|
|
Posted by Martin Jay on 04/28/06 16:35
In message <ve-dnQNo9JQ-ms_ZnZ2dneKdnZydnZ2d@comcast.com>, Jerry Stuckle
<jstucklex@attglobal.net> writes
>Martin Jay wrote:
>> In message <XMednXc-99BGnM_ZnZ2dneKdnZydnZ2d@comcast.com>, Jerry
>>Stuckle <jstucklex@attglobal.net> writes
>>
>>> Martin Jay wrote:
>>>
>>>> Okay, that's good.
>>>> So in your HTML you'll have something like the:
>>>> <select name="subject">
>>>> <option value="Subject 1" SELECTED>Subject 1</option>
>>>> <option value="Subject 2">Subject 2</option>
>>>> <option value="Subject 3">Subject 3</option>
>>>> </select>
>>>> Just POST that off to your PHP script and then use the mail command:
>>>> $subject = $_POST['subject'];
>>>> /* It's probably a good idea to include this so you don't end up
>>>>with \'
>>>> and \" in the subject */
>>>> $subject = stripslashes($subject);
>>>> mail($to, $subject, $message);
>>> Do this and you will be ripe for becoming a spam relay. At a minimum
>>>you need to ensure there are no newline characters in the input.
>> Please explain why.
>Google "Email injection" for a lot more info. But basically - the user
>could enter something like:
>
> This is a spammer subject
> bcc: john@example.com, tom@example.com
>
>And so on. Quit easy to do - and used by a lot of spammers. Unsecured
>scripts are used by a lot of spammers. Try another search on
>
> spam formmail
>
>And see what pops up.
I (think) I understand the principle, but I cannot replicate it.
The 'hack' seems to rely on email being routed by the 'to,' 'cc,' and
'bcc' fields in its header, which is isn't. Well, not until it reaches
its destination, maybe.
I emailed Paul an example script earlier. I've also uploaded it to:
<http://www.spam-free.org.uk/pages/email_test.php>.
I would be interested to see how the spamming technique you mention can
be used with it. I have changed the form method from POST to GET to
make it easier to 'hack.'
--
Martin Jay
[Back to original message]
|