[thelist] Email header injection
Liam Delahunty
liam at megaproducts.co.uk
Fri Nov 11 10:09:58 CST 2005
On 11/11/05, Kasimir K <evolt at kasimir-k.fi> wrote:
>
> Which makes me wonder: does the exploit script listen for any response?
> If so, would sending large amounts of garbage as a respons have any
> effect? And what are the resons not send garbage :-)
Because it's pointless, and bandwidth (+ costs).
I had a whole bunch of these a few weeks back, everything went quiet
and now another loads of attempts at almost every form on almost every
site. At least they've got a good spider!
Anyway, one simple addition to the form (this is in php) Just check if
the form has been submit ed from the web page.
if ($submit){
if ($HTTP_REFERER != $SCRIPT_URI){
reset($HTTP_POST_VARS);
while (list($key,$val) = each($HTTP_POST_VARS)){
$message .= "$key: $val\n";
}
// email admin / write to database
}else{
// deal with email normally...
// DON'T FORGET LOTS MORE ERROR CHECKING!!!
}
}
--
Kind regards,
Liam Delahunty
More information about the thelist
mailing list