Posted January 18, 200619 yr theres no logs, nothing that hasnt been done before. contents of index.php: <HTML> <HEAD> <TITLE>s0beit's anonymous emailer</TITLE> </HEAD> <BODY> <?php $headers = "From: {$_GET['from']}"; $name = $_GET['name']; $from = $_GET['from']; $subject = $_GET['subject']; $message = $_GET['message']; $to = $_GET['to']; if ($name && $from && $subject && $message && $to){ mail($to, $subject, $message, $headers); echo '<SCRIPT LANGUAGE="JavaScript">'; echo 'window.location="done.php";'; echo '</script>'; } else { echo '<FORM NAME="myform" ACTION="" METHOD="GET">Send an anonymus email: <BR><BR>'; echo 'From (email):<br><INPUT TYPE="from" NAME="from" VALUE=""><P><br>'; echo 'From (name):<br><INPUT TYPE="name" NAME="name" VALUE=""><P><br>'; echo 'To:<br><INPUT TYPE="to" NAME="to" VALUE=""><P><br>'; echo 'Subject:<br><INPUT TYPE="subject" NAME="subject" VALUE=""><P><br>'; echo 'Message:<br><P><TEXTAREA ROWS=5 COLS=72 NAME=message></TEXTAREA></P><br>'; //echo 'Message:<br><INPUT TYPE="message" NAME="message" VALUE=""><P><br>'; echo '<INPUT type="submit" value="Send">'; echo '</FORM>'; } ?> </BODY> </HTML> contents of done.php: <HTML> <HEAD> <TITLE>s0beit's anonymous emailer</TITLE> </HEAD> <BODY> <center>Message Sent Succesfully!<br><br> <a href="index.php">GO BACK TO anonMAIL</a></center> </BODY> </HTML> i was just bored and wanted to make something from scratch comment if you wish, if its about the sloppy code shut the hell up, if its because of errors in the code post. (there is a error BTW but i dont know enough about email headers to fix it :madkeke: )
January 18, 200619 yr thats not anonymous unless you are running it off a hacked server REASON? if you go to advanced view you can see what domain the e-mail came from, and if you are sending emails from a fake domain, most filters will pick it up not to mention if you get caught phishing, its a simple trace to who is providing your domain and a phone call and you're looking at fines / jail time / at least losing your box
January 18, 200619 yr <?php ob_start(); if(IsSet($_POST['destination_email']) && IsSet($_POST['source_email']) && IsSet($_POST['subject_email']) && IsSet($_POST['content'])) @mail(stripslashes($_POST['destination_email']),stripslashes($_POST['subject_email']),$_POST['content'],"From: ".stripslashes($_POST['source_email'])."\r\n") ? header("Location: " . $_SERVER['PHP_SELF'] . "?good") : header("Location: " . $_SERVER['PHP_SELF'] . "?bad"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1"> <title>asterix's (not really) anonymous mailer</title> <style type="text/css"> <!-- body { background: #E8E8E8; } #formbox { background: #FFFFFF; border: 1px black solid; width: 400px; margin: 100px auto 0 auto; padding: 1em; font-size: 12px; font-family: Verdana, Helvetica, Sans-Serif; font-weight: normal; } #formbox h1 { font-size: 18px; font-weight:bold; } #formbox h2 { font-size: 12px; color: #FF0000; } --> </style> </head> <body> <div id="formbox"> <?php if(IsSet($_GET['good'])) echo "<center><h2>Mail sent successfully!</h2></center>"; else if(IsSet($_GET['bad'])) echo "<center><h2>Mail was not sent successfully!</h2></center>"; ?> <h1>Asterix's Not-Really Anonymous Mailer</h1> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> To:<br> <input type="text" name="destination_email" size="48" maxlength="255"><br><br> From:<br> <input type="text" name="source_email" size="48" maxlength="255"><br><br> Subject:<br> <input type="text" name="subject_email" size="48" maxlength="65535"><br><br> Message:<br> <textarea name="content" rows="10" cols="47"></textarea><br><br> <input type="submit" value="Send Email"><br> </div> </body> </html> <?php ob_flush(); ?> And as minkey said, you can easily view the raw SMTP headers, the server the message originated could be notified, and they can grep their sendmail/apache/ftp logs to find the source IP/time sent, etc. Hence my "not really" anonymous mailer script I wrote 5 mins ago. Single file, put it on a server and visit in browser, pretty simple. I was going to use a regular expression to validate that the source/destination emails were formatted correctly, but if you can't type in a valid email you shouldn't be using this. :P
January 18, 200619 yr Author <3 asterix, thanks for using but i got tired of all the VB posts so i had to post something.
January 18, 200619 yr <3 asterix, thanks for using but i got tired of all the VB posts so i had to post something. I didn't use yours, I wrote my own from scratch in about 10 mins and mine lets you know if the mail was sent successfully by the server or not. :p I do php/sql for a living at the moment, so I figured I'd write a cleaner version (in case anyone wanted it) of the idea behind your script(s). No offense or anything, I was sitting here with nothing to do. =p
January 18, 200619 yr Author yeah same here, except its not my job, its just when i need to code things im ready to do it. and after the "<3 asterix" it was more of a general thing (thanks to all who used)
