Hacked Again…!

A short while ago this site was hacked in the backend by a script kiddie exploiting a vulnerability through swapping out the default theme. Harmless, but I spent a good while figuring out what they’d done and how, to be able to block it and prevent it happening again.

This time I’ve been hacked by some pro-Palestinian group or something – weird as I’m heading out to Saudi Arabia in a few days time and no-where does this blog mention anything about the Middle-East or politics. I didn’t spend half as much time fixing this one. In fact I must thank the previous hacker for enlightening me – and each subsequent hack makes me analyse my security more.

These cyber-jihadi’s were more capable, in that they had changed my password and default email. Thankfully I googled and quickly found a useful blogpost from Mahesh Kukreja for restoring my login. It seems that the hacker had exploited a known vulnerability in WordPress that had not been fixed in my implementation (despite being the latest version).

I’ve blocked the IP address, and the exploit (using security logs plugin), as well as employing the fix in my login php.

Once I was into my dashboard, I quickly checked nothing else had been touched, reset my password, updated the current theme which purged their changes and modified my security settings and htaccess file.

Since he had been kind enough to leave his email address I also pinged a quick email to inform him he was twat. Probably stepped over the line – I’ll learn one day.

Update: UNR 10.04 Wireless on Samsung N210

Back in March I posted a “how I did it” on getting Wireless working the Samsung N210, which involved installing and compiling the Realtek driver. The post proved immensely popular and was top of google search results for a while when searched for “samsung n210 wireless”.

Unfortunately, unless you are still on Ubuntu 9.10 that guide is now useless, as I found out recently when I updated my Sammy netbook to 10.04. I did manage to get it working again, but it failed on another recent kernel update (2.6.32-24-generic) so I got fed up and rolled back to the last kernel (2.6.32-23).

It appears that Canonical messed up with the firmware or something (here’s a bug report) and so new firmware needs to be downloaded after compiling. It worked for me just downloading the firmware and restarting, but you may need download the latest r8192e driver and compile that first.

sudo apt-get install git-core
cd /tmp
git clone git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/firmware.git
sudo cp -av firmware/RTL8192E /lib/firmware/
*RESTART WILL WORK* ONLY x86

Thanks to s32ialx on the Ubuntu Forums for the tip. You should check out the thread for further updates.

VMware Image Quick Fix

Recently I had a virtual machine set to use 2gb ram which I was trying to run in VMware Player on my work laptop which also has 2gb phyiscal memory.

I don’t have the full workstation license for my laptop so I couldn’t edit the image and modify the ram but I did find a quick and dirty hack by going into the vmx file, which is a simple text file, and altering the settings there.

All I needed to do was power down my virtual maching and then open up the .vmx in gedit or similar text editor and then locate the following line:

memsize = "2064"

I changed the value to “512”, problem solved.

You can do this for a number of different settings which I haven’t tested, but be careful. Make a backup copy of your virtual machine, it is possible to screw something up this way.