[TAC] Fool Bot Honey Pot

[TAC] Fool Bot Honey Pot [Paid] 3.0.32

No permission to buy ($29.00)
Overview Updates (79) Reviews (28) History Discussion
I have the full pack with BFO.
I am adding SHS to see if it can help. But the block on internal links is a problem.
tenants said:
PM me the fingerprints, they are really very usfulll to me
Click to expand...
If I have the usernames from the spam cleaner log, then how do I get the fingerprints?
 
in the foolbot honeypot logs (under tools)

click the user, if they are js enabled there should be a button for fingerprint, like this:
(you can filter for usernames / ip / js enabled ..etc)
upload_2017-3-14_19-57-49.webp
 
There is one more thing I want to add to this fingerprint, it should tell me a bit more, I'll add it to the next version

But there is a lot of information in these fingerprints, sometime bots completely give their selves away, and sometimes they are tough, I'm finding weaknesses but it's a lot harder than it use to be
 
Me Again :D

First of all, thank you for the fix. I've upgraded to the latest one you just released and managed to sign up all ok.

However, the Sign Up Page corruption is still there :(

I've tried both with the EXTRA.css fix manually (and also removing it as your latest I believe does it automatically?)

.xenForm fieldset,
.xenForm .formGroup
{
background-color: @contentBackground;
}
Click to expand...

However, this is how the page is looking:

Screen Shot 2017-03-14 at 20.32.59.webp

I know it's a custom theme so I'm not expecting mega support - but is there something you advise for me to look into as to the potential cause?

It doesn't stop registration - it just looks visually wrong.
 
It looms like your theme has a value for @contentBackground

It looks like it's there, but the z-index is lower than something???, I wonder why a custom theme would lower the z-index

try this in extra:

.register_form .xenForm, .register_form .pageContent
{
background-color: @contentBackground;
z-index: 1;
}

if that doesn work, send me the url via pm, it should be a simple fix
 
Perfect, that worked nicely :) Thank you.

As it changed the form to white to hide the bits in question; I adding some padding to make it fit nicely around the site and it seems to be working nicely. Thank you as always for the quick support.

Code: 
.register_form .xenForm, .register_form .pageContent
{
background-color: @contentBackground;
padding-left: 30px !important;
padding-right: 30px !important;
z-index: 1;
}
 
tenants updated FoolBotHoneyPot Bot Killer: Spam Combat with a new update entry:

bad hosts, extra logging

I've added an extra mechanism to check the hosts

I've added a default list of bad hosts, these a mostly vpns/tors
- It's doubtful that you'll ever want some one that is using a tor/vpn host to register, these are used by botters

I have not added to this default list other bad hosts that sometimes humans use, since these are often Russia/China real ISPs. Some forums will not want to ban these ISPs since their forum is related to those countries

I will list a few of these host that you can...
Click to expand...

Read the rest of this update entry...
 
Update is here, it's a good updated related to host checking, I'm wondering what this will catch that the general and targeted methods don't
http://www.surreyforum.co.uk/thread...th-a-custom-registration-page.1621/#post-2400

I'll add some hosts that you can optionally add later, at the moment the default is populated with vpn/tor hosts
I didn't want to add hosts that botters use, if the host is also a real ISP (for instance Russian ISPs), some forums will not want to prevent these, so I wont add these types of ISPs to the default list of bad hosts, that's up to you to add more bad hosts to the list.

You'll see the hosts in the fbhp logs, so it should be fairly easy to copy and paste them over to the bad hosts list
It's already pre-populated with 50-60 vnp/tor hosts

This is not a good mechanism on it's own, not all botters use vpns/tors, but it's not a bad fallback mechanism. It's something I've been using in TAC DeDos for years, so I've also moved it over to fbhp
 
