Archive for the ‘Security’ Category

MySQL.com website hacked and used to serve malware

Wednesday, September 28th, 2011

A site that offers “the most popular open source database” and boasts nearly 12 million visitors per month (almost 400,000 per day), is therefore an ideal tool to spread malware.

Yesterday hackers had installed JavaScript code on MySQL.com site that performed a variety of known browser attacks at visitors to the site, so those with out-of-date browsers or unpatched versions of Adobe Flash, Reader or Java on their PCs could have been infected with malicious software. (more…)

Ani-Shell, just another black-hat shell in PHP

Tuesday, September 27th, 2011

Quoting the project’s home page:

Ani-Shell is a simple PHP shell with some unique features like Mass Mailer , A simple Web-Server Fuzzer , a DDoser etc! This shell has immense capabilities and have been written with some coding standards in mind for better editing and customization

(more…)

Pirate files on php.net site? The next reason why you should use MD5 and PGP checksums!

Monday, September 12th, 2011

It’s been two weeks since the publication of an article on ZDNet on illegal files found on the php.net server. The author wrote in the article:

PHP, utilized by millions of Web sites around the Web, has a not-so-hidden secret on their Web site: a directory full of pirated content, config files containing user name and password information, and more.

While the ZDNet article contains some factual errors (the “pirated content” was located only on the id.php.net server, which is simply a 3rd party mirror hosted by http://www.pesat.net.id/), the screenshot below demonstrates one major problem…

Pirate files on php.net (courtesy of ZDnet)

… If someone (even sysadmin) downloaded pirated and potentially malicious files to the trusted web server, someone else can with ease replace the valid content (ie. PHP binaries or documentation) with a tainted data. (more…)

Kernel.org hacked – how to get Android repo?

Monday, September 5th, 2011

As you may already know, kernel.org site which hosts the Android git repository has been hacked. Because of this we can’t obtain the Android source code from its servers. All attempts to do so ultimately fail with the similar response:

[root@localhost WORKING_DIRECTORY]# repo sync
android.git.kernel.org[0: 130.239.17.13]: errno=Connection refused
android.git.kernel.org[0: 199.6.1.173]: errno=Connection refused
android.git.kernel.org[0: 2001:6b0:e:4017:1972:112:1:0]: errno=Network is unreachable
android.git.kernel.org[0: 2001:500:60:10:1972:112:1:0]: errno=Network is unreachable
fatal: unable to connect a socket (Network is unreachable)
error: Cannot fetch platform/bionic

or:

[root@localhost ~]# curl https://android.git.kernel.org/repo>  ~/bin/repo
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:--  0:00:01 --:--:--     0
curl: (7) couldn't connect to host

I will describe another way to get the Android source codes if you hadn’t already cloned it’s repo before kernel.org servers went down. (more…)

Kernel.org has been hacked… Google requested to take android repo offline.

Thursday, September 1st, 2011

This hack was discovered on August 28th. Currently all kernel.org boxes are offline to do a backup and are in the process of doing complete reinstalls.

How the hackers managed to gain root access is currently unknown and is being investigated. The maintainers of kernel.org are in the process of doing an analysis on the code within git, and the tarballs to confirm that nothing has been modified.

Until then, say goodbye to the Android repository:

[root@localhost WORKING_DIRECTORY]# repo sync
android.git.kernel.org[0: 130.239.17.13]: errno=Connection refused
android.git.kernel.org[0: 199.6.1.173]: errno=Connection refused
android.git.kernel.org[0: 2001:6b0:e:4017:1972:112:1:0]: errno=Network is unreachable
android.git.kernel.org[0: 2001:500:60:10:1972:112:1:0]: errno=Network is unreachable
fatal: unable to connect a socket (Network is unreachable)
error: Cannot fetch platform/bionic

(more…)

The Plot to Kill PHP MySQL Extension

Friday, July 15th, 2011

Today I received a mass email from phpclasses.org. This was an information about a new entry on a blog led by Manuel Lemos, the creator of the phpclasses.org site.

In this entry he informs us that the PHP core developers are planning to kill the PHP original MySQL extension. (more…)

Strong data typing in PHP, part II: autoboxing and indestructable objects

Wednesday, April 13th, 2011

In an earlier article on the strong typing I’ve described the typehint mechanism that provides data type enforcement for the values sent to the methods and functions. Unfortunately said implementation does not protect against another problem associated with the dynamic typing of variables: a lack of type enforcement when overwritting value of an existing variable.

In order to control the type of data, I decided to introduce to PHP the concept of autoboxing known from other languages such as C# and Java. (more…)