[nycphp-talk] worm/virus's hammering feedback scripts?
Daniel Convissor
danielc at analysisandsolutions.com
Mon Sep 12 15:08:08 EDT 2005
Hi Billy:
On Mon, Sep 12, 2005 at 02:36:19PM -0400, Billy Reisinger wrote:
> In fact, the attacker can stop a mail message in the
> middle of the message body and begin an entirely new message! For a
> more thorough (and cogent) explanation of this vulnerability, head on
> over to http://securephp.damonkohler.com/index.php/Email_Injection .
Huh?! Insert headers in the middle of the message body?! That doesn't
make sense to me. I believe you're misinterpreting the article you
mention. Perhaps I misunderstand things, but the way I see it, I can
write "Content-Type: <whatever>" in the middle of message until my fingers
fall off and it won't have any impact. The problem is inserting that into
the headers.
On Mon, Sep 12, 2005 at 02:38:23PM -0400, Billy Reisinger wrote:
> This eregi() is a good start - but like I said in a previous post, ALL
> variables should be checked this way, including subject and message!
> The cruel nature of this hack is that it works anywhere in the mail()
> function.
My (buggy, someone please fix it, I'm short on time now) pseudo-code
clears invalid characters from the subject and name plus if the email
address is bogus, halts execution.
--Dan
--
T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
data intensive web and database programming
http://www.AnalysisAndSolutions.com/
4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409
More information about the talk
mailing list