From: David Dischler (david.dischler@gmail.com)
Date: Mon Sep 12 2005 - 18:14:57 EDT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
hello all,
I'm trying to test a web to email form on a site I own. I have one
setup for an email list signup and the other as a refer form. They
were both setup for automatic emails and MySQL submission for the
list, but I found out that may not be the best way to do it.
My question is how do I test to see if the scripts I have now (which
only send an email to me for manual action on them) are vulnerable to
injection into the FROM and HEADER fields.
Thanks.
~David
- --
David Dischler, Network + http://www.dc-ws.com
- -------------------------------------------------
david.dischler@gmail.com PGP Fingerprint
EDFA D2FF 1C28 37E0 2583 2AAF EEB3 A59F 970E 3CDD
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFDJf3h7rOln5cOPN0RArtgAJ9jtNAEzfaq9N0WOvyybOfz488H7wCeKamo
wa5ahSSMphcundVYXyim6Gw=
=1jJT
-----END PGP SIGNATURE-----
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:53 EDT