|
|
先搜索一下,发现坛子里没有,发上来,大家共享!!!
又编辑了多次,才传上来,本来批量传,我还以为传好了,一看没有,郁闷!!然后单个一个一个传发现如果一次传6个都不可以,最后终于一一上传,完毕,请大家享用
请注意,虽然我免费,但下载本身需消耗110 广告币,谨慎
XRumer is a Windows program that posts forum spam with the aim of boosting search engine rankings. It has been claimed that the program is able to bypass techniques commonly used by many websites to deter automated spam, such as account registration, CAPTCHAs, and e-mail activation before posting. The program makes heavy use of a database of known open proxies in an attempt to make it more difficult for administrators to block posts.
In addition, the software can avoid the suspicions of forum administrators by first registering to make a post in the form of a question which mentions the spam product ("Where can I get...?"), before registering another account to post a spam link which mentions the product. The side effect of these innocent-looking posts is that helpful forum visitors may search on a search engine (e.g. Google) for the product and themselves post a link to help out, thus bolstering the product's Google stats without falling afoul of forum posting policies.
According to The Register, the latest version[which?] of XRumer can defeat CAPTCHAs of Hotmail and Gmail. This enables the software to create accounts with these free email services, which are used to register in forums that it posts to.[1] [2]
Most spam attacks on forums generally occur in waves, and the software will not spam at full speed initially. Thus, a good strategy for limiting the damage of such attacks is to target new members who have random series' of alphanumeric characters for their usernames. The multiple instances of a spam bot will have obvious similarities in their email addresses (and will usually be random themselves), allowing members that match the profile of other spam bots to be banned before they even post. As mentioned - proxies are used, making IP bans ineffective, however it is possible to block the posting of threads containing certain text, or links to a certain site. Once a product or site has been spammed, it can be blocked, preventing the software from successfully uploading its payload.
One way to defeat the software (at least for now) is to add extra hidden password fields to the registration form. You can hide those fields with css "display:none;" so that normal users would not see them. (Do it by enclosing the fields in a div with style display:none).
XRumer seems to be filling out all fields of type "password" with the same value. So validation is rather simple at this point. If your hidden password fields are not empty, chances are the new registration was a result of XRumer run.
For further protection, you can generate random names for your password fields and include 10+ of such hidden fields into your registration form. |
评分
-
查看全部评分
|
发表于 2010-1-27 00:28:32
提升卡
沉默卡
变色卡
楼主
