vb.org Archive - urgent！ i need a mods with Image verification(captcha) on Login

vb.org Archive (https://vborg.vbsupport.ru/index.php)

- vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)

- - urgent！ i need a mods with Image verification(captcha) on Login (https://vborg.vbsupport.ru/showthread.php?t=286784)

a9713030

08-18-2012 03:07 AM

urgent！ i need a mods with Image verification(captcha) on Login

someone is trying to bruteforce my forums members password，
my forum version is 3.8.3 ， i need a mods with Image verification(captcha) on Login.
i search in forum， but i can not find it

ShawneyJ

08-22-2012 11:07 AM

never heard of a mod like this, anyone else?

ChiNa

08-22-2012 04:06 PM

Here is one:
https://vborg.vbsupport.ru/showthrea...54#post2359054
This says to fit for vB 3.8, even if it says 3.6! Many have tried it and it fits on vB 3.8.7 so far perfectly!

I will try it myself too! Good luck

ShawneyJ

08-22-2012 10:27 PM

Quote:

Originally Posted by ChiNa-Man (Post 2359056)

That MOD is for stop bots from Signing up! It has nothing to do with Logging in.
Read the first post again mate.

Quote:

i need a mods with Image verification(captcha) on Login.

a9713030

08-23-2012 12:04 PM

some use a lot of proxies to bruteforce my forum's member password, any one have idea?

ForceHSS

08-23-2012 02:17 PM

Try this

a9713030

08-23-2012 04:16 PM

Quote:

Originally Posted by ForceHSS (Post 2359324)

Try this

i am not sure it have Image verification(captcha) on Login

Simon Lloyd

08-23-2012 08:40 PM

How about https://vborg.vbsupport.ru/showthread.php?t=132482 even if it does say stop bot sign up it still applies to the humans!

Besides, if it is humans trying to get through what makes you think they can't see the images?

a9713030

08-24-2012 11:24 AM

i have checkabove two ，they don‘t have Image verification(captcha) on Login。

a9713030

08-28-2012 11:17 AM

no one can help？

Simon Lloyd

08-28-2012 11:30 AM

Why wouldn't this one work for you https://vborg.vbsupport.ru/showthread.php?t=132482 ? as far as i can see there are images involved?

a9713030

08-30-2012 02:48 PM

Quote:

Originally Posted by Simon Lloyd (Post 2360672)

Why wouldn't this one work for you https://vborg.vbsupport.ru/showthread.php?t=132482 ? as far as i can see there are images involved?

it is only for new user register, not for member login, have you installed it?
so i still need a help .

Max Taxable

08-30-2012 03:11 PM

Quote:

Originally Posted by a9713030 (Post 2361198)

it is only for new user register, not for member login, have you installed it?
so i still need a help .

It makes NO sense to want captcha when dealing with HUMANS. Do you get that? HUMANS CAN SEE THE IMAGES. It will do you NO good. They will simply pass the captcha and continue the brute force attack, if it is HUMANS doing it.

What you need to do is ban their user agent. Here's the mod for that:

Ban Spiders by User Agent

This isn't just for spiders, it's for everything, and I suspect the attacker you have will have something special in his user agent that you can exclude and it won't matter what the IP is.

Uberguilds

09-01-2012 01:54 AM

I feel bad for the OP.

"What about captcha on signup?"
-"How about captcha on login?"
"What about captcha on signup?"
-"How about captcha on login?"
"What about captcha on signup?"
-"How about captcha on login?"

Anyway, I'm pretty sure you can set user agents in Xrumer, which is used for attacking forums.

Max Taxable

09-01-2012 02:07 AM

Quote:

Originally Posted by Uberguilds (Post 2361612)

Except, I didn't give him that. I gave him the actual solution.

a9713030

09-01-2012 03:37 AM

they bruteforce with tools, not by human,
i think Max Taxable have not know what i mean,
they can use 100 proxies, then bruteforce password, if we have imagine verification, most tools can not work

Max Taxable

09-01-2012 12:39 PM

Quote:

Originally Posted by a9713030 (Post 2361626)

they bruteforce with tools, not by human,
i think Max Taxable have not know what i mean,
they can use 100 proxies, then bruteforce password, if we have imagine verification, most tools can not work

Proxies don't matter if you find something in their user agent you can exclude.

Seriously.

Know how to determine their user agent? The tool they're using will likely be part of it, there will be other unique items in it you can exclude.

You have your heart set on a captcha where none exists in vBulletin, unaware that alot of these botnet programs actually defeat captchas. Image verification isn't a magic bullet.

Find out a common item in the user agent of this attacker, and exclude it using the Mod I linked you to, end of problem.

You act like other people haven't seen this before.

All times are GMT. The time now is 10:14 AM.

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01187 seconds Memory Usage 1,752KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (7)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_navbar_search (1)printthread (17)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: