Regarding Captcha

Just thought i'd mention, that Xrumer (the spam tool) is able to bypass the currently implemented captcha system so it won't prevent what happened the other day from reoccurring.

At the moment reCAPTCHA is the only one it can't break, although that might change with the Xrumer update today. It also bypasses those maths questions, and the mass PM spam feature got "enhanced" today so there will be more of that too.

My board got nailed with this current captcha, about 1k threads in 5 minutes

Just a heads up, feel free to lockaroo.

 

Can Xrumer bypass something like NoSpam?

 

Yes, it has character recognition and math solving. Also with todays Xrumer update it has:

Self learning, so even if the site runs an obscure captcha system it won't take much to train the tool.

Seems pretty hard to stop.

 

character recognition and math solving abilities aren't a problem for NoSpam.

If the forum is using multiple questions, the spammer has to manually go and answer questions on individual forums.

 

Not sure you understand, once it sees a question and answer once the character recognition knows and can then detect it and answer it every time.

So even if you have 50 questions, it won't take long at all to teach the tool the answers to them all. Even if you have 200 questions and only teach the tool 50, at the rate it can post even getting 1 in 4 correct it will still do a ton of damage.

NoSpam is no different to the Human Verification Manager built in to vB 3.7.X as default, see this. That was before todays update to Xrumer, which is far more advanced.

 

How about what is the value of pi, that way the bot will do the math and then fail cause it overworks itself trying to find the exact value of pi

 

Or.....getting it to find out what would win between a snake and a piecost!!!

 

lol that'd do it for sure

Or who has the most goats on Digital Point

 

Ok i'll bight, what's a pie... Nah just joking.

 

That's too easy...the answer is Buffalo!!!

 

Was your board also, VB?

~1 month ago there was a fascinating thread on http://community.mybboard.net/ about the newer versions of VB being overly prone to spam, while the free MyBB is not.
They linked to a thread on the VB forums which had people talking about all the recent attacks.

The mods at MyBB ended up closing the thread to be 'respectful' to VB.

## Is it possible that the current versions of VB are overly exposed to spam attacks, (YES), and a free alternative is better? (Maybe)

 

I think it's more to do with target audience, the amount of vB pages on the net compared to MyBB is likely to be 1,000s to 1.

The registration, and thread creation process are similar with both boards so Xrumer will spam to one just as well as the other. It's just spammers run queries like "niche + Powered by vBulletin" because it's a popular software that will pull a lot of results.

 

Not in the slightest, I bet you can use some of the exploits from an older version of vBulletin on MyBB, remember who copied who

 

Get rid of the captcha images plz

They are highly annoying
Don't protect from spam
And you need to refresh it a million times to read the dam thing, almost
Almost highly unfair on the visually impaired