Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Exploited  mailer - how to fix  script

Posted on 2006-07-19
5
Medium Priority
?
173 Views
Last Modified: 2013-12-25
I have been thrown into fixing a problem I am not sure I know where to start.

A spammer has been using the cgi-bin/mailer.cgi script to sent spam through my hosting server.  The host has disabled the script, but we would like to reenable it.  

I understand that I need to modify the script to check *all* form variables which are used to generate the email headers and ensure that they do not contain any newline or carriage return characters.

Having said that, I am not a programmer and am not sure how to modify the code.

This is the code in question:

#!/usr/local/bin/perl

use CGI::Carp qw(fatalsToBrowser);
require 'cgi-lib.pl';
&ReadParse(*in);
$today=&Get_Date;
$in{'comments'} =~ s/\015\012/ /g;

# enter who the mail goes to below;
$recip="info\@aw.com";

# URL for the page to be displayed after form submission;
$redirect="http://www.aw.com/thanks_contact.html";

# Path to your mail prog;
$mailprog = '/usr/sbin/sendmail';

# The subject of your mail (In the HIDDEN tag);
$subject="AM Comments";

open(MAIL,"|$mailprog -t");
print MAIL "To: $recip\n";
print MAIL "From: $in{'email'} ($in{'fname'} $in{'lname'})\n";
print MAIL "Subject: $subject\n";
print MAIL<<EOF;
This mail came from the your AM website's contact page:

Name:                        $in{'name'}
E-mail:                   $in{'email'}
Message:                  $in{'message'}

EOF
close MAIL;
open (MAILOG,">>maillog_contact.txt");
print MAILOG "$today|$in{name}|$in{email}|$in{message}|$in{field2}|$in{field3}|\n";
close MAILOG;
print "Location: $redirect\n\n";
exit;
sub Get_Date {
      @days =
        (Sunday,Monday,Tuesday,Wednesday,Thursday,Friday,Saturday);
      @months =
        (January,February,March,April,May,June,
        July,August,September,October,November,December);
      $time = time;
      ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) =
        localtime($time+($HourOffset*3600));
      $year = 1900+$year;
      $mon=$mon + 1;
      $todaydate = "$year/$mon/$mday ";
      $todaydate = $todaydate."$hour\:$min\:$sec";
}

0
Comment
Question by:franco2
  • 2
5 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 17157265
> ensure that they do not contain any newline or carriage return characters.
you better use a whitelist instead of a blacklist to sanatize input, something like:

  $in{'email'} =~ s/[^a-zA-Z0-9\.\@-]//g;

i.g. I'd never sanatize input, but reject it and abort the complete request if does not match my whitelist
0
 

Author Comment

by:franco2
ID: 17157509
Great info - not sure what a whitelist or blacklist are. Would the script look like this?


This mail came from the your AM website's contact page:

Name:                    $in{'name'}
E-mail:                 $in{'email'} =~ s/[^a-zA-Z0-9\.\@-]//g
Message:               $in{'message'}

EOF

Also, does the script need to compile once the problem is fixed. If yes - I do not have perl - how do I make the bin workable.

Again, pardon my ignorance - I am not a programmer.

Thanks in advance.
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 1400 total points
ID: 17157645
> not sure what a whitelist or blacklist are.
with a blacklist you allow anything not listed (your aproach), with a whitelist you allow anything listed (in particular that which your defined harmless:).

> Also, does the script need to compile once the problem is fixed.
no, perl is a interpreter
Only if you have fastCGI  or something similar in use, then you need to restart your server.

> Would the script look like this?
not as you did it, more like (a snippet only):

 $in{'fname'}=~ s/[^a-zA-Z'-]//g;
 $in{'lname'}=~ s/[^a-zA-Z'-]//g;
 $in{'email'} =~ s/[^a-zA-Z0-9\.\@-]//g;

Name:                    $in{'name'}
E-mail:                 $in{'email'}
Message:               $in{'message'}
EOF
0

Featured Post

[Webinar] Cloud Security

In this webinar you will learn:

-Why existing firewall and DMZ architectures are not suited for securing cloud applications
-How to make your enterprise “Cloud Ready”, and fix your aging DMZ architecture
-How to transform your enterprise and become a Cloud Enabler

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this tutorial I will show you how to make a simple HTML bar chart with the usage of WhizBase, If you want more information about WhizBase please read my previous articles at http://www.experts-exchange.com/ARTH_5123186.html (http://www.experts-ex…
In threads here at EE, each comment has a unique Identifier (ID). It is easy to get the full path for an ID via the right-click context menu. However, we often want to post a short link within a thread rather than the full link. This article shows a…
Learn the basics of lists in Python. Lists, as their name suggests, are a means for ordering and storing values. : Lists are declared using brackets; for example: t = [1, 2, 3]: Lists may contain a mix of data types; for example: t = ['string', 1, T…
The viewer will learn how to count occurrences of each item in an array.
Suggested Courses

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question