Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

sending a virus through form mail to attack and spam via sendmail?

Status
Not open for further replies.
spewn

spewn

Programmer
Joined
May 7, 2001
Messages
1,034
I have been notified by my hosting company that my accounts are spamming thousands of emails, and the culprit is a file that ends in .jv...i have no files with such extension.

i was reading on the internet and saw something that eluded to hackers being able to upload a malicious file using form mail, or a message box, and once submitted, it attacks and grabs hold replicating itself and sending emails via sendmail on unix.

anyone heard of this, and anyone have a known cure, fix or way to not allow this?

thanks.

- g
 
Sort by date Sort by votes
Normally your local email client is infected and no the http server or the mail server. But I guess it would be possible.

------------------------------------------
- Kevin, perl coder unexceptional! [wiggle]
 
Upvote 0 Downvote
Check any scripts you have written to make sure they are easy to take advantage of for things like that. If you allow uploads only allow certain extensions (.jpg,.gif,.png etc) and if you have pages that email check and make sure that they aren't easily hackable.

So many people use a generic script to send email that almost anyone could force it to do what you want. The most common one I see is a html page where all of the data is passed to a "dumb" perl script (It takes variable for everything and just does what the variables tell it to). The problem is the html page contains everything the perl script should probably have hard coded into it (where to send email, with what subject, who to make it from, what to put in the body) and so on. So if you find that (and the the .cgi file is usually the same name everywhere) you can just say and so on.. these type of tools should be avoided. If you want your site to send you email then hard code in the To address in the .pl/.cgi file so no one can take advantage of it.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[noevil]
Travis - Those Who Say It Cannot Be Done Are Usually Interrupted by Someone Else Doing It; Give the wrong symptoms, get the wrong solutions;
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

rob54321
  • Locked
  • Question Question
Perl how to read line from file with interpolation
Replies
6
Views
1K
rob54321
rob54321
ss_ham
  • Locked
  • Question Question
in Perl find call looking to exclude folder and ignore duplicate finds.
Replies
2
Views
707
ss_ham
ss_ham
Dino_1000
  • Locked
  • Question Question
Use the perl debugger to dump all the data in a string variable
Replies
0
Views
653
Dino_1000
Dino_1000
newbie1238585
  • Locked
  • Question Question
Perl how to read string in csv file * as wildcard operator
Replies
2
Views
814
mikrom
mikrom
dan
  • Locked
  • Question Question
add a variable to subject in formmail.pl
Replies
6
Views
817
feherke
feherke

Part and Inventory Search

Sponsor

Back
Top