Posts Tagged ‘MySQL’

What to do if your blog was hacked by evil eval

Saturday, September 5th, 2009

Weird things happens. Mostly in WordPress. One morning you see that your permalinks became a something like this:

blah/%&({${eval(base64_decode($_SERVER[HTTP_REFERER]))}}|.+)&%/

Or this:

/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_EXECCODE%5D))%7D%7D|.+)&%

Or your feed crapped like this:

error on line 22 at column 71: xmlParseEntityRef: no name wordpress

Do not panic – you’re hacked. And there is three steps to get rid of it.

1) Restore your permalinks
Go to Admin panel -> Settings -> Permalinks.
Set your permalink structure to whatever it was earlier. If you don’t even imagine what it was – you can always ask google for it – just like this: site:yourblogurl.com – and you’ll see the answer in the links to your site.

2) Kill the intruder(s)
Go to your preferred mysql administration tool (say, MySqlAdmin) and run this code in the SQL window:

SELECT * FROM `wp_usermeta`
WHERE `meta_value` LIKE '%script%'

You’ll see the list of records, write down user_ids of those guys.
Go to Admin panel -> Users -> Authors & Users, copy the edit link for any user, it’ll be somethings like:

http://yourblogurl.com/wp-admin/user-edit.php?user_id=14&wp_http_referer=%2Fwp-admin%2Fusers.php

Then paste it into address line, and change user_id=XX to the first user_id you wrote. Go.
Replace First name with whatever you want (for example “z”), insert “motherfncker@test.com” into Email field (or whatever, but remember it, you’ll need it later) and set the Role into Subscriber. Push Update user. Then repeat with the next one in your user_ids list. After you finished – just type in into the search line word “motherfncker” (or whatever you set emails to). Now – just delete bastards!

3) Defend the base
Just upgrade your wordpress. If you will do it periodically – there will be no such problems at all!

If you do not have ability to use some SQL tool – you can try to blind find bastards:
Go to Admin panel -> Users -> Authors & Users
Note the number of Admin users (right under “Users” header). One of them is you, all others – bastard ones :)
Try to find max. user_id in the list by hovering your mouse over links. Then copy the edit link of the user with topmost ID, insert it into address line, change it to next number and go. Did not work? Try the next number. Or previous one. You can even loop through all IDs not in use. And when you’ll find him – you know what to do!

Popularity: 1% [?]

Tags: , , , , ,
Posted in MySQL, Optimisation, Wordpress | No Comments »

Disable Autorun Once And For All

Thursday, September 27th, 2007

Auto Run Today I wanted to disable Autorun feature in Windows XP box. And I found, that all that Microsoft can bring is funky right-click-on-drive menu with lot of disk types…

That’s not my way. After 2 minutes Autorun feature has been disabled system-wide. And for you it will take less time – because I’ll take care of this.

All you need is to fetch a .reg file below (right click th link, choose “Save target as”), doubleclick it and say “yes”, than reboot.

Disable Autorun (Windows XP)

All the trick is to set
HKLM\SYSTEM\CurrentControlSet\Services\Cdrom\AutoRun to 0

If you wanna do vice-versa trick, you need to fetch and run next file (right click th link, choose “Save target as”), doubleclick it, say ‘yes’, and reboot. If not helps, check those funky right-click-on-drive menu.

Enable Autorun (Windows XP)

That’s all, folks!

Popularity: 85% [?]

Tags: , ,
Posted in Software | No Comments »

Mozilla is alive! Mammon is… Who?

Thursday, August 16th, 2007

firefox-vs-ie One of the freaky cheats in FireFox browser.

I posted all of them today.

Just type in address line “about:Mozilla” and press enter.

What the hell is that?

And so at last the beast fell and the unbelievers rejoiced. But all was not lost, for from the ash rose a great bird. The bird gazed down upon the unbelievers and cast fire and thunder upon them. For the beast had been reborn with its strength renewed, and the followers of Mammon cowered in horror.

Ok, guys, Mammon is… Aaaa…. Hmmm…. This is Mammon:
( I don’t know why he hasn’t a face of Bill Gates nowdays? )

mammon-euro-dollar

But why a great bird? If they do mean a Mozilla ThunderBird – now it dead again. If they meant FireFox – it’s not a bird. And if they meant Mozilla itself – I surprised it was bird.

Guys! What the hell was that?

Popularity: 41% [?]

Tags: , , ,
Posted in Personal, Software | No Comments »

Hidden FireFox’s resources

Thursday, August 16th, 2007

Type in address line one of a following:

  • about:
  • about:buildconfig
  • about:cache
  • about:config
  • about:plugins
  • about:credits
  • about:Mozilla

Funny ;)

And I’m glad to introduce to you: The new FireFox Logo!

New FireFox Logo

Popularity: 41% [?]

