Email injection attack

Posted on October 1, 2005 by Carly (Admin)

This morning before heading off to work (yes I know it is a saturday) I decided to check my email quickly only to discover that the band website contact form had been attacked (or at least tried). Luckily they were not successful because I had none of the form variables going into the header of the mail but still opened my eyes to another vunerability that I have now fixed on all my mail forms. The positive side of the internet meant that I was able to find out a lot more information from searching. Here are some good reference points for anybody that needs to protect a mail form.

http://www.anders.com/cms/75/Crack.Attempt/Spam.Relay – This is the first blog that I came came across. It has a useful description of what is happening and lots of comments.

http://www.anders.com/projects/sysadmin/formPostHijacking/ – The first site nicely summed up into clearer information (from the same person)

http://securephp.damonkohler.com/index.php/Email_Injection – A description on how to prevent email injection in php.

www.php.net also has useful information in the comments of the mail function.

I am hoping that since the attack was not successful the spam attempts will stop. The last thing I want to do is build one of those type the letters from the picture things for a community bands contact web form.

Posted in Life | Leave a comment

Google Sightseeing

Posted on July 15, 2005 by Carly (Admin)

Google maps beta recently added the feature of high res images. A fan site has started dedicated to special places and interesting shots. Some really nice shots!

Google Sightseeing

Posted in Other | Leave a comment

Blitzers Intro

Posted on July 15, 2005 by Carly (Admin)

I have been working a flash piece for the blitzers home page.

I still has a bit of work that needs to be done but check it out

I will finish it soon(tm)

dev details:
It is made in FlashMX2004 but published for flash 6. The images are seperated into seperate movie clips that are added when moving across. Eventually I will make it so that they are removed when no longer on screen. The slow/med/fast cpu values control how the particle systems display. If it is slow then they will not display, if it is medium they will display a bitmap representation of the particle, if it is fast then they will display a vector prettier illustration of the particle. This is because the current flash player redraws all vector points of an illustration when the movie clip moves and that makes things very slow very quickly. There is nothing really complex about it at all, just a lot of time taking screenshots and lining them all up.

Posted in My projects | Leave a comment

Time for an update

Posted on July 8, 2005 by Carly (Admin)

Things got busy and I forget about updating the blog so here is a bit of an update.

Toshie (Andrew’s parent’s puli) now has his own blog. check it out!

We held a suprise birthday party in kalinga park for Andrew. The weather was beautiful and we had a great day.

I now have a laptop (which I am actually using now). I have installed Ubuntu on it and have found it really easy to use. At my second attempt, I successfully set up apache and mysql. This allowed me to demonstrate the band website last night at band. Suprisingly (or not so suprisingly) I had an easier time connecting to the net through our home network and then work network then with a window’s machine.

Posted in Life | Leave a comment

Test run

Posted on June 23, 2005 by Carly (Admin)

I had this afternoon off work. YAY. After relaxing for a few hours I felt a lot more awake and decided to take my bike out for a test run. I managed to find the bike path and it is only 15min away. There is also an on road bike path (runs parallel to the road) for most of the way, but this is often filled with parked cars.

Before taking off I found out that it was actually legal in Queensland to ride your bike on the footpath as long as you gave way to pedestrians.
There is some helpful information at our brisbane
Maps of the bikepaths can be found on the Brisbane City Council Website

Posted in Life | Leave a comment

XUL

Posted on June 8, 2005 by Carly (Admin)

The devshed newsletter came today and I got reading about XUL (XML User Interface Language) pronounced zool. XUL is subset of XML specifically designed to describe user interfaces.
After reading the article I went searching for a better understanding, starting at wikipedia.
http://en.wikipedia.org/wiki/XUL – Wikipedia entry
http://www.mozilla.org/projects/xul/ – Mozilla overview of XUL
http://xulplanet.com/tutorials/whyxul.html – Really good tutorials and explanations

The bit that really interests me is the planned support to create standalone applications. Currently I use hta (html application) files to run flash and html content on the users machine that needs to save out. This works really well but requires ie5+ on the users machine. I know this is not a big requirement but it is always nice to have an alternative especially controlled with the flexibility of xml.

This technology is also used to create extensions and skins for firefox. Although I don’t have any useful ideas I will muck around with this too.

In my travels I also discovered UIML (User Interface Markup Language) and wikipedias hello world page.

Posted in Other | Leave a comment