Wandering Thoughts archives

2006-10-11

StupidSpammerTricksII

A spectacular web spammer failure

In the spirit of earlier heroic failures, I just saw someone attempt to put an entire POST form in the actual HTTP request. No, really. The incoming request looked something like this:

login=%5Burl%3Dhttp%3A%2F%2Fwww.nextlevelnews.com%2F [.. elided ..] %2F70.html%0D%0A+&view=login&page=blog%2Flinks%2FBestToolPOST /~cks/space/.login HTTP/1.1

This is perhaps the most abject spammer failure I've seen.

(It also confirms that web spammers are targeting my login form as well as the 'post a new comment' form; I have a theory on that, which doesn't fit in this margin.)

Unsurprisingly, the request came from a charter.com cablemodem that is currently in bl.spamcop.net and the CBL, among other places.

StupidSpammerTricksII written at 17:42:09; Add Comment

(Previous day | Next day)
By day for October 2006: 11 15 18; before October; after October.

These are my WanderingThoughts
(About the blog)

Full index of entries
Recent comments

This is part of CSpace, and is written by ChrisSiebenmann.
Twitter: @thatcks

* * *

Categories: links, linux, programming, python, snark, solaris, spam, sysadmin, tech, unix, web

This is a DWiki.
GettingAround
(Help)

Search:
Page tools: See As Normal.
Search:
Login: Password:
Atom Syndication: Recent Pages, Recent Comments.
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.