Tags: , , ,
Posted in Software | No Comments »

Put on Fire in the Fox’s ass!

Thursday, August 16th, 2007

Make sure that you have this browser:

Speed Up Firefox

Do you know FireFox well?

And how about advanced settings page? And how about direct access to it? OK, just type “about:config” into the address bar and hit return. Just like this:

Firefox's advanced settings address

Now, what do you see?

It’s your advanced settings, basically you can’t reach most of them in other way…

How To Speed Up Your FireFox

Look for the following entries:
network.http.pipelining
network.http.proxy.pipelining
network.http.pipelining.maxrequests

They looked just like this:
firefox-network-settings

Now,
Set network.http.pipelining to true
Set network.http.proxy.pipelining to true
Set network.http.pipelining.maxrequests to 10 (or 15)
Right-click, select New->Integer, name it nglayout.initialpaint.delay, set value to 0
Restart Firefox.

What we’ve done?

We allowed to make up to 10 (15) connections at once. Make sure not to set it higher than 20.
Also we allowed to act with received information with zero waiting time.

Popularity: 35% [?]

Tags: , ,
Posted in Optimisation, Software | No Comments »

Mozilla is alive! Mammon is… Who?

Thursday, August 16th, 2007

firefox-vs-ie One of the freaky cheats in FireFox browser.

I posted all of them today.

Just type in address line “about:Mozilla” and press enter.

What the hell is that?

And so at last the beast fell and the unbelievers rejoiced. But all was not lost, for from the ash rose a great bird. The bird gazed down upon the unbelievers and cast fire and thunder upon them. For the beast had been reborn with its strength renewed, and the followers of Mammon cowered in horror.

Ok, guys, Mammon is… Aaaa…. Hmmm…. This is Mammon:
( I don’t know, by why he hasn’t a face of Bill Gates nowdays? )

mammon-euro-dollar

But why a great bird? If they do mean a Mozilla ThunderBird – now it dead again. If they meant FireFox – it’s not a bird. And if they meant Mozilla itself – I surprised it was bird.

Guys! What the hell was that?

Popularity: 29% [?]

Tags: , , ,
Posted in Personal, Software | No Comments »

Scrap

Tuesday, June 26th, 2007

Hmmmm…
The previous piece of code is a scrap if you have to deal with MySql4 server with all-defaults.
So… I continued my challenge – I want my data back (and workin’) ;)
Stay tuned for next round…

P.S. For MySql5 all works great…

Popularity: 15% [?]

Tags: , ,
Posted in Development, PHP | No Comments »

UTF-8 fix – when charset is set to Latin1

Saturday, June 23rd, 2007

Situation: you have MySQL 5 database with tables which claimed to have Latin1 charset. You filled the base (with MySQL Front, PhpMyAdmin or any other tool) with info. There IS non alnum chars (like TM, (c), long –, ellipsis etc.)

Now you want it back, and your pages are utf-8 encoded, but when you queries the base, ??’ sign returned instead of your cute symbols. Shit.

Never mind, if you can see those chars with PhpMyAdmin – I’ll help you to convert them to use them.

First, mysql5 seems to be utf-8 lover (even if other charset is claimed). So – it’s simple. Just exec SET NAMES utf8 right after database initialisation.

Second, query all the data you need into array.

Third, just do utf8_encode on data with your loved scrap

Forth, exec SET NAMES latin1

Fifth – write your data back

Sixth – tell your application to use utf8_decode when reading and utf8_encode when writing those data.

That’s all – now you can easilly transfer your data to MySQL4* or MySQL5 servers – and your app will work there!

Example:

// init skipped 
 
/*********************************** 
 * Database connect 
 **********************************/ 
$o_db = new myDB(DB::connect(DB_DSN)); 
$o_db->db_setFetchMode(DB_FETCHMODE_ASSOC); 
$o_db->db_query('SET NAMES utf8'); 
 
$q = 'SELECT page_id, page_head_title, page_head_description, page_head_keywords 
  FROM '.DB_PREFIX.'pages 
'; 
foreach ($page as $k => $p) 
  foreach (array('page_head_title', 'page_head_description', 'page_head_keywords') as $field) 
    $page[$k][$field] = utf8_encode($p[$field]); 
$o_db->db_query('SET NAMES latin1'); 
 
foreach ($page as $p) 
{ 
  $up = 'UPDATE '.DB_PREFIX.'pages 
    SET 
    page_head_title = '.$o_db->db_quote($p['page_head_title']).', 
    page_head_description = '.$o_db->db_quote($p['page_head_description']).', 
    page_head_keywords = '.$o_db->db_quote($p['page_head_keywords']).', 
    WHERE page_id = '.$o_db->db_quote($p['page_id']).' 
  '; 
  $o_db->db_query($up); 
}

*see next post

Popularity: 14% [?]

Tags: , ,
Posted in Development, PHP | No Comments »