Posted by & filed under Linux, Server Admin.

For example, if you wanted to scan all files in the current directory, and all sub directories for any calls to base64_decode, you could do something like this:

find . -type f -exec grep -A 2 -B 2 -H -i -n "base64_decode" {} + > resultb64.txt

find all files, then execute grep on them, printing out matching lines, filenames and line numbers, finally write output to resultb64.txt

Another twist on this is to filter the filetypes a bit:

find . -name "*.html" -or -name "*.php" -or -name "*.js" -exec grep -A 2 -B 2 -H -i -n "base64_decode" {} + > resultb64.txt

Lastly, if we wanted to find and replace (with nothing) a string:

find ./ -name "*.html" -or -name "*.php" -exec sed -i 's#STRING TO FIND##g' '{}' \;

Posted by & filed under Code Snippets, Programming.

To quickly and easily clone a table using T-SQL, the following is useful:

SELECT * INTO [Schema].[dbo].[destination_table] FROM [Schema].[dbo].[source_table]

This will create the destination table and copy all source columns and data into it.

Posted by & filed under Server Admin.

Needed to audit some apache logs, installed scalp, grabbed the XML, and it promptly puked:

web@web:~/apache-scalp$ python --log /var/log/apache2/access.log
Loading XML file 'default_filter.xml'...
The rule '(?:union\s*(?:all|distinct|[(!@]*)?\s*[([]*\s*select)|(?:\w\s+like\s+\")|(?:like\s*"\%)|(?:"\s*like\W*["\d])|(?:"\s*(?:n?and|x?or|not |\|\||\&\&)\s+[\s\w]+=\s*\w+\s*having)|(?:"\s*\*\s*\w+\W+")|(?:"\s*[^?\w\s=.,;)(]+\s*[(@"]*\s*\w+\W+\w)|(?:select\s*[\[\]()\s\w\.,"-]+from)|(?:find_in_set\s*\()' cannot be compiled properly

Seems there is some issue with the regex in the XML file. I found this handy thread which outlines the fixes:… and another person posted a XML will all the fixes:

Backup of the XML is below just in case pastebin goes down: default_filter (rename to .xml)

Posted by & filed under Programming.

I was encountering database connectivity issues via a application we are running. This was a new MSSQL database we had never connected to, so there were a lot of questions as to where the connectivity issue may lie.

  1. Installed SQL Server Management Studio, and made a connection tot he new database server from there. It was successful.
  2. Created a UDF file to test the OLE DB connectivity. This is extremely useful for troubleshooting. The basic procedure is to create a file with a .udf extension, open the UDF file (Windows will launch a editor), fill in the connection information, and test.
  3. Using this method we were able to determine that we needed to specify the database instance. Once that was in place, the connection worked flawlessly.

    There is a handy article from Microsoft that details the UDF file creation process:…

Posted by & filed under PHP, Programming, Web Development.

I recently deployed a WordPress site. As part of the development cycle, we first built the site on, then moving it to the primary domain at launch. One issue that this can cause is when creating content, WordPress will create links with the full site’s URL. In our case the staging domain was linked on most images and links. When we went live, this caused some issues. It’s not a uncommon thing to run into, and fortunately there is a simple solution. The following PHP script will connect to the database, searching all tables for the specified string (in our instance a domain name) and replacing it with another string.

Simply update the username, password, database, string_to_replace and new_string with the appropriate values and you are off! I would recommend backing up the database to be safe.


Thanks to jimmy.zoger on Stack Overflow for the useful solution.


A follow up to this, is that if the values in the database are serialized, a find/replace can wreak havoc on things as it will likely break the serialization unless the character count is the same. A very nice utility I found is the following and it handles the serialization perfectly:

Posted by & filed under Linux, Server Admin.


Folder /public_html looks like this:


I need to clone all the files and folders (with a couple of exceptions) in this directory into the /public_html/dev folder. We need to exclude the dev/ folder as it is the destination, and also want to exclude the dev2/ folder.

Rsync makes this easy:

rsync -av --exclude='path1/to/exclude' --exclude='path2/to/exclude' source destination

In my scenario, something like the following gets the job done:

rsync -av --exclude='dev/' --exclude='dev2/' /public_html /public_html/dev


Posted by & filed under Programming, Security, Software.

This document aims to describe common OAuth/Single Sign On/OpenID-related vulnerabilities. Many cross-site interactions are vulnerable to different kinds of leakings and hijackings.

Both hackers and developers can benefit from reading it.

OAuth is a critical functionality. It is responsible for access to sensitive user data, authentication and authorization. Poorly implemented OAuth is a reliable way to take over an account. Unlike XSS, it is easy to exploit, but hard to mitigate for victims (NoScript won’t help, JavaScript is not required).

Posted by & filed under Uncategorized.

Here is some data I have accumulated on creating wildcard DNS entries in Microsoft DNS:


  • Setting Up Wildcard DNS and Wildcard SSL –
  • Explanation of DNS Wildcards –
  • Wildcard DNS and SSL setup:


Enter DNS entry in Windows Server 2003
Click Start, click Control Panel, click Administrative Tools,and then click DNS.
On the Action menu, click Connect to DNS Server.
In Connect to DNS Server, click The following computer.
Type the DNS computer name with the wildcard:*
Select the Connect to the specified computer now check box, andthen click OK.

Enter DNS entry in Windows 2000 Server
In the DNS administration tool, create a child domain"*" under
In the "*" domain, create an entry with an empty node name and IP address 65.54.319.336. You will getwarning that the node name is empty. You can ignore thiswarning.

