Jump to content

Welcome, Guest!

By registering with us, you'll be able to discuss, share and private message with other members of our community.

cprats

Chinese spam from qq dot com through contact form

Recommended Posts

Posted (edited)

OKkkkkk .. I completely removed the module ..Un-installed from admin/modules ..Went to ftp and removed there too checked database and found nothing ..Re-uploaded and installed again and is now working fine.

Thanks for the help in yet another of my many problems 

Capture.JPG

Edited by AndyC
  • Like 1

Share this post


Link to post
Share on other sites
On 5/12/2020 at 6:55 PM, AndyC said:

 


class ContactController extends ContactControllerCore
{
    public function postProcess()
    {
        if(Tools::isSubmit('submitMessage')) {
 
            $message = Tools::getValue('message');
            $from = Tools::getValue('from');
 
            $banned_in_email = ['.ru', 'qq.com', '.vn', 'talkwithlead.com', 'talkwithwebvisitor.com', '.club', '.cn', 'arteseo.co'];
            $banned_content = ['email marketing', 'quotation', 'SEO', 'advertising', 'Clicks', 'Guaranteed', 'diet', 'sex', 'unlimited', 'medical'];
 
            foreach ($banned_in_email as $string) {
                if(strstr($from, $string))
                    $this->errors[] = Tools::displayError('This email address is not allowed');
            }
 
            foreach ($banned_content as $string) {
                if(strstr($message, $string))
                    $this->errors[] = Tools::displayError('Invalid Content');
            }
        }
        parent::postProcess();
    }

 

 

Hello. Today some bot created an account in my shop. The strange part is that the address is not yet published anywhere... but it's under an easy spanish word, 'MyHOST/tienda'.

So I started trying this override to be prepared if I start receiving spam from the Contact Form when the site goes online.

I created the file override/controllers/front/ContactController.php with the quoted class, I erased /cache/class_index.php.


but the override is not working. I introduce an explicit PHP error but the emails keep being sent. I cleaned Cache too. What could be wrong?

Share this post


Link to post
Share on other sites
On 7/8/2020 at 11:45 PM, Wartin said:

but the override is not working. I introduce an explicit PHP error but the emails keep being sent. I cleaned Cache too. What could be wrong?

Finally I could find it out. I installed overridecheck module. It shows every override and, of course, it didn't show ContactController.

I forgot to start the file with: <?php

:)

Share this post


Link to post
Share on other sites

My Contact Override now blocks emails from being sent and shows an error message if any of the strings forbidden are used in email address or message.

BUT, the message is listed in Backoffice.

How do I block them completely?

Thanks!

Captura de pantalla -2020-07-12 11-03-23.png

Captura de pantalla -2020-07-12 11-05-54.png

Share this post


Link to post
Share on other sites

Ever since I installed and setup No Captcha reCAPTCHA Module I have not received a single email. I was getting around a thousand a day

Share this post


Link to post
Share on other sites
On 7/12/2020 at 2:08 PM, Wartin said:

 

BUT, the message is listed in Backoffice.

How do I block them completely?

Hello, I'm still having this issue. I'm using the override that search some strings in the body of the message. When I write some of these forbidden keywords it shows (correctly) an error in the contact form:

image.png.499e2e06ef7f40e68e9549216c9101b6.png

The emails are not being sent, but the SPAM message is listed in backoffice:

image.png.4af445562d1878052baad86d851e1c4f.png

My override finished with:

            foreach ($banned_content as $string) {
                if(strstr($message, $string))
                    $this->errors[] = Tools::displayError('Invalid Content');
            }
        }
        parent::postProcess();
    }

maybe it should return after calling displayError?

Thanks!

Share this post


Link to post
Share on other sites

you can replace 

$this->errors[] = Tools::displayError('Invalid Content');

with

die(Tools::displayError('Invalid Content'));

The result will be ugly white page, but that's ok, since this should be visible to attackers only

  • Like 1
  • Thanks 1

Share this post


Link to post
Share on other sites

YouTube is full of videos for preparing such tasks, and you can pump knowledge in mobile applications. But there are also cheat-sheet sites that will help out when you urgently need to find literature for an essay or coursework, check your spelling or find a solution to a complex mathematical problem. We think you have such sites in mind. And if not, then you can always contact here fastessay.net/do-my-marketing-assignment.html. Any suggestions?

Edited by hojoos

Share this post


Link to post
Share on other sites
13 hours ago, AndyC said:

Found this page with what seems better result as it is TB friendly

https://www.prestashop.com/forums/topic/984993-free-module-advanced-security-module/

Did you try it?

I like the override because it's real simple, you can add some strings and voilà, no more SPAM. The module seems to has much more functions than a simple override, I don't know if the free version is usable, I suppose they want to sell it...

Anyway, thanks for the post!

Share this post


Link to post
Share on other sites

Yeah I tried it. It is a older version and is only a free version (paid version has a lot more) it does let you use brute force protection , so you can only try so many times before it locks you out even if you put in the right password ..I haven't tried that yet .. But it also stops right clicking on your site, which I like. You can also check your files and Change file permissions to 644 and directory permissions to 755 .. ( don't know if that is a good or bad thing) and also can find files that should be deleted,,, Mine were mostly the read files (ie text files for instructions etc) .Everything else was PRO FEATURES and to buy was £69 

Share this post


Link to post
Share on other sites

I have seen this Chinese spam before. If running on a Linux server, this spam is easy to block with Fail2Ban - no need for special modules  - just write a plain jail config for Fail2Ban

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...