Quick Login   
 
Register AdminFusion Tutorials Post Fusion Forum Matrix
 
Go Back AdminFusion » Management » Security and Legal Issues » Duplicate accounts... how are they doing this?!
Reply
 
LinkBack
Old 09-05-2006, 12:03 AM   #1
Apprentice
 
PC101's Avatar
 
Join Date: Aug 2006
Posts: 235
PC101 will become famous soon enough
Send a message via MSN to PC101 Send a message via Yahoo to PC101
Duplicate accounts... how are they doing this?!

Hey y'all,

I've got a real problem and I can't figure out how these buggers are doing it! Last week I had a guy sign up and create TWO accounts with the same name, address, same IP, and everything. Thinking it was a fluke, I deleted member account #327 and told him not to create duplicate accounts. After learning he's been doing this all over the place, I went a head and banned him!

PC101 Computer Forum View Profile #327 : BebopVT <-- I just deleted this one.
PC101 Computer Forum View Profile #328 : BebopVT

Now, it's happening again...

PC101 Computer Forum View Profile #333: Shemker394 -- shemker394[at]freestuffo1(dot).com
PC101 Computer Forum View Profile #334: Shemker394 -- shemker394[at]freestuffo1(dot).com

And I have one more guy who email is coming from the same .com as these first two except for the last digit...

PC101 Computer Forum View Profile #335 : LClan439 -- lclan439[at]freestuffo2(dot).com

Note too... all three are coming from the same IP addres too!

I've placed these last three under miserable user rather than delete them so maybe y'all can see what I mean and tell me what's going on.

The other thing that's weird is my "Multiple Login Detector" hack is NOT sending me alerts!

Any feedback will be appreciated!

Lyte
__________________

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
PC101 is offline   Reply With Quote
Old 09-05-2006, 12:06 AM   #2
Forum Addict

 
Join Date: Jul 2006
Location: Baton Rouge, LA
Posts: 1,435
Get Shorty has much to be proud ofGet Shorty has much to be proud ofGet Shorty has much to be proud ofGet Shorty has much to be proud ofGet Shorty has much to be proud ofGet Shorty has much to be proud ofGet Shorty has much to be proud ofGet Shorty has much to be proud of
Send a message via AIM to Get Shorty Send a message via Yahoo to Get Shorty
Are they putting spaces at the end of the username?
__________________

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.


To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.


To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
Get Shorty is offline   Reply With Quote
Old 09-05-2006, 04:15 AM   #3
Apprentice
 
Join Date: Aug 2006
Location: Crownsville, MD
Posts: 277
bmelton is a jewel in the roughbmelton is a jewel in the roughbmelton is a jewel in the rough
Send a message via AIM to bmelton Send a message via MSN to bmelton Send a message via Yahoo to bmelton
The following phrases mean the same thing visually, but are different programmatically:
Jelly
JellALT+0121

It looks like you're using an older version of vBulletin, so you might want to upgrade. Might have been a parsing update since 3.5.3 that fixes the ability to do that.

Just a guess, but that's the most likely candidate I can think of.
__________________

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
- Comic, SciFi, Games, Movies and TV Community.
bmelton is offline   Reply With Quote
Old 09-05-2006, 05:37 AM   #4
Apprentice
 
PC101's Avatar
 
Join Date: Aug 2006
Posts: 235
PC101 will become famous soon enough
Send a message via MSN to PC101 Send a message via Yahoo to PC101
I don't think it's spacing thing because I tried to create two accounts of the same name, with one using a space.... didn't work.

Plus! When I tried to use the same email twice, VB wouldn't allow it.

What exactly does this mean... " Might have been a parsing update since 3.5.3 that fixes the ability to do that."

I'm running 3.5.3 right now. It isn't that old... is it??

Lyte
__________________

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
PC101 is offline   Reply With Quote
Old 09-05-2006, 05:42 AM   #5
Forum Addict

 
Join Date: Jul 2006
Location: Baton Rouge, LA
Posts: 1,435
Get Shorty has much to be proud ofGet Shorty has much to be proud ofGet Shorty has much to be proud ofGet Shorty has much to be proud ofGet Shorty has much to be proud ofGet Shorty has much to be proud ofGet Shorty has much to be proud ofGet Shorty has much to be proud of
Send a message via AIM to Get Shorty Send a message via Yahoo to Get Shorty
Quote:
Originally Posted by PC101 View Post
I'm running 3.5.3 right now. It isn't that old... is it??
Not terribly, but why not upgrade to the latest and greatest?
__________________

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.


To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.


