possible form hacker

Forum Moderators: coopster

Message Too Old, No Replies

possible form hacker

neonpie

10:39 am on Apr 25, 2008 (gmt 0)

in the last few days i have had 3 emails come to me from contact forms that i have set up on 2 different sites. in all of the fields are a mash of letters and numbers with varied cases. so what - you get idiots doing this all the time, but it was the main details message that had aload of code in it.

are they trying to exploit something that i am not aware of (of forgotten about).

the form uses php for the mail function.

the first two i have deleted, but i have pasted below the code altering the urls to not give them any credit

RZyUTp zjfsjgeeocog, [url=http://example.com/]blahblah[/url], [link=http://example.com/]blahblah[/link], http://example.com/

barns101

1:01 pm on Apr 25, 2008 (gmt 0)

are they trying to exploit something that i am not aware of (of forgotten about).

I don't think so, it just looks like spam (i.e. they hope you'll follow the links and buy stuff or whatever).

I used to get emails like that all the time, so I added a content filter to prevent my contact form sending anything with "[url=http://" in the user input..

neonpie

1:32 pm on Apr 25, 2008 (gmt 0)

thanks barns101, that gives me a bit of reassurence and i like that filter idea. what do you do with that? do you just reject the form with an error message or just send the form but without the details in?
hmm - prob best reloading the page back to user with an error message telling them that they cant enter those details in the text area

g1smd

7:59 pm on Apr 25, 2008 (gmt 0)

The gibberish may be UTF-8 or some other character set with a message in some foreign language.