Tagged: software
Alert: Bash Code Injection Vulnerability
- by admin
This is really serious: Red Hat Product Security has been made aware of a vulnerability affecting all versions of the Bash package shipped with Red Hat Enterprise Linux. Since many of Red Hat's products run on a base installation of Red Hat Enteprise Linux, there is a risk of other products being impacted by this vulnerability as well.
The same issue found in Debian 6 & 7...
In order to test if your version of Bash is vulnerable to this issue, run the following command:
$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
If the output of the above command looks as follows:
vulnerable<br /> this is a test
you are using a vulnerable version of Bash. The patch used to fix this issue ensures that no code is allowed after the end of a Bash function. Thus, if you run the above example with the patched version of Bash, you should get an output similar to:
$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"<br />
bash: warning: x: ignoring function definition attempt<br />
bash: error importing function definition for `x'<br />
this is a test
So, UPDATE ASAP! yum update; apt-get upgrade - just do it regularry - every day, just as having coffee :-)
Google Chrome Spell Check - crazy message after update
- by admin
I have updated Google Chrome on Red Hat Linux. And to my surprise after restarting Google Chrome I got this:
"bettar spell chek" - o la la!
The first idea: maybe there is a problem with my Linux box? But trying Chrome update on Mac and Windows I have got the same results!
I guess they did it on purpose. Just imagine how many Chrome new downloads would be soon!
.PFX certificate installation on Apache
- by admin
I have got a PFX made with Windows Certificate Services to be installed on Apache. So, using OpenSSL the file (source.pfx) has been converted to Apache compatible format:openssl pkcs12 -in source.pfx -clcerts -nokeys -out dest.cer
openssl pkcs12 -in source.pfx -nocerts -nodes -out dest.key
The first command extracts public key to
dest.cer, the second one extracts private key to dest.key.The last but not the least is to update Apache configuration file:
<VirtualHost 192.168.0.1:443>
...
SSLEngine on
SSLCertificateFile /path/to/dest.cer
SSLCertificateKeyFile /path/to/dest.key
...
and to restart Apache :-)
Print-screen (screenshots) in Mac OS X
- by admin
Keyboard shortcuts
- Command-Shift-3: Take a screenshot of the screen, and save it as a file on the desktop
- Command-Shift-4, then select an area: Take a screenshot of an area and save it as a file on the desktop
- Command-Shift-4, then space, then click a window: Take a screenshot of a window and save it as a file on the desktop
- Command-Control-Shift-3: Take a screenshot of the screen, and save it to the clipboard
- Command-Control-Shift-4, then select an area: Take a screenshot of an area and save it to the clipboard
- Command-Control-Shift-4, then space, then click a window: Take a screenshot of a window and save it to the clipboard
In Leopard and later, the following keys can be held down while selecting an area (via Command-Shift-4 or Command-Control-Shift-4):
- Space, to lock the size of the selected region and instead move it when the mouse moves
- Shift, to resize only one edge of the selected region
- Option, to resize the selected region with its center as the anchor point
Formats
Different versions of Mac OS X have different formats for screenshots.
- Mac OS X 10.2 (Jaguar): jpg
- Mac OS X 10.3 (Panther): pdf
- Mac OS X 10.4 (Tiger) and later: png
In Mac OS X 10.4 and later, the default screenshot format can be changed, by opening Terminal (located at /Applications/Utilities/Terminal) and typing in:
defaults write com.apple.screencapture type image_format
killall SystemUIServer
Where image_format is one of jpg, tiff, pdf, png, bmp or pict (among others). If you omit the second line, you will need to log out and in again for the change to take effect.
Grab and Preview
Instead of using the keyboard shortcuts above, screenshots can be taken by using the Grab application included with Mac OS X. It is located at /Applications/Utilities/Grab.
In Mac OS X 10.4, the Preview application can also be used to take screenshots, by using the Grab submenu in the File menu.
From the Terminal
The screencapture command in the Terminal can also be used to capture screenshots, and is useful for scripts. Here is an example.
screencapture -iW ~/Desktop/screen.jpg
Find duplicate records in MySQL
- by admin
So, the task is to get duplicate records from a MySQL database.The easy way:
SELECT COUNT(*), column1, column2 FROM tablename
GROUP BY column1, column2
HAVING COUNT(*)>1;
More complex case: shows each duplicated row:
It can be done using subquery:
SELECT firstname, lastname, list.address FROM list
INNER JOIN (SELECT address FROM list
GROUP BY address HAVING count(id) > 1) dup ON list.address = dup.addressor with INNER JOIN:SELECT a.firstname, a.lastname, a.address
FROM list a
INNER JOIN list b ON a.address = b.address
WHERE a.id <> b.idIf the same 'address' exist more than two times, then DISTINCT is needed.
Find (search) and replace text from command line in multiple files (Linu
- by admin
Another (and more easy) way to change text in multiple files is to use grep:grep -lr -e 'oldtext' * | xargs sed -i 's/oldtext/newtext/g'
or to use PERL:
perl -p -i -e ’s/oldtext/newtext/g’ *
Find (search) and replace text from command line in multiple files (Linu
- by admin
Just after I posted this article the second more easy solution has been found. Here it is:Find (search) and replace text from command line in multiple files (Linux) #2
When you are working on the Linux command line and you come across a large file or a large number of files in which you need to replace a certain text with another, finding and pasting over each instance of the text can be a bit time consuming. Well, worry no more. Linux has just the solution for you. Here’s a way to find and replace a string of text in one or more files automatically.
