MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 General Support > Xrumer
Full Version: Xrumer
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

kel12

2015-06-06, 09:20 PM
My 1.6.16 board was today breached by XRumer.

The user was listed as Awaiting Activation, yet I have this group BANNED (Though it was at default 1 day - I have reset this to PERMANENT).

The user was NOT listed within its group.

I just updated to 1.6.17 and hopefully the fixes contained will prevent this again. Or not.

Xrumer clearly lists MyBB as one of its targets.
Has there been any action on this???

StefanT

2015-06-07, 08:42 AM
(2015-06-06, 09:20 PM)kel12 Wrote: [ -> ]Xrumer clearly lists MyBB as one of its targets.
Has there been any action on this???
Xrumer tries to behave like any human user which makes it almost impossible to detect it. Also they adapt the software quickly whenever we change or add security measures. However there are plenty recommendations and plugins to stop spammers: http://community.mybb.com/thread-110224.html

Destroy666

2015-06-08, 12:47 AM
(2015-06-06, 09:20 PM)kel12 Wrote: [ -> ]Xrumer clearly lists MyBB as one of its targets.

Like every other popular script. You can either update to 1.8 to have more antispam options by default or use plugins in 1.6 linked by Stefan.

And some tips:
- captchas aren't really effective anymore
- checking against services which list spammers can be good

kel12

2015-06-15, 08:56 PM
(2015-06-08, 12:47 AM)Destroy666 Wrote: [ -> ]
(2015-06-06, 09:20 PM)kel12 Wrote: [ -> ]Xrumer clearly lists MyBB as one of its targets.

Like every other popular script. You can either update to 1.8 to have more antispam options by default or use plugins in 1.6 linked by Stefan.

And some tips:
- captchas aren't really effective anymore
- checking against services which list spammers can be good


Xrumer seems to have been using some kind of SQL injection attack that bypassed permissions on Unverified Users accounts, that *seems* to have been fixed with the 1.6.17 update.

Now I get the occasional slimeball on the Guest Account, but the solution to that may simply be to disallow links for that account.

I use Akismet. I also need to set aside time to hook up the addon for Project Honeypot that I have somewhere.

When a post is *marked as SPAM* is there anyway to k-line that posters IP ?

However, the problem with k-lining IPs is that it is likely to cause collateral damage to VPNs and public proxies. I have nothing against TOR!

StefanT

2015-06-16, 07:47 AM
(2015-06-15, 08:56 PM)kel12 Wrote: [ -> ]Xrumer seems to have been using some kind of SQL injection attack that bypassed permissions on Unverified Users accounts, that *seems* to have been fixed with the 1.6.17 update.
There are no known issues that would allow Xrumer to bypass any permissions and 1.6.17 only fixed the security issues mentioned in the announcement.

kel12

2015-06-16, 09:07 AM
XRumer is more a than a super AI software. There seems to be code exploits.

It was able to bypass uder permissions for Unverified Users, and post to an account that technically did not exist.

The latest 1.6 versions seems to stop this,

I believe the same spammer returned was rebuffed, and was forced the Guest account,
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 General Support > Xrumer