Code: 
Error Info
ErrorException: A non-numeric value encountered - library/Tac/FoolBotHoneyPot/Model/BrowserEvents.php:186
Generated By: Unknown Account, Today at 11:33 AM
Stack Trace
#0 /library/Tac/FoolBotHoneyPot/Model/BrowserEvents.php(186): XenForo_Application::handlePhpError(2, 'A non-numeric v...', '/...', 186, Array)
#1 /library/Tac/FoolBotHoneyPot/ControllerPublic/Register.php(250): Tac_FoolBotHoneyPot_Model_BrowserEvents->failSecIngredient2(Array)
#2 /library/UserEss/ControllerPublic/Register.php(68): Tac_FoolBotHoneyPot_ControllerPublic_Register->actionRegister()
#3 /library/Tac/DeDos/ControllerPublic/Register.php(51): UserEss_ControllerPublic_Register->actionRegister()
#4 /library/XenForo/FrontController.php(351): Tac_DeDos_ControllerPublic_Register->actionRegister()
#5 /library/XenForo/FrontController.php(134): XenForo_FrontController->dispatch(Object(XenForo_RouteMatch))
#6 /index.php(13): XenForo_FrontController->run()
#7 {main}
Request State
array(3) {
  ["url"] => string(41) "https://forum.com/register/register"
  ["_GET"] => array(0) {
  }
  ["_POST"] => array(29) {
    ["d7ac4271ffe380896e9dbd8bf979ed05"] => string(0) ""
    ["form_name"] => string(0) ""
    ["username"] => string(0) ""
    ["a3da3e5ea939f22889e21821806eaeca"] => string(10) "Mehislife"
    ["c9c7a32ca7c2ad4d674a33cfae43eeac"] => string(0) ""
    ["form_email"] => string(0) ""
    ["f916d5456af46188b457aac5f884c82e"] => string(21) "xxx@gmail.com"
    ["form_password"] => string(8) "********"
    ["form_password_confirm"] => string(8) "********"
    ["c25af072f9bbd72b863b4fe3d8cea04d"] => string(0) ""
    ["5a8e4127d8d991ed9e130bae68d17e6c"] => string(32) "ea8a8d0366ebeccbfaafa2ff72851144"
    ["b48c042e5ef202299c3bf49232471b6a"] => string(0) ""
    ["808724a0d2568801a7afdc15915b27eb"] => string(0) ""
    ["0a200a3b10c75c7882d7ca6d0477d4eb"] => string(10) "xxx"
    ["99e1b26067f93f426e4d1379e532f72a"] => string(0) ""
    ["9431f0da43cc9406250dc46d8a9d9227"] => string(0) ""
    ["4a8629bafa5370c2ae8117621f520ecb"] => string(4) "male"
    ["dob_month"] => string(1) "2"
    ["dob_day"] => string(2) "08"
    ["dob_year"] => string(4) "1996"
    ["about"] => string(51) "A regular forum user. To pass the time"
    ["homepage"] => string(4) "Meh"
    ["location"] => string(10) "San Diego "
    ["2eb1da21dcccd909e6e8319a8b6202e3"] => array(1) {
      ["interests "] => string(4) "Meh"
    }
    ["custom_fields_shown"] => array(1) {
      [0] => string(23) " interests "
    }
    ["98d4593d1ba7fcd8e13fe9bc40419062"] => string(19) "America/Los_Angeles"
    ["g-recaptcha-response"] => string(334) "03AI-r6f7ezKicqvKHr7a5mnGO10a7UxrbuPd6WQfZdc0on1ZInkq05418dXXYABIPzlvPFpuBWa998Ig-6YqlrZg9yHODnlo7h6Mr4WDMcHALXd5scHDXXVxBiYoqUfhi5BmWepYb1mp-D1EQc-fHmLASTQxRMeBJGrop7li0ICwcmOkVweHGE3A1okTPWPcDGZrHZ2-0HI4-GQUGvlByx2RErM-R6c7BlGJUHdgCoPSOudiWhVeoDKRdsBsSlHyP22Gwwy3LqMueIC7g2aPojQY52oocOBVTPIIkc0jb9wRFziLipTVdSJV8YMbUfgu2u7Euk83fdTYK"
    ["_xfToken"] => string(8) "********"
    ["reg_key"] => string(32) "c57306149d0f683d5c5b71eab34fd37b"
  }
 
Last edited:
What version is that, I'll have a quick look, sounds like it should be a simple fix

Is that php 7 too, it seems to be an error often thrown by php 7
 
Last edited:
okay, I see what could cause this in php 7

string concatenation "+= "when a value is in the string, I should be using ".="

I'll fix it within the next 15 mins and send out another version
 
tenants updated FoolBotHoneyPot Bot Killer: Spam Combat with a new update entry:

- bot logging error

fixed an issue with bot logs

.... due to a lot of internal changes, and tested with many browsers as a human, not as a bot
... the bots picked this bug up

- fixed

also reduce the amount of information in the logs when entries are false (you don't need to know it's not a browserbasedbot, not a nonbrowserbasedbot, not a semiautomater, you just want to know when it has been detected as one of these)
Click to expand...

Read the rest of this update entry...
 
Okay, I'm stopping with fbhp updates for a while now.

It's stable, works and picks up the new wave of js enabled bots that bypass the core honeypots, bypass the reg timer and don't get detected by APIs..... my job here is once again done (hopefully the core wont copy again).

Tenants:2 SpamBots:0

If you find a bug, or see a bot get through, let me know, send me the fingerprint and I'll update it.... other than that, I don't believe it needs anymore work.

fatlady.webp ripXrumer.webpgsa.webpbyebots.webp
 
Last edited:
This has probably been discussed, but can't find it. I get the following error on install:

ErrorException: Fatal Error: Call to undefined method Tac_FoolBotHoneyPot_Install::updateHiddenCountForLogs() - library/Tac/FoolBotHoneyPot/Install.php:150

StopHumanSpam from the TAC collection installed fine right before.

Please advise.

Thanks,

Mike
 
nope, hasn't been mentioned, I'll have a look a the install process, I've been doing updates installs rather than fresh installs for a while now, was this on a fresh install?
 
You must log in or register to reply here.
Top Bottom