Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

I think I'm being hacked


crust

Recommended Posts

Posted

Someone or some people seem to be useing the contact us section of my site to test or to try to do something to my site.. I'm not really sure what they are trying to do maybe someone knows and can help me out. In my email that I get from people useing the contact us form I have been getting 3 emails in a row they seem to be a fake adress with mysite as the from.. here are a couple examples

 

Email #1 from - [email protected]

Email #2 from - [email protected]

Email#3 from - [email protected]

 

The first email just has a hyperlink and [email protected]

 

Here is the second email:

 

From: [email protected]

To: justin <[email protected]>, [email protected]

Subject: Enquiry from mysite

Headers: Show All Headers

lqfirdfx

--===============0586796908==--" <[email protected]>

MIME-Version: 1.0

X-Mailer: osCommerce Mailer

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: 7bit

 

 

[email protected] <--- hyperlink

 

 

 

Here is the 3rd email:

 

From: "[email protected]" <[email protected]>

To: justin <[email protected]>

Subject: Enquiry from mysite

Headers: Show All Headers

 

[email protected]

Content-Type: multipart/mixed; boundary="===============0258115953=="

MIME-Version: 1.0

Subject: d8f97a7f

To: [email protected]

bcc: [email protected]

From: [email protected]

 

This is a multi-part message in MIME format.

 

--===============0258115953==

Content-Type: text/plain; charset="us-ascii"

MIME-Version: 1.0

Content-Transfer-Encoding: 7bit

 

bgpfenpwe

--===============0258115953==--

 

 

 

does anyone know what they are doing or trying to do? also what should I do to protect myself? this ha happened more then once... all seem to be doing the same thing..

Posted

If they're all from the same IP address, or same IP address range, then block them.

 

-jared

Posted
Someone or some people seem to be useing the contact us section of my site to test or to try to do something to my site.. I'm not really sure what they are trying to do maybe someone knows and can help me out. In my email that I get from people useing the contact us form I have been getting 3 emails in a row they seem to be a fake adress with mysite as the from..

This appears to be a growing problem. There was a bug report on it months ago (bug report database seems to be acting up at the moment, it doesn't show a single one) and more and more people are experiencing problems. These are (some?) of the topics dealing with it:

 

Email Was Spamed, contact_us.php file (Jul 30 2005)

Script kiddie attempt to abuse "Contact Us" Page, hoping to exploit unchecked fields (Aug 30 2005)

WANTED CONTRIBUTION! Site is hacked!, Get spammails sent from my site! (Sep 5 2005)

E-Mail Security Concerns, I Feel Somebody is Abusing Enquiry Form (Sep 9 2005)

 

There is a contribution for stopping the abuse of the form (Validate Input), but as far as I know it doesn't stop the bots from sending you those mails.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...