Archive for September, 2011

Equivalent of the PHP’s explode() function in Microsoft SQL Server 2000/2005

Wednesday, September 28th, 2011

There are situations, when you need to port a functionality from one programming language to another.

Some time ago I had to create the equivalent of explode() function in Microsoft SQL 2005.

Here is the result of my one-day battle with SQL. (more…)

MySQL.com website hacked and used to serve malware

Wednesday, September 28th, 2011

A site that offers “the most popular open source database” and boasts nearly 12 million visitors per month (almost 400,000 per day), is therefore an ideal tool to spread malware.

Yesterday hackers had installed JavaScript code on MySQL.com site that performed a variety of known browser attacks at visitors to the site, so those with out-of-date browsers or unpatched versions of Adobe Flash, Reader or Java on their PCs could have been infected with malicious software. (more…)

What’s new in PHP 5.4? A huge list of major changes!

Tuesday, September 27th, 2011

The PHP 5.4 is now available.

As you probably know, the updates that were intended for postponed PHP 6 were added to PHP 5.4.0 instead, so now PHP includes a huge set of new language features and removes several legacy behaviors.

Because of that I created a list of major changes since PHP 5.3 ,along with some examples and brief descriptions of these changes… (more…)

Ani-Shell, just another black-hat shell in PHP

Tuesday, September 27th, 2011

Quoting the project’s home page:

Ani-Shell is a simple PHP shell with some unique features like Mass Mailer , A simple Web-Server Fuzzer , a DDoser etc! This shell has immense capabilities and have been written with some coding standards in mind for better editing and customization

(more…)

Pirate files on php.net site? The next reason why you should use MD5 and PGP checksums!

Monday, September 12th, 2011

It’s been two weeks since the publication of an article on ZDNet on illegal files found on the php.net server. The author wrote in the article:

PHP, utilized by millions of Web sites around the Web, has a not-so-hidden secret on their Web site: a directory full of pirated content, config files containing user name and password information, and more.

While the ZDNet article contains some factual errors (the “pirated content” was located only on the id.php.net server, which is simply a 3rd party mirror hosted by http://www.pesat.net.id/), the screenshot below demonstrates one major problem…

Pirate files on php.net (courtesy of ZDnet)

… If someone (even sysadmin) downloaded pirated and potentially malicious files to the trusted web server, someone else can with ease replace the valid content (ie. PHP binaries or documentation) with a tainted data. (more…)

Kernel.org hacked – how to get Android repo?

Monday, September 5th, 2011

As you may already know, kernel.org site which hosts the Android git repository has been hacked. Because of this we can’t obtain the Android source code from its servers. All attempts to do so ultimately fail with the similar response:

[root@localhost WORKING_DIRECTORY]# repo sync
android.git.kernel.org[0: 130.239.17.13]: errno=Connection refused
android.git.kernel.org[0: 199.6.1.173]: errno=Connection refused
android.git.kernel.org[0: 2001:6b0:e:4017:1972:112:1:0]: errno=Network is unreachable
android.git.kernel.org[0: 2001:500:60:10:1972:112:1:0]: errno=Network is unreachable
fatal: unable to connect a socket (Network is unreachable)
error: Cannot fetch platform/bionic

or:

[root@localhost ~]# curl https://android.git.kernel.org/repo>  ~/bin/repo
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:--  0:00:01 --:--:--     0
curl: (7) couldn't connect to host

I will describe another way to get the Android source codes if you hadn’t already cloned it’s repo before kernel.org servers went down. (more…)

Kernel.org has been hacked… Google requested to take android repo offline.

Thursday, September 1st, 2011

This hack was discovered on August 28th. Currently all kernel.org boxes are offline to do a backup and are in the process of doing complete reinstalls.

How the hackers managed to gain root access is currently unknown and is being investigated. The maintainers of kernel.org are in the process of doing an analysis on the code within git, and the tarballs to confirm that nothing has been modified.

Until then, say goodbye to the Android repository:

[root@localhost WORKING_DIRECTORY]# repo sync
android.git.kernel.org[0: 130.239.17.13]: errno=Connection refused
android.git.kernel.org[0: 199.6.1.173]: errno=Connection refused
android.git.kernel.org[0: 2001:6b0:e:4017:1972:112:1:0]: errno=Network is unreachable
android.git.kernel.org[0: 2001:500:60:10:1972:112:1:0]: errno=Network is unreachable
fatal: unable to connect a socket (Network is unreachable)
error: Cannot fetch platform/bionic

(more…)