You are here: Re: Hacked By Spammer « All PHP « IT news, forums, messages
Re: Hacked By Spammer

Posted by Tyrone Slothrop on 01/10/06 16:24

On Tue, 10 Jan 2006 15:24:07 +0800, Dan
<dan@dontspammecauseidontlikit.com> wrote:

>
>
>I had a php script running under Apache web server on a Debian Linux
>box. The script used a form to send me email using the 'mail'
>routine. Somehow a spammer managed to hijack the script to send spam.
>
>My first question I have, is how did he do it? I've included the
>script below.
>
>My second question is, how do I set up an -unhackable form and how do
>I test that it's safe? I don't want to have the email address on the
>web page.

A spammer used a form on one of my client's sites to send the spam by
entering headers into the textarea of the form, including a large
number of BCC's and an HTML formated message. I stopped it by
evaluating the text from that field searching for a Bcc: line and
killing the mail command if positive.

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация