On Fri, Mar 29, 2002 at 04:06:54PM -0800, Craig Hughes wrote:
| Something like:
|
| POST /path/to/script HTTP/1.1\r\n
| Host: foo.bar.com\r\n
| scriptvar=value\r\n
| scriptvar=value\r\n
| \r\n
Ahh, part of the headers. I read somewhere that it was sent to CGI
scripts on stdin, but maybe the web
Something like:
POST /path/to/script HTTP/1.1\r\n
Host: foo.bar.com\r\n
scriptvar=value\r\n
scriptvar=value\r\n
\r\n
I think. You can run netcat in listen mode:
nc -l -p 9876
Then from another terminal run wget/curl against it
curl -d 'scriptvar=test' http://localhost:9876/fake/path/script.c
Try "nc" instead of "netcat" -- the nice thing about netcat/nc is that
you can pipe input to it and pipe output from it, which telnet can't.
Also, it doesn't try to negotiate telnet options, which some telnets do
sometimes.
C
On Fri, 2002-03-29 at 02:09, Olivier Nicole wrote:
> mail60: netcat
>
Whoops - not a filter, just a slow server. Sorry about the redundant
post.
-- sidney
___
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
This is a resend. It appears that the mailing list software on
sourceforge filters out mail that contains the formmail.cgi signature
and it dropped my message which contained a quote of some formmail.cgi
output :-)
On Fri, 2002-03-29 at 11:05, dman wrote:
> If the spammer can send me the spam, wh
On Fri, 2002-03-29 at 11:05, dman wrote:
> If the spammer can send me the spam, why can't I send
> the listme request?
Actually, now that I have taken another look at
http://dsbl.org/faq-help.html
I see that you can. I thought the "specially formatted" message had
something in the headers. All i
On Fri, Mar 29, 2002 at 08:04:51AM -0800, Sidney Markowitz wrote:
| dman <[EMAIL PROTECTED]>
| > The trick is to make the script put the data we want it to
| > in the body of the message :-).
|
| Exactly -- I doubt it is possible.
If the spammer can send me the spam, why can't I send the listme
dman <[EMAIL PROTECTED]>
> The trick is to make the script put the data we want it to
> in the body of the message :-).
Exactly -- I doubt it is possible.
If you really want to see what you are dealing with, download the formmail.cgi script
itself that the site is using from
http://www.agn-e.co
On Thu, Mar 28, 2002 at 08:49:23PM -0800, Sidney Markowitz wrote:
| "dman" <[EMAIL PROTECTED]> said:
| > So I'm trying to exploit the script to make the site blacklist
| > itself at dsbl.org. I found a form on the site with the action
| > as "/cgi-bin/formmail.cgi".
|
| It's easy enough to find
On Fri, Mar 29, 2002 at 05:09:00PM +0700, Olivier Nicole wrote:
| mail60: netcat
| netcat: Command not found.
| mail61:
|
| so what next?
root@dman # apt-get install netcat #
| Telnet works pretty well for the purpose of simulating TCP protocols
| by hand.
Right, but
| So in that case, tha
mail60: netcat
netcat: Command not found.
mail61:
so what next?
Telnet works pretty well for the purpose of simulating TCP protocols
by hand. So in that case, that was simulating HTTP protocol.
Olivier
> That's not HTTP. You meant:
>
> $ echo -e 'GET /path/to/script.cgi HTTP/1.0\r\n\r\n' |
That's not HTTP. You meant:
$ echo -e 'GET /path/to/script.cgi HTTP/1.0\r\n\r\n' | netcat
www.example.com 80
or
$ echo -e 'GET /path/to/script.cgi HTTP/1.1\r\nHost:
www.example.com\r\n\r\n' | netcat www.example.com 80
Of course wget or curl is a lot easier. For posting something, you can
us
Also, SA has absolutely nothing to do with this. It just happens to be
some people who use SA discussing how to do it. It's not part of SA,
and won't be.
C
On Thu, 2002-03-28 at 20:20, Theo Van Dinter wrote:
> On Thu, Mar 28, 2002 at 08:57:12PM -0700, Michael Moncur wrote:
> > If anyone's worr
On Fri, Mar 29, 2002 at 02:01:56PM +0700, Olivier Nicole wrote:
| > (I don't know HTTP that well, just enough to issue a v1.0 GET
|
| Try:
|
| telnet www.agn-e.com 80
| GET /cgi-bin/formmail.cgi 80
| Host: www.agn-e.com
|
| It works.
Cool, it does.
| (took me some time to figure out the synt
> (I don't know HTTP that well, just enough to issue a v1.0 GET
Try:
telnet www.agn-e.com 80
GET /cgi-bin/formmail.cgi 80
Host: www.agn-e.com
It works. (took me some time to figure out the syntax of the Host:
header and it is not documented)
Olivier
__
"dman" <[EMAIL PROTECTED]> said:
> So I'm trying to exploit the script to make the site blacklist
> itself at dsbl.org. I found a form on the site with the action
> as "/cgi-bin/formmail.cgi".
It's easy enough to find the details of the exploits of formmail.cgi version 1.9 and
less using a Googl
On Thu, Mar 28, 2002 at 08:57:12PM -0700, Michael Moncur wrote:
> If anyone's worried about legal action against SpamAssassin, this is probably
> just the sort of post that we should keep off this list...
Why? This isn't SA trying to send mail through the server? It's not even an
exploit since
> So I'm trying to exploit the script to make the site blacklist itself
> at dsbl.org. I found a form on the site with the action as
> "/cgi-bin/formmail.cgi". If I use 'wget' on that full URL, I get a
> web page back that says "formmail 1.6 by Matt Wright". However, if I
> use telnet and try t
On Fri, Mar 29, 2002 at 10:13:59AM +0700, Olivier Nicole wrote:
> > However, if I
> >use telnet and try to GET or POST it, I'm told it doesn't exist.
>
> Humm, I suspect a HTTP protocol version problem.
> When you telnet, do you specify any HTTP version on the GET command?
I did a quick search a
On Fri, Mar 29, 2002 at 03:56:25AM +0100, Tony L. Svanstrom wrote:
|
| Go find that script on the web and you'll see that you can make it
| send to any address at all; the script will show you what values to
| use.
Precisely. But if the httpd gives back a 404, you can't do anything
with it.
|
On Fri, Mar 29, 2002 at 10:13:59AM +0700, Olivier Nicole wrote:
| > However, if I
| >use telnet and try to GET or POST it, I'm told it doesn't exist.
|
| Humm, I suspect a HTTP protocol version problem.
Could be. I might have to use a real http library instead of a raw
socket.
| When you telne
> However, if I
>use telnet and try to GET or POST it, I'm told it doesn't exist.
Humm, I suspect a HTTP protocol version problem.
When you telnet, do you specify any HTTP version on the GET command?
Olivier
___
Spamassassin-talk mailing list
[EMAIL
Go find that script on the web and you'll see that you can make it send to any
address at all; the script will show you what values to use.
/t
PS it is possible that this is an updated version that isn't that easy, but,
hey, gotta try to find out...
On Thu, 28 Mar 2002 the voices made
Ok, you saw my post about www.agn-e.com having formmail.pl (v 1.6 no
less) on their web server. The first Recieved: header in the spam
gives webserver.agn-e.net as the hostname.
So I'm trying to exploit the script to make the site blacklist itself
at dsbl.org. I found a form on the site with t
24 matches
Mail list logo
