URL parameter injections

Published Oct 2, 2007

In the last couple of months I’ve been getting more and more attacks through the use of URL parameters. What happens is that I get a lot of requests to the pages that has URL parameters and then the hacker or robot tries to do SQL injection by adding code to the parameters.

This is one of the pages where this happens:

http://blog.madskristensen.dk/?year=2006&month=5

and this is the request that is made to that page by the robot:

http://blog.madskristensen.dk/?year=2006&month=5 and user>0

In my case nothing happens since BlogEngine isn’t vulnerable to these kinds of attacks, but it definitely is a reminder to always make sure that SQL injection attacks cannot happen from URL parameters like this. It was only when I counted the number of these attacks made to this website that I realized just how many I get on a daily basis. Be careful.

Making screencasts

Published Oct 1, 2007

In the last couple of days I’ve done some screencasts on how to use BlogEngine.NET. I know there are many applications available that can record my screen and audio, but I didn’t really want to go look for any of them. Many of them come with a price tag and then I’d have to learn how to use them afterwards.

I remembered the time when Windows Server 2003 was in beta and I was running it as my main operating system. It came with a wonderful application called Windows Media Encoder. So instead of looking for newer and maybe cooler screencast recorders I just downloaded the old Windows Media Encoder which is free. It is outdated by now, but it’s easy to start using it and it produces fairly good quality videos.

Windows Media Encoder

The only problem is that it cannot edit a video after it finished recording it. So I gave Windows Movie Maker a go. The result was not good, not good at all. When I imported the video, did nothing and saved it again, the quality dropped immensely and the size of the file tripled. I still find it odd.

From this experience I’ve learned that Windows Media Encoder is good and Windows Movie Maker is not. I’m planning to do a lot more videos so it might be about time I started looking for alternate recording tools and editors.