vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 3.0 Beta Releases (https://vborg.vbsupport.ru/forumdisplay.php?f=34)
-   -   Spyware Homepage Spam thingy (https://vborg.vbsupport.ru/showthread.php?t=65111)

Zach 05-13-2004 10:00 PM

Spyware Homepage Spam thingy
 
I read a few posts about url spamming and spyware screwing with members homepages -

Just threw this together - just copying my post from over at .com -


Ok this should at least screw with em and slow em down (very simple)





find





Code:

// ############################### start dst autodetect switch ###############################


in profile.php (html|php3|etc)







add this right above that line



Code:


$homepage=$$bbuserinfo[username];











Then in templates - find the modifyprofile template



find

Code:

<td>$vbphrase[home_page_url]:<br /><input type="text" class="bginput" name="homepage" id="tb_homepage" value="$bbuserinfo[homepage]" size="50" maxlength="200" /></td>






make it this


Code:

<td>$vbphrase[home_page_url]:<br /><input type="text" class="bginput" name="$bbuserinfo[username]" id="tb_homepage" value="$bbuserinfo[homepage]" size="50" maxlength="200" /></td>











Let me know if this works - I am not sure if it will get past init.php or not - some of my files are not very vBulletinish anymore



Also, if anyone that is getting this, do me a favor - pm me the sites, urls - I personally have not had this at all that I have noticed - which makes me wonder if the spyware garbage is keying in on either urls that have forum in it, or its looking for profile.php, or if it is just looking for formfields name hompage. (I use .html so if its looking for profile.php, it would never hit me)



Gonna go see if I can get infected now - then I can see exactly what this garbage is doing - but this fix I am pretty sure will fix it from happening anymore.

Zach 05-14-2004 02:30 PM

And I meant to post this in 3 oops - someone move it?

Boofo 05-14-2004 02:48 PM

Moved. ;)

Zach 05-14-2004 03:08 PM

Thanks

Zach 05-14-2004 03:14 PM

Will explain what this is doing real quick

Since I have heard about users homepages getting changed to porn sites and such, with out them knowing it - the only way I can think of this to happen is some spyware on their system.

The spyware would have to key in on the form field with the name "homepage"

So we just change the name of that formfield to the usersname - which means that the spyware jerks are going to have to be more clever as every single user now has a differently named homepage formfield.

Then when its submitted, we just give the variable $homepage its value on top, so we dont have to mess with anything else and let the programming that works already work :) - that is what this is doing

$homepage=$$bbuserinfo[username];


So if I submitted a new profile change, my homepage variable would now be like

Zach="http://FantasySportsWire.com"


so to get $hompage = to that

we need $homepage = $Zach - but since we are not gonna hard code in a million different user names, we use $homepage = $$bbuserinfo[username] - which if I am submiitting it, is exactly the same as $homepage=$Zach

Zach 05-14-2004 03:17 PM

Ref this for exactly what the heck I am talking about :)

http://www.vbulletin.com/forum/showthread.php?t=96331

ap0c 05-14-2004 06:30 PM

Quote:

Originally Posted by Zach
Ref this for exactly what the heck I am talking about :)

http://www.vbulletin.com/forum/showthread.php?t=96331

thanks for the above link. I was having some trouble following what your trying to do

Zach 05-14-2004 06:46 PM

Quote:

Originally Posted by ap0c
thanks for the above link. I was having some trouble following what your trying to do


I am a sports idiot that learned how to do the Hello World demo, didnt graduate to the explain what the heck you are talking about part yet :)

But, if you want to know who to be looking at and ultimatly decide on taking at 3.6 - I can explain that fully :)

teksigns 06-29-2004 02:54 PM

does not work .....

when i edited my profile to test and saved

then went back and homepage field was blank .....

700mb 07-02-2004 05:09 PM

its working.....for a while......little while


All times are GMT. The time now is 01:42 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.02798 seconds
  • Memory Usage 1,736KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (4)bbcode_code_printable
  • (2)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 

Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete