Re: Scary nonsense form submissions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



For badness, you could have an automated gif with a couple of numbers the user has to authenticate the form. If not complete or correct, add a header and send them to http://localhost/404.htm. Real nasty and will tie up their machine long enough.
John


Brian Dunning wrote:

Hi all -

I have forms on a number of unrelated web sites that just send me an email for one purpose or another. There are 2 to 6 fields: name, email, comment, etc. No big deal.

Recently I've been getting a lot of weird submissions. I'll receive half a dozen at a time, with all the fields filled with some kind of garbage contents. Here is one example from a form on my americansubstandard.com site:

---snip---
COMMENT: ngeiszka@xxxxxxxxxxxxxxxxxxxxxxx
NAME: ngeiszka@xxxxxxxxxxxxxxxxxxxxxxx
---/snip---

Other times one of the fields will contain a complete multipart submission, like this:

---snip---
COMMENT: jhynvyf@xxxxxxxxxxxxxxxxxxxxxxx
NAME: jhynvyf@xxxxxxxxxxxxxxxxxxxxxxx
Content-Type: multipart/mixed; boundary=\"===============1655480186==\"
MIME-Version: 1.0
Subject: e8df6b7
To: jhynvyf@xxxxxxxxxxxxxxxxxxxxxxx
bcc: jrubin3546@xxxxxxx
From: jhynvyf@xxxxxxxxxxxxxxxxxxxxxxx
This is a multi-part message in MIME format.
--===============1655480186==
Content-Type: text/plain; charset=\"us-ascii\"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
xqofli
--===============1655480186==--
---/snip---

I wonder if this is some kind of automated attack attempt. Does anyone recognize this type of thing, and is it potentially dangerous? Should I do something about it?

- Brian

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux