Detecting XRumer

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • SykkBoy
    Jesus loves bacon
    • Feb 2001
    • 19969

    #1

    Detecting XRumer

    Our dating site has been getting hit pretty hard with profiles created by XRumer. I wouldn't care so much if they weren't so shitty ;-)

    Is there a way to detect XRumer? I'd like to be able to autoblock as soon as we start seeing the profiles come in.
    Support my new movie “The Second Coming”
  • Ferus
    Bye - Left to do stuff
    • Feb 2013
    • 4108

    #2
    Like most will say
    Take the time to create 15-20 Q/A and change them when the flood starts again.
    No point in investing $XXXX, in a golden solution sold by security-pushers

    Comment

    • SykkBoy
      Jesus loves bacon
      • Feb 2001
      • 19969

      #3
      It looks like that's the way we'll be going, I was just hoping someone might have a decent blocking solution or detection solution so we can write our own blocker.
      Support my new movie “The Second Coming”

      Comment

      • klinton
        So Fucking Banned
        • Apr 2003
        • 8766

        #4
        check out stopforumspam.org for latest XR IPs and used emails...

        as someone above posted, the only efficient and smart way is to post a some specific questions and answers...and change/ modify them from time to time

        Comment

        • Klen
          • Aug 2006
          • 32235

          #5
          Ferus suggestion sound quite fine to me,questions which can be answered by human only usually do the trick

          Comment

          • RazorSharpe
            Confirmed User
            • Aug 2001
            • 2238

            #6
            Originally posted by SykkBoy
            Our dating site has been getting hit pretty hard with profiles created by XRumer. I wouldn't care so much if they weren't so shitty ;-)

            Is there a way to detect XRumer? I'd like to be able to autoblock as soon as we start seeing the profiles come in.
            The solution we use (not a dating site):

            We create a hidden field named "email" and we generate the field name for the real email address on-the-fly. Most automated softwares will fill in the hidden field and won't know how to handle the real email field. The beauty of changing the field name per page load makes sure people can't just manually update their software. We use a combination of hash and time stamp. Works well for us ...
            Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning.

            Comment

            • sarettah
              see you later, I'm gone
              • Oct 2002
              • 14305

              #7
              Originally posted by RazorSharpe
              The solution we use (not a dating site):

              We create a hidden field named "email" and we generate the field name for the real email address on-the-fly. Most automated softwares will fill in the hidden field and won't know how to handle the real email field. The beauty of changing the field name per page load makes sure people can't just manually update their software. We use a combination of hash and time stamp. Works well for us ...
              That is quite a nice solution. Simple. Wish I had thought of that


              .
              All cookies cleared!

              Comment

              • _Richard_
                Too lazy to set a custom title
                • Oct 2006
                • 30991

                #8
                Originally posted by RazorSharpe
                The solution we use (not a dating site):

                We create a hidden field named "email" and we generate the field name for the real email address on-the-fly. Most automated softwares will fill in the hidden field and won't know how to handle the real email field. The beauty of changing the field name per page load makes sure people can't just manually update their software. We use a combination of hash and time stamp. Works well for us ...

                Comment

                • HerPimp
                  Confirmed User
                  • Mar 2006
                  • 1197

                  #9
                  Captcha does not work, for a penny people will type it out. Only use Q/A and get creative.

                  Comment

                  • AmeliaG
                    Too lazy to set a custom title
                    • Jan 2003
                    • 10663

                    #10
                    Originally posted by RazorSharpe
                    The solution we use (not a dating site):

                    We create a hidden field named "email" and we generate the field name for the real email address on-the-fly. Most automated softwares will fill in the hidden field and won't know how to handle the real email field. The beauty of changing the field name per page load makes sure people can't just manually update their software. We use a combination of hash and time stamp. Works well for us ...
                    Ooh, that is a nice elegant solution!
                    GFY Hall of Famer

                    AltStar Hall of Famer




                    Blue Blood's SpookyCash.com

                    Babe photography portfolio

                    Comment

                    • SDSimon
                      Confirmed User
                      • Aug 2002
                      • 140

                      #11
                      Originally posted by SykkBoy
                      Our dating site has been getting hit pretty hard with profiles created by XRumer. I wouldn't care so much if they weren't so shitty ;-)

                      Is there a way to detect XRumer? I'd like to be able to autoblock as soon as we start seeing the profiles come in.
                      Hi SykkBoy.
                      Would HTaccess work here?

