A friend of mine has had his webserver compromised. A bunch of base64 encoded PHP shite was injected into the top of most PHP files, a "n3tshell" PHP shell in the vBulletin 4.1.8 /forums directory, a weird "334or0r.php" or something in another directory with more base64 crap in it. Stuff like that. Obviously the site's been compromised but I'm wondering if there's a quicker way to search for the source of the exploit without me having to audit every bit of his PHP code? The damage seems to spread across multiple directories and I'm having trouble figuring out the source. Looks like the HTTP logs have been wiped too. What would you guys do?
I'm not actually sure that this is web development now that I've posted it, but I figure this is the forum where people might have more of a clue on how to find the point of compromise.
It looks like this "god_mode_on" virus that's supposedly doing the rounds on some Wordpress sites, however he doesn't host Wordpress so I've got no clue how that's related.
Is it shared hosting? Another account might have been compromised and the exploit got spread around.
I think it's shared hosting. Bluehost.com. He (and now I) have got FTP and SSH access to the server. I guess it's possible that it could have been another user who got compromised, but how would say, a Wordpress exploit, affect another user? Wouldn't the script only have the permissions of its owner? It looks like one of the projects he was hosting has had extra code added, and it doesn't look automated. Someone added an else clause to a mysql_num_rows==0 check, and included that 33r04.php file or whatever. I'm pretty sure there's at least one SQL injection exploit in the site, but how would you be able to use that to create/download another file (e.g. PHP shell)?
A privilege escalation exploit could allow an attacker in one account to gain access to other accounts. These things are mostly automated, but once an attack works it alerts the person behind it to what's going on.
My site was hacked through a wordpress exploit, the attacker hid the exploit code in a script I was working on that was entirely unrelated, etc.
Can anyone help me out with setting up a small WampServer? I'm still in the process of learning more HTML, as I can only create basic web pages at the moment, so I'm not going to buy a domain/hosting yet. I just want something basic that I can host files on, and share it with friends.
I used this tutorial to setup a WampServer, followed all the steps, but when I went to load my website on my browser, it said 403 Forbidden, and that I don't have access. I also tried this on my phone and another computer, with the same result. I did a quick Google search, but the only thing I found was someone who said to replace the "Deny from all" with "Allow from all" in the file 'phpmyadmin.conf'. I did that, but the problem still continued.
Does anyone know how to fix this, or if there are any alternatives for me? Again, while I'm in my learning stage, I don't want to buy a website or turn to Webs.com or something similar.
OK, the WampServer works now, but it's only a local thing. So I guess I'm back to using Webs.
If you have the space there's no reason not to use a normal web server, browsers place certain restrictions on files loaded directly off the hard drive (Which simply aren't there if you use a server)
hey guys, i have a MySQL table full of 'games' - each game may only be played by a given user *once* - so i need to store a list of previous players per-game. when a player requests a new game, i need to select a game which the user has not played before, then add the player to this list before the game is sent to him/her.
i'm a complete MySQL newbie, so can someone suggest the proper table layout to manage a list like this? and how would i query for a game that doesn't have a certain player in its list of previous players?
then say you wanted all the players who have played game_id 3 you could doCode:|user_id | game_id | +--------+---------+ |1 | 2 | +--------+---------+ |1 | 3 | +--------+---------+ |2 | 1 | +--------+---------+ |2 | 3 | +--------+---------+ |3 | 1 | +--------+---------+
"SELECT 'user_id' FROM 'games_played' WHERE 'game_id' = 3"
or say you wanted all the games a specific player has played for example user 1
"SELECT ''game_id' FROM 'games_played' WHERE 'user_id' = 1"
I'm no expert but this is how i would go about it, hope this helps
This is a question regarding Ruby:
Is what I have. For some reason it shows the name of the first object, and then for the second object, there is a value before I downcase it, but no value in the "test" variable after i downcase.Code:@wattedoens.each do |wattedoen| test = wattedoen.naam.downcase! %> test = <%= test %>, <%= wattedoen.naam %> <br/><br/> <% if(test == $test) redirect end end
test = tussen_2_voertuigen, tussen_2_voertuigen
test = , fietser_of_voetganger
(Words are Dutch and so are some of the variable names, but you get the picture)
SELECT * FROM games WHERE something=1 AND user_has_not_played_this_game
i don't know how to write the user_has_not_played_this_game part, any tips? how would i query from an additional table?
