Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Form Misuse - Help!
- Thread starter JonMusto
- Start date
If it's the current script kiddie favourite PHP injection attack try doing this... not sure how effective it is, but it seems to work where I've implemented it.
It works by examining the fields in the form for the string "MIME-Version: " which is a bit of text used in these attacks.
If the string is found the script is stopped and a message displayed. I also get an email saying that an attempt was made.
Like I said, it's basic but it's enough to stop the script kiddies.
<honk>*:O)</honk>
Foamcow Heavy Industries - Web site design in Cheltenham and Gloucester
Buy Languedoc wines in the UK
It works by examining the fields in the form for the string "MIME-Version: " which is a bit of text used in these attacks.
If the string is found the script is stopped and a message displayed. I also get an email saying that an attempt was made.
Like I said, it's basic but it's enough to stop the script kiddies.
Code:
//Rudimentary check for email injection hack
//Add the fields used in your form in this case I am checking $flds['name'] etc.
if (eregi("MIME-Version: ", $flds['name'].$flds['email'].$flds['body'])) {
mail($flds['recAdd'], "Email injection attempt", "Attempted email injection on ".$sitename,"From: ".$sitename);
die('Spammers not welcome!');
}<honk>*:O)</honk>
Foamcow Heavy Industries - Web site design in Cheltenham and Gloucester
Buy Languedoc wines in the UK
- Thread starter
- #4
Thanks for all the help guys... TamedTech, here is the code. Foamcow, thanks i'll give that function a try.
<form id="enquiry" action="" name="enquiry" method="post">
<h2>Contact Form</h2>
<label><span>Your Name</span>
<input id="Name" name="name" type="text" value="Name"/>
</label>
<label><span>Telephone</span>
<input id="Telephone" name="telephone" type="text" value="Telephone"/>
</label>
<label><span>Email</span>
<input id="Email" name="email" type="text" value="Email"/>
</label>
<label><span>Address</span>
<textarea name="address" rows="5" id="Address">Your Address</textarea>
</label>
<label><span>Enquiry Details</span>
<textarea name="enquiry" rows="5" id="Enquiry"></textarea>
</label>
<input name="has_submit" type="hidden" value="true" />
<input type="submit" class="submit" name="submit" type="button" value="Submit Enquiry" />
</form>
<form id="enquiry" action="" name="enquiry" method="post">
<h2>Contact Form</h2>
<label><span>Your Name</span>
<input id="Name" name="name" type="text" value="Name"/>
</label>
<label><span>Telephone</span>
<input id="Telephone" name="telephone" type="text" value="Telephone"/>
</label>
<label><span>Email</span>
<input id="Email" name="email" type="text" value="Email"/>
</label>
<label><span>Address</span>
<textarea name="address" rows="5" id="Address">Your Address</textarea>
</label>
<label><span>Enquiry Details</span>
<textarea name="enquiry" rows="5" id="Enquiry"></textarea>
</label>
<input name="has_submit" type="hidden" value="true" />
<input type="submit" class="submit" name="submit" type="button" value="Submit Enquiry" />
</form>
Rob, what server side language are you using to process the form?
<honk>*:O)</honk>
Foamcow Heavy Industries - Web site design in Cheltenham and Gloucester
Buy Languedoc wines in the UK
<honk>*:O)</honk>
Foamcow Heavy Industries - Web site design in Cheltenham and Gloucester
Buy Languedoc wines in the UK
- Thread starter
- #7
Ahh... That would make more sense.. Doh!
