[TAC] Fool Bot Honey Pot

[TAC] Fool Bot Honey Pot [Paid] 3.0.32

No permission to buy ($29.00)
Overview Updates (79) Reviews (28) History Discussion
autofills are avoided, we use AUTOCOMPLETE = "off", but not all managers abide by automcomplete=off, so on form submission we also reset hidden password fields, email and username via JavaScript

Can you click the row and see what hidden field was altered (and what the value was if it isn't sensitive)

It's quite hard to get caught if you are a human, even if you alter the hidden fields manually (unless you alter one of the fields I don't reset with JavaScript)
 
Last edited:
tenants updated FoolBotHoneyPot Bot Killer: Spam Combat with a new update entry:

ie fix and list cached (locked out ips)

  • Fixed an issue in EI related to fake z-index of real fields not showing
  • We now use caching mechanism (similar to DeDos) and do not need to use _preDispatch, since we check the cache earlier with init_dependencies
  • We now list all of the locked out ip addresses (similar to DeDos)
Click to expand...

Download from here:
http://www.surreyforum.co.uk/thread...stering-with-a-custom-registration-page.1621/

Read the rest of this update entry...
 
tenants said:
autofills are avoided, we use AUTOCOMPLETE = "off", but not all managers abide by automcomplete=off, so on form submission we also reset hidden password fields, email and username via JavaScript

Can you click the row and see what hidden field was altered (and what the value was if it isn't sensitive)

It's quite hard to get caught if you are a human, even if you alter the hidden fields manually (unless you alter one of the fields I don't reset with JavaScript)
Click to expand...


Thanks for the info - here's the details on the hidden field that he altered:

Altered Hidden Fields
7d89053abbc7968dd3 => cdru

Registration Errors
fbhp => foolbothoneypot_sorry_youve_been_detected_as_an_automated_program
 
@kontrabass Do you know what cdru is?
It looks like part of their email.

I suspect they have tested your registration page by looking at the source (with firebug / other) then filled one of the fields.
Only filling one field also suggests this (password managers usually populate combinations username/pass/ and sometimes email address)

Even when using password managers, fbhp will avoid detecting you as a bot.

They are using FireFox and have JavaScript enabled, so it can't be any of the hidden fields managers usually populate (password/email/username), since we reset these with javasctipt on form submission.

It's a later hidden field (dob/gender/timezone), no managers should alter these. Email them and ask them what happened (I'm expecting coyness from altering hidden fields).

Although, it could still be a genuine issue of a manager altering dob/gender/timezone, but auto populating it with the first part of the email seems strange (it would have raised a warning via the core validation anyway)

If they reply and have used a manager, can you let me know which one so that I can test it (I've tested a few and had no issues, the hidden fields just get reset)
 
Last edited:
Floyd R Turbo said:
tenants, I went to Surrey Forum and it looks like you updated the 2.3.06 file but the 2.4.05 is still older?
Click to expand...

I'm not sure I understand, which file do you mean, do you mean the zip files?
2.4.05 is the latest version of FBHP.
2.3.06 was the last stable version where no bugs were found / reported (This one is older, but it's left there for people that prefer / need this version).

The first attachment in this thread is version 2.4.05
http://www.surreyforum.co.uk/thread...stering-with-a-custom-registration-page.1621/
 
I was looking at the "last edited" dates and saw that the second post was edited today, while the first post had 3/30. I thought if you had edited the post and changed the attachment it would say today so I was confused, that's all.
 
Oh I see, no, I just used an admin account.
I don't honestly always look if I'm editing silently or not ;)
 
After install this mod latest version(2.4.05) I have server error, and registration is failed all times.
Code: 
Server Error
preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead

Code: 
PHP 5.5.13 (cli) (built: May 29 2014 05:46:58)
Copyright (c) 1997-2014 The PHP Group
Zend Engine v2.5.0, Copyright (c) 1998-2014 Zend Technologies
    with XCache v3.1.0, Copyright (c) 2005-2013, by mOo
    with the ionCube PHP Loader v4.6.1, Copyright (c) 2002-2014, by ionCube Ltd., and
    with Zend OPcache v7.0.4-dev, Copyright (c) 1999-2014, by Zend Technologies
    with XCache Cacher v3.1.0, Copyright (c) 2005-2013, by mOo

Code: 
Linux 3.15.1-1-ARCH #1 SMP PREEMPT Tue Jun 17 09:32:20 CEST 2014 x86_64 GNU/Linux

Urgently help needed...
 
resonansER said:
preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead[/CODE]
Click to expand...
@resonansER

The e modifier is deprecated as of PHP 5.5.0
I've used another method of doing this, but still fixing @DaiAku potential issue

No XML changes (you just need to replace the files), I've added :
FoolBotHoneyPot_v2_4_05b.zip

(Most wont need to upgrade to this version, unless they are using > PHP 5.5)
 
@resonansER

What time did you report that bug:
http://xenforo.com/community/thread...ion-page-honey-pots.37063/page-30#post-785847
(how quickly did I respond)

At xenforo.com it says you reported it at
resonansER, Today at 12:10 AM (data-time="1403824222" Jun 27, 2014 at 12:10 AM)

And I responded to it at:
tenants, Today at 8:09 AM (data-time="1403852979" Jun 27, 2014 at 8:09 AM)

I travelled 4 hours and 1 minute back into the past to respond and fix the issue, I'm quick but I'm not that quick
Is this a xenforo bug?

Edit: Sorry I'm being silly, the timestamps are correct (responded 8 hrs after)
 
I seem to be getting a few errors with this plugin, relating to duplicate entries, I've pasted one of the errors below in case it helps :)

Error Info
Zend_Db_Statement_Mysqli_Exception: Mysqli statement execute error : Duplicate entry 'ea11953ae88b7e1c63' for key 'uuid' - library\Zend\Db\Statement\Mysqli.php:214
Generated By: Unknown Account, 57 minutes ago
Stack Trace
#0 \library\Zend\Db\Statement.php(297): Zend_Db_Statement_Mysqli->_execute(Array)
#1 \library\Zend\Db\Adapter\Abstract.php(479): Zend_Db_Statement->execute(Array)
#2 \library\Tac\FoolBotHoneyPot\Model\Uuids.php(148): Zend_Db_Adapter_Abstract->query('\r\n\t\t\tINSERT INT...')
#3 \library\Tac\FoolBotHoneyPot\ControllerPublic\Register.php(147): Tac_FoolBotHoneyPot_Model_Uuids->setUuids()
#4 \library\XenForo\ControllerPublic\Register.php(70): Tac_FoolBotHoneyPot_ControllerPublic_Register->_getRegisterFormResponse(Array, Array)
#5 \library\Tac\FoolBotHoneyPot\ControllerPublic\Register.php(100): XenForo_ControllerPublic_Register->actionIndex()
#6 \library\XenForo\FrontController.php(347): Tac_FoolBotHoneyPot_ControllerPublic_Register->actionIndex()
#7 \library\XenForo\FrontController.php(134): XenForo_FrontController->dispatch(Object(XenForo_RouteMatch))
#8 \index.php(13): XenForo_FrontController->run()
#9 {main}
Request State
array(3) {
["url"] => string(42) "http://www.website.com/login/login"
["_GET"] => array(0) {
}
["_POST"] => array(6) {
["login"] => string(29) "user@email.com"
["register"] => string(1) "1"
["password"] => string(8) "********"
["cookie_check"] => string(1) "1"
["_xfToken"] => string(8) "********"
["redirect"] => string(31) "http://www.website.com/"
}
}
Click to expand...
 
You must log in or register to reply here.
Top Bottom