forum.easy-joomla.org
08. 01. 2010 02:16 *
Willkommen Gast. Bitte einloggen oder registrieren.
Haben Sie Ihre Aktivierungs E-Mail übersehen?

Einloggen mit Benutzername, Passwort und Sitzungslänge
Neueste Beiträge
Re: Parameters missing in install manifest created by EasyCreator 0.0.11 von ripper17 Gestern um 17:39
Re: EasyCreator 0.0.12 von ripper17 Gestern um 17:31
Die Seite kann nicht mehr angezeigt werden von Ramos1 05. 01. 2010 15:28
News:
Tutorials/Anleitungen rund um Joomla! oder
Filmchen herunterladen
 

 
 
    Übersicht   Hilfe Suche Spenden/Sponsors Impressum/Imprint Downloads Hauptseite Projects Tutorials Einloggen Registrieren  
Subject Statistics
Thema: SPAM even with EasyCaptcha enabled Replies: 22 posts
Gelesen 19916 mal 0 Mitglieder und 1 Gast betrachten dieses Thema.
Seiten: [1] 2   Nach unten
  Drucken  
Autor Thema: SPAM even with EasyCaptcha enabled  (Gelesen 19916 mal)
0 Mitglieder und 1 Gast betrachten dieses Thema.
Dietmar
Newbie
*
OfflineOffline

Ort: Oberhausen - Germany
Registriert seit: 01.04.08
Beiträge: 10



Profil anzeigen
« am: 02. 04. 2008 08:54 »

Hi,
I discovered following problem.

My guestbook is spammed - even with EasyCaptcha enabled. I use latest version of Jommla, Easybook and EasyCaptcha.

Below 3 SPAM actual guestbook entries "taken from the jos_easybook table". 


Rolex Replica Review [url=http://m.domaindlx.com/touchone/replica-rolex]Rolex Replica Review[/url] card credit debt eliminate ethically legally [url=http://m.domaindlx.com/touchone/eliminate-credit-card-debt]card credit debt eliminate ethically legally[/url] All Free Spam Blocker [url=http://m.domaindlx.com/touchone/spam-blocker]All Free Spam Blocker[/url]  ","2008-04-02 01:38:57",NULL,"1","555555","777777",NULL,NULL,NULL
"78","58.65.238.26","Nikib","","0",NULL,"http://m.domaindlx.com/topusasite/forclosure","1","
Fisher Wood Stove [url=http://m.domaindlx.com/touchone/wood-stoves]Fisher Wood Stove[/url] Window Blinds Edmonton [url=http://m.domaindlx.com/touchone/window-blinds]Window Blinds Edmonton[/url] Kitchen Cabinet Accessories [url=http://m.domaindlx.com/touchone/kitchen-cabinets]Kitchen Cabinet Accessories[/url]  ","2008-04-02 01:38:57",NULL,"1","555555","777777",NULL,NULL,NULL
"79","58.65.238.26","Hashbu","","0",NULL,"http://heartland.geocitie.../solidearthtop/forclosure","1","
Ground Dog Fence [url=http://m.domaindlx.com/touchone/dog-fence]Ground Dog Fence[/url] Metformin Combination Products [url=http://m.domaindlx.com/touchone/metformin]Metformin Combination Products[/url] Forclosures In Virginia [url=http://heartland.geocities.jp/solidearthtop/forclosure]Forclosures In Virginia[/url]  ","2008-04-02 01:38:58",NULL,"1","555555","777777",NULL,NULL,NULL
"80","58.65.238.26","Angelno","","0",NULL,"http://heartland.geocitie...edical-billing-and-coding","1","


Even the ratings (Bewertungen) are done. Spams entries were created within seconds.

Can you tell whats wrong?
Gespeichert

Kind regards - Viele Grüße
Dietmar
Dietmar
Newbie
*
OfflineOffline

Ort: Oberhausen - Germany
Registriert seit: 01.04.08
Beiträge: 10



Profil anzeigen
« Antworten #1 am: 02. 04. 2008 12:32 »

Hello again -
I want to share the settings I did for the guestbook - taken from table jos_menu

I even had "Publish new items" set to No - and new entries were made.

.....
show_logo=1
send_mail=1
entries_perpage=10
entries_order=DESC
support_bbcode=1
support_smilie=1
support_link=0
support_mail=
support_pic=0
wordwrap=1
maxlength=75
rating_max=5
show_rating=1
enable_log=1
show_mail=
require_mail=1
show_home=1
show_icq=1
show_aim=1
show_msn=1
show_yah=1
show_skype=1
default_published=0
badwordfilter=1
enable_captcha=1
add_acl=0
admin_acl=20
page_title=Guestbook
show_page_title=1
pageclass_sfx=
menu_image=-1
secure=0
....

