Yet, some cretin began using a form of mine for his spamming campaign.
I've seen two hijacking methods used.
One is simply adding email addresses to a header line already being used (To:, Cc:, and/or Bcc:). This can be done by putting multiple comma-separated email address into an email form field, for example. The following line can check that no more than one email address is in a form field that should only have one:
exit if $FORM{email} =~ /[EMAIL PROTECTED]@/s;Another method is to target any form field that will be used in any email header line (name, email, subject, whatever). The form field contains a junk value plus a line feed plus Cc: or Bcc: plus a whole list of email addresses, plus two line feeds, plus the hijacker's email body message. The following line can detect line feeds in a form field value:
exit if $FORM{subject} =~ /(?:[\n\r]|\%0[ad])+/si;Because referrer checks are no longer reliable, many form handling scripts don't use referrer information to check whether or not the form is being submitted from a restricted list of domain names. Thus, hijackers can save your form to their hard drives and change it however they please. INPUT TYPE="text" can be changed to TEXTAREA, for example. Once a vulnerable form is found, the form submission can be automated and done many times a minute, until a whole CD of millions of email addresses have been spammed from *your* server.
Will
-- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] <http://learn.perl.org/> <http://learn.perl.org/first-response>
