Disqus - Latest Comments for bradyk

Re: Wordpress, MediaTemple, and an Injection Attack

bradyk — Wed, 11 Nov 2009 03:11:42 -0000

As has already been mentioned above, I'm not sure about moving forward, and there's an explanation for how it moved through all the hosted domains.

--Kyle

Re: Wordpress, MediaTemple, and an Injection Attack

bradyk — Tue, 10 Nov 2009 18:17:50 -0000

Wordpress, and MediaTemple, seem to agree with me that this is a Wordpress issue. There could be a similar hack for Drupal - it wouldn't be impossible.

Also, once the file gets onto your server somehow, it could potentially edit/trash/thrash any file on that server, regardless of code source.

--Kyle

Re: Wordpress, MediaTemple, and an Injection Attack

bradyk — Tue, 10 Nov 2009 00:41:46 -0000

Glad to hear it.

--Kyle

Re: Wordpress, MediaTemple, and an Injection Attack

bradyk — Mon, 09 Nov 2009 15:47:12 -0000

The .htaccess code gets inserted to all subdomains of the originator, as far as I can tell... for example, it started in "kyle-brady.com" and spread to "status.kyle-brady.com" (Wordpress) and then "projects.kyle-brady.com" (not Wordpress).

Other than that, not much can spread if they don't run Wordpress or use PHP.

--Kyle

Re: Wordpress, MediaTemple, and an Injection Attack

bradyk — Mon, 09 Nov 2009 13:15:19 -0000

I hadn't until just now, because I didn't think of that, but... yes, the only users are legitimate ones.

Both as Wordpress users and MySQL users.

--Kyle

Re: Wordpress, MediaTemple, and an Injection Attack

bradyk — Mon, 09 Nov 2009 13:09:48 -0000

"Kyle".

My name is even in the URL.

--Kyle

Re: Wordpress, MediaTemple, and an Injection Attack

bradyk — Mon, 09 Nov 2009 09:38:12 -0000

The logs only go back so far, and what we want has been lost at this point, but there's only two users - myself and admin, neither of which have been compromised.

The whole point here is that this can happen without the proper auth - don't you think I'd be approaching this differently if it was an "OMG SOMEONE HAS MY PASSWORD!" issue?

Yes.

--Kyle

Re: Wordpress, MediaTemple, and an Injection Attack

bradyk — Mon, 09 Nov 2009 03:46:09 -0000

Fair enough, but I don't run very many plugins, and they're all pretty standard at that - nothing that would handle file uploads before WP does auth.

And half of them are ones I wrote anyway.

--Kyle

Re: Wordpress, MediaTemple, and an Injection Attack

bradyk — Mon, 09 Nov 2009 02:02:20 -0000

No, it's definitely a Wordpress flaw, and at the very core of the Wordpress code... they put the POST request to a standard /wp-admin/upload.php.

So it has nothing to do with (mt) or plugins, and everything to do with Wordpress itself - that's why I contacted their security team and filed a bug report.

--Kyle

Re: Wordpress, MediaTemple, and an Injection Attack

bradyk — Mon, 09 Nov 2009 01:27:58 -0000

Me too - I've already removed most of those code blocks.

I also updated this post to give you credit for it ;-)

--Kyle

Re: Wordpress, MediaTemple, and an Injection Attack

bradyk — Mon, 09 Nov 2009 01:22:57 -0000

There we go! That's exactly the site my links went to - I didn't want to post it, for fear or spreading malware.

You can just remove that line and that should fix alot of problems. It turns out that was in my .htaccess file too, although I don't know why it wasn't working...?

Good catch.

--Kyle

Re: Wordpress, MediaTemple, and an Injection Attack

bradyk — Mon, 09 Nov 2009 00:25:41 -0000

You won't find it in the individual posts... it's sneakily hidden elsewhere in the database, which you won't find unless you go into MySQL yourself and have a good bit of luck to look in the right place, wherever that is.

Maybe the .* file is meant to be deleted after installation, and it didn't happen for me? Not sure.

--Kyle

Re: Wordpress, MediaTemple, and an Injection Attack

bradyk — Sun, 08 Nov 2009 23:49:57 -0000

Hi Dan,

Sorry to hear that.

It was clearly visible in the index.php file in the Wordpress root, and the index.php file actually mirrored exactly the .nfs* file I showed above.

Maybe the file renames itself depending on the location? I'd suggest combing your Wordpress directory for files that look out of place - possibly any file that is .*, and isn't a .htaccess file. If it moves around, I'd be willing to bet it does so inside the Wordpress core files, and not plugins since those would be variable based on installs.

Once you find that file and also remove the code from your index.php file, then you have to delete infected posts and repost them - I'm not sure how it does it, but it somehow hooks into the database's entries for these posts, so you have to handle that.

Good luck, let me know if you figure it out.

--Kyle

Re: Disqus: The Official Blog - Disqus Comments: Moderating comments from your Post

bradyk — Sat, 24 Oct 2009 03:46:59 -0000

Yes, except I have 600+ posts... ;-)

We ran a MySQL query to auto-update that field, and checked into a few other errors, but the auto-update fixed the past posts, and a Wordpress setting change fixed for future ones.

