RSS feed links
Hijack-proof forms. Surveys. List building.
Solid, safe website tools.
Whatever your need, Will Bontrager builds powerful software solutions.
Solid, safe website tools.
Whatever your need, Will Bontrager builds powerful software solutions.
RSS feed links
Blog Article Categories |
(Get Attention Ticker for your web site)
Automated Form Hijack Vulnerability TestingBy Will Bontrager They're doing it. For over a year, I've been thinking that spammers will develop robots to test forms for vulnerability to hijacking. The robot would surf the 'net and try every form they find. Such a robot would be easy to make. I didn't want to mention it. Spammers don't need any more ideas. But now, the cat's out of the bag. Last week, I heard from two people who were wondering what was going on with their forms. One was an attack on a Master Form V4 installation. Thank you for asking, yes, the software's anti-hijacking code worked perfectly. The other was an attack on forum software, Master Board, a free title we're no longer distributing because of the tech support load. Again, the robot found no vulnerability. In both cases, the Bcc email address was the very same, telling me that both forms were being attacked by the same robot, or at least by robots sending their tests to the same person. Maybe there is only one person doing it. But you can bet your last dollar, and come out ahead, that this will not be the last. Such robots are just too easy to make. Test your forms. Web Page Form Anti-Hijacking Considerations tells you how its done. Test them thoroughly. The robot will. September 2, 2005 Please note: Articles on this website are presented "as is". However - If you have a question about a CGI script, HTML, CSS, PHP, or JavaScript
Rate this blog post.
No page reload! |
|
© 1998-2001 William and Mari Bontrager |
|