Is there any way to debug (have the component write a logfile, if called) to see, whats going on??
Gespeichert

Kind regards - Viele Grüße
Dietmar
peterhob
Newbie
*
OfflineOffline

Alter: 37
Ort: Heerenveen (The Netherlands)
Registriert seit: 02.04.08
Beiträge: 19



Profil anzeigen WWW
« Antworten #2 am: 02. 04. 2008 17:04 »

They removed the Global Configurtion setting in RC2. The problem now is that
then you can only configure the guestbook through the menu item.

If an attacker removes the "&Itemid=..." from the link leading to you guestbook,
the attacker gets a form without captcha where he can submit entries without
any restrictions.

In short: a security risk which needs to be adressed urgently.

Gespeichert
forum.easy-joomla.org
« Antworten #2 am: 02. 04. 2008 17:04 »

all-inkl.com webhosting
 Gespeichert
Dietmar
Newbie
*
OfflineOffline

Ort: Oberhausen - Germany
Registriert seit: 01.04.08
Beiträge: 10



Profil anzeigen
« Antworten #3 am: 02. 04. 2008 22:04 »

yes - this could be an explanation.

But when I setup Joomla - I changed all SEO Settings (search Engine Friendly URLs, Use Apache mod_rewrite, Add suffix to URLs) to yes. So pages and links within my homepage are shown as <link>.html   -  no &itemid  is shown.

So my guestbook can be found at http://<myhomepage>/guestbook.html

I deleted the spam from the morning - but this afternoon 4 new ones were created and published. All at the same time 15:09

If I try myself - I cannot add an entry without entering the captcha code. And if I do  -the entry is not published - and if I hit the back button on the browser - all fields are emptied again - so how can there be 4 entries in one minute, different messages and published.

Gespeichert

Kind regards - Viele Grüße
Dietmar
peterhob
Newbie
*
OfflineOffline

Alter: 37
Ort: Heerenveen (The Netherlands)
Registriert seit: 02.04.08
Beiträge: 19



Profil anzeigen WWW
« Antworten #4 am: 02. 04. 2008 22:18 »

Although you made those changes to you SEO settings, your guestbook is still accessable on the following address:

http://<yourhomepage>/index.php?option=com_easybook&controller=entry&task=add

Give it a try and you will be able to enter a message without being checked with a captcha code.
« Letzte Änderung: 02. 04. 2008 22:23 von peterhob » Gespeichert
Dietmar
Newbie
*
OfflineOffline

Ort: Oberhausen - Germany
Registriert seit: 01.04.08
Beiträge: 10



Profil anzeigen
« Antworten #5 am: 02. 04. 2008 23:08 »

you are right - just tested it - the guestbook entries is created.
but an error pops up.

Fatal error: Unsupported operand types in /hp/aa/ag/il/www/joomla/libraries/joomla/application/router.php on line 141


Two more things I noticed and need to be looked at.
The guestbook entry is published right away and no email-message is sent.

Can development please confirm - they are working on this issue - so I can close this thread.

Thanks
Gespeichert

Kind regards - Viele Grüße
Dietmar
peterhob
Newbie
*
OfflineOffline

Alter: 37
Ort: Heerenveen (The Netherlands)
Registriert seit: 02.04.08
Beiträge: 19



Profil anzeigen WWW
« Antworten #6 am: 02. 04. 2008 23:46 »

You get an error? I'm using Joomla 1.5.2 and when I tried it, no error was shown.

The fact that you receive no e-mail message and that the entry is auto published is for the same reason that the captcha image is not shown. By not using the global configuration option Joomla provides, RC2 is wide open to abuse...

Gespeichert
Dietmar
Newbie
*
OfflineOffline

Ort: Oberhausen - Germany
Registriert seit: 01.04.08
Beiträge: 10



Profil anzeigen
« Antworten #7 am: 03. 04. 2008 08:01 »

yes - I receive an error. I use Joomla 1.5.2 as well.

I looked at the router.php - where the error is indicated.

