Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ Enhancement Requests
Author Message
kguske
Site Admin


Joined: Jun 04, 2004
Posts: 6383

PostPosted: Mon Jul 17, 2006 9:52 am Reply with quote

Looking at the search statistics, the number 3 most common search phrase on one of my sites is: "powered by phpnuke". Another is "modules.php?namesearch".

It seems that these are primarily searched as a way to identify potential targets for attacks or spamming.

I'd like to solicit ideas for prohibiting this, or making it as painful as possible for the kiddies who use it.

_________________
I google, therefore I exist...
Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
technocrat
Life Cycles Becoming CPU Cycles


Joined: Jul 07, 2005
Posts: 511

PostPosted: Mon Jul 17, 2006 11:27 am Reply with quote

Good idea Smile

_________________
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login! / Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message
kguske
PostPosted: Mon Jul 17, 2006 11:33 am Reply with quote

Maybe we should called it "malicious searches blocker"
 
Guardian2003
Site Admin


Joined: Aug 28, 2003
Posts: 6793
Location: Ha Noi, Viet Nam

PostPosted: Mon Jul 17, 2006 12:49 pm Reply with quote

I'll second that. In the context that *normal* people would be searching for a specific subject of interest in the course of a *genuine* search and that search criteria would really only be used for the specific purpose of seeking out nuke site, regadless of their content.
I'll have to revisit the license criteria for 'not removing copyright notices' but I think it should at least be possible to remove the text itself and substitue an image with the copyright words and some tweaks to the meta.php to limit successful searches

Having said that, I'm all for giving the bad guys a nice suprise!
 
View user's profile Send private message Send e-mail
montego
Site Admin


Joined: Aug 29, 2004
Posts: 9453
Location: Arizona

PostPosted: Mon Jul 17, 2006 7:31 pm Reply with quote

Yeah, I like that too. Another "list" that Guardian can manage in his spare time... Wink or is that really ROTFL? No, seriously, I like the idea. Good one!

_________________
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
Guardian2003
PostPosted: Mon Jul 17, 2006 7:51 pm Reply with quote

OK, perhaps I should go and buy another few reams of A4 lol.
 
evaders99
Former Moderator in Good Standing


Joined: Apr 30, 2004
Posts: 3221

PostPosted: Wed Jul 19, 2006 12:16 am Reply with quote

String blocker anyone?

_________________
- Only registered users can see links on this board! Get registered or login! -

Need help? Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
kguske
PostPosted: Wed Jul 19, 2006 4:20 am Reply with quote

I'll look into using that, evaders99, but I don't necessarily want to ban people who use those terms in a post, comment or story.
 
Guardian2003
PostPosted: Wed Jul 19, 2006 6:35 am Reply with quote

OK I know I have been awake for several days now but I don't understand your post evaders.
You could use a string blocker internally on a nuke site but how does that effect search terms used for google looking for phpnuke sites?

Ah, second brain cell has just kicked in - the search engines redirection url would contain the search criteria so in affect you could use a filter on the referering url and redirect or whatever you wanted to do with it.
 
spottedhog
Regular
Regular


Joined: Jun 02, 2004
Posts: 88

PostPosted: Fri Jul 21, 2006 12:48 pm Reply with quote

OK..... Maybe this is a wild and crazy idea, but here goes Wink

Instead of having "Powered by PHP Nuke" in the footer, why not confuse those searching for that phrase?

Why not create a class in the style.css file and name it "hideit" for example. Then make its property: {display:none} It could look like this:

span.hideit {display:none}

Then in the footer, put something like:

Powered <span class="hideit">time()</span>by <span class="hideit">time()</span>PHP Nuke

If my mind is thinking right, which is not always the case Wink, the web page would display Powered by PHP Nuke but the search engines would see timestamp inside the words.

hmmmmmmm..... if that worked, then one could put mailto: on the web pages with that code inside it and the spam harvesters would never get the proper email address, but the browser would be able to open the mailto: link etc.

....just thinking out loud
 
View user's profile Send private message Visit poster's website
montego
PostPosted: Fri Jul 21, 2006 2:56 pm Reply with quote

spottedhog, that is an extremely innovative idea! Love the way you think. It could possibly work if the search phrase included the quotes where the exact phrase was required, but I have a feeling it would still find the site if exact phrase wasn't requested.

BUT, very interesting indeed...

Don't think it will work for the mailto as that needs to be within an anchor tag's href attribute.
 
spottedhog
PostPosted: Fri Jul 21, 2006 3:48 pm Reply with quote

ah...... yes.... did not think about the "a" tag..... hmmmm... but the site admin could put the admin email address and put that span code on either side of the "@", thus giving the spam harvester a bad email.

ohhhhhh..... you could even put that span code inside of the word "Powered" and then "Nuke". That would keep it out of reach.

..... Smile just thnking outside the box......

hmmmm.... could even make a $hideit variable in the config.php file containing the span code, provided the theme had the corresponding class in it. Then one could place the $hideit variable where in the code was needed to mask "stuff".

-----maybe thinking too much now.... lol
 
Guardian2003
PostPosted: Fri Jul 21, 2006 3:58 pm Reply with quote

... and would this be HTML 4.01 Transitional compliant or create any cross browser compatibility issues?
 
spottedhog
PostPosted: Fri Jul 21, 2006 4:03 pm Reply with quote

....hmmmm.... like minds..... Just ran the compliance test and it validated, and the simple css class has no errors or warnings. It worked on IE 6 and the latest Firefox, with the source code showing the hidden words I used.
 
