Kryptronic Software Support Forum

You are viewing this forum as a guest. Login to an existing account, or create a new account, to reply to topics and to create new topics.

#1 03-18-2005 20:16:06

From: USA
Registered: 01-01-2005
Posts: 936

Contact Us Email Form Hacked By Spammer

Our Contact Us email form apparently was hacked by a spammer.  We are on a LINUX OS using sendmail, not SMTP.

How do we secure the Click Cart Pro email form program from doing this?

Here is one example of the copied email that I received (I use Outlook, so these fields are what Outlook calls them).

From: asha@ To: BCC: Content-Type: multipart/mixed

From: asha@ To: BCC: Content-Type: multipart/mixed

The following information was just submitted via the Contact Form.

First Name:        lhvgabqfhm
Last Name:         nxdwvfnhqh
Email Address:      From: asha@ To: BCC: Content-Type: multipart/mixed; boundary=bwkereu X-GUID: c85b4077-63a3-82bd-2a8e-de8c8994f9ca   --bwkereu Content-Type: text/html Content-Transfer-Encoding: base64  Pzw/eG1sIHZlcnNpb249IjEuMCIgZW5jb2Rpbmc9InV0Zi04Ij8+PE1haWxGb3JtIHhtbG5zOnhzZD0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIElEPSJjODViNDA3Ny02M2EzLTgyYmQtMmE4ZS1kZThjODk5NGY5Y2EiIFRlc3RGYWlsZWQ9IjAiPjxCb2R5PnVzcj01MFg3Mzc1NDEmYW1wO3JuZD02Mzg4OTgyJmFtcDtycmM9TiZhbXA7cGc9c3RlX21haWxfY29udGFjdF9wcm9jJmFtcDt0cmFja2luZ19maXJzdG5hbWU9bGh2Z2FicWZobSZhbXA7dHJhY2tpbmdfbGFzdG5hbWU9bnhkd3ZmbmhxaCZhbXA7dHJhY2tpbmdfZW1haWw9Yzg1YjQwNzctNjNhMy04MmJkLTJhOGUtZGU4Yzg5OTRmOWNhJmFtcDt0cmFja2luZ19waG9uZT0zMzUxOCZhbXA7bWVzc2FnZT1reWp1bW1jcGl3PC9Cb2R5PjxGb3JtVXJsPmh0dHA6Ly93d3cuR29sZGVuQXJ0UHJpbnRzLmNvbS9jZ2ktYmluL2NwLWFwcC5jZ2k8L0Zvcm1Vcmw+PFJlZmVyZXJVc!
mw+aHR0cDovL3d3dy5nb2xkZW5hcnRwcmludHMuY29tL2NnaS1iaW4vY3AtYXBwLmNnaT91c3I9NTBYNzM3NTQxJmFtcDtybmQ9MjE5Nzc3NSZhbXA7cnJjPU4mYW1wO2NpcD02OS45My4xMDguMjAyJmFtcDtwZz1jb250YWN0PC9SZWZlcmVyVXJsPjxTZW50PjA8L1NlbnQ+PC9NYWlsRm9ybT4=  --bwkereu--   . 
Telephone Number:  33518




#2 03-23-2005 09:24:58

From: York, PA
Registered: 04-20-2001
Posts: 19798

Re: Contact Us Email Form Hacked By Spammer

The basic answer is that you can't stop someone from submitting a contact form.  The good news is that it only comes to you.  There's no way to hijack the form to send to other people.

Nick Hendler



Board footer