Tuesday, 24 January 2017

PHP7 Support For Strictly AutoTags

PHP7 Support For Strictly AutoTags


By Strictly-Software


If you are using the popular Strictly AutoTags plugin then everything should be working fine however if you have upgraded to PHP 7 then that will have caused problems.

Not every developer has the time or knowledge to know that a new PHP version will remove features or cause issues with their plugins. However in this case it's due to the /e modifier being dropped.

$content = preg_replace("/(\.[”’\"]?\s*[A-Z][a-z]+\s[a-z])/e","strtolower('$1')",$content);


The only difference apart from the callback is that I am using @ @ as wrappers around my regular expression this is just so I can see it more easily with far less escaping required.

So replace the line above which is about line 1345 of the strictly-autotags/strictlyautotags.class.php file.

$content = preg_replace_callback("@(\.[”’\"]?\s*[A-Z][a-z]+\s[a-z])@",
 function ($matches) {
  return strtolower($matches[0]);
 },
$content);

Other people have used this fix for the plugin in the WordPress forum so it should work. I don't use PHP7 yet so never had to deal with it.

However if you are a developer please help others out on the forum. I have had over 223,616 downloads of the free version. If just everyone of those people had donated me £1 then I could spent my whole time working on it but everyone wants everything for free it seems nowadays which is why I have my premium plugin with more features > Strictly AutoTags Premium Plugin Version.

Remember you can also find up to date information on my Facebook page for my Automation plugins, this and the Strictly TweetBOT plugin which go hand in hand.

Also remember there is a Facebook page for thee plugins you can check for help as I don't automatically get notified of new problems on the WordPress site for some reason.

You can find this page at https://www.facebook.com/strictlysoftware/

Remember if you have a bug with any of my plugins to do the following:


  1. Check the WordPress forum for similar bugs and fixes https://wordpress.org/support/plugin/strictly-autotags
  2. Check the ReadMe file or admin page for any help.
  3. Check your PHP and APACHE error logs to ensure it's this plugin causing the issues.
  4. Run though the standard debug practises laid out here: Giving useful debug information.
  5. Provide as much info to the developer as possible e.g PHP version, WP version, Plugin version, any other installed plugins, when it started failing, was anything else installed near that time, details of your process for tagging.


By Strictly-Software


© 2017 Strictly-Software

Monday, 23 January 2017

Find Any WiFi Password on a Windows Computer

Find Any WiFi Password on a Windows computer


By Strictly-Software

The title is a little misleading as it doesn't bring you back to the early 2000's and let you go driving around estates with a laptop, breaking into password encrypted WiFi routers. Not that you used to need to as in most estates your computer could pick up an unlocked router or three without a problem.

This is slightly different in it allows you to find ANY password that belongs to a router your PC/Laptop has been connected to in the past.

You may not like writing things down and have had a memory slip or you haven't used the router for so long the password escapes any looks for it.

First - Find out what you can access

This bit allows us to find out all the WiFi routers such as friends routers and gadgets like Chromecast that you have forgotten the password to.

Open your command prompt in administrator mode otherwise this won't work.

Once you have your command prompt up lets find out what WiFi spots we have connected to in the past or have access to. If you were around a friends one time and connected but forgot the password then you may need to use this to re-gain it if his WiFi router is in the list.

Type the following into the prompt: netsh wlan show profiles

It should then list all the routers you have had connections to from the computer you are on.

C:\Windows\system32>netsh wlan show profiles 

User profiles
-------------
    All User Profile     : Chromecast1034
    All User Profile     : BTHub4-NX23
    All User Profile     : TALKTALK-3ERA24
    All User Profile     : virginmedia8817891
    All User Profile     : strictlywifi10x
    All User Profile     : strictly-ukhorse-air


Now we have a list of spots and we pick the one we need the password for. The command is pretty similar to the preceding one it just needs the routers name added to it and the term key=clear. If you don't add this to the end then you won't get to view the password in clear text.

netsh wlan show profile BTHub4-NX23 key=clear

This will give you detailed info on the router, whether it connects automatically, authentication mode e.g WPA2 and even details of your current cost and whether you are over the data limit set by your provider.

Lets try and find the password for the connection BTHub4-NX23

C:\Windows\system32>netsh wlan show profile BTHub4-NX23 key=clear

Profile BTHub4-NX23 on interface WiFi:
=======================================================================

Applied: All User Profile

Profile information
-------------------
    Version                : 1
    Type                   : Wireless LAN
    Name                   : BTHub4-NX23
    Control options        :
        Connection mode    : Connect automatically
        Network broadcast  : Connect only if this network is broadcasting
        AutoSwitch         : Do not switch to other networks

Connectivity settings
---------------------
    Number of SSIDs        : 1
    SSID name              : "BTHub4-NX23"
    Network type           : Infrastructure
    Radio type             : [ Any Radio Type ]
    Vendor extension          : Not present

Security settings
-----------------
    Authentication         : WPA2-Personal
    Cipher                 : CCMP
    Security key           : Present
    Key Content            : r85583569z

Cost settings
-------------
    Cost                   : Unrestricted
    Congested              : No
    Approaching Data Limit : No
    Over Data Limit        : No
    Roaming                : No
    Cost Source            : Default



As you can see from the Key Content section the password for this router is r85583569z.

Open the WiFi section on your desktop and connect by adding the key and it should connect. If not you have a problem.

