Home page logo

webappsec logo WebApp Sec mailing list archives

Re: attacking PHP mail() function with poorly validated email address string
From: xomka <xomka1917 () mail ru>
Date: Sat, 5 Jun 2004 00:41:25 +0400

Hello Serg,

Thursday, June 3, 2004, 7:29:17 PM, you wrote:

SB> Hi All,

SB> I am interested to know if it i possible and if so how to exploit PHP's
SB> mail() function (not including spam) assuming user supplied email
SB> address was not validated. 

SB>    Cheers,
SB>       Serg

I think , naturally you can send messeges from his name,
and use it for social engineering(it opened big possibilityes).
For spam certanly:))

Best regards,
 xomka                            mailto:xomka1917 () mail ru

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]