A spectacular web spammer failure

In the spirit of earlier heroic failures, I just saw someone attempt to put an entire POST form in the actual HTTP request. No, really. The incoming request looked something like this:

login=%5Burl%3Dhttp%3A%2F%2Fwww.nextlevelnews.com%2F [.. elided ..] %2F70.html%0D%0A+&view=login&page=blog%2Flinks%2FBestToolPOST /~cks/space/.login HTTP/1.1

This is perhaps the most abject spammer failure I've seen.

(It also confirms that web spammers are targeting my login form as well as the 'post a new comment' form; I have a theory on that, which doesn't fit in this margin.)

Unsurprisingly, the request came from a charter.com cablemodem that is currently in bl.spamcop.net and the CBL, among other places.

These are my WanderingThoughts
(About the blog)

GettingAround
Full index of entries
Recent comments

This is part of CSpace, and is written by ChrisSiebenmann.

* * *

Atom feeds are available; see the bottom of most pages.

This is a DWiki.
(Help)

Categories: links, linux, programming, python, snark, solaris, spam, sysadmin, tech, unix, web

Search:
Written on 11 October 2006.
(Previous | Next)
Page tools: View Source, Add Comment.
Search:
Login: Password:
Atom Syndication: Recent Comments.
Last modified: Wed Oct 11 17:42:09 2006
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.