Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: SPAM from the contact form  (Read 2186 times)

0 Members and 1 Guest are viewing this topic.

KchoPrro

  • Coppermine frequent poster
  • ***
  • Country: es
  • Offline Offline
  • Gender: Male
  • Posts: 294
    • Adolfo Ventas - Naturaleza Andaluza
SPAM from the contact form
« on: October 07, 2022, 08:41:55 am »

Hello friends;

I already had this SPAM problem with CPG 1.5.48. To solve it I had to disable the contact form.

Now I use CPG 1.6.20 and I have the same problem again, through the contact form (Active Capcha), I receive SPAM of this style (3 messages received yesterday):

Quote
This is a multi-part message in MIME format.

--b1_afafd8d8b6d2d88cac205c7aaeaf801e
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit

Este correo electrónico fue enviado a 6-10-2022 23:22:21 utilizando el formulario de contacto en xxxxxxxxxxxxxxxxxxxxxxxxxxx/contact.php desde la dirección IP 45.139.122.241
El Anónimo llamado "kimmt18" con la direccion de correo qy11@akio24.officemail.in.net dijo:
Sexy teen photo galleries
http://latinaamor.energysexy.com/?rayna
 ebony gay muscle porn free big women porn sites anil porn tube pain porn titles on cinemax nikki dial classic free porn




--b1_afafd8d8b6d2d88cac205c7aaeaf801e
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: 8bit

Este correo electrónico fue enviado a 6-10-2022 23:22:21 utilizando el formulario de contacto en xxxxxxxxxxxxxxxxxxxx/contact.php desde la dirección IP 45.139.122.241<br /><br />
El Anónimo llamado &laquo;kimmt18&raquo; con la direccion de correo qy11@akio24.officemail.in.net dijo:<br /><br />
<div style="border:1px solid black">Sexy teen photo galleries<br />
http://latinaamor.energysexy.com/?rayna <br />
 ebony gay muscle porn free big women porn sites anil porn tube pain porn titles on cinemax nikki dial classic free porn <br />
<br />
<br />
</div>

Any solution?  :-\
Logged

ron4mac

  • Administrator
  • Coppermine addict
  • *****
  • Country: us
  • Offline Offline
  • Posts: 1936
Re: SPAM from the contact form
« Reply #1 on: October 07, 2022, 12:31:03 pm »

There is a captcha plugin that may be useful. It is broken for PHP 8, though.  But maybe, if you PM the author, he will fix it.
Logged

KchoPrro

  • Coppermine frequent poster
  • ***
  • Country: es
  • Offline Offline
  • Gender: Male
  • Posts: 294
    • Adolfo Ventas - Naturaleza Andaluza
Re: SPAM from the contact form
« Reply #2 on: October 09, 2022, 09:32:24 am »

There is a captcha plugin that may be useful. It is broken for PHP 8, though.  But maybe, if you PM the author, he will fix it.

Thanks ron4mac. When I installed the plugin, it gave me problems. I have downgraded my PHP version to 7.4 and it has worked. I did some tests and everything is correct. I then upgraded the PHP version back to 8.1 and the plugin is still working fine. Now I just have to wait to see if this protection is enough.

Thank you  ;)
Logged

Joe Carver

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: us
  • Offline Offline
  • Gender: Male
  • Posts: 1527
  • aka 'i-imagine'
    • Home Page
Re: SPAM from the contact form
« Reply #3 on: October 11, 2022, 01:57:39 am »

I have started to take a look into updating the plugin. It might take some time though.

KchoPrro

  • Coppermine frequent poster
  • ***
  • Country: es
  • Offline Offline
  • Gender: Male
  • Posts: 294
    • Adolfo Ventas - Naturaleza Andaluza
Re: SPAM from the contact form
« Reply #4 on: October 12, 2022, 12:49:43 pm »

I have started to take a look into updating the plugin. It might take some time though.

Thanks @Joe Carver  ;)
Logged

Joe Carver

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: us
  • Offline Offline
  • Gender: Male
  • Posts: 1527
  • aka 'i-imagine'
    • Home Page
Re: SPAM from the contact form
« Reply #5 on: November 30, 2022, 01:09:23 am »

Here is a Beta-level plugin.

