[Phpwm] Securing feedback forms
Ricky Hayes
ricky at domainarena.net
Tue Oct 31 17:54:30 GMT 2006
Yo.
I think that the problem is because of the 4th argument in the mail command
(the headers).
If they input their email address as:
joe at bloggs.com
it will pass this:
"From: joe <joe at bloggs>"
As the 4th argument.
If they type this into your site as their from address:
joe at bloggs.com\r\nBcc: spam <some at recipient.com>\r\n
then it'll add the From and Bcc: headers to your e-mail, and then send it to
a recipient of their choice.
So, basically, as has already been said, run your recipient's address
through a regex to make sure it's got no nasty chars (like returns,
newlines, less/greater than signs, semi colons etc).
You'll be solid then!
If you want a bit of code, just reply and I'll send you some.
-- Ricky
-----Original Message-----
From: phpwm-bounces at mailman.lug.org.uk
[mailto:phpwm-bounces at mailman.lug.org.uk] On Behalf Of Phil Beynon
Sent: 31 October 2006 16:07
To: phpwm at mailman.lug.org.uk
Subject: RE: [Phpwm] Securing feedback forms
> Hi all,
>
> I've got a few sites that have a simple feedback form to allow
> visitors to
> send feedback to a hard-coded recipient. I thought the form was
> secure such
> that spammers couldn't use it to send spam, but it seems I was
> wrong. Only
> one spam actually got sent (and it bounced) but a spammer has
> evidently found
> a way to insert arbitrary headers into the mails my form is
> generating (BCC
> etc.).
>
> My current code is here:
> http://pastebin.co.uk/4915
>
> (btw, what happened to the PHPWM pastebin?)
>
> I'm intending to add addslashes() to it, but apart from that is
> there anything
> else I can/should do to sanitise input?
>
> TIA,
> David.
More information about the Phpwm
mailing list