someone hacking my site?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
hessodreamy
Forum Commoner
Posts: 58
Joined: Wed Apr 20, 2005 8:11 am

someone hacking my site?

Post by hessodreamy »

I have a form on one of my pages with a little survey, and have been getting some strange results submitted, with every field being input as a gibberish email address from my domain name. eg "kgdsgkj@" & my domain. and one of them having the text from an email header.

This has been input even for radio boxes, so I know its not someone just typing stuff into the form. Is it a spider? Or a hacker?

Obviously a big slap round the face and a cry of 'validate your forms boy!' is warranted, and of course I'm gonna do that, but just wondered what was happening.

Cheers
User avatar
phpdevuk
Forum Contributor
Posts: 220
Joined: Mon Jul 04, 2005 5:31 am
Location: UK
Contact:

Post by phpdevuk »

think its a spammer trying to use your script to send their own email. Just block anything coming from you domain from going through and bung up a friendly error message telling them to get lost!

The post at viewtopic.php?p=200411#200411 is about this too.

I have had a few of these emails myself recently, and have gone through fitting all my contact scripts with stuff to stop it. I added a log file to record what was happening, and in my case the ip address turned out to be the asian information centre somewhere in singapore, lol.
hessodreamy
Forum Commoner
Posts: 58
Joined: Wed Apr 20, 2005 8:11 am

Post by hessodreamy »

Cool. Have read up on smtp injection.

I have validated the form to make sure the inputs variables from the radio boxes are the right values. This will prevent such rubbish being put into the database. I still have text fields though.

This script just writes into the database and the info is read on another page, So I dont think smtp injection is an issue here. But is there anything nasty they can do to the database?
User avatar
phpdevuk
Forum Contributor
Posts: 220
Joined: Mon Jul 04, 2005 5:31 am
Location: UK
Contact:

Post by phpdevuk »

wouldn't have though that there'd be much danger of that, have read before of ways of hacking poorly validated systems.

remember finding a site before that had 10 progressively different levels of hacking problems that you had to solve, from things like downloading a password file and includes, to inserting code in a form and getting it to execute, scary stuff.


this site is quite interesting if only for the amount of things that can be extracted from google http://johnny.ihackstuff.com
Post Reply