--Kyle

Re: Disqus: The Official Blog - Disqus Comments: Moderating comments from your Post

bradyk — Fri, 23 Oct 2009 20:23:56 -0000

Yes, thanks - Jason helped me debug/fix this a few nights ago as the clock moved closer to midnight.

I appreciate the help.

--Kyle

Re: Metal Band of the Week: iwrestledabearonce

bradyk — Fri, 23 Oct 2009 02:27:37 -0000

Thanks, Ron!

--Kyle

p.s. Related to the band? As in Steven's brother?

Re: Disqus: The Official Blog - Disqus Comments: Moderating comments from your Post

bradyk — Mon, 19 Oct 2009 19:32:31 -0000

My Disqus install is broken as of the latest update, and all comments have been closed somehow, and I can't get them to reopen. I emailed your support days ago, and have heard nothing.

--Kyle

Re: Echoes Fall

bradyk — Sat, 10 Oct 2009 16:09:39 -0000

No problem - trying to help out where I can with interesting bands I find.

--Kyle

Re: Google Wave crashes on beach of overhype

bradyk — Tue, 06 Oct 2009 12:20:28 -0000

Since always.

It's been used by programmers for a very long time as a quick way to communicate about issues - why do you think IRC was so popular and still exists? AIM, XMPP, etc. are just modern versions of that, and now New Media-ites have joined the ranks of those that use it for work-related purposes.

Twitter/Facebook/Friendfeed absolutely does not. There's no arguing this point - they do not contribute valuable, productive data or resources.

--Kyle

Re: Google Wave crashes on beach of overhype

bradyk — Fri, 02 Oct 2009 01:09:00 -0000

Twitter does not help productivity. Neither does Friendfeed. Nor does Facebook.

The only productivity-inducing technology are those of a different software generation: email and IM.

Maybe you should get your basic facts straight (from someone who lives a non-hype life), before you go ranting about things.

--Kyle

Re: The Spartan Daily: A Followup, with Closure

bradyk — Tue, 08 Sep 2009 16:35:04 -0000

Well, he decided that students can post code, but created a bunch of hurdles for students to jump through before they can do so - essentially ensuring that students never will, because they're usually lazy.

He also claims copyright of the assignments, descriptions of them, etc.

So you can see how this is not acceptable.

--Kyle

Re: Ethics vs. Morals – An Exercise in Proper Word Choice

bradyk — Mon, 07 Sep 2009 01:31:46 -0000

It's not our senses.

From a strictly scientific, everything that exists is material. Period.

There's no way to argue this without this devolving into a physics discussion, but the overarching point is that everything has mass. Even if it's very small, we can't see it, and the only non-theoretical proof is the numbers that say it must exist (like Dark Matter or Dark Energy), it's still material in the most strict of scientific definitions.

God is not. And, by association, religion is not.

This has nothing to do with our human senses tricking us, and I'm not saying it's 100% true. Just that there's a 99.9% probability that God doesn't exist.

Anyway, you're making a mountain out of a molehill here, since the point was that if someone is religious, that perspective needs to be kept as separate as possible from unrelated discussions/thoughts/life/etc.

--Kyle

Re: Beginning to Finance a Healthcare Public Option

bradyk — Sun, 06 Sep 2009 15:25:09 -0000

Yes, you're right. This whole post has been plagued with math errors, all stemming from me not being able to decide, when writing, whether I should use full decimal numbers, word numbers, or abbreviated numbers.

I've fixed it, but what I meant was:

"If the costs of the public option are only 10% of the projections, entirely possible given the Congressional penchant for not understanding the number system and grossly overestimating costs"

Thanks for pointing this out... pretty embarrassing mistake!

--Kyle

Re: Ethics vs. Morals – An Exercise in Proper Word Choice

bradyk — Fri, 04 Sep 2009 01:08:22 -0000

a) This is a material world. Period. How else are things going to be judged besides being based on reality? Anything else is irrelevant nonsense.

b) No, because it colors people's perceptions and beliefs. And the outcomes, from a longview social perspective, are never beneficial.

c) Yeah, well let me know when you figure out how to connect two people's minds directly together without speech or bias.

d) Everything that does exist is material. Any other position is inarguable and indefensible. So all this talk about "True" and not being "logically tenable" has nothing to do with my personal opinions on the side effects of religion, but more to do with reality.

I'm coming to the conclusion that this may be futile, since you're giving off a "I'm religious and it deeply effects every part of my life" vibe.

--Kyle

Re: Ethics vs. Morals – An Exercise in Proper Word Choice

bradyk — Thu, 03 Sep 2009 20:14:07 -0000

I don't think it's circular, no. And I definitely don't think that a theist perspective is the best.

Creationism, "death panels", Islamic Jihads, the Crusades, etc. are all proof of this.

Religion has its place, but should not be the foundational perspective from which the world is viewed, judged, or otherwise assessed. Whether it's materialism, scientific, or another rational view that takes its place is up for debate, but outside the world of theism they are all rather similar in perspective.

Finally, anything related to theism is never going to "transcend both parties", most especially when those parties don't agree on what the "correct" form of religion is, as is so often the case.

--Kyle