Wildcard DNS via Command Line:

dnscmd servername /recordadd zonename * A IPAddress
dnscmd servername /recordadd zonename * CNAME IPAddress


Posted by & filed under Automotive, EFI Tuning, HP Tuners.

Occasionally a WB02 sensor fails, this is a handy chart to replace it. Fully compatible with the Innovate LM1, LM2, and any other wideband controller that uses the LSU4 sensor.

The standard LSU4 wideband sensor can be found as:

Bosch Part Number
Vehicle Part number extra info
0 258 007 033
Volvo 2000 C70, 2.3 L & 2.4 L turbo. Bosch USA #17033
0 258 007 036
Volvo 1999 S80 T6 (Front) Bosch USA #17036, (Info from Alex Neckas).
0 258 007 044
Porsche Carrera 911 GT3 part # 996-606-168-01
0 258 006 047
Volvo 1999 S70 2.4T. Volvo part 91 25 547 (possibly the same as Volvo part 94 54 597 used on first generation S80 2.4T and T5).
0 258 007 053,
0 258 007 054
VW 2000 Beetle 1.8 turbo. , Bosch USA #17053.
0 258 007 057,
0 258 007 058
VW1.8T and 2.8L VR6 Golf, Jetta and Turbo Beetle, VW part # 021-906-262-B, (AWW & AFP motors only) Bosch US part # 17014
0 258 006 065
GM Cadillac Catera. GM part number 919-8809. Saturn part number 24450850. Same part as the 0 258 006 066 below, but different cable length

0 258 006 066
Bosch LSU 4 sensor – sold by Tech Edge – AU$150
0 258 007 085,
0 258 007 086
VW 2.0 L
0 258 007 090
Audi 2001 – 2003 A4 1.8T (Front) and VW 2001 Passat 1.8T (Front) (Info from Alex Neckas).
0 258 007 200
GM used on some Holden Commodore models (VX, VY, etc.). LSU 4.2 sensor sold by Tech Edge. Upgraded 7 057 sensor.
0 281 004 028
BMW part number 13 62 7 793 25. An LSU 4.9 sensor.
0 258 017 020
GM Pontiac Solstice/Saturn Sky – LSU 4.9 sensor (has connector 1 928 404 687) (Info from Banning Cohen 05 Sep ’06).
0 258 017 025
Bosch LSU 4.9 sensor (has connector 1 928 404 682) sold by Tech Edge –
0 258 017 036
BMW N52 6 cylinder engine. LSU 4.9 sensor. (Info from Cameron Freeman 01 Aug ’06).

Info Provided From

Posted by & filed under PHP, Programming, Web Development.

I recently updated some webservers to use PHP 5.4 from 5.3. For a few WordPress sites, this caused it to begin spitting out Warning messages on the website. The warning messages in some cases caused other issues because response headers were already written due to the error, etc.

While the real solution here is to refactor the code to not use deprecated functions, a simple quick and dirty workaround is to add the following directive to the wp-config.php file:

ini_set( 'display_errors', 0 );

Posted by & filed under PHP, Programming, Security.

As every target of a serious security breach will quickly note in their press releases and websites: Security is very important to them and take it very seriously. Taking this sentiment to heart before you learn it the hard way is recommended. Survive the Deep End: PHP security covers most of the major concepts that should be considered when writing secure PHP web applications.

Despite this, security is also very much an afterthought. Concerns such as having a working application which meets the needs of users within an acceptable budget and timeframe often take precedence over security concerns. It’s an understandable set of priorities, however we can’t ignore security forever and it’s often far better to keep it upfront in your mind when building applications so that we can include security defenses during development while change is cheap.

The afterthought nature of security is largely a product of programmer culture. Some programmers will start to sweat at the very idea of a security vulnerability while others can quite literally argue the definition of a security vulnerability to the point where they can confidently state it is not a security vulnerability. In between may be programmers who do a lot of shoulder shrugging since nothing has gone completely sideways on them before. It’s a weird world out there…

Posted by & filed under Numbers, Programming, Security.

I was doing some webapp security audits and needed to use hashcat to attack a few hashes. Definitely a must have when dealing with hashes of any kind.

  • Worlds fastest password cracker
  • Worlds first and only GPGPU based rule engine
  • Free
  • Multi-GPU (up to 128 gpus)
  • Multi-Hash (up to 15 million hashes)
  • Multi-OS (Linux & Windows native binaries)
  • Multi-Platform (OpenCL & CUDA support)
  • Multi-Algo (see below)
  • Low resource utilization, you can still watch movies or play games while cracking
  • Focuses highly iterated modern hashes
  • Focuses dictionary based attacks
  • Supports distributed cracking
  • Supports pause / resume while cracking
  • Supports sessions
  • Supports restore
  • Supports reading words from file
  • Supports reading words from stdin
  • Supports hex-salt
  • Supports hex-charset
  • Built-in benchmarking system
  • Integrated thermal watchdog
  • 80+ Algorithms implemented with performance in mind

Posted by & filed under Code Snippets, Programming.

Excel fun time! Today I had a rather large worksheet that had a column with a unique identifier. I had another worksheet with a matching column of UID’s and a second column that I wanted to “join” to the first worksheet. vlookup() is the function for the job.

  •  Parameter 1 is the column on the first workbook that contains the UID to match to the UID in the second worksheet. The UID for the second (source) worksheet has to be in the first column. The $ freezes the column reference and is needed.
  • Parameter 2 is a Named range from the second workbook. Highlight the UID and the column you want to merge and name the range.
  • Parameter 3 is the column position in the second workbook that should be merged in based on the UID match.
  • Parameter 4 dictates whether exact matches or similar matches should be applied.

That’s it. Drag the formula down the column to finish the join.