Its PHP, he're is the specific function, you'll notice i'm trying foamcows logic, which i think should work as i did notice MIME: Version: in the attmepted attack, but anything to strengthen it further would be great, and always usefull in future:
//submit the contact us form
function contact_us(){
if(!isset($_POST['has_submit']) || $_POST['has_submit'] == 'False'){ //they havn't submit the form so display it
contact_us_form();
}else{ //they have submit the form
if(empty($_POST['name']) || empty($_POST['telephone']) || empty($_POST['email']) || empty($_POST['address']) || empty($_POST['enquiry'])){ //the fields are empty
echo "Please fill out the following fields first:<br /><ul>";
if (empty($_POST['name']))
echo "<li>Name</li>";
if (empty($_POST['telephone']))
echo "<li>Telephone</li>";
if (empty($_POST['email']))
echo "<li>E-Mail</li>";
if (empty($_POST['address']))
echo "<li>Address</li>";
if (empty($_POST['enquiry']))
echo "<li>Enquiry Details</li>";
echo "</ul>";
contact_us_form();
}else{ //everything is filled in
if (!check_email_address($_POST['email'])){
echo "Your email address in not valid...";
contact_us_form();
}else{ //everything is good, lets submit the enquiry
$name=$_POST['name'];
$telephone=$_POST['telephone'];
$email=$_POST['email'];
$address=$_POST['address'];
$enquiry=$_POST['enquiry'];
$reciever="xxx@yyyy.co.uk";
$subject="New on-line enquiry";
//Rudimentary check for email injection hack
if (eregi("MIME-Version: ", $name.$telephone.$email.$address.$equiry.$reciever.$subject)) {
mail("xxxx@yyyy.co.uk", "xxx - Email injection attempt", "Attempted email injection on yyyy.co.uk");
die('Spammers not welcome!');
}else{
$url = (isset($HTTP_HOST)) ? " : " //if the server doesn't have it set, set the site root
$body="A new online enquiry has been submitted, details below:
Name: $name
Telephone: $telephone
Email: $email
Address:
$address
$enquiry";
$headers = 'From: xxx <xxx@yyy.co.uk>' . "\r\n" .'Reply-To: xxx@yyy.co.uk' . "\r\n" . 'X-Mailer: PHP/' . phpversion();
if (mail($reciever, $subject, $body, $headers)){
echo "Enquiry Successfully Sent...";
}else{
echo "Enquiry not sent, please try again...";
contact_us_form();
}
}
}
}
}
} //end of contact us
Its PHP, he're is the specific function, you'll notice i'm trying foamcows logic, which i think should work as i did notice MIME: Version: in the attmepted attack, but anything to strengthen it further would be great, and always usefull in future:
//submit the contact us form
function contact_us(){
if(!isset($_POST['has_submit']) || $_POST['has_submit'] == 'False'){ //they havn't submit the form so display it
contact_us_form();
}else{ //they have submit the form
if(empty($_POST['name']) || empty($_POST['telephone']) || empty($_POST['email']) || empty($_POST['address']) || empty($_POST['enquiry'])){ //the fields are empty
echo "Please fill out the following fields first:<br /><ul>";
if (empty($_POST['name']))
echo "<li>Name</li>";
if (empty($_POST['telephone']))
echo "<li>Telephone</li>";
if (empty($_POST['email']))
echo "<li>E-Mail</li>";
if (empty($_POST['address']))
echo "<li>Address</li>";
if (empty($_POST['enquiry']))
echo "<li>Enquiry Details</li>";
echo "</ul>";
contact_us_form();
}else{ //everything is filled in
if (!check_email_address($_POST['email'])){
echo "Your email address in not valid...";
contact_us_form();
}else{ //everything is good, lets submit the enquiry
$name=$_POST['name'];
$telephone=$_POST['telephone'];
$email=$_POST['email'];
$address=$_POST['address'];
$enquiry=$_POST['enquiry'];
$reciever="xxx@yyyy.co.uk";
$subject="New on-line enquiry";
//Rudimentary check for email injection hack
if (eregi("MIME-Version: ", $name.$telephone.$email.$address.$equiry.$reciever.$subject)) {
mail("xxxx@yyyy.co.uk", "xxx - Email injection attempt", "Attempted email injection on yyyy.co.uk");
die('Spammers not welcome!');
}else{
$url = (isset($HTTP_HOST)) ? " : " //if the server doesn't have it set, set the site root
$body="A new online enquiry has been submitted, details below:
Name: $name
Telephone: $telephone
Email: $email
Address:
$address
$enquiry";
$headers = 'From: xxx <xxx@yyy.co.uk>' . "\r\n" .'Reply-To: xxx@yyy.co.uk' . "\r\n" . 'X-Mailer: PHP/' . phpversion();
if (mail($reciever, $subject, $body, $headers)){
echo "Enquiry Successfully Sent...";
}else{
echo "Enquiry not sent, please try again...";
contact_us_form();
}
}
}
}
}
} //end of contact us
- Status
Similar threads
- Locked
- Question