|
|
Posted by "Gustav Wiberg" on 09/19/05 09:26
----- Original Message -----
From: "David Tulloh" <david.tulloh@anu.edu.au>
To: "Gustav Wiberg" <gustav@varupiraten.se>
Cc: "PHP General" <php-general@lists.php.net>
Sent: Monday, September 19, 2005 8:19 AM
Subject: Re: [PHP] Mail-format...
> It looks like somebody is trying to launch an e-mail injection attack.
> Looking at your code, I don't think you are vulnerable.
>
> You can read more about e-mail injection at
> http://securephp.damonkohler.com/index.php/Email_Injection
> You could also send nasty e-mails to PeiCanteenMc@aol.com, telling them to
> stop trying to hack your website.
>
>
> David
>
>
> Gustav Wiberg wrote:
>
>> Hi there!
>>
>> I wonder why I get get these kind of mails (look down below in this mail)
>> I recieve them sometimes...
>> ...I have a code like this...
>>
>> $name = $_POST["frmNamn"];
>> $email = $_POST["frmEpost"];
>>
>> //Send mail that there is a new member
>> //
>> mail("info@stammis.com","Ny medlem - Stammis Internet","Namn: $name,
>> Epost:$email");
>>
>>
>>
>> /G
>> http://www.varupiraten.se/
>>
>>
>> Namn: wftmbsbwas@stammis.com
>> Content-Type: multipart/mixed; boundary=\"===============0158601545==\"
>> MIME-Version: 1.0
>> Subject: c1805938
>> To: wftmbsbwas@stammis.com
>> bcc: PeiCanteenMc@aol.com
>> From: wftmbsbwas@stammis.com
>>
>> This is a multi-part message in MIME format.
>>
>> --===============0158601545==
>> Content-Type: text/plain; charset=\"us-ascii\"
>> MIME-Version: 1.0
>> Content-Transfer-Encoding: 7bit
>>
>> aienglpcm
>> --===============0158601545==--
>> , Epost:wftmbsbwas@stammis.com
>>
>>
>
>
>
> --
> No virus found in this incoming message.
> Checked by AVG Anti-Virus.
> Version: 7.0.344 / Virus Database: 267.11.1/104 - Release Date: 2005-09-16
>
>
Ok, thanx!
/G
http://www.varupiraten.se/
Navigation:
[Reply to this message]
|