Categories
Operating System PHP Server Configuration

.htaccess Hack

Today, I got another wordpress that stop working and start giving 404 error. Previously client got it fixed by removing .htaccess from his installation and get it working. I thought he might mess his wordpress himself. But when we got similar error today I search and little and find that in .htaccess there is a php injected to wordpress which reside at  “/tmp/25454b22bf39c75795851f39d5e347c4”, after opening the file it looks like professional white script. But knowing computer programmer, only a hacker or idiot can place an important file in /tmp folder. Anyways, I don’t know the cause of hack yet, but I saw following pattern:

1.  Hack is known for wordpress and OsCommerce as of now. [I personnely see only wordpress below 3.0.5 been hacked, rather more specific to 3.0.4 version]

2. Hack need .htaccess file and /tmp folder, so only Linux [can they use windows temp? not know] and surely for Apache user it is an issue.

I cannot say wordpress or oscommerce is broken, but definately there is a control upload script that copy file to /tmp folder which is usually public readable. and then getting .htaccess is problem.

So if you are on Linux/apache and your software does the .htaccess read/write then you need to be beware.

Precaution

1. Make your .htaccess read only by user and group at most not for public

2. Create a empty non writable file /tmp/25454b22bf39c75795851f39d5e347c4 so in case someone try to copy it fails as file already exists.

3. Change your Passwords

4. Upgrade your software to latest version

5. Do not upload any theme or plugin which is not from known or tested source.

6. Look for vendor recommendation before installing any plugin.

Phew, so far my wordpress is safe, been on windows hosting I am sure the hack will be different if any, lets wait and see.

EDIT:  After few days of writing this article I found few instance where I can safely says that it is not a wordpress or OsCommerce hack, but rather a hack related to either Linux Operating System, or Apache Web server or Plesk Control panel. For sites I see this hack only those three are in common. All those site I saw get hacked in above way are not written by one developer, not belong to one server [except they all use plesk and apache], not using only Mysql [do you really thing mysql query can create ,htaccess?]  So, I give Clean chit to any Open source software as of now from this hack. This is indeed a server hack, Still no reason known to me.

Good luck guys !!!


Categories
Blog: My thoughts Operating System

Linux yet again try to gain popularity on MS

I have continously notify how opensource gaints are using microsoft name to get popularity. Today I got a newsletter which says “Linux kicks Microsoft back” . After reading this I follow some links and found some interesting fact. First here is what I understand as summary of article. Microsoft says 93% of mini laptops worldwide runs on Windows Operating system, where as a independent firm research and found that some major laptop gaint sales about 30%-35% of their computer with Linux as their Operating system.

I respect those experince author but as in one of article it says, “Just because you live in the United States, don’t assume that everything is on Windows,” Orr said. I would says, if you take stats from companies sales doesn’t mean user actually are using those Operating system.

When mirosoft launch public Beta review of Windows 7, thousands of Vista /XP notebook user install that Beta and RC versions on their PC. In India, I have see most people to save license cost buy Linux based Netbooks but end up installing Beta or RC version of Win 7, and yes no report can count that as for researcher, piracy is not counted. Netbook sold on Linux means it use Linux.

As a web developer when I see W3schools.com’s stats which is public available and used by every single web developer to take help on HTML and programming about web, it clearly shows linux is used 4.3% in last month less then MAC itself which is 6.7%. Check it yourself (http://www.w3schools.com/browsers/browsers_os.asp). If 30% of computer user are on Linux why w3schools record so low? doesn’t software developer like to use Linux ??? If developer cannot use Linux then how can a normal user does that ? Scary if you are normal user.

Secondly, that Article about microsoft saying 93% of market share was publish based on some research in Feb 2009, where as the “Contradiction” cames in Nov 2009, after 10 months, come on man 10 months are away too much to change market trend, specially in computer fields, Or does the researcher team going per home counting the PC..lol.  But I am sure the truth is not lie in both stats.

But it should be somewhere between Actual SALES of OS on netbook and Actual Usage of OS. Linux does get 30% sales as research says, but Windows got used on 93% of netbooks. ah, that means 23% of linux user are actually using pirated software, and researcher says microsoft is clean after its $10 billion fines. Yeah, that is right no one is good or think of user, but atleast microsoft dare to says “they make something good” rather than saying “We are better than Mr. X, because Mr. X is cheat”.

Categories
Blog: My thoughts Operating System

Key difference between Linux and Windows

I read an article that try to mention 10 key difference from Linux and windows. I like the article and can easily sense that it is another article that get biased at few places. You can read that article here : http://news.zdnet.com/2100-9595_22-219655.html?tag=btxcsim.

