Easton's blog

How publicly released exploits helped WorkSimple

[Photo by Honza Soukup]

A couple years back when I released WorkSimple, my PHP knowledge was very limited. I went through a couple versions of WorkSimple adding features and such but without thinking of security. Then, about a year and a half ago, I came upon a zero-day exploit site [1][2] site. On the site, it chronicled the current exploits in WorkSimple. Now, of course I acted quickly and fixed the problems. At first, I was offended by this. Then, I realized the helping hand it had lent me. Not only did these sites show how one could use the exploit, but also how to fix it. The user login system used MD5 hashed passowords in a specified [plain text] file in a specified place. After, the hashes were salted and in a .php file as not to display the contents. 

 

istatd Debian package

Sick of compiling istatd on every server that I want to be monitored, I finally got around to create a Debian package. Hopefully I did everything by the books, liscensing wise. Check the file attachments to download.

New hardware

 

So, I recently came into posession of an IBM Model M (1391401) and wow. This beats the hell out of my Logitech G15. A long with the keyboard, I thought I'd buy myself a new mouse while I was at it. Well, I ended up buying a Kensington Orbit with scroll ring.

 

Python Pastebin upload script

I made a Python script the other day to upload files from the command line to Pastebin. Check the attachements to download. 

Thanks Nyko, now I have an unusable Xbox!

A little while ago, I wrapped my 360 in a  wood Oblivion Xbox 360 skin. Lately, I've been getting more RROD's than usual. I'd be in the midst of a game and it'd shut off with three red flashing red rings. I've had the Nyko Intercooler on my Xbox for the last couple years and, I thought, would make the RROD problem go away. Apparently not. So today, I took off the Intercooler.

Oh, great

So, my SCSI drive came in the other day. Dropped it in a drive bay and fired up the server. But oh no, beeping arose. Looked up the beep code and now it's about the processor. Either the processor isn't seated well or I need to replace it. Awesome. I probably should have grounded myself before hand. Strange enough, if I change the jumper settings on the motherboard, from the default 700Mhz to 750Mhz, the beeping stops. Dell says the default speed is 550Mhz but I'm not sure if these are the default processors.

PowerEdge 6400

 

So I got this Dell PowerEdge 6400 and wow. First, this thing is gigantic. Eight hot swappable SCSI bays in the front. Free is a good price ;)

WorkSimple 1.3.4 released!

WorkSimple 1.3.4 has been released! Numerous fixes are included with this release, along with the removal of the uploader module as it had security risks. Download here.

SHOUTcast server

As finicky as I am about music, I'm one of those guys that'll change the song halfway through it. So, I thought I'll set up a local SHOUTcast radio to prevent that and create less distractions.

Download SHOUTcast DNAS either beta or stable (I chose stable) from here. Edit sc_serv.ini in the SHOUTcast program files folder. The only thing you need to change is your password and whether you want a public or private server. Next, download Winamp to make it easier to manage. Also download the SHOUTcast plugin for Winamp (here) and the null output plugin (here).

 

WorkSimple 1.3.3 released!

That's right! After almost a year, WorkSimple 1.3.3 is out! You can now edit and delete posts. Other little bugs are fixed too. Download here. See the upgrade tutorial for upgrade instructions.

Pages

Subscribe to RSS - Easton's blog