[horde] spammers targeting horde/imp as spamming tool

[robert sand]

The attached script didn't get attached so here it is (replace "USERID","PASSWORD","HORDE_PREF_DATABASE_NAME" for your 
installation.)

<?php

    @ $db = mysql_pconnect("localhost","USERID","PASSWORD");

    mysql_select_db("HORDE_PREF_DATABASE_NAME");

    $query = "select pref_uid from horde_prefs where pref_name='identities' and (pref_value like '%dear%' or pref_value 
like '%united nation%' or pref_value like '%winner %' or pref_value like '%simon%wong%' or pref_value like 'bank' or 
pref_value like 'funds' or pref_value like 'password')";

    $result=mysql_query($query);
    $first = 0;

    while($row=mysql_fetch_object($result)){
      if ($first < 1){
         echo "Keyword list = 'dear','united nation','winner ','simon%wong','bank','funds','password'\n\n";
         $first = 1;
      }
       $uid=$row->pref_uid;
       $query = "select pref_value from horde_prefs where pref_name='identities'
and pref_uid='".$uid."'";
       $result1=mysql_query($query);
       $row1=mysql_fetch_object($result1);
       $sig=$row1->pref_value;
       echo "User ID $uid is possibly compromised.  Signature matches keyword and contains:\n $sig\n\n";
    }

?>


-- 
Robert Sand.
mailto:rsand at d.umn.edu
1028 Kirby Drive
366 K Plz
Duluth, MN 55812-3095
218-726-6122        fax 218-726-7674

"Walk behind me I may not lead, Walk in front of me I may not follow,
Walk beside me and we walk together"  UTE Tribal proverb.