|
Posted by Dotan Cohen on 10/02/88 11:24
On 8/18/05, Cilliè <phake@sadomain.co.za> wrote:
> >> Notice that their "hack" contains a BCC to "mhkoch321@aol.com". Perhaps
> >> this is an email account set up by the "hacker".
> >
> > sorry, i'm a bit in the dark here. how did they manage to fill in bcc ?
> > you mean
> > that someone can spam from your site by bcc'ing messages to other mail
> > accounts ?
>
> whoops ! got a bit carried away there. sorry. but wouldn't a simple check
> in the length of the job title field , or a regex or something be able to
> prevent
> this asswell ? come to think of it, simply replacing all @'s with <at> will
> also solve the problem ..
Yes, that should be enough. Acually, I am not _sure_ that his trick is
succeeding in every case. But I think that it was in mine, because as
soon as I started blocking, I got a nasty email.
Go put a regex in your forms!
Dotan
http://lyricslist.com/lyrics/artist_albums/139/crow_sheryl.php
Sheryl Crow
Navigation:
[Reply to this message]
|