[ic] DDoS (Distributed Denial of Service) attack causing interchange to fail

Wed Aug 6 17:06:51 UTC 2025

Basic valid.html


[tmp page_title]
Verify Captcha
[/tmp]
<!-- #__NOLEFT_TOP__ -->
<H1>Verify that you are a real human</H1>
<form action="[process secure=1]" method=POST name="verify" 
class="form-horizontal">
[form-session-id]
<input type="hidden" name="mv_doit"      value="refresh">
<P>

Verify <input type=checkbox name="[mv_verified]" 
onclick="this.form.action='[process]', this.form.submit()" value=1>   # 
action should probably be a return rather than process

</P>
</form>
<!-- #__NOLEFT_BOTTOM__ -->
<!-- current page: @@MV_PAGE@@ -->


David


On 8/6/25 11:53, davideth at whojamadoogle.com wrote:
> I have done some looking and thing that this is the best place to 
> insert  sending a human recognizable checkbox. I have not tested as of 
> yet.
>
> David
>
>
> sub new_session {
>     my($seed) = @_;
>     my($name);
>
> #::logDebug ("new session id=$Vend::SessionID name=$Vend::SessionName 
> seed=$seed");
>
> ::logError("session name checkbox sent");    # 5 Aug 2025 DLE
>
> #  Insert verify file here   ???                    !!!!!!!!!
> #  Send the verification file valid.html from the special_page directory
> #  If the page does not return with checkbox checked, process dies
>
>
>     open_session();
>     for (;;) {
>         unless (defined $seed) {
>             $Vend::SessionID = 
> random_string($::Limit->{session_id_length} ||= 8);
>             undef $Vend::CookieID;
>         }
>         undef $seed;
>         if (is_retired($Vend::SessionID)) {
>             retire_id($Vend::SessionID);
>             next;
>         }
>         $name = session_name();
>         unless ($File_sessions) {
>             lock_session($name);
>             last unless defined $Vend::SessionDBM{$name};
>             unlock_session($name);
>         }
>         else {
>             last unless exists $Vend::SessionDBM{$name};
>         }
>     }
>     $Vend::new_session = 1;
>     count_ip(1) if $Vend::Cfg->{RobotLimit};
>     undef $Vend::Cookie;
>     $Vend::SessionName = $name;
>
>
>
> ::logError("session name now $Vend::SessionName");    # 5 Aug 2025 DLE
>
>     init_session();
>
>
>