So if you don't like writing passwords down or just want to use your mates WiFi without spending hours hunting down where he put his WiFi routers login details then this trick can come in handy.

By Strictly-Software


© 2017 Strictly-Software

Wednesday, 5 October 2016

Disk Full - Linux - Hacked or Full of Log Files?

Disk Full - Linux - Hacked or Full of Log Files?

By Strictly-Software

This morning I woke up to find the symptoms of a hack attempt on my LINUX VPS server.

I had the same symptoms when I was ShockWave hacked a few years ago and some monkey overwrote a config file so that when I rebooted, hoping to fix the server, it would reload it in from a script hidden in a US car site.

They probably had no idea that the script was on their site either, but it was basically a script to enable various hacking methods and the WGet command in the config file ensured that my standard config was constantly overwritten when the server was re-started.

Another symptom was that my whole 80GB of disk space had suddenly filled up.

It was 30GB the night before and now with 30 odd HD movies hidden in a secret folder buried in my hard drive I could not FTP anything up to the site, receive or send emails or manually append content to my .htaccess file to give only my IP full control.

My attempts to clear space by clearing cached files was useless and it was only by burrowing through the hard drive folder by folder all night using the following command to show me the biggest files (visible and hidden) that I found the offending folder and deleted it.


du -hs $(ls -A)


However good this command is for finding files and folders and showing their size in KB, MB or GB, it is a laborious task to manually go from your root directory running the command over and over again until you find the offending folder(s).

So today when I thought I had been hacked I used a different process to find out the issue.

The following BASH script can be run from anywhere on your system in a console window and you can either enter a path if you think you know where the problem lies or just enter / when prompted to scan the whole machine.

It will list first the 20 biggest directories in order of size and then the 20 largest files in order of size.

echo -n "Type Filesystem: ";
read FS;NUMRESULTS=20;
resize;clear;date;df -h $FS;
echo "Largest Directories:"; 
du -x $FS 2>/dev/null| sort -rnk1| head -n $NUMRESULTS| awk '{printf "%d MB %s\n", $1/1024,$2}';
echo "Largest Files:"; 
nice -n 20 find $FS -mount -type f -ls 2>/dev/null| sort -rnk7| head -n $NUMRESULTS|awk '{printf "%d MB\t%s\n", ($7/1024)/1024,$NF}'

After running it I found that the problem was not actually a security breach but rather a plugin folder within a website containing log files. Somehow without me noticing the number of archived log files had crept up so much that it had eaten 50GB of space without my knowledge.


As the folder contained both existing and archived log files I didn't want to just truncate it or delete everything instead I removed all archived log files by using a wildcard search for the word ARCHIVED within the filename.


rm *ARCHIVED*


If you wanted to run a recursive find and delete within a folder then you may want to use something a bit different such as:


ind -type f -name '*ARCHIVED*' -delete


This managed to remove a whole 50GB of files within 10 minutes and just like lightening my sites, email and server started running again as they should have been.

So the moral of the story is that a full disk should be treated first as a symptom of a hacked server, especially if you were not expecting it, and the same methods used to diagnose and fix the problem can be used whether you have been hacked or allowed your server to fill itself up with log files or other content.

Therefore keep an eye on your system so you are not caught out if this does happen to you and if you do suddenly jump from 35GB to 80GB and stop receiving emails or being able to FTP content up (or files being copied up as 0 bytes), then you should immediately put some security measures into place.

My WordPress survival guide on security has some good options to use if you have been hacked but as standard you can do some things to protect yourself such as


  • Replacing the default BASH language with a more basic, older and secure DASH. You can still run BASH once logged into your console but as default it should not be running and allow hackers to run complex commands on your server.
  • You should always use SFTP instead of FTP as its more secure and you should change the default SSH port from 22 to another number in the config file so that standard port scanners don't spot that your server is open and vulnerable to attack.
  • If you are running VirtualMin on your server you should also change the default port for accessing it from 10000 to another number as well. Otherwise attackers will just swap from SSH attacks by console to web attacks where the front end is less protected. Also NEVER store the password in your browser in case you forget to lock your PC one day or your browsers local SQLLite Database is hacked and the passwords compromised.
  • Ensuring your root password and every other user password is strongly typed. Making passwords by joining up phrases or rememberable sentences where you swap the capitals and non capital letters over is a good idea. And always add a number to the start or end, or both as well as some special characters e.g 1967bESTsAIDfRED*_* would take a dictionary cracker a very long time to break.
  • Regularly change your root and other user passwords in case a keylogger has been installed on your PC and discovered them.
  • Also by running DENYHOSTS and Fail2Ban on your server you can ensure anyone who gets the SSH password wrong 3 times in a row is blocked and unable to access your console or SFTP files up to your server. If you forget yourself you can always use the VirtualMin website front end (if installed) to login and remove yourself from the DenyHosts list.
  • If you are running WordPress there are a number of other security tools such as the WordPress Firewall plugin that you can install which will hide your wp-admin login page away behind another URL and redirect people trying to access it to another page. I like the https://www.fbi.gov/wanted/cyber URL myself. It can also ban people who fail to login after a number of attempts for a set amount of time as well a number of other security features.


Most importantly of all regularly check the amount of free space you have on your server and turn off any logging that is not required if you don't need it.

Getting up at 5.30AM to send an email only to believe your site has been hacked due to a full disk is not a fun way to spend your day!


By Strictly-Software

 © 2016 Strictly-Software