Welcome to Geeklog, Anonymous Saturday, December 21 2024 @ 08:57 am EST
Geeklog Forums
Possible Hackers
Page navigation
Status: offline
ronack
Forum User
Full Member
Registered: 05/27/03
Posts: 612
I uploaded it to the Hacks section but I don't see it there yet. It's called Simple GL Captcha
You can download it here until Dirk approves it on the site. Instructions included.
Image
You can download it here until Dirk approves it on the site. Instructions included.
Image
43
42
Quote
Status: offline
Dirk
Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Quote by ronack: You can download it here until Dirk approves it on the site. Instructions included.
I was slightly irritated that it's 3 MB. Approved now.
bye, Dirk
43
30
Quote
Status: offline
ronack
Forum User
Full Member
Registered: 05/27/03
Posts: 612
Yeah your right, Public_html would have been the right choice of words. Not the root of GL but the Root of your site. I'll put that in comments.
Sorry about the 3mb Dirk I gues those JS files are bigger than I thought.
Sorry about the 3mb Dirk I gues those JS files are bigger than I thought.
32
34
Quote
Status: offline
Benta
Forum User
Regular Poster
Registered: 03/11/05
Posts: 80
Quote by ronack:
Sorry about the 3mb Dirk I gues those JS files are bigger than I thought.
Sorry about the 3mb Dirk I gues those JS files are bigger than I thought.
No, the MBs come from the pictures.
I don't see it said anywhere in the CATCHPA files (but I am not a great reader), but I think that in order for the script to provide security against someone that has access to that (public) set of pictures and associated MD5s, one needs to remake the pictures and put in the new associated MD5s in the script.
44
38
Quote
Status: offline
eyecravedvd
Forum User
Full Member
Registered: 06/09/03
Posts: 152
I was recently hacked by those folks. At least I believe so they logged in using an r57shell script that hides under common file names in your directory most of them however start with a . which most FTP programs can't see.
I found them using SmartFTP.
I removed those two accts as well and banned the IP via my cPanel at my host.
Shane | www.EyeCraveDVD.com
I found them using SmartFTP.
I removed those two accts as well and banned the IP via my cPanel at my host.
Shane | www.EyeCraveDVD.com
33
35
Quote
Status: offline
andyofne
Forum User
Chatty
Registered: 08/31/02
Posts: 69
killerbee80@mail.ru added to the list. I think this person is simply signing up at various web sites and forums and posting a link back to another site with adult content with hopes of earning refferal credit. Not sure if that's really setting up for spamming or hacking but it's annoying just the same.
(I deleted the same account from two unrelated geeklog sites I run)
(I deleted the same account from two unrelated geeklog sites I run)
36
34
Quote
Status: offline
RichardTowler
Forum User
Chatty
Registered: 03/10/05
Posts: 49
Location:UK
Quote by samstone: I am getting this error after installing the Captcha:
Any idea?
Sam
document.xfrm.uword' is null or not an object
Any idea?
Sam
I'd like to bump this, as I get the same problem, but as I said in the comments, it works on the sign up page, no error , but not any other page on the website where the sign up page isn't on.
GameFaction - For All Your Gaming Needs
30
32
Quote
ironmax
Anonymous
I have been getting the same problem and finally dove into the problem with a bit of luck. Okay first remove the body onload statement line from the index.thtml file and save it off.
Current code used in Professional theme
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>{page_title}</title>
<!-- link rel="SHORTCUT ICON" href="{site_url}/favicon.ico" -->
<!--
<meta http-equiv="Pragma" content="no-cache">
-->
<link rel="stylesheet" type="text/css" href="{css_url}" title="{theme}">
</head>
<body onload="document.xfrm.uword.focus();">
{feed_url}
{plg_headercode}
{advanced_editor}
<script type="text/javascript">
function delconfirm()
{
Then goto your /layout/theme/custom directory where your memberdetail.thtml file is located and change it to whats list below. Notice the change for the body onload statement and placement of it.
<!-- This is an example template file for the Custom User Registration Feature -->
<!-- To be located under theme/custom directory - Example XSilver/custom/memberdetail.thtml -->
<body onload="document.xfrm.uword.focus();">
{startblock}
{message}
<div align="center">
<form action="{post_url}" method="post" name="xfrm" onsubmit="return jcap();">
<table width=500 border=0 cellspacing=0 cellpadding=0>
<tr>
This change will work and got rid of the script error messages on the bottom of the IE web browser or other browsers that display such messages.
