Wiki Spam

Viewing 6 reply threads
  • Author
    • #920

      So I go to add a few things to my wiki that I hardly ever use or update when I see that the formatting was messed up. When I look closer, it appears someone tried to spam my wiki with a bunch of links for handbags.
      Anybody seen this before? Its very strange because it seems to source from a google bot.

      Username: Sjqnlu
      Wiki Date/Time: 2006Nov26 2:47am

      Webserver Logs: – – [26/Nov/2006:04:45:06 -0500] “GET /index.php?title=User_talk:Sjqnlu&action=edit HTTP/1.1” 200 3507 “-” “Mozilla/5.0 (compatible; Googlebot/2.1; +” “-“ – – [26/Nov/2006:05:26:43 -0500] “GET /index.php?title=User:Sjqnlu&action=edit HTTP/1.1” 200 3495 “-” “Mozilla/5.0 (compatible; Googlebot/2.1; +” “-“ – – [26/Nov/2006:05:39:40 -0500] “GET /index.php?title=Special:Contributions&target=Sjqnlu HTTP/1.1” 200 2557 “-” “Mozilla/5.0 (compatible; Googlebot/2.1; +” “-“ – – [26/Nov/2006:13:03:01 -0500] “GET /index.php?title=Special:Log&user=Sjqnlu HTTP/1.1” 200 2340 “-” “Mozilla/5.0 (compatible; Googlebot/2.1; +” “-“ – – [26/Nov/2006:13:07:28 -0500] “GET /index.php?title=Special:Log&type=block&page=User:Sjqnlu HTTP/1.1” 200 2377 “-” “Mozilla/5.0 (compatible; Googlebot/2.1; +” “-“


      [ designer handbag kate replica spade] [ wholesale replica coach handbag] [ coach signature replica handbag wholesale] [ aaa replica handbag] [ aaa chloe handbag replica] [ aaa grade handbag replica] [ handbag lv replica wholesale] [ hermes handbag replica] [ cheap replica handbag] [ cheap replica chanel handbag] [ cheap replica coach handbag] [ cheap wholesale replica handbag] [ cheap designer replica handbag wholesale] [ replica chloe handbag] [ chloe handbag paddington replica] [ chloe designer handbag replica] [ fendi replica handbag] [ fendi and gucci replica handbag] [ wholesale designer replica handbag] [ replica designer handbag at wholesale prices] [ wholesale replica handbag] [ handbag wholesale replica watch] [ wholesale replica lv handbag] [ replica handbag wholesale price] [ replica chanel handbag] [ replica designer handbag chanel] [ discount chanel handbag replica] [ handbag louis replica theda vuitton] [ handbag louis replica shopping vuitton] [ bag image louis mirror replica vuitton] [ bag designer diaper replica] [ bag dior replica] [ bag christian dior replica] [ bag hermes replica] [ bag birkin hermes replica] [ bag burberry replica]
    • #10876

      I haven’t seen anything like this affecting wikis in particular, but this seems to be a variation on good old fashioned comment spam. 

    • #10877

      Yes I have seen this before on the message board on one of my websites. They spoofed there browser to gain access to area of sites that only allows GoogleBot. Look here for info

      I did see a hacking video awhile ago show you step by step how to surf the internet making your browsers “HTTP_USER_AGENT” report Googlebot. Here is a different link to resources

      There is talk to make bots verify them selfs but it might be hard to get search engines to do this. You can try to verify bots by there IP ranges.


    • #10878

      The thing is that source address( resolves back to google. So how did they spoof it? It would take a full established session to post data into a wiki. So what possibilities are there? That a real googlebot did this or that somebody was able to spoof the IP address and intercept the return traffic from my ISP’s webserver? Ideas?

    • #10879

      I would like to know how the logs work on the Wiki and then see if it is possiable to spoof the IP. I know on a LAN it is very easy but over the internet you need to be in the path or on a same subnet. The only other thing I can think of is that they Used the browers tweaks to send a fake IP. I think we would need to know more info on it to fully understand if it was a spoofing. You may want to e-mail google (not sure if they would reply) and see if they can explain it.


    • #10880

      You could try editing your robots.txt file. If it is a real googlebot then it will abide by the robots.txt file, but if it is a malicious bot then it will most likely ignore it.

    • #10881

      It is possible to get googlebot to do these kind of things, they’re all GET requests that you’ve posted there. Now I’ve no idea how you’d get it to carry session info, unless it’s all done within the arguments of the url.

      But a page of nefarious urls in a web page submitted to google to crawl and voila, googlebot’s the bad guy. I’ve seen it done with SQL injection.

Viewing 6 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.


Sign in with Caendra

Forgot password?Sign up

Forgot your details?