To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
Get Shorty is offline   Reply With Quote
Old 09-05-2006, 02:55 PM   #6
Apprentice
 
Join Date: Aug 2006
Location: Crownsville, MD
Posts: 277
bmelton is a jewel in the roughbmelton is a jewel in the roughbmelton is a jewel in the rough
Send a message via AIM to bmelton Send a message via MSN to bmelton Send a message via Yahoo to bmelton
3.5.3 isn't THAT old, no, but age isn't really a factor in software so much as what's been fixed since your version. If the reason they're able to sneak duplicates past you is because you're using an older version, then it's worth it to upgrade I would think.
__________________

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
- Comic, SciFi, Games, Movies and TV Community.
bmelton is offline   Reply With Quote
Old 09-05-2006, 03:01 PM   #7
Chadwick ≥ Cadence
 
Adam's Avatar
 
Join Date: Sep 2005
Posts: 1,639
Adam has a brilliant futureAdam has a brilliant futureAdam has a brilliant futureAdam has a brilliant futureAdam has a brilliant futureAdam has a brilliant futureAdam has a brilliant futureAdam has a brilliant futureAdam has a brilliant futureAdam has a brilliant futureAdam has a brilliant future
y = y
^ ^
alt+121 y

Is what bmelton was saying and I am not sure if they can do this in 3.6 but it is worth a shot to atleast check in a test board, right?
__________________

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

Adam is offline   Reply With Quote
Old 09-05-2006, 03:25 PM   #8
daviddamian.com
 
RedMatrix's Avatar
 
Join Date: Feb 2006
Location: back in TX
Posts: 4,043
RedMatrix has a reputation beyond reputeRedMatrix has a reputation beyond reputeRedMatrix has a reputation beyond reputeRedMatrix has a reputation beyond reputeRedMatrix has a reputation beyond reputeRedMatrix has a reputation beyond reputeRedMatrix has a reputation beyond reputeRedMatrix has a reputation beyond reputeRedMatrix has a reputation beyond reputeRedMatrix has a reputation beyond reputeRedMatrix has a reputation beyond reputeRedMatrix has a reputation beyond reputeRedMatrix has a reputation beyond reputeRedMatrix has a reputation beyond reputeRedMatrix has a reputation beyond repute
Send a message via ICQ to RedMatrix Send a message via MSN to RedMatrix
I know for certain that version 3.6 offers you a place to place ASCII codes you want to block, such as the ASCII code for a space. Any letter is either a key press, or alt+ code. To the naked eye, they are the same, but to software, they are different. [just like the numbers above the QWERTYUIOP are different than the 10-key pad]

If the culprit used an ASCII code in their email and name, then the software thinks they are different.
__________________

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
- Free 3 day course
RedMatrix is offline   Reply With Quote
Old 09-05-2006, 04:27 PM   #9
Apprentice
 
PC101's Avatar
 
Join Date: Aug 2006
Posts: 235
PC101 will become famous soon enough
Send a message via MSN to PC101 Send a message via Yahoo to PC101
Morning y'all,

This is VERY educational. Thanks! I wasn't aware of this design flaw. I do think it's odd that Jelsoft would not make preventing this sneaky registration standard on all their software. I'll have to see if there's a way to prevent this on 3.5.3 without upgrading to 3.6

I've been considering upgrading but I'm told it would mean loosing my skin and possibly some of my mods. I don't have the time or money to retool the whole friggin' site!

Thanks agian!

Lyte
__________________

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
PC101 is offline   Reply With Quote
Old 09-05-2006, 04:42 PM   #10
Apprentice
 
Join Date: Aug 2006
Location: Crownsville, MD
Posts: 277
bmelton is a jewel in the roughbmelton is a jewel in the roughbmelton is a jewel in the rough
Send a message via AIM to bmelton Send a message via MSN to bmelton Send a message via Yahoo to bmelton
Versioning is something that happens as they fix bugs. In an ideal world, vBulletin 1.0 would have all the security features of 3.6, but in reality, they moved from 1.0 to 1.1, 1.2, 2.0, etc. because they were fixing things in the process.
__________________

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
- Comic, SciFi, Games, Movies and TV Community.
bmelton is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

 
Posting Rules

Similar Threads
Thread Thread Starter Forum Replies Last Post
Getting around Google's duplicate content filter by analyzing various statistics ohc Search Engine Optimization 3 05-05-2006 05:43 PM

AdminFusion

All times are GMT +1. The time now is 07:08 AM. Powered by vBulletin® Version 3.8.2
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.2.0

© 2009 AdminFusion | Advertising Opportunities | Legal | A member of the Crowdgather Forum Community
 
From:
Title:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77