Solved

Web site vulnerability?

Posted on 2007-03-19
2
332 Views
Last Modified: 2010-04-06
I have a web site that I created that allow perspective clients to submit a form which is emailed to our company. Over the past few days I have received some odd responses, well actually the same one.

Does anyone have any idea what is causing this?

here is an example of the email ouput:


"What is your approximate price range? :
Province/State: Bush
Address:
http://google.com
City: Phoenix
Email: main@yandex.com
Country:
USA
Telephone: 55555
Comments: Hello, nice site look this:
<a href="http://aktokuhc-2.info/00380.html">link</a>
[url=http://aktokuhc-2.info/00380.html]link[/url]
http://aktokuhc-2.info/00380.html
<a
href="http://aktokuhc-2.info/00008.html">link</a>
[url=http://aktokuhc-2.info/00008.html]link[/url]
http://aktokuhc-2.info/00008.html
<a
href="http://aktokuhc-2.info/00118.html">link</a>
[url=http://aktokuhc-2.info/00118.html]link[/url]
http://aktokuhc-2.info/00118.html
<a
href="http://aktokuhc-1.info/00405.html">link</a>
[url=http://aktokuhc-1.info/00405.html]link[/url]
http://aktokuhc-1.info/00405.html
<a
href="http://aktokuhc-2.info/00128.html">link</a>
[url=http://aktokuhc-2.info/00128.html]link[/url]
http://aktokuhc-2.info/00128.html
<a
href="http://aktokuhc-2.info/00214.html">link</a>
[url=http://aktokuhc-2.info/00214.html]link[/url]
http://aktokuhc-2.info/00214.html
<a
href="http://aktokuhc-1.info/00294.html">link</a>
[url=http://aktokuhc-1.info/00294.html]link[/url]
http://aktokuhc-1.info/00294.html
<a
href="http://aktokuhc-1.info/00033.html">link</a>
[url=http://aktokuhc-1.info/00033.html]link[/url]
http://aktokuhc-1.info/00033.html
<a
href="http://aktokuhc-2.info/00379.html">link</a>
[url=http://aktokuhc-2.info/00379.html]link[/url]
http://aktokuhc-2.info/00379.html
<a
href="http://aktokuhc-1.info/00053.html">link</a>
[url=http://aktokuhc-1.info/00053.html]link[/url]
http://aktokuhc-1.info/00053.html
<a
href="http://aktokuhc-2.info/00092.html">link</a>
[url=http://aktokuhc-2.info/00092.html]link[/url]
http://aktokuhc-2.info/00092.html
<a
href="http://aktokuhc-1.info/00211.html">link</a>
[url=http://aktokuhc-1.info/00211.html]link[/url]
http://aktokuhc-1.info/00211.html
<a
href="http://aktokuhc-2.info/00026.html">link</a>
[url=http://aktokuhc-2.info/00026.html]link[/url]
http://aktokuhc-2.info/00026.html
<a
href="http://aktokuhc-1.info/00482.html">link</a>
[url=http://aktokuhc-1.info/00482.html]link[/url]
http://aktokuhc-1.info/00482.html
<a
href="http://aktokuhc-2.info/00478.html">link</a>
[url=http://aktokuhc-2.info/00478.html]link[/url]
http://aktokuhc-2.info/00478.html
<a
href="http://aktokuhc-1.info/00331.html">link</a>
[url=http://aktokuhc-1.info/00331.html]link[/url]
http://aktokuhc-1.info/00331.html
<a
href="http://aktokuhc-1.info/00323.html">link</a>
[url=http://aktokuhc-1.info/00323.html]link[/url]
http://aktokuhc-1.info/00323.html
<a
href="http://aktokuhc-2.info/00285.html">link</a>
[url=http://aktokuhc-2.info/00285.html]link[/url]
http://aktokuhc-2.info/00285.html
<a
href="http://aktokuhc-1.info/00208.html">link</a>
[url=http://aktokuhc-1.info/00208.html]link[/url]
http://aktokuhc-1.info/00208.html
<a
href="http://aktokuhc-1.info/00398.html">link</a>
[url=http://aktokuhc-1.info/00398.html]link[/url]
http://aktokuhc-1.info/00398.html
<a
href="http://aktokuhc-2.info/00442.html">link</a>
[url=http://aktokuhc-2.info/00442.html]link[/url]
http://aktokuhc-2.info/00442.html
<a
href="http://aktokuhc-1.info/00027.html">link</a>
[url=http://aktokuhc-1.info/00027.html]link[/url]
http://aktokuhc-1.info/00027.html
<a
href="http://aktokuhc-2.info/00112.html">link</a>
[url=http://aktokuhc-2.info/00112.html]link[/url]
http://aktokuhc-2.info/00112.html
<a
href="http://aktokuhc-2.info/00125.html">link</a>
[url=http://aktokuhc-2.info/00125.html]link[/url]
http://aktokuhc-2.info/00125.html
<a
href="http://aktokuhc-1.info/00434.html">link</a>
[url=http://aktokuhc-1.info/00434.html]link[/url]
http://aktokuhc-1.info/00434.html

End ^) See you"

If anyone culd shed a bit of light on this then I can work on trying to eliminate it.

Thanks,

COB
0
Comment
Question by:clcuser
2 Comments
 
LVL 5

Accepted Solution

by:
PhilHow earned 250 total points
ID: 18753121
The is produced by a spambot(a program that simulates form submission.  The links are to porn sites, gaming sites or malicious software sites.

To prevent this kind of spam you need to validate the submittr as human. To do that you would use something like CAPTCHA (see wikipedia) or Google it.

You will never completely stop spam as long as you have submission forms.  Of more concern is whether you are validating the input to prevent code injection exploits.  If you are just accepting whatever is entered without sanitizing and validating you are opwen to serious hacker attacks and you need to address security before you get hammered.
0
 

Author Comment

by:clcuser
ID: 18755289
appreciate your time. thanks!!!
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Foreword (July, 2015) Since I first wrote this article, years ago, a great many more people have begun using the internet.  They are coming online from every part of the globe, learning, reading, shopping and spending money at an ever-increasing ra…
Things That Drive Us Nuts Have you noticed the use of the reCaptcha feature at EE and other web sites?  It wants you to read and retype something that looks like this.Insanity!  It's not EE's fault - that's just the way reCaptcha works.  But it is …
This video teaches users how to migrate an existing Wordpress website to a new domain.
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to choose which pages of your form are visible to your users based on their inputs. The page rules feature provides you with an opportunity to create if:then statements for y…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question