For the purpose of this exercise we will use a Linux command line tool called “sed”. ”sed” is a very powerful and versatile tool, and a lot can be written about its capabilities. We are using a very limited aspect of “sed” here. I would definitely recommend that you read up a little more on “sed” if you find this aspect of it interesting.
We are going to use the following syntax to find and replace a string of text in a file:
# sed -i 's/[orginal_text]/[new_text]/' filename.txt
Say you have a file called “database.txt” with numerous instances of the IP address of your database server in it. You have just switched to a new database server and need to update it with the new server’s IP address. The old IP address is 192.168.1.16 and the new one is 192.168.1.22. Here’s how you go about it:
# cat database.txt
LOCAL_DATABASE = 192.168.1.16
LOCAL_DIR = /home/calvin/
PROD_DB = 192.168.1.16
# sed -i 's/192.168.1.16/192.168.1.22/g' database.txt
# cat database.txt
LOCAL_DATABASE = 192.168.1.22
LOCAL_DIR = /home/calvin/
PROD_DB = 192.168.1.22
Now open the file “database.inc” and check to see if the new IP address has taken place of your old one. Here’s the breakup of the above command. First you call the “sed” command. Then you pass it the parameter “-s” which stands for “in place of”. Now we use a little bit of regular expressions, commonly known as “regex” for the next bit. The “s” in the quoted string stands for “substitute”, and the “g” at the end stands for “global”. Between them they result in a “global substitution of the the string of text you place in between them.
You can optionally skip the “g” at the end. This means that the substitution will not be global, which practically translates to the substitution of only the first instance of the string in a line. So if you had a line with multiple instances of the text you are trying to replace, here’s what will happen
# cat database.txt
LOCAL_DATABASE = 192.168.1.16
LOCAL_DIR = /home/calvin/
PROD_DB = 192.168.1.16, 192.168.1.16
# sed -i 's/192.168.1.16/192.168.1.22/' database.txt
# cat database.txt
LOCAL_DATABASE = 192.168.1.22
LOCAL_DIR = /home/calvin/
PROD_DB = 192.168.1.22, 192.168.1.16
Here comes the real magic. Now, say you want to change a string of text not just in a single file, but in the entire directory you are in. There are a number of text files in which you need to find and replace the “wine” with “champagne”.
# find . -maxdepth 1 -name "*.txt" -type f -exec sed -i 's/wine/champagne/' {} \We use the find command to get a list of all the text files in the current directory. That’s the “find . -maxdepth 1 -name “*.txt” -type f” part. “find . maxdepth 1″ tell the computer to look in the current directory and go no deeper than the current directory. The ‘-name ”*.txt”‘ part tells find to only list files with the extension of “.txt”. Then the “-type f” section specifies that “find” should only pick exactly matching files. Finally the “-exec” part tells “find” to execute the command that follows, which, in this case, is the “sed” command to replace the text – “sed -i ‘s/wine/champagne/’ {} \”.
I realize that the above command seems complicated. However, once you use it a little bit you will realize that it is probably worth noting it down and using it. Now try changing a string of text in multiple levels of directories.
Disable automatic unzipping on file download in Safari (Mac OS X)
- by admin
After file downloading a ZIP file with Safari this file is unzipped automatically. The original ZIP file appears to be deleted. Not so good!To fix this behaviour just go to
Safari->Preferences->General
and uncheck "Open Safe Files After Downloading".
Date format validation in PHP
- by admin
In case of date format checking in PHP just use this function:function checkDateFormat($date)
{
//match the format of the date
if (preg_match ("/^([0-9]{4})-([0-9]{2})-([0-9]{2})$/", $date, $parts))
{
//check weather the date is valid of not
if(checkdate($parts[2],$parts[3],$parts[1]))
return true;
else
return false;
}
else
return false;
}
Example:
echo checkDateFormat("2008-02-29"); //return true
echo checkDateFormat("2007-02-29"); //return false
Mac OS, MySQL: No such file or directory (trying to connect via unix:///
- by admin
Error on attempt to connect locally to MySQL server DB with PHP on MacOS X Lion 10.7:No such file or directory (trying to connect via unix:///var/mysql/mysql.sock)
Solution 1:
instead of localhost use 127.0.0.1:
mysql_connect ('127.0.0.1', $user, $password);Solution 2:
In /etc/php.ini change
pdo_mysql.default_socket = /var/mysql/mysql.sock
mysql.default_socket = /var/mysql/mysql.sock
mysqli.default_socket = /var/mysql/mysql.sock
to
pdo_mysql.default_socket = /tmp/mysql.sock
mysql.default_socket = /tmp/mysql.sock
mysqli.default_socket = /tmp/mysql.sock
Do not forget to restart Apache after update :-)
FYI: If no /etc/php.ini found just copy /etc/php.ini.default to /etc/php.ini
