[dokuwiki] [SOLVED] Re: Re: Plugin captcha -
- From: "K. Peter" <kp@xxxxxxxx>
- To: dokuwiki@xxxxxxxxxxxxx
- Date: Sat, 04 Feb 2017 12:20:55 +0100
On 2017-02-03 14:48, Andreas Gohr wrote:
This is fascinating... I looked for captcha solving plugins for chrome
and holy shit are there many. However there are two types of services.
Manual solvers which automate captcha solving by letting third world
users do it and automated solutions using OCR.
Both seem not to match the logs you have.
The leading manual solution seems to be anti-captcha.com which say
their average resolving time is 8.2 seconds. But there's only one
second between the img.php request and the following post. Too fast
for an API roundtrip with a human at the other end of the world
involved.
For automated solutions there's solvecaptchas.com who list their
success rates and for our captcha it should be at 80% maximum. That
means there should be logs of posts that do not result in spam.
If both solutions are not possible it would point to some kind of flaw
in the captcha that is exploited by your spammer.
Update - what I did and the results:
1. Changed the number of letters: no effect, after *one* failure the
spammer corrected it. Idea: make the numbers flexible (working on it)
2. added and removed fonts: absolute no effect.
3. renamed img.php, also in helpers.php: spammer needs ca. one hour,
than he uses the new filename (used img1.php - maybe it was to simple).
Possible workaround is to make the name of img.php flexible in
helpers.php (ok, crazy)
4. Change code of image.php so that it did not work as it should: this
interrupts the whole process so no comments are possible for everybody.
Stops the spam temporarily, but
5. Added some code to img.php to log all $_GET, $_POST, $_SERVER,
§_REQUEST: couldn't find any useful info yet. It was going to be
obsolete as I ...
6. Switched to SVG: Was taken some time, because I needed to rebuild
php. Good news: **IT WORKS** - at least until now. No spam comes
through, IMHO because img.php is no longer used. Spammer needs a new
technique, but looks like he is working on this.
Conclusion: Don't use the image captcha as with the state of now! The
spammer did successful create (semi-)automated spam posts. On failures
he inspected the Website and implemented corrections. I think the
spammer have some knowledge about dokuwiki. Usually I'm not but in this
case I'm a believer: The spammer didn't solve the captcha, he creates
it. However it was done. This spammer hacked another website of me a
while ago too, but than the successful attacks happens after more than a
minute (usually 2 -3 minutes). This was a well known attack by solving
the captcha.
Another weird thing I saw is, that with the image captcha the code
didn't change anymore. It was always the same for a page, and it was not
a caching issue with the browser. Perhaps it is a caching issue of
dokuwiki. Don't know, even I have ~~NOCACHE~~ inside the most pages. SVG
doesn't show such a behaviour.
@Andi: many thanks for your assistance! Now you can enjoy your weekend -
hopefully ;).
Kai
--
DokuWiki mailing list - more info at
http://www.dokuwiki.org/mailinglist
Other related posts: