<meta http-equiv="Content-type" content="text/html; charset=iso-8859-1">

<body bgcolor="#FFFFFF" text="#000000">

<form name="register" action="check.php" method="POST">
<input type="hidden" name="securcode" id="securcode" value="" />

<div align="center">
  <table border="1" width="394" height="180" bordercolor="#FFFFFF">
      <td width="197" height="71" valign="middle" align="center"><p align="center">
Scratch & Find your registration code</p>

      <td width="197" height="71" valign="middle" align="center" bgcolor="#808080"><script type="text/javascript" language="JavaScript" src="securelogin.js"></script></td>
      <td width="197" height="58" valign="middle" align="center">Insert your registration code</td>
      <td width="197" height="58" valign="middle" align="center"><input name="codice" class="boxgrande" value="" /></td>
      <td width="394" height="35" colspan="2" valign="middle" align="center"><input type="submit" value="Register" class="submit" onmouseover="this.className='submitover'" onmouseout="this.className='submit'" onfocus="this.blur()" /></td>

and .JS file content:

Code: [Select]
var box_larg = 80;
var box_alt = 15;
var chars = "0123456789abcdefghiklmnopqrstuvwxyz";
var string_length = 6;
var dotpos = 10;
var randomstring = '';
var stringa = '';

for (var i=0; i<string_length; i++) {
var rnum = Math.floor(Math.random() * chars.length);
randomstring += chars.substring(rnum,rnum+1);

stringa = randomstring;

function grattaevinci()
for(z = 0; z < (box_alt/dotpos); z++)
for(j = 0; j < (box_larg/dotpos); j++){
document.write("<img src='black.png' style='position:absolute;top:"+(z*dotpos)+";left:"+(j*dotpos)+";width:10px;height:10px;cursor:hand;' onmouseover='\"hidden\";' onmouseout='\"hidden\";'>");

document.write('<div style="position:relative;width:'+box_larg+';height:'+box_alt+';margin:5px 0;">');
document.write('<input type="button" value="'+stringa+'" onfocus="this.blur()" style="border-width:0;background-color:transparent;font:bolder 15px arial">');

document.getElementById('securcode').value = stringa;

Two external files "check.php" for the check of the registration code (not attached) and black.png for hide the registration code

Some suggestion or improvments?
Pages: [1]   Go Up

Page created in 0.017 seconds with 19 queries.