Long description

A browser window is shown above. the following form content is shown above the browser: A contact form transmits the email of the receiver within the H T M L. The browser starts with a level 1 heading that reads Contact Us. Next is a form content that reads from top to bottom as follows: From colon text box with text that reads your email at symbol example dot com. Next To colon and drop down labeled Select one, rconnolly at symbol m t royal dot ca, rhoar at symbol siliconhanna dot come. Next Message and text area with text that reads Type here dot dot dot. Button labeled submit.

PHP code block reads as follows:

Line 1: dollar from equals dollar underscore POST open square bracket apostrophe sender apostrophe close square bracket semi colon at indentation level 0. Line 2: dollar to equals dollar underscore POST open square bracket apostrophe receiver apostrophe close square bracket semi colon at indentation level 0. Line 3: dollar msg equals dollar underscore POST open square bracket quote message quote close square bracket semi colon at indentation level 0. Line 4: dollar header equals open double quotes From colon end double quotes dot dollar from dot open double quotes forward slash forward slash r forward slash forward slash n end double quotes semi colon at indentation level 0. Line 5: mail open bracket dollar to comma open double quotes Form message end double quotes comma dollar msg, header close bracket semi colon at indentation level 0.

There are three text boxes.

Text box 1 labeled Query string parameters has 3 lines of text, left aligned, that reads.

Line 1: sender equals fakename at symbol realbank dot com

Line 2: receiver equals Aphrodite at symbol the rate a b c dot x y z

Line 3: message equals open square bracket spam open bracket or worse close bracket close square bracket

Text box 2 labeled Query string parameters has 3 lines of text, left aligned, that reads.

Line 1: sender equals some hyphen person at symbol where hyphen ever dot com

Line 2: receiver equals rhoar at symbol siliconhanna dot com

Line 3: message equals open square bracket Hello I love your book dots dot dot close square bracket

Text box 3 contains has 7 lines of text that has spam email addresses, left aligned, that reads.

Line 1: Aphrodite at symbol abc dot xyz

Line 2: Apollo at symbol abc dot xyz

Line 3: Ares at symbol abc dot xyz

Line 4: Artemis at symbol abc dot xyz

Line 5: Athena at symbol abc dot xyz

Line 6: dot dot do

Line 7: Zeus at symbol abc dot xyz

Steps for virtual open relay exploit.

Step 0: A contact form transmits the email of the receiver within the HTML in the to colon field

Step 1: Malicious user sees that you are transmitting email addresses in HTML and creates a spam script to mail a list of addresses

Step 2: PHP script passes the query string input directly to the PHP mail open bracket close bracket function

Step 3: The form thus acts as an open relay and lets the malicious user send many messages. This is shown by red solid red line connecting from PHP to spam mailboxes that reads Aphrodite at symbol abc dot xyz, Apollo at symbol abc dot xyz, dot dot dot Zeus at symbol abc dot xyz.

In the normal scenario, Submit Button clicked by user will result in Mail from contact form to reach r h o a r at symbol siliconhann dot com. This is shown by a green color line connecting Form Data submit button, Query string parameter text box, PHP code block and mailbox icon for rhoar at symbol siliconhann dot com.