Tag Archives: hack

Hacked! Again!

If you visited The MKX® today and was redirected to a hardcore porn website… you are welcome. However, I must admit this wasn’t me making a quick buck by getting into a new business venture (not yet, anyway). This was me getting hacked.

Again.

I wish I didn't have to use yet another "hacking photo" on a post.

It happened again, around 5 AM. I keep WordPress and all plugins up to date, and yet somehow a malicious attacker found a vulnerability on something I use in the site. I verified my logs and they didn’t gain access through FTP nor SSH, so a vulnerability it is.

Most PHP files were modified to include an extra line at the beginning that looks like this (I abridged):

<?php /**/ eval(base64_decode("aWYoZnVuY3R <--- lots and lots of gibberish like this ---> ZW5fNzCB9"));?>

When run in the server, this inserts code to redirect you to the naked ladies.

I assure you that The MKX® is clean… for now. The battle continues.

Hacked!

Hacker stock art for just this kind of occasions - link from Eva

Shit.

The MKX® along with several sister sites (The MKX® Photo Central, La Polla América, etc.) were all hacked sometime in the last two days.

It looks like it was done through a security flaw in tinymce, a WYSIWYG text editor used by zenPHOTO, the photo gallery software I use extensively. Google blacklisted me (the horror!) but after I cleaned things up (or rather, Moi did) I can be visited again without raising any flags.

The extent of the damage is still unknown. So far I know that

  • The hack occurred on 2011-11-07 at 18:48.
  • Every .htaccess in my sites were injected with malicious redirects. Moi got rid of them. Here’s one sample .htaccess file (as text).
  • A malicious file class.images.php with obfuscated code was created somewhere inside the zenPhoto installation. I have no desire to reverse engineer it. Here’s the link to the file (as text).
  • An empty index.php file was created next to it.

Looks like I have quite a bit of work ahead of me. Those damn russian hackers! More info here.

Cheap solution to the Smart Cover dilemma

As you know, I bought the Smart Cover for my iPad 2. It’s really slick but it has one problem: It does not protect the back of the iPad. I like taking my iPad from one place to another and put it down on hard surfaces: the kitchen table, the tile floor next to the toilet kitchen table, etc.

I really liked the original iPad’s Apple Case because it protected the back well enough so that I’m not scared of scratching the aluminum back. Until I can find a suitable replacement, I found  a $3 stop-gap solution:

Read more to find out…

Continue reading Cheap solution to the Smart Cover dilemma

Destroy The MKX®

Countless rogue hacker organizations have tried and failed, but now it’s your chance to destroy The MKX® once and for all, and you get to do it in style…. Asteroids style!

Here’s how you do it:

  1. Click here to show your spaceship which will appear above on the page.
  2. Use the up key for thrust.
  3. Use the left and right keys to turn.
  4. Use the space bar to shoot elements of this blog to oblivion.

This amazing little demo is by erkie.