Posted by shimmyshack on 03/06/07 01:35

On Mar 5, 2:25 pm, "Ehsan" <haque.eh...@gmail.com> wrote:
> http://www.weberdev.com/get_example-4414.html
>
> Demo is athttp://gbl.bdwebwork.com/guestBook.phpwhich is a little
> modified version. Contact me if you want this version. Thank you.
>

This script it light and works well actually, but remember the danger
that comes in lightness.
I just visited the URLs and checked the online demo and the captcha
jpg is named after the letters in the image, so couldn't a robot that
parsed the html could just grab those letters and submit the form?
Also IU just downloaded the script and it needs updating for today's
hostile world I thought, as it stands the input validation needs
firming up or else someone could 0wn your website, eg. typing in

='"style=display:none

into the "web:" text field adds the stribute style with the value
"display: none;" into the link which obviously causes it to not show
up. Creativity is the only thing standing in the way of an attacker
0wning the rest of your site.
Off the top of my head if this comments page was inside the template
for your site an attacker could inject some code in there which could
attach itself to the onclick attribute of the "login" link and wait
for you to click it requesting the login page of your site and return
it but steal the password and username as you logged in; or this could
be used to just steal the cookie credentials of your logged in users
as they left comments on your site, and then roam round the site
spoofing someone else's session. (that includes the admin's session
ID!)

It is important when "looking for a very simple script" that you don't
leave all other considerations out of the equation. Time spent now is
worth it.

[Back to original message]