?
Solved

Web site vulnerability?

Posted on 2007-03-19
2
Medium Priority
?
353 Views
Last Modified: 2010-04-06
I have a web site that I created that allow perspective clients to submit a form which is emailed to our company. Over the past few days I have received some odd responses, well actually the same one.

Does anyone have any idea what is causing this?

here is an example of the email ouput:


"What is your approximate price range? :
Province/State: Bush
Address:
http://google.com
City: Phoenix
Email: main@yandex.com
Country:
USA
Telephone: 55555
Comments: Hello, nice site look this:
<a href="http://aktokuhc-2.info/00380.html">link</a>
[url=http://aktokuhc-2.info/00380.html]link[/url]
http://aktokuhc-2.info/00380.html
<a
href="http://aktokuhc-2.info/00008.html">link</a>
[url=http://aktokuhc-2.info/00008.html]link[/url]
http://aktokuhc-2.info/00008.html
<a
href="http://aktokuhc-2.info/00118.html">link</a>
[url=http://aktokuhc-2.info/00118.html]link[/url]
http://aktokuhc-2.info/00118.html
<a
href="http://aktokuhc-1.info/00405.html">link</a>
[url=http://aktokuhc-1.info/00405.html]link[/url]
http://aktokuhc-1.info/00405.html
<a
href="http://aktokuhc-2.info/00128.html">link</a>
[url=http://aktokuhc-2.info/00128.html]link[/url]
http://aktokuhc-2.info/00128.html
<a
href="http://aktokuhc-2.info/00214.html">link</a>
[url=http://aktokuhc-2.info/00214.html]link[/url]
http://aktokuhc-2.info/00214.html
<a
href="http://aktokuhc-1.info/00294.html">link</a>
[url=http://aktokuhc-1.info/00294.html]link[/url]
http://aktokuhc-1.info/00294.html
<a
href="http://aktokuhc-1.info/00033.html">link</a>
[url=http://aktokuhc-1.info/00033.html]link[/url]
http://aktokuhc-1.info/00033.html
<a
href="http://aktokuhc-2.info/00379.html">link</a>
[url=http://aktokuhc-2.info/00379.html]link[/url]
http://aktokuhc-2.info/00379.html
<a
href="http://aktokuhc-1.info/00053.html">link</a>
[url=http://aktokuhc-1.info/00053.html]link[/url]
http://aktokuhc-1.info/00053.html
<a
href="http://aktokuhc-2.info/00092.html">link</a>
[url=http://aktokuhc-2.info/00092.html]link[/url]
http://aktokuhc-2.info/00092.html
<a
href="http://aktokuhc-1.info/00211.html">link</a>
[url=http://aktokuhc-1.info/00211.html]link[/url]
http://aktokuhc-1.info/00211.html
<a
href="http://aktokuhc-2.info/00026.html">link</a>
[url=http://aktokuhc-2.info/00026.html]link[/url]
http://aktokuhc-2.info/00026.html
<a
href="http://aktokuhc-1.info/00482.html">link</a>
[url=http://aktokuhc-1.info/00482.html]link[/url]
http://aktokuhc-1.info/00482.html
<a
href="http://aktokuhc-2.info/00478.html">link</a>
[url=http://aktokuhc-2.info/00478.html]link[/url]
http://aktokuhc-2.info/00478.html
<a
href="http://aktokuhc-1.info/00331.html">link</a>
[url=http://aktokuhc-1.info/00331.html]link[/url]
http://aktokuhc-1.info/00331.html
<a
href="http://aktokuhc-1.info/00323.html">link</a>
[url=http://aktokuhc-1.info/00323.html]link[/url]
http://aktokuhc-1.info/00323.html
<a
href="http://aktokuhc-2.info/00285.html">link</a>
[url=http://aktokuhc-2.info/00285.html]link[/url]
http://aktokuhc-2.info/00285.html
<a
href="http://aktokuhc-1.info/00208.html">link</a>
[url=http://aktokuhc-1.info/00208.html]link[/url]
http://aktokuhc-1.info/00208.html
<a
href="http://aktokuhc-1.info/00398.html">link</a>
[url=http://aktokuhc-1.info/00398.html]link[/url]
http://aktokuhc-1.info/00398.html
<a
href="http://aktokuhc-2.info/00442.html">link</a>
[url=http://aktokuhc-2.info/00442.html]link[/url]
http://aktokuhc-2.info/00442.html
<a
href="http://aktokuhc-1.info/00027.html">link</a>
[url=http://aktokuhc-1.info/00027.html]link[/url]
http://aktokuhc-1.info/00027.html
<a
href="http://aktokuhc-2.info/00112.html">link</a>
[url=http://aktokuhc-2.info/00112.html]link[/url]
http://aktokuhc-2.info/00112.html
<a
href="http://aktokuhc-2.info/00125.html">link</a>
[url=http://aktokuhc-2.info/00125.html]link[/url]
http://aktokuhc-2.info/00125.html
<a
href="http://aktokuhc-1.info/00434.html">link</a>
[url=http://aktokuhc-1.info/00434.html]link[/url]
http://aktokuhc-1.info/00434.html

End ^) See you"

If anyone culd shed a bit of light on this then I can work on trying to eliminate it.

Thanks,

COB
0
Comment
Question by:clcuser
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 5

Accepted Solution

by:
PhilHow earned 1000 total points
ID: 18753121
The is produced by a spambot(a program that simulates form submission.  The links are to porn sites, gaming sites or malicious software sites.

To prevent this kind of spam you need to validate the submittr as human. To do that you would use something like CAPTCHA (see wikipedia) or Google it.

You will never completely stop spam as long as you have submission forms.  Of more concern is whether you are validating the input to prevent code injection exploits.  If you are just accepting whatever is entered without sanitizing and validating you are opwen to serious hacker attacks and you need to address security before you get hammered.
0
 

Author Comment

by:clcuser
ID: 18755289
appreciate your time. thanks!!!
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Foreword (May 2015) This web page has appeared at Google.  It's definitely worth considering! https://www.google.com/about/careers/students/guide-to-technical-development.html How to Know You are Making a Difference at EE In August, 2013, one …
What is Node.js? Node.js is a server side scripting language much like PHP or ASP but is used to implement the complete package of HTTP webserver and application framework. The difference is that Node.js’s execution engine is asynchronous and event…
This video teaches users how to migrate an existing Wordpress website to a new domain.
Wufoo.com provides powerful tools for surveying targeted groups, and utilizing data from completed surveys to find trends, discover areas of demand or customer expectation, and make business decisions on products or services.

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question