Archive for the ‘Hacking’ Category

WordPress Funk

Friday, August 14th, 2009

Waoh so I had an RSS email from one of the blogs I read on a semi-regular basis and she had posted something interesting that lured me to click through and check out her site….

Lo and behold, her site was throwing an error and none of the content was displaying. The error went something like this:

Warning: Unexpected character in input: ''' (ASCII=39) state=1 in /home/public_html/xxx/index.php on line 17

I check her other sites..they are all throwing the same error, with the same exact information aside from the index.php path as they are all hosted in different directories. How can that be???

My logical mind says it must be a server change that caused the problem because all the sites use a different index.php file right?

I was right in a way, it was a server change that caused the problem. The index.php files were all different but they had all been changed in the exact same way. Some bogus code was added to the bottom of each of them, in the exact same format and style that removed part of the database declaration and left an open code block on line 17.

The origin of the bogus code is somewhat unknown but from the looks of what that code was, I have a guess. The hosted server most likely had a breach allowing someone to run a script that edited all found index.php files in the same way. The same code was added to every instance of index.php on the server, removing a few lines prior and leaving the same open block following the bogus code.

To fix the problem, I backed up the databases and reinstalled WordPress for each of the sites. I wasn’t quite sure to the extent of what files were edited so this would take the sites back to a clean slate as far as WordPress files went. The database was luckily untainted and so were most of the WordPress theme files (one has some bogus code in it but was easily fixed).

After about 2 and a half hours, the disaster was averted. The sites were back up and none were the wiser aside from me and the site owner.

Lesson learned? Backup early and often!

Posted in Hacking | No Comments »

Hacker Manifesto

Monday, July 13th, 2009

I stumbled upon this site with the hacker manifesto by “The Mentor”. “The Mentor” was a hacker by the name of Loyd Blankenship, arrested back in 1986 for hacking. I really liked this piece and was disappointed/surprised in myself for never having read it before ;)

by
+++The Mentor+++
Written January 8, 1986

Another one got caught today, it’s all over the papers. “Teenager Arrested in Computer Crime Scandal”, “Hacker Arrested after Bank Tampering”…

Damn kids. They’re all alike.

But did you, in your three-piece psychology and 1950′s technobrain, ever take a look behind the eyes of the hacker? Did you ever wonder what made him tick, what forces shaped him, what may have molded him?

I am a hacker, enter my world…

Mine is a world that begins with school… I’m smarter than most of the other kids, this crap they teach us bores me…

Damn underachiever. They’re all alike.

I’m in junior high or high school. I’ve listened to teachers explain for the fifteenth time how to reduce a fraction. I understand it. “No, Ms. Smith, I didn’t show my work. I did it in my head…”

Damn kid. Probably copied it. They’re all alike.

I made a discovery today. I found a computer. Wait a second, this is cool. It does what I want it to. If it makes a mistake, it’s because I screwed it up. Not because it doesn’t like me… Or feels threatened by me.. Or thinks I’m a smart ass.. Or doesn’t like teaching and shouldn’t be here…

Damn kid. All he does is play games. They’re all alike.

And then it happened… a door opened to a world… rushing through the phone line like heroin through an addict’s veins, an electronic pulse is sent out, a refuge from the day-to-day incompetencies is sought… a board is found. “This is it… this is where I belong…” I know everyone here… even if I’ve never met them, never talked to them, may never hear from them again… I know you all…

Damn kid. Tying up the phone line again. They’re all alike…

You bet your ass we’re all alike… we’ve been spoon-fed baby food at school when we hungered for steak… the bits of meat that you did let slip through were pre-chewed and tasteless. We’ve been dominated by sadists, or ignored by the apathetic. The few that had something to teach found us willing pupils, but those few are like drops of water in the desert.

This is our world now… the world of the electron and the switch, the beauty of the baud. We make use of a service already existing without paying for what could be dirt-cheap if it wasn’t run by profiteering gluttons, and you call us criminals. We explore… and you call us criminals. We seek after knowledge… and you call us criminals. We exist without skin color, without nationality, without religious bias… and you call us criminals. You build atomic bombs, you wage wars, you murder, cheat, and lie to us and try to make us believe it’s for our own good, yet we’re the criminals.

Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for.

I am a hacker, and this is my manifesto. You may stop this individual, but you can’t stop us all… after all, we’re all alike.

Tags: , , , , , , , , , , , , , , , , , , ,
Posted in Hacking | No Comments »