Apps rise and fall on single characters. One misplaced character can tank ten thousand lines of code. The same is true with URL redirection. Most DNS providers have a GUI for redirecting URLs. I’ve learned the hard way that the forward slash character is of utmost importance when using these features. For example, if I want to forward all www traffic to http://coderrr.com (sans slash), all of my traffic for www will end up only on my homepage which is no good for SEO, analytics, user experience, etc…. If I want the DNS provider to forward the entire request, I have to have a trailing slash (http://coderrr.com/).
I don’t advocate using the following to hack other sites. I found it interesting that my host was serving pornography from the same box I was using, so I switched to my own cloud server. There are two ways to go about finding other sites on your server. If you don’t know your server IP, you can search
and there are plenty of sites that will expose the server domain.
Bing IP Search
This seems to be pretty reliable and up-to-date. Bing has an IP operator that allows you to specify an IP address when searching.
Hackers will use this operator to find sites running WordPress using the images tab. Once they identify several domains, they can easily ascertain your WP version with the generator meta tag. A hacker can know all of the WordPress installations and versions of those sites without leaving a probing footprint. If there is a known vulnerability with one of your versions, it’s a cinch to attack it. Keep your software up-to-date and your back-doors closed friends. Bing is not your friend with this horrid search operator.
UPDATE: Before reading this, I wanted to note that the ISP made good on a refund. I was refunded the entire amount of installation and two months of service ($686.09). They actually corrected their error and gave me back my cash. I’m satisfied with their actions.
It was early Saturday morning and I was working on some personal projects when my connection started flaking out. I took to my Verizon tethering via iPad and didn’t think much of it until I tried logging back into my home wifi. Everything seemed in order until I tried to browse the web. I was redirected to a hacker radio website and all Google searches were popping off a 404 error at another malicious website. I tried browsing on several devices and the same thing was happening on each. I immediately disconnected all devices from the internet thinking my router had been compromised.
I quickly unplugged my router from WAN and flashed it with a fresh load of DD-WRT. I knew that would destroy whatever was hijacking the router. After about 40 minutes I plugged back in and to my shock, the same thing happened again. I check my /etc/hosts and nothing was out of the ordinary. So, I pulled out my dusty Windows laptop which hadn’t been used in ages and plugged it directly into the ethernet connection from my ISP. The same thing happened on the laptop. I should have started with that, but now I knew that it was coming from WAN.
I contacted my ISP and their 24 hour support line sent me to a voicemail several times. I sent an email to them (via tethering) and went to bed. I woke up at 7:30am and it was still redirecting to malicious websites. I sent another email and asked for a callback. At about 10:00am, the manager called and left a messaging saying they had an ‘outage’. I contacted several people I knew who use this ISP and they confirmed the same at all of their locations. For over 9-10 hours all customers in my city were being redirected to malicious websites from this ISP.
I sent another email asking them to inform their customers of the following:
- Was handed over to the proper authorities?
- What happened?
- How was it fixed?
If you’re like me, you hate using a FTP GUI for doing simple gets. Sometimes, GUIs get in the way and bog the transfer down. I prefer to take out the middle man and use command line. Here’s a nifty snippet I picked up along the way that lets you recursively download entire directories. The files are stored in their identical structure in your working directory.
wget -r --user %user% --password %password% ftp://%server%/full/path
If you want to stick with pure FTP commands, you can use the following:
#Turn off confirmation for getting each file ftp>prompt ftp>mget *
This is a beautiful font I use in Sublime and Terminal.
I get thoroughly annoyed at code files littered with EOL and BOL tabs and spaces. Here’s a simple regex I use to garbage collect rogue whitespace. Just use find/replace and set your search to regex within your IDE. Replace with null.
There are times that I’ve needed to limit input into a class method or function while using the extract() function. Problems arise at times from rogue argument keys that aren’t necessarily needed. Here’s a simple way to use the awesomeness of extract(), but dictate its output to the parameters of your allowed vars.
$allowed_vars('foo', 'bar', 'foobar'); # Set allowed vars as $ variables extract($allowed_vars); # Extract only allowed vars from user-submitted arguments # EXTR_IF_EXISTS will only convert array keys of foo, bar, and foobar extract($args, EXTR_IF_EXISTS);
If you’re not familiar with command line editing, check out this great tutorial site to get started with VIM.
This is one of the most impacting videos I’ve seen on working with mass amounts of email.