Hacking php...

  barryoneoff.co.uk 14:10 11 Mar 06
Locked

I recently updated my website, and as usual used a contact form and php rather than publish an email address.

I use a system where a name, email address, and message have to be entered to hopefully get rid of time wasters (a php message pops up informing them that they have missed a field etc).

This morning I had four emails from the contact form with email addresses that end in my site name (@barryoneoff.co.uk). What is worrying me is have they got access to the php on my host's server, and can they do any damage?

Here is the contents of one of the E-mails I got from my Spam filter.

and
Content-Type: multipart/alternative; boundary=f13c7c01afadd26829e4ea52f072cfcc
MIME-Version: 1.0
Subject: wait f
bcc: [email protected]

This is a multi-part message in MIME format.

--f13c7c01afadd26829e4ea52f072cfcc
Content-Type: text/plain; charset=\"us-ascii\"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit

want that but don t. h merican business man is too fly. e
--f13c7c01afadd26829e4ea52f072cfcc--

  powerless 21:28 11 Mar 06

Umm...

If they have access they could do a whole lot more damage.

Change your passwords etc.

  beynac 22:38 11 Mar 06
  barryoneoff.co.uk 23:01 11 Mar 06

I use php instead of email links, I don't use email addresses on site.

I am wondering why they are bothering, there must be a motive, and they wre not trying to guess an address as the first part is nonsense with numbers. These are the prefixes they have used with the @barryoneoff:

er1368

and1363

tto6836

circle2361 - this was the one with the above message, the others were blank. Puzzling eh?

  barryoneoff.co.uk 10:21 12 Mar 06

This is still a puzzle. Here is the latest one:

from have5725 @ Barryoneoff.co.uk
living
Content-Type: multipart/alternative; boundary=7f335a059bdf6f92325e57cc34ac501f
MIME-Version: 1.0
Subject: passing
bcc: [email protected]

This is a multi-part message in MIME format.

--7f335a059bdf6f92325e57cc34ac501f
Content-Type: text/plain; charset=\"us-ascii\"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit

birthday with his nurse, iss ngybel lim, th well known specyal nurse iv th venin luff. t th time th phottygraft was taken, th infant was about to bite iss lim which accounts f r th agynized exprission
--7f335a059bdf6f92325e57cc34ac501f--

  Haol 12:29 12 Mar 06
  barryoneoff.co.uk 12:35 12 Mar 06

but why are they using a BCC to someone else in the email content?

I'm just worried that they have found a way around the contact form to send emails from my address. If not, why would they be wasting their time like this?

  Haol 15:17 12 Mar 06

It may not be people, it may just be bots.

  barryoneoff.co.uk 15:24 12 Mar 06

wouldn't be able to fill in a form and press the 'send' button. It has to be human(s).

  Haol 17:47 12 Mar 06

Oh sorry because bots don't crawl the internet indexing every page they came across.

  barryoneoff.co.uk 23:02 12 Mar 06

indexing a page submit phony email addresses by form?

This thread is now locked and can not be replied to.

Intel Coffee Lake 8th-gen Core processors release date rumours

1995-2015: How technology has changed the world in 20 years

Framestore’s haunting post-WWII title sequence for new BBC series SS-GB

Best iPhone games 2017 | Best iPad games 2017: 162 fantastic iOS games that you need to play right…