Injections are still there, but fewer!

Forum Moderators: phranque

Message Too Old, No Replies

Injections are still there, but fewer!

URL in PHP code, will this exploit or make vulnerable?

bartainer

12:10 am on Sep 12, 2005 (gmt 0)

Hello,

This is like banging my head against a brick wall! I need to resolve this!

I have a link in the PHP code e.g.: $m -> Subject ("webmasterworld.com - Information Request"); Could this be part of the problem?

zpeed

10:24 am on Sep 12, 2005 (gmt 0)

I might not be getting your question, to prevent injektion do eregi on the posts, here's an example:

if(!(eregi("(Content-Type)¦(MIME-Version)¦(Content-Disposition)¦(\n)¦(%0A)¦(0x0A)¦(\r)¦(0x0D)¦(%0D)",$Post1.$Post2.$Post3...)))
mail(..);

bartainer

12:53 pm on Sep 12, 2005 (gmt 0)

I'm not an expert with PHP, however. Are you saying e.g. the post should be renamed to match the variables?

zpeed

9:52 pm on Sep 12, 2005 (gmt 0)

Exactly,

if you have a form with the input elements: From, Subject and Message you would want this expression to send the message as text/html:


<?php
if(!(eregi("(Content-Type)Ś(MIME-Version)Ś(Content-Disposition)Ś(\n)Ś(%0A)Ś(0x0A)Ś(\r)Ś(0x0D)Ś(%0D)",$_POST['From'].$_POST['Subject'])) &&!(eregi("(Content-Type)Ś(MIME-Version)Ś(Content-Disposition)",$_POST['Message']))
{
$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\r\n";
$headers .= "From: $_POST[From]\r\n";
mail("YourOwn@Email.Adress", $_POST['Subject'], $_POST['Message'], $headers);
} 
else echo "You have tried injektion this form, bugg off!";
?>

I hope i didn't mess anything up, i wrote it now so there might be a parse error or missing letter, i bet you'll solve that though.
Hopefully this will be of use for you, good luck!