Solved

Web site vulnerability?

Posted on 2007-03-19
2
311 Views
Last Modified: 2010-04-06
I have a web site that I created that allow perspective clients to submit a form which is emailed to our company. Over the past few days I have received some odd responses, well actually the same one.

Does anyone have any idea what is causing this?

here is an example of the email ouput:


"What is your approximate price range? :
Province/State: Bush
Address:
http://google.com
City: Phoenix
Email: main@yandex.com
Country:
USA
Telephone: 55555
Comments: Hello, nice site look this:
<a href="http://aktokuhc-2.info/00380.html">link</a>
[url=http://aktokuhc-2.info/00380.html]link[/url]
http://aktokuhc-2.info/00380.html
<a
href="http://aktokuhc-2.info/00008.html">link</a>
[url=http://aktokuhc-2.info/00008.html]link[/url]
http://aktokuhc-2.info/00008.html
<a
href="http://aktokuhc-2.info/00118.html">link</a>
[url=http://aktokuhc-2.info/00118.html]link[/url]
http://aktokuhc-2.info/00118.html
<a
href="http://aktokuhc-1.info/00405.html">link</a>
[url=http://aktokuhc-1.info/00405.html]link[/url]
http://aktokuhc-1.info/00405.html
<a
href="http://aktokuhc-2.info/00128.html">link</a>
[url=http://aktokuhc-2.info/00128.html]link[/url]
http://aktokuhc-2.info/00128.html
<a
href="http://aktokuhc-2.info/00214.html">link</a>
[url=http://aktokuhc-2.info/00214.html]link[/url]
http://aktokuhc-2.info/00214.html
<a
href="http://aktokuhc-1.info/00294.html">link</a>
[url=http://aktokuhc-1.info/00294.html]link[/url]
http://aktokuhc-1.info/00294.html
<a
href="http://aktokuhc-1.info/00033.html">link</a>
[url=http://aktokuhc-1.info/00033.html]link[/url]
http://aktokuhc-1.info/00033.html
<a
href="http://aktokuhc-2.info/00379.html">link</a>
[url=http://aktokuhc-2.info/00379.html]link[/url]
http://aktokuhc-2.info/00379.html
<a
href="http://aktokuhc-1.info/00053.html">link</a>
[url=http://aktokuhc-1.info/00053.html]link[/url]
http://aktokuhc-1.info/00053.html
<a
href="http://aktokuhc-2.info/00092.html">link</a>
[url=http://aktokuhc-2.info/00092.html]link[/url]
http://aktokuhc-2.info/00092.html
<a
href="http://aktokuhc-1.info/00211.html">link</a>
[url=http://aktokuhc-1.info/00211.html]link[/url]
http://aktokuhc-1.info/00211.html
<a
href="http://aktokuhc-2.info/00026.html">link</a>
[url=http://aktokuhc-2.info/00026.html]link[/url]
http://aktokuhc-2.info/00026.html
<a
href="http://aktokuhc-1.info/00482.html">link</a>
[url=http://aktokuhc-1.info/00482.html]link[/url]
http://aktokuhc-1.info/00482.html
<a
href="http://aktokuhc-2.info/00478.html">link</a>
[url=http://aktokuhc-2.info/00478.html]link[/url]
http://aktokuhc-2.info/00478.html
<a
href="http://aktokuhc-1.info/00331.html">link</a>
[url=http://aktokuhc-1.info/00331.html]link[/url]
http://aktokuhc-1.info/00331.html
<a
href="http://aktokuhc-1.info/00323.html">link</a>
[url=http://aktokuhc-1.info/00323.html]link[/url]
http://aktokuhc-1.info/00323.html
<a
href="http://aktokuhc-2.info/00285.html">link</a>
[url=http://aktokuhc-2.info/00285.html]link[/url]
http://aktokuhc-2.info/00285.html
<a
href="http://aktokuhc-1.info/00208.html">link</a>
[url=http://aktokuhc-1.info/00208.html]link[/url]
http://aktokuhc-1.info/00208.html
<a
href="http://aktokuhc-1.info/00398.html">link</a>
[url=http://aktokuhc-1.info/00398.html]link[/url]
http://aktokuhc-1.info/00398.html
<a
href="http://aktokuhc-2.info/00442.html">link</a>
[url=http://aktokuhc-2.info/00442.html]link[/url]
http://aktokuhc-2.info/00442.html
<a
href="http://aktokuhc-1.info/00027.html">link</a>
[url=http://aktokuhc-1.info/00027.html]link[/url]
http://aktokuhc-1.info/00027.html
<a
href="http://aktokuhc-2.info/00112.html">link</a>
[url=http://aktokuhc-2.info/00112.html]link[/url]
http://aktokuhc-2.info/00112.html
<a
href="http://aktokuhc-2.info/00125.html">link</a>
[url=http://aktokuhc-2.info/00125.html]link[/url]
http://aktokuhc-2.info/00125.html
<a
href="http://aktokuhc-1.info/00434.html">link</a>
[url=http://aktokuhc-1.info/00434.html]link[/url]
http://aktokuhc-1.info/00434.html

End ^) See you"

If anyone culd shed a bit of light on this then I can work on trying to eliminate it.

Thanks,

COB
0
Comment
Question by:clcuser
2 Comments
 
LVL 5

Accepted Solution

by:
PhilHow earned 250 total points
Comment Utility
The is produced by a spambot(a program that simulates form submission.  The links are to porn sites, gaming sites or malicious software sites.

To prevent this kind of spam you need to validate the submittr as human. To do that you would use something like CAPTCHA (see wikipedia) or Google it.

You will never completely stop spam as long as you have submission forms.  Of more concern is whether you are validating the input to prevent code injection exploits.  If you are just accepting whatever is entered without sanitizing and validating you are opwen to serious hacker attacks and you need to address security before you get hammered.
0
 

Author Comment

by:clcuser
Comment Utility
appreciate your time. thanks!!!
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Foreword (July, 2015) Since I first wrote this article, years ago, a great many more people have begun using the internet.  They are coming online from every part of the globe, learning, reading, shopping and spending money at an ever-increasing ra…
Things That Drive Us Nuts Have you noticed the use of the reCaptcha feature at EE and other web sites?  It wants you to read and retype something that looks like this.Insanity!  It's not EE's fault - that's just the way reCaptcha works.  But it is …
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to choose which pages of your form are visible to your users based on their inputs. The page rules feature provides you with an opportunity to create if:then statements for y…
Learn how to set-up PayPal payment integration in your Wufoo form. Allow your users to remit payment through PayPal upon completion of your online form. This is helpful for collecting membership payments, customer payments, donations, and more.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now