Thursday, June 24, 2010

WordPress.Org and system users

If you notice you have these two strange users in your Wordpress: WordPress.Org, system - then it's very clear your site was compromised and you need to take some steps:

1) Remove those users, preferably manually with phpmyadmin
2) Check your template and your posts for modifications or hidden links insertions
3) Update Wordpress to the latest version
4) Look for backdoors in your .php files, generally malicious stuff is encoded, so check for "eval (" calls.

Monday, April 19, 2010

DOS/Windows End of Line vs Linux EOLN

Working with bash scripts on some text files can be really annoying. Everything seems perfect but you just can't get the desired results.
One common reason for this is the incompatibility of the end of line markers between different operating systems. On Windows there are two characters: '\r\n' and on Linux only one: '\n'. And that extra '\r' can really mess your terminal and your echo outputs. On the other hand, taking a Linux file on a Windows notepad, will display everything on the same line. But don't worry, this can be fixed. If you are on Windows, instead of Notepad try Wordpad or Word and this will eventually display your file correctly.

On Linux, first you should check your file to see what you deal with. You can use hexdump or mc(midnight commander - mcedit).

$ hexdump dos_test.txt -C
[...] 6f 77 73 20 73 74 79 6c |DOS/Windows styl|
[...] 20 4c 69 6e 65 0d 0a |e End Of Line..|

$ hexdump lin_test.txt -C
[...] 75 78 20 73 74 79 6c 65 |Unix/Linux style|
[...] 20 45 4f 4c 4e 0a | EOLN.|

On the first file we have 0d 0a sequence and on the second line only 0a.

To avoid headaches when you use a Windows file with some bash scripts or something similar you need to convert it.

You can use tr:

$ tr -d '\r' inputfile.txt > outputfile.txt


$ dos2unix dosfile.txt unixfile.txt

You can also use AWK, PHP, SED to convert files, even ftp.

Tuesday, February 23, 2010

Strange myFxSearchImg:base64 code in wordpress posts

When writing and pasting text into a wordpress blog post, I found that some strange code like

<img style="border: medium none"
src="image/png;base64,iVBORw0KGgoAAAANS ......

was added automatically at the end of the post.
First thought was some trojan/virus. After looking deeper into it, I found it's only a Vista Aero(Firefox theme) error.

And that code is nothing but this image:

To fix this issue, either remove Vista Aero or update it to the latest version.

Sunday, February 14, 2010

Paste into terminal End Of LiNe problem

Sometimes, when you SSH to a Linux box, pasting large amounts of text into a terminal can be problematic.

In pico/nano you will get some auto wrapping that could damage your code or outline your text.

To fix this you can use: nano -w yourfile.txt

-w (--nowrap)
Disable wrapping of long lines.

In vi/vim you can get a "staircase" effect.
To fix this, in command mode, type:

:set paste

to turn it back off:

:set nopaste

Wednesday, February 03, 2010

Howto paste HTML/PHP code on blogspot

There are many ways to do this, but one of the simpliest is to use
Happy pasting!

Include PHP files or code in phpBB HTML templates

Adding php code in your phpBB templates using the classical <?php ?> tags won't work.

To make things possible first go to your Administration Control Panel -> General -> Security Settings and enable Allow php in templates option.

Then you can use the following syntax to add php code:

<!-- PHP --> echo "PHP Code!"; <!-- ENDPHP -->

To include php files:

<!-- PHP --> include("/path/to/file.php"); <!-- ENDPHP -->