Moderators Functions - Hidden Image Checker by BOP5 for VB 3.x and VB 4.x (Stop Cookie Stuffing!)

Brought to you by BirdOPrey5 / Qapla.com

Version 1.02 - Compatibility fix for dbtech Advanced Thanks/Like mod
Version 1.01 - Bug fix for user post counts over 1000
Version 1.0 - Initial Release

Also available on Qapla.com.

For some time now a new type of "Spammer" has been hitting forums. These "spammers" are not as obvious as those trying to make links or sell cheap Viagra. These new spammers use a technique called "Cookie Stuffing" which can make them a lot of money if you don't notice what they've done.

Cookie stuffing is when a malicious user posts a hidden (clear) image in a post. Although you may never see the image it actually links to a location that will set a cookie on the browser of everyone viewing the post. In the cases of cookie stuffing this is almost always a cookie that contains their affiliate code for a site like Amazon or eBay. If anyone on your forum should go on to buy something from Amazon.com later in the day the spammer will get a credit from Amazon because your user has the spammer's cookie on their computer.

At best this allows the spammer to make money off your unsuspecting users. At worst it is taking money away from you if you had your own affiliate cookie (legitimate) it may get over-ridden by the spammer's cookie.

There is no built in means for detecting small transparent images in vBulletin. This mod will show a banner notice under every post by a "new" user reporting the number of images in the post (if any). It only takes a second to scan the post and make sure the number of images reported, matches the number of images you see.

So next time a spammer tries to hide a small clear image in a post you or your mods will see a big yellow notice below the post that it contains an image- allowing you or your staff to take appropriate action. (Usually deleting the post and banning the user.) [Mod functions not part of this modification.]

However since it would get annoying to see these big yellow banners under every post that contains images the mod lets you limit seeing banners to only "new" users- You can choose a minimum post count or # of days registered before the user who posted is not considered new anymore.

In addition you can choose trusted usergroups that will never have their images counted regardless of their number of posts or days registered.

This mod contains both the VB 3.x and VB 4.x version in the same .xml file. It has been tested on VB 3.8.7 and VB 4.1.10 and VB 4.1.11 but it should work on all VB versions from at least 3.7 through 4.1.x and beyond. Feel free to try on earlier versions and let me know if you run into an error.

This mod DOES NOT count attachments or smilies as images since they are safe from cookie stuffing. Only remotely linked images using the [img] BBCode will be counted.

See screenshots for examples.

Please Mark as Installed if you use this.
Donations always appreciated. :up:

[BirdOPrey5]

Images that use the [img] bbcode are counted regardless of the domain they are on... So even if you are using [img] to link to local images (for some reason) they would count as an image.

[BirdOPrey5]

There is a known conflict with DbTech's Advanced Post Thanks/Like mod. Thanks to Alan_SP for finding which mod conflicted.

I don't see any way of making them compatible so just skip this mod if you use the dbtech one.

The problem is dbtech parses bbcode of $post[pagetext] when it is supposed to be raw bbcode, not parsed. It means this mod can't find or count [img] bbcodes.

[Alan_SP]

I have to say that at the moment I'm still using older version of DBTech's APTL (v1.1.9) so there's a slight chance that with newer versions it might work.

[BirdOPrey5]

Version 1.02 - Compatibility fix for dbtech Advanced Thanks/Like mod

[Alan_SP]

Thanks, this version fixes compatibility with DBTech's mod. :up:

Now everything works as it should on my site.

P.S At the moment I couldn't like your post, otherwise I would.

[megabink]

This is really great stuff,installed and nominated.
Thanks

[Budget101]

I'm new to the cookie stuffing concept, bear with me if this question is retarded, but, if members Upload images using the default image uploader can they embed code in that as well?? Or does this just affect the bbcode [img] tag?

[Alan_SP]

Idea is that image is on some other server, as explained in the first post:

Quote:

Cookie stuffing is when a malicious user posts a hidden (clear) image in a post. Although you may never see the image it actually links to a location that will set a cookie on the browser of everyone viewing the post. In the cases of cookie stuffing this is almost always a cookie that contains their affiliate code for a site like Amazon or eBay. If anyone on your forum should go on to buy something from Amazon.com later in the day the spammer will get a credit from Amazon because your user has the spammer's cookie on their computer.

Attached images are on your server. Image doesn't have information, but location where image is does. That's the idea. So, only images on other servers may be a problem.

[Budget101]

Quote:

Originally Posted by Alan_SP

Attached images are on your server. Image doesn't have information, but location where image is does. That's the idea. So, only images on other servers may be a problem.

Thank you for your reply Alan, that was my understanding as well, but I wanted to be clear. I wasn't sure if there was some way for hackers to embed additional coding in the image prior to uploading to the server. I'm trying to cover all my bases after discovering malicious code on my site.

[da_judge]

another great adition... thanks