email injection

by 11 replies
13
Hi, i just received an email via contact form on my website.It is something like this:

First Name: juxefjpcc
subject: gxLkyhLgBcWkWoeRSh
Email: wywvew@llaxlr.com
Comments: yzZQIt <a =\"http://ebhupsjnriud.com/\">ebhupsjnriud</a>, wqocemyudkqb, [link=http://bucmricazvnd.com/]bucmricazvnd[/link], http://cwufnmrpjuuj.com/


It sounds to me a Email attack.Can anyone tell me what exactly it is and if it is some sort of hacking thing than how can i prevent it?

Thanks in advance.
#programming #email #injection
  • It's just some idiot (or stupid bot...) who tried to post spam on your website. Saw a from, filled the form, submitted the form... Nothing more.
    Is your contact form protected by a captcha and / or bot trap?
    • [1] reply
    • Yes, you are right.I did some research and now planning to implement a Captcha over there.Thanks for your comment.
  • You're welcome.
  • That's sound little bit dangerous to me,
    I gonna make my site more secured. Thanks for your information.
    • [1] reply
    • No offense, but if this sounds dangerous to you, then you would need to look into basic html.
      There is absolutely no dangerous code here. It's a simply html link and bbcode link, nothing more.
  • Just spam, me thinks.
  • In fact, I get them quite often on my contact form.

    You could put a captcha on there if you'd like (but they're annoying for the user), or instead put a hidden text field. Bots will usually fill it out, humans won't because they can't see it. Then you know when it's a real human user and when it's a bot.
  • Just use contact-form-7 if you are using wordpresss. if not please make sure you plant cookies, and check cookies before sending an email from the contact form.
    using captcha is also another solution. but you need third party libraries to make that.
  • There are a lot of ways to send anonymous emails, some use it to mass mail, some use it to spoof identity, and some (a few) use it to send email anonymously. Usually a web mailform using the mail() function generates emails containing headers with the originating IP of the server it's running on. Therefore the mailform acts as a SMTP proxy. The input fields of the form may vary, but it is common to specify a mailform that gives you control over the subject, the message, and the sender's email address.
  • Try to secure your admin panel along with the hosting panel too. Take care of your hosting too coz now the hackers are planning to take over your hosting in some countries, so catcha is the best option or avoid spams too use private mailbox.

Next Topics on Trending Feed