[thelist] Email header injection

Liam Delahunty liam at megaproducts.co.uk
Fri Nov 11 10:09:58 CST 2005


On 11/11/05, Kasimir K <evolt at kasimir-k.fi> wrote:
>
> Which makes me wonder: does the exploit script listen for any response?
> If so, would sending large amounts of garbage as a respons have any
> effect? And what are the resons not send garbage :-)

Because it's pointless, and bandwidth (+ costs).

I had a whole bunch of these a few weeks back, everything went quiet
and now another loads of attempts at almost every form on almost every
site. At least they've got a good spider!

Anyway, one simple addition to the form (this is in php) Just check if
the form has been submit ed from the web page.

if ($submit){
  if ($HTTP_REFERER != $SCRIPT_URI){
    reset($HTTP_POST_VARS);
    while (list($key,$val) = each($HTTP_POST_VARS)){
      $message .= "$key: $val\n";
    }
    // email admin / write to database
  }else{
    // deal with email normally...
    // DON'T FORGET LOTS MORE ERROR CHECKING!!!
  }
}

--
Kind regards,
Liam Delahunty



More information about the thelist mailing list