                      >>>Winners WIN because they NEVER GIVE UP!<<<

                      Comment

                      • freecartoonporn
                        Confirmed User
                        • Jan 2012
                        • 7683

                        #12
                        Originally posted by RazorSharpe
                        The solution we use (not a dating site):

                        We create a hidden field named "email" and we generate the field name for the real email address on-the-fly. Most automated softwares will fill in the hidden field and won't know how to handle the real email field. The beauty of changing the field name per page load makes sure people can't just manually update their software. We use a combination of hash and time stamp. Works well for us ...
                        this

                        we used to do hidden field technique but very simple way.
                        create a hidden field name it email and check serverside.
                        if filled then its bot else human.

                        but yours looks pretty interesting., theres one downside i can think of , is that , people have to retype email at every visit.

                        another way use javascript to hide field
                        Last edited by freecartoonporn; 09-29-2014, 06:27 PM.
                        SSD Cloud Server, VPS Server, Simple Cloud Hosting | DigitalOcean

                        Comment

                        • RazorSharpe
                          Confirmed User
                          • Aug 2001
                          • 2238

                          #13
                          Originally posted by freecartoonporn
                          this

                          we used to do hidden field technique but very simple way.
                          create a hidden field name it email and check serverside.
                          if filled then its bot else human.

                          but yours looks pretty interesting., theres one downside i can think of , is that , people have to retype email at every visit.

                          another way use javascript to hide field
                          Well considering that this is a registration form, the user should essentially only be filling this form in once so "every visit" shouldn't really be an issue.
                          Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning.

                          Comment

                          • just a punk
                            So fuckin' bored
                            • Jun 2003
                            • 32393

                            #14
                            Originally posted by RazorSharpe
                            We create a hidden field named "email" and we generate the field name for the real email address on-the-fly.
                            Yep. I'm using the similar method on my sites since 2003. BTW, another good solution is to encrypt your signup form with JavaScript. It will stop 99% of spamboats that automatically searching for forms at your webpages.
                            Obey the Cowgod

                            Comment

                            • just a punk
                              So fuckin' bored
                              • Jun 2003
                              • 32393

                              #15
                              Also you can generate a special token (using the visitor's IP for example) and set it as a cookie when your registration form was visited. Then just check it when the form will be submitted. I was using this method long time ago to protect against so-called referrer spoofing. AFAIK this method is still being used by many high-trafficking websites like Pinterest.

                              Edit: Course ANY protection can be compromised but not by XRumer or regular spambots. The one will need to create a special software to bypass your protection. For example, this my WP plugin allows to automatically pin the post images to various pinboards including pinterest.com, sex.com and many others: http://www.cyberseo.net/xpinner/

                              Last edited by just a punk; 09-29-2014, 11:37 PM.
                              Obey the Cowgod

                              Comment

                              • freecartoonporn
                                Confirmed User
                                • Jan 2012
                                • 7683

                                #16
                                Originally posted by CyberSEO
                                Yep. I'm using the similar method on my sites since 2003. BTW, another good solution is to encrypt your signup form with JavaScript. It will stop 99% of spamboats that automatically searching for forms at your webpages.
                                wont this stop ppl from joining if their javascript is disabled ?
                                SSD Cloud Server, VPS Server, Simple Cloud Hosting | DigitalOcean

                                Comment

                                • just a punk
                                  So fuckin' bored
                                  • Jun 2003
                                  • 32393

                                  #17
                                  Originally posted by freecartoonporn
                                  wont this stop ppl from joining if their javascript is disabled ?
                                  Almost all sites now require JavaScript, so I don't see a problem with that. Even this board won't work as it should w/o JavaScript. Not even mention all these new responsive sites.
                                  Obey the Cowgod

                                  Comment

                                  • SykkBoy
                                    Jesus loves bacon
                                    • Feb 2001
                                    • 19969

                                    #18
                                    Originally posted by RazorSharpe
                                    The solution we use (not a dating site):

                                    We create a hidden field named "email" and we generate the field name for the real email address on-the-fly. Most automated softwares will fill in the hidden field and won't know how to handle the real email field. The beauty of changing the field name per page load makes sure people can't just manually update their software. We use a combination of hash and time stamp. Works well for us ...
                                    I like this, thanks

                                    Also, going to test out the Q/A
                                    captchas are pretty much useless and will just piss of actual users (although they're probably used to them by now)

                                    we're also working with dynamic membera area/login pages.
                                    Support my new movie “The Second Coming”

                                    Comment

                                    • Klen
                                      • Aug 2006
                                      • 32235

                                      #19
                                      Originally posted by SykkBoy
                                      I like this, thanks

                                      Also, going to test out the Q/A
                                      captchas are pretty much useless and will just piss of actual users (although they're probably used to them by now)

                                      we're also working with dynamic membera area/login pages.
                                      Yeah i get pissed every time when i see monstrosity known as re-captcha.

                                      Comment

                                      Working...