The biased things I found are:

#3  Online peer support vs paid helpdesk support

Author mention that we get Online peer support for linux where as we get paid helpdesk support for windows, but the thing is with linux you will get only the PEER support unless you BUY a paid Helpdesk support. But with windows, you will get paid helpdesk as integral part of your Software along with peer Support. Forums and mailing list for windows is as equally popular a for linux. So with windows you are always better in chance of getting response.

#9 Automated vs nonautomated removable media
Author Jack Wallen mention and try to prove that non automated removable media mount is better in terms of security. I agree with him from is point of view, but he forgot that he is mentioning either a desktop software or a Server software. If we are talking of desktop user than in modern worldwe are virtually taking of single user at a time PC and not a Mainframe NASA computers that are operated by 100 of operators at a time.

Hope I put correct views here.

Categories
Operating System

Linux on Virtual Box

As new year start, I got sometime to play with my old Linux Installation on VirtualBox. I was using this installation on my Laptop that support 1440×900 screen resolution, but I have my linux working only on 1024×768 resolution. I was using it as this resolution as I doesn’t work much on linux, but now to prepare for my upcoming project, I thought to prepare a better machine.

When I try to change the screen resolution for my linux, normal Display dialog doesn’t allow me to do so. It change back every setting I do to default of what I am using. It infact doesn’t allow me to change the hardware driver too. I search internet as usual, found some forum topic suggesting to make manual changes to X11 configuration file.

I did those but they are not gettting in effect. then I realize the by default the frequency taken by X11 is way too low for the 1440×900 resolution and hence it doesn’t allow to set it properly. I change the Monitor entry in configuration file, change the frequency to have range of 31-100 for Horiz and xx- 120 for vertical, now I can make changes as I want.

Just a reminder for my short memory…

Categories
Links Operating System Other

Microsoft Vs So Called Better Community

I have read many articles where a open source developer or group says Windows is bad, Microsoft is bad and their open source is good. It is FREE. I always get in argument, that it is not that Windows is bad, but some people like them present their product after compare it with Microsoft product (That only shows how microsoft products are, that people do make a comparable software to compete it).

Anyways, I found this blog articles, which are based on data present on official website of relative software, which is an eye opener for all

http://blogs.technet.com/security/archive/2007/11/30/download-internet-explorer-and-firefox-vulnerability-analysis.aspx  (IE vs Firefox)

http://blogs.technet.com/security/archive/2008/05/15/q1-2008-client-os-vulnerability-scorecard.aspx  (Windows Vs Linux Vs Mac OS)

It is not that microsoft make very good software, but they did nothing wrong by making them.

If you are  a open source developer, please please do not spoil the name of Open source community by standing against Microsoft. You make good software, then act and advertise on your software features, not on other products Weakness.

Hope that will tell you why I love MS 🙂

Categories
Concept/algorithm Operating System PHP

Linux User authentication using PHP

In one of my last post i try to define how linux store its password. Today I will be putting Complete PHP code for it.

Just run it on your local server(mind it your Http server must be running as root user in order to use this script )

Its a raw way of doing password matching and shouldn’t be used for commerical application or servers. its purely Learning script

So here goes the script

6 && CRYPT_MD5 == 1) {
$salts = explode(“$”,”$userlist[1]”);
$salt = “\$1\$”.$salts[2].”\$”;
$gen_password= crypt($password,$salt);
if ($gen_password == $userlist[1]) {
$UserMatch = true;
}
else
{
$UserMatch = false;
}
}
else {
$UserMatch = false;
}
break;
}
}
return $UserMatch ;
}

if (ReadUser(“sumit”) == true)
{
if (MatchPassword(“sumit”,”sumit”) == true )
{
echo “Login successful”;
}
else
{
echo “Login unsuccessful”;
}
}
?>

Hope that helps learn understanding linux passwd and shadow usage.

EDIT: I will update the script sometime sooner maybe!!!

Categories
Server Configuration

SELinux and Apache Permission Denied

Hi,

Today I have new problem with my apache 2.0 installation. It stop Picking document root files and give Permission denied Error in Apache Error log for those folders … Seems strange to me.

I give FULL permission to that folder, try each and every combination of permission and owner that I think should work, but no use.

Why … as this is first time I was running apache on SELinux enable system. It is “Extended Security for Linux”

Thanks to this post in Experts Exchange I got the solution
http://www.experts-exchange.com/Web/Web_Servers/Apache/Q_21171001.html

Last comment by kbensch is correct solution

It says to check the object Permission in extended mode with

ls -Z /dir/where/www/root/will/be

and than change it to permit httpd service to use it as its own data rather than users data using

chcon -R -h -t httpd_sys_content_t /dir/where/www/root/will/be
Though not sure what effect it has on user accessing this data … as i am still new to linux and it has Extended Security now …

Thanks to Experts exchange to bank that question for me 🙂

Sumit Gupta
(My Experts Exchange UserName is VIkasumit :o) )