电子邮件标题注入-示例不起作用
[英]email header injection - example not working
问题描述
first of all this question is for personal knowledge, and not for any kind of attack :) hope you'll believe me and give me some hints. 
首先,这个问题是为了个人知识,而不是任何攻击:)希望您相信我并给我一些提示。
I'm trying to reproduce an example of mail header injection I found (link-> http://www.phpsecure.info/v2/article/MailHeadersInject.en.php ). 我正在尝试重现我发现的邮件头注入的示例(链接-> http://www.phpsecure.info/v2/article/MailHeadersInject.en.php )。 Basically it uses a form to get 3 parameters (subject, message and sender mail), then these parameters are sent with POST method and used in the php mail() function to an admin's mail. 基本上,它使用一种形式来获取3个参数(主题,消息和发件人邮件),然后使用POST方法发送这些参数,并在php mail()函数中将其用于管理员的邮件。
Everything works fine, each mail is sent without problem but when I try to inject some other parameters as Cc, Bcc etc the trick doesn't work: neither \\r & \\n nor %0A & %0D are interpreted as CL and RF. 一切正常,每封邮件都没有问题,但是当我尝试注入其他参数(例如Cc,Bcc等)时,此技巧不起作用: \\r & \\n或%0A & %0D都不能解释为CL和RF。 For example, if I put my@mail.com%0ACc:foo@bar.com in the "From" field, in "my@mail.com" inbox I'll find the mail, with the same "From" field as it was sent ( my@mail.com%0ACc:foo@bar.com ). 例如,如果将my@mail.com%0ACc:foo@bar.com放在“发件人”字段中,则在“ my@mail.com”收件箱中,我会找到与“发件人”字段相同的邮件它已发送( my@mail.com%0ACc:foo@bar.com )。 Does php or does input tag encode (or unencode) properly the input? php或输入标签是否正确编码(或未编码)输入? How can I make it work? 我该如何运作?
Hope you can understand my bad english, thanks in advance, best regards. 希望您能理解我的英语不好,在此先感谢您,最好的问候。
ps: the article I linked is dated 2005, recently I've found that a similar bug with http headers splitting using php function "header()" was fixed, so I thought that they fixed email headers injection problem too.. But I can't find anything on the web that confirms this. ps:我链接的文章的日期为2005年,最近我发现使用php函数“ header()”拆分了带有HTTP标头的类似错误已得到修复,因此我认为他们也解决了电子邮件标头注入问题。.但是我可以在网络上找不到任何可以证实这一点的信息。
______________________EDIT________________________________________ ______________________编辑________________________________________
Example working, modifying header within php code: 工作示例,在php代码中修改标头:
$to = "admin@mail.com";
$sub = "this is the subject";
$msg = "this is the message";
$header = "From: foo@foo.com"."\r\n"."Cc: bar@bar.com";
$if(mail($to, $sub, $msg, $header."\n")){
echo "sent";
}else{
echo "error";
}
The email is correctly received both from foo@foo.com and bar@bar.com 正确接收到来自foo@foo.com和bar@bar.com的电子邮件
Examples NOT working (this is the problem I'd like to solve with your help): 示例不起作用(这是我想在您的帮助下解决的问题):
Once I send the mail with "send" button, only foo@foo.com will get the e-mail, and in the "from" detail (inside the mail) I'll find (1st case) foo@foo.comrnCc: bar@bar.com or (2nd case) foo@foo.com%0D%0ACc: bar@bar.com . 使用“发送”按钮发送邮件后,只有foo@foo.com会收到该电子邮件,在“发件人”详细信息(邮件内部)中,我会发现(第一种情况) foo@foo.comrnCc: bar@bar.com或( foo@foo.comrnCc: bar@bar.com情况) foo@foo.com%0D%0ACc: bar@bar.com 。
1 个解决方案
解决方案1
1 2011-11-22 00:50:46
我总是发现我需要同时使用\\ r \\ n才能正确发送标头。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.