Productivity Sync Just another WordPress weblog

April 30, 2016

France Attacks! …. or my website got hacked again.

Filed under: Uncategorized — admin @ 10:29 am

This time it was not my WP site.  Rather somehow they managed to attack my html/* directory directly.  I thought I had locked up access but it seems I missed something somewhere.

The attacker installed a new directory and some php files and a directory of files with sha’s for names into my account and added an .htaccess file to my html-root to invoke the php.

  • blackbirds-hurricane.php : has a reversed string to eval (base64_decode) <some big long string I guess I need to decode> .
  • dir.php :
  • gdform.php
  • gdform_prevv1.php
  • iioqbejo.php
  • webformmailer.php

Fortunately I have my account backed up in a git project locally so I can quickly diff what the heck is going on by scp-ing my site over my local copy and run “git diff” to see the new files and changes.  This attack did not change existing files.  It added files .htaccess and the php files commented above.

I don’t know how they got access to my http document directory yet.  But, I’ve restored the site to what was there before and closed up an old django prototype I had running on my site (just in case that was the attack vector)

 

But, some interesting notes:

  • in python to revers a string use something like my-long-string[::-1]  (worked great)
  • to decode use base64 –decode.  (cat decode.me | base64 –decode > decoded.file)
  • The decoded attack was a php file that had the following URL hidden in it f.gghijacktest.com
    • when I went to this url the page is an empty document.
    • http://wa-com.com/gghijacktest.com shows that the attackers are from France.  Wow, that’s a change from the Slavic attacks I’m accustom too.

 

Thanks to google for flagging the attack!

April 9, 2016

Checking out building Android on Windows using Windows 10 (redstone?) beta

Filed under: Uncategorized — admin @ 8:03 am

I’m taking my old-ish HP envy17 I got new Jan 2012.  Its a beefy box with quad core i7 with 16GB of ram and multiple SSD’s.  I got it for building Android.  FWIW other than being a power pig its still a good performing laptop.  Its been running Ubuntu versions since I got the thing.  Now I’ve been reading that MS Windows 10 will have the bash shell and access to all of ubuntu 14.04 user mode.  So, my first thought was “cool, I wonder if I can build Android with that?”  My next thought was “finally, Microsoft is doing something for the developers that don’t give a shit about visual studio or .net.  I bet they where fed up with all the nerd conferences (even Linux conferences) being awash in Macintosh laptops.  Good on Microsoft.

I like the direction and I hope the ubuntu support within it is good enough for what I like to do.

Lets find out.

Step 1: restore factory settings.  Uhg what pain in the ass / slow install.  I had the recovery DVD’s already so that was a a plus.  But, wow it takes a long time to run the recovery install.  It feels like 2 hrs to me (but it might be only 1).  It did give me time to vacuum a few rooms in my house between DVD’s.  Sadly my first attempt failed, and the thing still grubbed into ubuntu on me.  so I dd if=/dev/zero of=/dev/sda   and /dev/sdb.  Just to be safe.  Then I re-started the recovery install.  Sucks to be me.

Goddamnit!  I’m on my 4th attempt to install the DVD’s.  OMG, who knew you need to get the bios in the default settings otherwise you are wasting your 2hrs.  4 tries then I set the bios to default settings and then the 5th try looked like it worked.  but, did not.

Ok I gave up on the envy17 ever installing windows from the recovery DVD’s.  (Damn it HP!  Your recovery media I paid 25$ for doesn’t work AND it takes 2+hrs to find out for each try…)

 

  1. Switching to a newer Lenovo  T540 laptop I got from work that still has the original HD with all the factory install on it.
  2. go through the Windows 10 setup for a new laptop including taking an update and registering it with my gmail email.
  3. setup up a windows insider account so I can get access to the beta programs  https://insider.windows.com/Home/Index 
  4. Get the beta version and install it… go to the advanced tab for the Windows upgrade (settings/update&security/windows update/advanced options/get insider preview builds and do the setup stuff as requested.   Note after you have yourself registered for insider updates you need to set the “update level”  to fast (or slow) and then (maybe after a reboot to set up your PIN code for logging on) go back into windows update and click on “Check for updates”  where hopefully you’ll be asked if you want the lastest beta version of Windows 10 to come down the wire.  Now you have Windows 10 home insider preview Evaluation copy. Build 14316rs1_release. 160402-2217 (or newer)
  5. install the ubuntu root file system and start trying stuff.  https://blogs.msdn.microsoft.com/commandline/2016/04/06/bash-on-ubuntu-on-windows-download-now-3/
  6. type bash in the Cortana (aka start) text box.  Boom, you are running bash in a strange terminal window as what looks to be root.
  7. try to setup for building AOSP (fails on installing openjdk)
  8. file bugs in the issue tracker for using bash on windows.   Notice your problem is already logged.
  9. figure out how to clean up messed up apt-get databases after the java/openjdk install blows chunks.  (apt-get purge <whatever is failing>; apt-get install -f)

First impressions:

  • The terminal is annoying.
    • It has awkward copy and paste mechanisms from windows 3.11.
    • I can’t easily change font sizes (I miss ctrl-+ and ctrl–)
    • I can’t easily change the color scheme.
  • tmux doesn’t work
  • Ubuntu thinks I’m root.
  • The location of my home directory is : c:\Users\mark\AppData\Local\lxss\root
  • The location of the ubuntu root file system is located: c:\Users\mark\AppData\Local\lxss\rootfs
  • I was able to run apt-get dep build-dep linux-image-3.13.0-24-generic successfully and most of my new system setup apt-get’s  (except for the java stuff)
  • I had to get better at cleaning up screwed up apt data bases after failure in installing.
    • apt-get purge <whatever is failing>; apt-get install -f
  • git clone git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git  works.  (seems to be a lot slower than I’m used too.  Not sure if its the network or the environment)
  • building the kernel:
    • make menuconfig looks fugly but seems to work
    • make -j8 seems ok.
      • builds 4.6.0 RC2 with the default config in 3m 59 seconds
    • cscope -Rk works perfectly.  (so does ctags -R)
  • Vim works ok.  But, the color scheme sucks and I have not figured out how to change it so my terminal is easy to read while running vim.  (putty does this shit to me too)
  • irssi works after editing the .irssi/config file to set my user name and nick name to something other than “root”

 

Why am I trying this at all?

Well, I work in an organization pregnant on using MS-Windows/outlook/Lync(or skype for office)/MS-Office and I spend 1/2 my day in phone calls over the soft-phone sharing desktops with power point documents.  Its true that we also use goolge drive or docs but, its the soft-phone that kills me.   Sure, I’ve giving running a windows VM a good try but, the soft-phone never works well and I’m always getting messages about how my system was causing audio quality issues.

Now I use the stock system and a putty window to a tmux session on a proper linux workstation.  i.e. I’m using Windows as a thin client when I’m working on Android and all other times I use it as a phone, conferencing client and email client.  Even when I ran Linux on the laptop I use the workstation for builds because its got 16 physical cores compared to the 4 in the laptop.  So the work laptop is mostly used as a thin client anyway.

I hope Microsoft and Ubuntu get this feature working well and address the issues I ran into.  Then I will be pretty happy to use Windows 10…on my work laptop anyway.   I’m still running native ubuntu on my other laptops and computers.  But, if it becomes easy to do all the command line base work I’m used to doing with out having to wipe a system and install Linux (and risk not having the ability to go back to Windows even if its for a bios update) then I think I would just leave Windows 10 on the thing.  Assuming it “just works”…

Random links:

 

Powered by WordPress