PHP Web Email Form hacks

No explicit questions like "how do I hack xxx.com" please!
Post Reply
User avatar
maboroshi
Dr. Mab
Dr. Mab
Posts: 1602
Joined: 28 Aug 2005, 16:00
15

PHP Web Email Form hacks

Post by maboroshi »

I built a web site for a customer which has a Mail from form script the last couple days she has been getting email delivered to her address from strange email addresses but with her email extension @hername

the contents of the email contain

This is a multi-part message in MIME format.

--===============2102142431==
Content-Type: text/plain; charset=\"us-ascii\"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit

dkettge
--===============2102142431==--

Just want to make sure people aren't using her form to send email to other computers

I am not entirely sure whats going on if its an exploit in the PHP code or server or if its just my imagination

Any ideas and do I need to be worried if you know what this is all about I would appreciate hearing from you


Cheers

User avatar
bad_brain
Site Owner
Site Owner
Posts: 11533
Joined: 06 Apr 2005, 16:00
15
Location: The zone.
Contact:

Post by bad_brain »

Hm, the MIME-type just tells the computer what kind of file (email,exe,jpg,etc...) it is, so the machine knows how to handle it. If it´s a PHP-form you usually don´t need a email-client to send a mail, so the mail gets sent from your own MX-server to yourself. Could you post the form source code? I´m not a PHP expert, but maybe there´s an error in the settings... Oh,and checked the email-headers? They will give you a hint what happened... :wink:

User avatar
ramnarayan
forum buddy
forum buddy
Posts: 13
Joined: 01 Sep 2005, 16:00
15

Post by ramnarayan »

Hi,

Not sure if I understood this right.

Does the form use a perl script <ex: contact.pl>? If that is the case, then there is a particular exploit which uses this to send spam to ids.

Read about this some time back, but not sure about the solution to this though. :cry:

RN

Post Reply