You can tell what games the user hasn't played simply by seeing what games they have, by definition every game not on their list is unplayed.
right, i was asking more about the technical terms of implementing what i now know is called a "subquery" :)
looks like i need something like
SELECT * FROM games WHERE open=1 AND NOT EXISTS (SELECT * FROM users_games WHERE user='bob' AND game=???)
how would i get the ??? - it needs to be the id of the game from 'games' (the outer query)
apparently i'd need
SELECT * FROM games WHERE open=1 AND NOT EXISTS (SELECT * FROM users_games WHERE user='bob' AND game=games.id)
any other advice?
SELECT * FROM `games` WHERE `user_id`='$userid' AND `game_id`='$gameid'
Then just check whether or not this is returns something, (given the above table)
If it does return something, then he has the game. If it doesn't, he doesn't have it.
Or do you really want to know exactly which games he has/doesn't have?
Also, where $userid and $gameid are variables.
Why don't I see a lot of people on FP using ASP.NET?
Any good windows hosts out there?
My VPS which runs windows Server '08 R2 with IIS 7 has a problem with opening the default page
The problem is that it directs me to /index instead of index.php
Already changed the Default Document to index.php but it still leads me to /index/
http://butterfieldhotel.com site in question
Are you affiliated with Brian Butterfield?
Also, do you have any redirect rules setup? the server is forcing a redirect to "/index", which doesn't exist. The default document should just specify what to load when "/" is encountered, not to actually perform a redirect.
Apparantly after downcasing, only the first name has a value, the others just come back as an empty string, even though they have values BEFORE i downcase. I'd like it if it were to be fixed asap.
Why does the <li> tag adds spaces between eachother when they have the css display:inline-block applied on them?
For example: <li>blah</li><li>blah2<\li>
TheDecryptor took a look at my VPS and could not find a solution.
Any other suggestions?
(Forgot to mention, this happened after the install of ColdFusion 9)
Each object has a variable called "Naam".
I put the wattedoen.naam in a variable called "test".
Then put that to lower case, so i could compare it with another variable which was also downcased.
Yet, only for the first object, the downcased variable called "test" had a value.
For the others it was an empty string, even though the string had a value before downcasing.
Anyway I fixed it myself:
Basically it was removing the ! at the end of "wattedoen.naam.downcase".Code:<% @wattedoens.each do |wattedoen| test = wattedoen.naam.downcase if(test == $test) redirect :action => :show, :id => wattedoen.object end end %>
Can you explain what the "!" was for then? I googled downcasing, and just used the function in the same way as they did it.
isn't it best practise to write all code with english variable names (where possible)?
also wtf why are you using a global variable
True. But this is an app for insurances and I don't know how to translate most of the variable names, and I probably won't ever have to use the words in English again after this.
And it has to be maintained (not the program itself, more like, the content, texts etc) by 2 people who don't understand Ruby so it's easier to have it in Dutch to make easier waypoints for them.
also don't put parens around the condition in if statements
also what the actual fuck why are you redirecting from inside a view
my lord this code
If i use this:
Name ends up to be nil every time. Id gets a value but if i change it to anything else it just flunks.Code:<a href="<%= url_for :action => :changeVar, :id => schadesoorten.object, :name => item %>"> <%= schadesoorten.Naam %> </a>
At the other end, I have:
Yet every time only @params['id'] gets a value.Code:def changeVar name = @params['name'] id = @params['id'] redirect :controller => :WatTeDoen, :action => :index end
Maybe I should just pm you for these questions? Otherwise I'm spamming the thread with my Ruby illiteracy.
you should probably go read a rails tutorial