[thelist] Email header injection

Chris Dorer cdorer at gmail.com
Fri Nov 11 10:14:17 CST 2005


Can't you just spoof the referer from firefox. Sometimes it's blank b/c you
config'd ff not to send the referer

On 11/11/05, Liam Delahunty <liam at megaproducts.co.uk> wrote:
>
> On 11/11/05, Kasimir K <evolt at kasimir-k.fi> wrote:
> >
> > Which makes me wonder: does the exploit script listen for any response?
> > If so, would sending large amounts of garbage as a respons have any
> > effect? And what are the resons not send garbage :-)
>
> Because it's pointless, and bandwidth (+ costs).
>
> I had a whole bunch of these a few weeks back, everything went quiet
> and now another loads of attempts at almost every form on almost every
> site. At least they've got a good spider!
>
> Anyway, one simple addition to the form (this is in php) Just check if
> the form has been submit ed from the web page.
>
> if ($submit){
> if ($HTTP_REFERER != $SCRIPT_URI){
> reset($HTTP_POST_VARS);
> while (list($key,$val) = each($HTTP_POST_VARS)){
> $message .= "$key: $val\n";
> }
> // email admin / write to database
> }else{
> // deal with email normally...
> // DON'T FORGET LOTS MORE ERROR CHECKING!!!
> }
> }
>
> --
> Kind regards,
> Liam Delahunty
> --
>
> * * Please support the community that supports you. * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
>



More information about the thelist mailing list