Posts Tagged ‘Blogging’

What to do if your blog was hacked by evil eval

Saturday, September 5th, 2009

Weird things happens. Mostly in WordPress. One morning you see that your permalinks became a something like this:

blah/%&({${eval(base64_decode($_SERVER[HTTP_REFERER]))}}|.+)&%/

Or this:

/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_EXECCODE%5D))%7D%7D|.+)&%

Or your feed crapped like this:

error on line 22 at column 71: xmlParseEntityRef: no name wordpress

Do not panic – you’re hacked. And there is three steps to get rid of it.

1) Restore your permalinks
Go to Admin panel -> Settings -> Permalinks.
Set your permalink structure to whatever it was earlier. If you don’t even imagine what it was – you can always ask google for it – just like this: site:yourblogurl.com – and you’ll see the answer in the links to your site.

2) Kill the intruder(s)
Go to your preferred mysql administration tool (say, MySqlAdmin) and run this code in the SQL window:

SELECT * FROM `wp_usermeta`
WHERE `meta_value` LIKE '%script%'

You’ll see the list of records, write down user_ids of those guys.
Go to Admin panel -> Users -> Authors & Users, copy the edit link for any user, it’ll be somethings like:

http://yourblogurl.com/wp-admin/user-edit.php?user_id=14&wp_http_referer=%2Fwp-admin%2Fusers.php

Then paste it into address line, and change user_id=XX to the first user_id you wrote. Go.
Replace First name with whatever you want (for example “z”), insert “motherfncker@test.com” into Email field (or whatever, but remember it, you’ll need it later) and set the Role into Subscriber. Push Update user. Then repeat with the next one in your user_ids list. After you finished – just type in into the search line word “motherfncker” (or whatever you set emails to). Now – just delete bastards!

3) Defend the base
Just upgrade your wordpress. If you will do it periodically – there will be no such problems at all!

If you do not have ability to use some SQL tool – you can try to blind find bastards:
Go to Admin panel -> Users -> Authors & Users
Note the number of Admin users (right under “Users” header). One of them is you, all others – bastard ones :)
Try to find max. user_id in the list by hovering your mouse over links. Then copy the edit link of the user with topmost ID, insert it into address line, change it to next number and go. Did not work? Try the next number. Or previous one. You can even loop through all IDs not in use. And when you’ll find him – you know what to do!

Popularity: 1% [?]

Tags: , , , , ,
Posted in MySQL, Optimisation, Wordpress | No Comments »

Star Wars image experiment

Saturday, January 17th, 2009

Now I’m ready to test something.
Someone can think that picture is offensive somehow – I assure you that is not.
At first, Ahsoka isn’t child, she seems so only next to Skywalker. At second she’s a freekin cartoon character – she have no age at all.

Popularity: 37% [?]

Tags: ,
Posted in Optimisation, Video | No Comments »

Fixed BoxOver js library

Wednesday, May 28th, 2008

Hi there, my dear java-damned-script fans!

boxoverToday I used to find an strange bug in pretty little fine-looking-hints library, called BoxOver from here. As you know, for the chars ", [ and ] with this library you must use ", [[ and ]] to display… It works, but only once for brackets.

So, I tried to find a fix… None found. At the forum some guy gave an ugly fix with &rbr; and so on…

Shame on you guys, did you ever heard of regexp syntax? ;)

Here’s the BoxOver library with fixed [ and ] brackets display:

Download BoxOver 2.1a javascript library (28th May 2008)

BTW, when I tried to register on forum to post my fix – I can’t – because of captcha insult, and that’s why I posted it here.

Popularity: 85% [?]

Tags: ,
Posted in Development, Download, Software, Tools | 3 Comments »

Wanna buy a PLIGG?

Tuesday, August 21st, 2007

pligg-com-sale Pligg is now for sale. Do you wanna buy it? Sale includes the pligg.com domain along with all web content created for the site including graphic design work, blog and forum administrator accounts, rights to the Sourceforge.net account. You can buy it here.

Shit.

Popularity: 59% [?]

Tags: , ,
Posted in Development, News, Software | No Comments »

3D cover design in two clicks

Tuesday, August 14th, 2007

Look at this:

3D cover design in two clicks 3D cover design in two clicks 3D cover design in two clicks 3D cover design in two clicks

It’s all virtual. And this is not a professional’s work. Those beautiful product boxes, books, and even DVDs – just in two clicks from you.

This is all a Box Shot 3D software, and it’ll cost a fifty if you want to remove watermarks from shareware version.

Some blah-blahs from official site:

Box Shot 3D is a virtual cover renderer based on ray tracing algorithms. What does this mean? Simply put, the box shots you create will look very realistic. This attractive display is often the deciding factor for purchasing products.

Because of high rendering technology, Box Shot 3D’s rendering is so life-like, customers may think they are seeing the actual product photo. Visit here for more details.

Please look at our product comparison here and judge for yourself the best, most economical and efficient method of creating your perfect product box shot.

This program worth a fifty. Of course you can spent this fifty it for a couple of good 3D design books, and then you can find a good freeware 3D editor, and learn how to use it, and then you’ll be able to render your product box shots! Or, as another way, you can pay a fifty to professional. He’ll do a work for you. One time.

Resume: try it, buy it, use it! My mark: 10 of 10 possible!

Popularity: 56% [?]

Tags: , , ,
Posted in Software | 1 Comment »

Sendmail for Windows Freeware

Monday, August 6th, 2007

I was looking for a windows (I mean win32) command-line send mail utility, something like Unix’s SendMail. And again – all I find worth $$. But when I look harder – I found two little utilities. They’re almost perfect.