It has been tested with CPG 1.6.20 and PHP 8. It is still in need of some more work, for
config settings, language, etc. and has not been tested with ecards. One odd behavior is
that it sometimes reopens on the Reg page after failing the captcha occasionally.

Please reply if it isn't working for you.

KchoPrro

  • Coppermine frequent poster
  • ***
  • Country: es
  • Offline Offline
  • Gender: Male
  • Posts: 294
    • Adolfo Ventas - Naturaleza Andaluza
Re: SPAM from the contact form
« Reply #6 on: December 16, 2022, 08:25:33 pm »

Here is a Beta-level plugin.

It has been tested with CPG 1.6.20 and PHP 8. It is still in need of some more work, for
config settings, language, etc. and has not been tested with ecards. One odd behavior is
that it sometimes reopens on the Reg page after failing the captcha occasionally.

Please reply if it isn't working for you.

Thank you very much Joe. He apologizes for taking so long to respond.

I have installed the plugin and it works fine. I have not tried the eCard option, it is a feature that I have disabled in my CPG.

Attached the translation in Spanish (courtesy of Google). I have two doubts;

1- The plugin, once installed and added the reCAPTCHA keys, has no further configuration, correct?
2- Problem Solving CAPTCHA (problem_solving_captcha): v1.2 no longer works, should it be? I thought that both plugins could work simultaneously to strengthen security. In any case, if reCAPTCHA V2 is effective, it doesn't seem important that "Problem Solving CAPTCHA (problem_solving_captcha): v1.2" doesn't work, it will be easier for a user to contact using only reCAPTCHA.

Thanks for the work.
Logged

Joe Carver

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: us
  • Offline Offline
  • Gender: Male
  • Posts: 1527
  • aka 'i-imagine'
    • Home Page
Re: SPAM from the contact form
« Reply #7 on: December 19, 2022, 02:29:18 am »

You're most welcome. To answer:
  • Correct, no further configuration is needed.
  • Google only supports V2 & something called V3 now. Nothing about V1 is on the support pages now.

Thanks for the translation file, it will be added to the next release.

KchoPrro

  • Coppermine frequent poster
  • ***
  • Country: es
  • Offline Offline
  • Gender: Male
  • Posts: 294
    • Adolfo Ventas - Naturaleza Andaluza
Re: SPAM from the contact form
« Reply #8 on: December 23, 2022, 10:00:41 am »

You're most welcome. To answer:
  • Correct, no further configuration is needed.
  • Google only supports V2 & something called V3 now. Nothing about V1 is on the support pages now.

Thanks for the translation file, it will be added to the next release.

Thanks for responding, Joe.

Unfortunately, since I installed the plugin, SPAM has returned. Since December 18 these emails began to enter, practically one a day.

I guess the Google V2 capcha is not very difficult to crack for bored hackers with a lot of free time.

I will return to the previous protection with the phrases and answers, it seems more effective to me ;)
Logged

Joe Carver

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: us
  • Offline Offline
  • Gender: Male
  • Posts: 1527
  • aka 'i-imagine'
    • Home Page
Re: SPAM from the contact form
« Reply #9 on: December 27, 2022, 01:05:16 am »

Thanks for the report, unfortunately we are outnumbered in this fight...

  • There are bots/crawlers looking for submit buttons to deposit active / clickable links for SEO  and criminal distribution (like a squatting dog)
  • Search Google for reCaptcha Solving Service to see what we are up against

So, I invite you to try the quick and dirty mods to the plugin attached. It rejects any contact message that contains http or https. The error
message directs the user to go back and remove the text. No, this will not stop everything, but should make it somewhat more difficult for automated abuse.

The language is fixed within the codebase.php file. Look for those lines indicated at the top of the file. Again, this was done quick, but will be further developed
with the same applied to file Comments, where abuse gets incredibly bad.
Pages: [1]   Go Up
 

Page created in 0.042 seconds with 21 queries.