Text Formatted Code
Current code used in Professional theme
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>{page_title}</title>
<!-- link rel="SHORTCUT ICON" href="{site_url}/favicon.ico" -->
<!--
<meta http-equiv="Pragma" content="no-cache">
-->
<link rel="stylesheet" type="text/css" href="{css_url}" title="{theme}">
</head>
<body onload="document.xfrm.uword.focus();">
{feed_url}
{plg_headercode}
{advanced_editor}
<script type="text/javascript">
function delconfirm()
{
Then goto your /layout/theme/custom directory where your memberdetail.thtml file is located and change it to whats list below. Notice the change for the body onload statement and placement of it.
Text Formatted Code
<!-- This is an example template file for the Custom User Registration Feature -->
<!-- To be located under theme/custom directory - Example XSilver/custom/memberdetail.thtml -->
<body onload="document.xfrm.uword.focus();">
{startblock}
{message}
<div align="center">
<form action="{post_url}" method="post" name="xfrm" onsubmit="return jcap();">
<table width=500 border=0 cellspacing=0 cellpadding=0>
<tr>
This change will work and got rid of the script error messages on the bottom of the IE web browser or other browsers that display such messages.
32
37
Quote
Joanna Glass
Anonymous
I was hacked and don't know how to fix it. I am sure it is a simple fix, but with my 11 month old son teething I just can't seem to get a quiet moment to get my head around it.
How can I fix it?
Jo
http://youpayless.com/
How can I fix it?
Jo
http://youpayless.com/
32
33
Quote
ironmax
Anonymous
Quote by Joanna Glass: I was hacked and don't know how to fix it. I am sure it is a simple fix, but with my 11 month old son teething I just can't seem to get a quiet moment to get my head around it.
How can I fix it?
Jo
http://youpayless.com/
How can I fix it?
Jo
http://youpayless.com/
Well Jo...would you enlighten us as to what your problem is and what makes you think that you got hacked? Please elaborate as to what happened and include any log portions that maybe relevent to this. We can't help if we don't know what happened.
I went to your site and it looked normal. The only thing I noticed was the script error message that I had previously had a fix for on my last posting. Follow that and your error script message should go away.
40
27
Quote
Status: offline
RichardTowler
Forum User
Chatty
Registered: 03/10/05
Posts: 49
Location:UK
is anyone else still getting these spammers sign up after installing this?
GameFaction - For All Your Gaming Needs
GameFaction - For All Your Gaming Needs
39
37
Quote
ironmax
Anonymous
I'm not getting them anymore, but then again, I've only had a few spammers, attempt to create an account on my site. But since captcha was installed, there's been no false signups at all.
36
33
Quote
Status: offline
RichardTowler
Forum User
Chatty
Registered: 03/10/05
Posts: 49
Location:UK
I'm getting like 1 every 2 days ish now, and some other random emails that I'm not sure about it, strange.
GameFaction - For All Your Gaming Needs
GameFaction - For All Your Gaming Needs
35
34
Quote
Status: offline
RichardTowler
Forum User
Chatty
Registered: 03/10/05
Posts: 49
Location:UK
unfortuatly they are increasing in numbers again, and using a more varied range of email addresses.
GameFaction - For All Your Gaming Needs
GameFaction - For All Your Gaming Needs
39
38
Quote
Status: offline
asmaloney
Forum User
Full Member
Registered: 02/08/04
Posts: 214
Quote by chiloso: me threee... when i see new members w/the .ru extension, i delete them from my site. also on my geeklog profile i've removed my site. who do you think is doing this?
chilso:
An easier way to do this is to simply block any signups from mail.ru. Go to system/lib-custom.php and add [or modify] the function custom_usercheck().
Something like this does the trick:
Text Formatted Code
function custom_usercheck ($username, $email){
$msg = '';
if ( stristr( $email, '@mail.ru' ) )
{
$msg = 'Due to the number of spam accounts created using this domain, we don't accept registration from <b>mail.ru</b>. If you would still like to sign up, either use a different email address or contact us. We apologise for any inconvenience.';
}
return $msg;
}
- Andy
27
38
Quote
Page navigation
All times are EST. The time is now 08:57 am.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content