1. Blat

Product that may cover most of your needs. Not a sendmail itself, but this is what most people mean when said “sendmail, windows, freeware”. Send your messages from command line, from batch files, from scripts etc. Authorisation and all the stuff is onboard. Opensource. C++. SourceForge based management. Active development.

What is Blat (and what does it do)? Blat is a small, efficent SMTP command line mailer for Windows. It is the SMTP *sending* part of an eMail User Agent (MUA) or eMail client. As such, Blat sends eMail via SMTP (or internet eMail) from the command line, or CGI, …

What is Blat not? Blat is NOT a drop in replacement for the Unix SENDMAIL, MAIL, MAILX utilities (or for that matter, any other eMail tool you can think of). A Perl script written to use these, for example, will not work without some tweaking.

You can download fresh Blat (sorta freeware sendmail for windows) from here: Blat’s download page.

2. Free SendMail Utility for Windows

Simplier one freeware sendmail utility – from John Wood, and it’s in v0.1 Beta state, and seems like author will not support it anymore ever (he called it a 10 minuter in 2005), and it’s written in C# (i.e. if you don’t have dotnetfx installed – so now you have to), but: a) it works; b) it’s simplier than blat; c) it small; d) it’s opensource.

The thing is, .Net gives you everything you need to send email, in an SmtpMail class. To send mail from the command line, I just had to expose this class – and how difficult could that be?! It had to be another 10 minuter.

So once again I did it myself. To save others the hassle of searching through google, or paying cash, I’ve compiled it into a simple command-line utility and put it up on my website.

Sure it’s nothing fancy, but it appears to get the job done from the limited testing I’ve run.

You can download Free SendMail Utility for Windows (a simple freeware sendmail for windows) from here: Free SendMail’s download page.

As for me – the first one is the best.

Hope I helped you to find what you want ;)

Popularity: 61% [?]

Tags: , , , , ,
Posted in Software | No Comments »

BlogJet

Tuesday, July 31st, 2007

BlogJet is a commercial blog client for Windows. And I made this and previous posts using this software. Hmmm. BlogJet is much better than BlogDesk one…. But I still need to edit the post after posting is done. Where are papagraph styles? Where are h1 h2 h3 h4 etc… ?? Where is real WYSIWYG editor? Where is image properties editing after I inserted it? Where human-readable image naming (check this out – in previous post image on my HDD named arch-enemy-2007-rise-of-the-tyrant-promo.jpg became some kind of non-seo non-human non-anyone set of letters)?

Author may talk about money, work to be done, “how he make controls that were snatched by microsoft”, and some mental shit, but I must say one thing. BlogJet is crap. Just like BlogDesk. Please note that BlogDesk is free to use, when BlogJet’s author wants $39.95. I’ll put them both in one place – and it will be /dev/null.

The official site says

BlogJet 2.0

Blog editor on steroids.
Now better than ever.

1. Remember, kids, steroids are bad. And this piece of binary crap proves it.
2. If this is better than ever – what’s bad?
3. Why 2.0? Did you anything for it? NO! It must be 1.99 – and so on – 1.100, 1.101.

Popularity: 36% [?]

Tags: , ,
Posted in Software, Wordpress | No Comments »

BlogDesk software

Saturday, July 21st, 2007

Hi there.

blogdesk-post

Today I’ll test a software called BlogDesk. Here is their icon blogdesk button, and here is their web-site.

BlogDesk is the offline weblog client, features WYSIWYG editor, ImageWizard, Thumbnails creator etc.

For example I inserted a program’s screenshot, and as you can see, thumbnail generation works wery well ;)

Seems I’ll try to use it for more time, maybe it’s an editor-of-my-dreams….

Seems like BlogDesk is crap. I edited all the links and srcs. Without editing – they all was pointed to “file:// ” (i.e. to my local hard drive).

Now I don’t know if I try this toy anymore.

Popularity: 29% [?]

Tags: , ,
Posted in Software, Wordpress | 1 Comment »

What happened to the daily show

Friday, July 20th, 2007

Many people wanna know, what happened to the daily show. And know what? I know that they do from my web-server’s logs.

So I must answer fairly – I don’t know. I really do not have any idea, what happened to the daily show.

That’s the answer :)

Popularity: 17% [?]

Tags: ,
Posted in News, Personal | No Comments »

404 in logs

Friday, July 20th, 2007

I hate 404s. I use awstats to watch my logs, and I hate when it shows some 404s…

I can tolerate some virus-generated URLs but when I see this “/feed%3Ahttp%3A//eyedmax.com/feed/“or search bot asking me for robots.txt or favicon.ico (and I haven’t one) – I can blow up.

My advices to all webmasters are following:

  • put all common files (including index.html, robots.txt and favicon.ico) to your site
  • validate the code for “strange” URLs
  • analyze log files
  • use the automatically generated site map

Don’t trouble Google ’till Google troubles you!

Popularity: 16% [?]

Tags: , ,
Posted in Optimisation, Wordpress | No Comments »

Blog adress changed – now it’s eyedmax.com

Thursday, March 22nd, 2007

Hi there!
I decide to buy a new domain for blog.
Now it named http://eyedmax.com/
Have fun with it ;)

Popularity: 6% [?]

Tags:
Posted in News | No Comments »

Hello, cruel world!

Monday, January 22nd, 2007

Here I am !

Just wanna say “HELLO” to all of you.

See you soon ;)

Popularity: 5% [?]

Tags:
Posted in News | No Comments »