The error is in function "function parse(&$uri)"

 $vars += $vars + $this->_parseSefRoute($uri);

Gespeichert

Kind regards - Viele Grüße
Dietmar
peterhob
Newbie
*
OfflineOffline

Alter: 37
Ort: Heerenveen (The Netherlands)
Registriert seit: 02.04.08
Beiträge: 19



Profil anzeigen WWW
« Antworten #8 am: 03. 04. 2008 09:14 »

@Development Team

Are you aware of this issue and can we expect a solution in the near future?
Gespeichert
peterhob
Newbie
*
OfflineOffline

Alter: 37
Ort: Heerenveen (The Netherlands)
Registriert seit: 02.04.08
Beiträge: 19



Profil anzeigen WWW
« Antworten #9 am: 03. 04. 2008 14:14 »

Quick and dirty fix:

 /components/com_easybook/views/entry/tmpl/form.php

 line 261:    if($this->params->get('enable_captcha', false))

 change to:   if($this->params->get('enable_captcha', true))

Note: This only works if EasyCaptcha is installed and enabled!
Gespeichert
Dietmar
Newbie
*
OfflineOffline

Ort: Oberhausen - Germany
Registriert seit: 01.04.08
Beiträge: 10



Profil anzeigen
« Antworten #10 am: 03. 04. 2008 17:27 »

thanks  Wink- a least a Captcha is forced to be added - so remote spamming hopefully is blocked.

But still - if I add an entry manually
opening http://<myhomepage>/component/easybook/entry/add.html
, it gets published right away and no info-mail is sent.

Instead - it trys to open http://<myhomepage>/component/easybook/easybook.html

and returns the error mentioned earlier

Fatal error: Unsupported operand types in /joomla/libraries/joomla/application/router.php on line 141
Gespeichert

Kind regards - Viele Grüße
Dietmar
peterhob
Newbie
*
OfflineOffline

Alter: 37
Ort: Heerenveen (The Netherlands)
Registriert seit: 02.04.08
Beiträge: 19



Profil anzeigen WWW
« Antworten #11 am: 03. 04. 2008 19:58 »

I tried to replicate your situation, by using the same SEO settings you use.

In my case there was no error shown, so I suspect that your server is configured differently. Maybe a different .htaccess file or a difference in PHP versions.

EasyBook jumping to guestbook.html after succesfully entering an entry is as it should be.

I am still trying to find out if I can set autopublishing to OFF by default and sending an confirmation mail to ON by default.

Gespeichert
David [snipersister]
Developer
Full Member
*
OfflineOffline

Registriert seit: 01.01.07
Beiträge: 111


Profil anzeigen
« Antworten #12 am: 03. 04. 2008 20:51 »

Hey guys,

I'm sorry for my late response, but I'm a little busy these days...

For me it seems to be that the easiest solution would be to "reintegrate" the "Global Preferences"-Button in the EasyBook. Thereby it would be possible again to adjust those global parameters which fixes the leak.

David
Gespeichert
Dietmar
Newbie
*
OfflineOffline

Ort: Oberhausen - Germany
Registriert seit: 01.04.08
Beiträge: 10



Profil anzeigen
« Antworten #13 am: 03. 04. 2008 21:40 »

Hi David  - if you believe - that reenabling the "Global Preferences" does the trick - then go for it.   ThumbsUp

I'll be one of the first - to test it.

Peter: If you need any further info about my joomla setup - just sent me a mail. Could it be an impact - that my provider only enabled PHP 4.4.2 ?
Gespeichert

Kind regards - Viele Grüße
Dietmar
Dietmar
Newbie
*
OfflineOffline

Ort: Oberhausen - Germany
Registriert seit: 01.04.08
Beiträge: 10



Profil anzeigen
« Antworten #14 am: 04. 04. 2008 07:58 »

Peter - just to tell you.
The hack changing the form.php did not help.
Lots of spam entries again tonight.

@David: So if you can please provide an interim release with the "Global Preferences" enabled as soon as possible
Gespeichert

Kind regards - Viele Grüße
Dietmar
Seiten: [1] 2   Nach oben
  Drucken  
 
Gehe zu:  


Audiovisuelle Filmanleitungen hosted by all-inkl.com joomladirectory.net joomla.org jahoart.eu joomla-in-berlin.de Joomla Toplist Spende/Donate
easy-joomla.org joomla.de webjobber.de snipersister-de xing.de
joomlacode.org joomlaos.de joomla24.com nik-it.de

Powered by MySQLPowered by PHP Powered by SMF 1.1.8 | SMF © 2006, Simple Machines LLC Prüfe XHTML 1.0Prüfe CSS
Seite erstellt in 0.339 Sekunden mit 27 Zugriffen.