Form Spam Bot Blocker
2007/04/25 filed under /php, /perlFreshmeat announced a new PHP class today (well, it's version 0.2 so it's not that new actually).
Anyways, a class named Form Spam Bot Blocker simply has to be cool so I gave it a shot. See if it is really good. Unfortunately (and completely predicted), it's not that good.
A few lines of Perl code were enough to fool the example shipped with the class.
#!/usr/bin/perl -w
use strict;
use WWW::Mechanize::Sleepy;
my $mech = new WWW::Mechanize::Sleepy->new(sleep => 5);
$mech->get('http://...../example.php');
$mech->form_number(1);
$mech->submit;
print $mech->content;And the results:
This was a VALID submission. Your message is: some text
I have to admit that slowing down the input could prevent the dumbest bots out there, yet I believe most spam bots have no problems waiting a few seconds before posting.
Posted by: B10m |
permanent link |
comments (0)
