Advertisement:

CAPTCHA BADLY BROKEN!

Aloittaja MAGNAWS, kesäkuu 12, 2011, 10:34:36 AP

« edellinen - seuraava »
Tulosta
Siirry alas Sivuja1
Käyttäjän toimet

MAGNAWS

kesäkuu 12, 2011, 10:34:36 AP
Folks,

It's happening on this site, as well.

Keep requesting a new CAPTCHA code ("Request another image" link).

It gives you the same one, over and over.

I just noticed this on our site, as we just got a flood of new spammers signing up.

I'm not sure the cause, but the result is predictable: hundreds of signups from Russian 'bots.

YogiBear

#1
kesäkuu 12, 2011, 10:44:59 AP
Welcome to SMF. :)

Same happens on my own v2.0 also. The point is CAPTCHA helps but isn't particularly effective in itself as so many spam sign-ups are manual anyway.

Best bet is look in the Customize section for anti-spam mods. Verification Questions is quite effective as anything which slows them down means they lose money. It's big business in the Far East to pay workers to sign manually to sites, activate the accounts, then the robots hit with a vengeance.
SMF v2.1.4  Mods : Snow & Garland v1.4, Simple Image Upload v2.0.0,  PHP  v.8.1

MAGNAWS

#2
kesäkuu 12, 2011, 10:52:51 AP
Well, if it's been doing this all along, then something changed in the last few days. Maybe the audio crack is the cause. I'll ask the admins to turn off the audio.

I never bothered to test. Whenever I refresh any other CAPTCHA, I get an entirely new string. This one is the same one, just new styling.

If that is the way it has always worked, it's a problem.

I'll look for other CAPTCHA mods.

Thanks!

Illori

#3
kesäkuu 12, 2011, 10:57:33 AP
i dont believe smf has a feature to enable/disable the audio on the CAPTCHA, and a lot of other CAPTHCA versions have been cracked as well. other types of anti-spam control needs to be used to be effective.

MAGNAWS

#4
kesäkuu 12, 2011, 11:00:28 AP
Thanks.

This is the first time there's been a problem in three years. It was very sudden. Something's changed. I know about the various CAPTCHA cracks, but this is different.

Thanks for the responses. We'll call this closed, accept the bad CAPTCHA in the default install, and figger out how we'll get around the issue.

Spammers suck.

MAGNAWS

#5
kesäkuu 12, 2011, 12:14:02 IP
Oy. I just looked at the code for the CAPTCHA.

I'm shocked it wasn't broken years ago. It simply re-uses the same code, over and over. A repeat 'bot can crack it in seconds. If you limit tries with the same code, it should significantly increase the security.
Tulosta
Siirry ylös Sivuja1
Käyttäjän toimet
Advertisement: