[nycphp-talk] Phundamentals Title Change: Email Header Injection
inforequest
1j0lkq002 at sneakemail.com
Fri Sep 23 17:43:58 EDT 2005
David Mintz dmintz-at-davidmintz.org |nyphp dev/internal group use| wrote:
>On Fri, 23 Sep 2005, Hans Zaunere wrote:
>
>
>
>>However for this particular exploit, it's easy to prevent. It's simply not
>>possible for this exploit to work without the Content-Type: string.
>>Searched for, in a case-insensitive manner, across all submitted form
>>fields, will detect and thrawt this exploit immediately.
>>
>>
>>
>
>Yes, and I gratefully borrowed your snippet to tighten up a couple of my
>own scripts. The only conceivable drawback is that if user input is
>destined to become the message body -- a textarea for the user
>to type a message -- and for some reason the user legitimately wants to
>say something like "Have you guys heard about the Content-type:
>attack?" Granted, it's unusual, but still... Kind of like the caveat
>against training Spamassassin with ham that discusses spam.
>
>---
>David Mintz
>http://davidmintz.org/
>
>
You might consider an old SEO trick and just swap in an invalid version
of thet string, that still makes sense to the reader. Perhaps relacing
"Content-type:" with "Content-type (colon)" for example, leaves it in the text but not functional.
-=john andrews
http://www.seo-fun.com
More information about the talk
mailing list