Guardian2003
PostPosted: Fri Jul 21, 2006 4:14 pm Reply with quote

Very interesting.

Addendum: We should still look at that stupid meta.php file though
 
hitwalker
Sells PC To Pay For Divorce


Joined:
Posts: 5661

PostPosted: Fri Jul 21, 2006 4:25 pm Reply with quote

wonder if you can stop it...
cause you can find nuke in a thousand ways...

i did some reading about this and people talk about an exclusion list but i couldnt find a sample..

but what might be interesting is a script of almost 4mb i got my hands on...
the purpose of the script is to post into websites.....like news or guestbooks...

yes the spamming stuff we see around...
so anyone that is interested and wanna check out the script to learn what techniques they use can request it on my site...,it might be of some help...
 
View user's profile Send private message
montego
PostPosted: Sat Jul 22, 2006 7:53 am Reply with quote

spottedhog wrote:
....hmmmm.... like minds..... Just ran the compliance test and it validated, and the simple css class has no errors or warnings. It worked on IE 6 and the latest Firefox, with the source code showing the hidden words I used.


It may very well be compliant. Are you able to click the "revised" mailto link and have it work right? Just curious.
 
spottedhog
PostPosted: Sat Jul 22, 2006 9:00 am Reply with quote

oh.... no..... I did not try inside the a tag. That had not crossed my mind initially when I threw out the idea. However, it works if one puts that code on either side of the admin email address. Maybe I am thinking wrong, but I think I can now list the admin email address in the Modules block for example, and not worry so much about spam bots.

Welll..... to be more honest here..... I was more concerned about putting the admin email address on a customized 403 document, one I created using php. I had put the $adminmail there so those who got banned erroneously due to whatever, could at least send the admin an email and explain or "plead their case" if you will on why their IP should not be banned.
 
spottedhog
PostPosted: Sat Jul 22, 2006 9:05 am Reply with quote

Smile ok.... yet another "out of the box" idea.....

Why not put the tiny footer words onto a graphic file like is now done for security codes? Site visitors can still see it, however, bots would not. Maybe the $adminmail could be surplanted on the codebg.gif file so site visitors could email the admin but the admin would not have that address picked up by bots?

....not sure if it would interfere with the User Info block code..... But if it did not, well... Smile

hmmmmm.... What about moving those copyright words to another file and only supply a link to it in the footer? You could create a separate/new folder that is maybe the same name or URL as other popular software.

What about making a series of say 5 or more small images that have the copyright words on them, and then randomly post the image in the footer? The image filenames could be the same as those of another popular web software so then the Nuke site would be mixed in with numerous others if the search bot could only seek out image filenames and/or URL's.
 
gregexp
The Mouse Is Extension Of Arm


Joined: Feb 21, 2006
Posts: 1497
Location: In front of a screen....HELP! lol

PostPosted: Sat Jul 22, 2006 3:52 pm Reply with quote

nice idea, But Heres one I saw when getting the ip of someone and posting it on a webpage.

This was when I had no clue how to script this myself but now that I see, the document write function could be used to write powered by phpnuke without it showing in the source.

To what extent this could be used is beyond my knowledge.

heres a simple example of what I mean:

<?
Header("content-type: application/x-javascript");
$text=" Powered by phpNUKE;
echo "document.write(\"<b>" . $text . "</b>\")";
?>

and heres my source:

<scr ipt language="javascript" src="text.php"></scr ipt>

there is NO reference to powered by phpnuke at all in the source but it displays on the webpage.

and change it to

<?
Header("content-type: application/x-javascript");
$text=" Powered by phpNUKE;
echo "document.write(\"<b><a href=\"http://phpnuke.org\">" . $text . "</b></a>\")";
?>


This too worked without showing anything in the source.

_________________
For those who stand shall NEVER fall and those who fall shall RISE once more!! 
View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger MSN Messenger ICQ Number
spottedhog
PostPosted: Sat Jul 22, 2006 7:42 pm Reply with quote

I like this..... Wink thanks!
 
kguske
PostPosted: Sat Jul 22, 2006 9:34 pm Reply with quote

I've thought about just removing the copyright - or some variation on that to disguise it. But the bottom line is that it still wouldn't be hard for people to find nuke sites...
 
gregexp
PostPosted: Sat Jul 22, 2006 10:11 pm Reply with quote

This is true to a degree,

But what if we make the metatags be for an sql call and setup a panel in admin for the admin to enter search Items theyd like to allow.

This would not be 100% but as they enter them, it would input into a databse and then the metas.php could be altered to grab from the sql, then nuke would no longer be searchable unless they wanted to find specifically nuke.

Would be REALLY nice if we could redo the echo function and write in document write.

But I dont think that would be plausible (not on nuke itself or custom modules but might for a new cms Wink)
Arent you involved in the making and design of a new cms?
 
kguske
PostPosted: Sat Jul 22, 2006 10:30 pm Reply with quote

Not sure I understand what you're suggesting. I agree it would be helpful to have META tags stored in a database (and am planning that for the next release of nukeSEO). But the rest I do not understand.
 
gregexp
PostPosted: Sun Jul 23, 2006 1:29 am Reply with quote

like in my previous post, the index.php called on text.php for the info.

Now text.php has a document.write function which works to write something to the document just as echo does, only difference is, It doesnt show in the source.

So if this was takin to the extreme, Nothing would need to be echo'd, It could all be document.writen if that makes any sence. After which the source file would look like a ton of scripts.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ Enhancement Requests

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©