954,591 Members — Technology Publication meets Social Media
Username:
Password:
Lost login information?
Have something to say? Contribute New Article Reply to this Article
5 Years Ago
0

Abuse of a PHP contact script

Hi -

I have had a message today from my hosting company to tell me that one of the sites on my hosting account is having it's php code abused. Apparently someone is manipulating the php code from the contact form to allow them
to add Bcc addresses.

Any ideas on what I need to do to close this loop hole?

Thanks.

Znojmic
Newbie Poster
3 posts since Dec 2006
Reputation Points: 10
Solved Threads: 0
 
5 Years Ago
0

Post the content of the file, please. Enclose it in the [code] tags. :)

DennisP
Newbie Poster
23 posts since Oct 2006
Reputation Points: 10
Solved Threads: 0
 
5 Years Ago
0

First thing you need to do is disable the script that is being comprimised. I have dealt with this issue and you do not want to be blacklisted;)

The problem is that they inject line feeds and the code for the up and left arrow key to insert for example a bcc. Take a look here, to solve the line feed. http://www.gerd-riesselmann.net/archives/2005/09/sending-spam-through-contact-forms

The up arrow and stuff is a little bit harder to fix. I can't give out the code unfortunatly cause I did not write it.... But with some Googleling you could find something.

I hope you get your forms safe again.

remcov
Light Poster
33 posts since Dec 2006
Reputation Points: 10
Solved Threads: 0
 

This article has been dead for over three months

Post: Markdown Syntax: Formatting Help
You
 
© 2012 DaniWeb® LLC
Home | About Us | Contact Us | Terms of Service | Advertising Opportunities
RSS Feed RSS Feed