Blog

[ do default stuff if no widgets ]

Archive for July, 2011

Beta Firmware to support RC6 (WMCE and XBMC Remotes)

Tuesday, July 26th, 2011

There is a new firmware version that I will be testing. This adds better support for the RC6 protocol aka WMCE and XBMC remotes. This will most likely make it on all new devices, which means that people who receive new hardware wont really need to read further.

However, because I’m changing some code quite a bit, this will mean that any existing customer may have to re-configure their remote. There wont be an easy way to transition a saved configuration to work with the new firmware. However, unlike Apple, I let you downgrade the firmware in case you accidentally upgrade, and don’t want to upgrade if you are happy.

In this same version of the firmware, I will address a bug which effects some users where flirc is broken after a wake from suspend.

I will also add a ‘wake from suspend’ button, as a temporary medium until I figure out how to do this automatically.

Sneak Peek at the Next Release of Awesomeness

Monday, July 18th, 2011

Here is a sneak peek on the latest features of the new software. It’s a massive overhaul of awesomeness. The new architecture will allow you to drop your own XML and Graphics file in a directory, they will automatically show up in the GUI allowing you to make new shortcut windows to share with your friends. Eric has thought about this for a while and it’s scalability is amazing and impressive.

Also included in the next release will be firmware version 0.6, nothing new, but a very important update to improve stability.

Intermediate Version Update – v0.92

Tuesday, July 12th, 2011

There was an update posted tonight for linux 32 bit, and OSX which addresses a problem when you save a configuration file. This crashed the application and also happens on windows and linux 64 bit, but those updates are coming soon.

This was a very intermediate update. I wanted to address that issue before the next release which is going to be big, I’ll post about that in a couple of days as it rightfully deserves it’s own article.

Welcome Alex Korzh

Saturday, July 2nd, 2011

A special thanks to Alex Korzh, an aspiring attorney who drafted the patent for flirc and did an amazing job. Not only am I lucky to have him do the patent, we’re happy to say that Alex is now part of the founding and executive team at Flirc.

 

Doh! – Blog Was Hacked

Friday, July 1st, 2011

I went to visit the blog to share some awesome news, flirc is now patent pending.

However, when I went to visit the blog, I get a glorious message saying, “fuck you” with a site redirection to some stupid hackors website that was obviously designed in 1994.

How did this happen…going to share…

Okay, let’s try getting into the wordpress backend, logged in, everything looked fine. WordPress is still intact. I notice there is wordpress upgrade available, so I hit that, maybe there was some security flaw. WordPress updated, went back to the main page, still hacked.

Okay, let’s go one step further. I ssh into and start looking at the log files. Crazy, no one got into SSH.

Okay, how about FTP? Looked through those log files, nothing….

Scratching my head at this point, I go into the directory with wordpress and do an

ls -lah

-rw-r–r–    1 _www     _www   6.1K Jun 30 20:23 index.html

Okay, here we go, there isn’t supposed to be an index.html file in this directory, wordpress uses index.php. Opening this up, yup, it’s some crap html with redirects and pop-ups. Okay, let’s save it:

mv index.html index.asshat

Let’s keep looking

ls -lah

Two more files owned by www and not me:

-rw-r–r–    1 _www     _www   124B Jun 22 20:55 jundab.txt

-rw-r–r–    1 _www     _www    28K Jun 29 22:44 file.htm

Let’s peek inside the file

cat jundab.txt

MagelangCyber Was Here-Hacked by Jundab-thx Hmei7, kaMtiEz, k4l0ng666, boebefa, s13doeL, Dr. Cruzz ,  ibl13Z and you~

Okay, great, file.htm is still there, feel free to check it out. What a waste of time that must have been to do.

So how did this happen. Let’s go into /var/log and check.

cd /var/log

grep jundab -ir *

Ahah, found it in apache2/access_log

Here is the line:  “GET /favicon.ico HTTP/1.1” 404 1075 118.96.148.7 – – [22/Jun/2011:20:55:39-0700] “PUT /jundab.txt HTTP/1.0” 201 308

Mother Fucker…. so for someone to be able to do this, they used the standard HTTP PUT method. How? Simple:

curl blog.flirc.tv/ –upload-file jundab.txt

Did that from another machine, bam, transferred. So you can just transfer files to webservers? Yes and no. I made a huge error. For this to be possible, my root directory of the blog was writeable by www. I believe the set permissions were:

drwxrwxr-x  40 ‘user’  _www    1.3K Jun 30 22:34 blog

Yeah, that’s bad. How do you fix this? Change it so it’s not writeable by apache.

chmod 755 blog

ls -lah

drwxr-xr-x  40 ‘user’  _www    1.3K Jun 30 22:34 blog

So this small error could have been a lot of trouble. I found it pretty close after it happened, but that doesn’t matter. Drop a php script on there that has an exploit, call the php script from a browser, and I’m done. There were no php scripts, so thankfully, it was probably a BOT that runs around and try’s putting files on servers. But in any case, the server was hacked and the only way to recover is to assume the system has been compromised, and restore.