Database Linux

WordPress siteurl change

January 18, 2013 – 8:59 pm

I run into these scenarios at least twice a week:

1. I made a clone of my server to test the functionality of a new module/post/theme, but ALL the links are broken
2. I renamed my website and have a new domain pointed to my server, I changed my domain name in wp-admin but there’s still broken content on my site.
3. I copied my website to another folder, exported, than imported to a new database, made a new Apache/Nginix config, and my site is broken when I load anything.

If you’re doing theme or plugin development, you will eventually need to jump into MySQL to fully integrate your application.

The default database structure consists of the following:

wp_commentmeta
wp_comments
wp_links
wp_options
wp_postmeta
wp_posts
wp_terms
wp_term_relationships
wp_term_taxonomy
wp_usermeta
wp_users

As you can imagine, the data from a mysqldump of a wordpress database basically contains THE ENTIRE WEBSITE.
With that being said, you can also assume there’s gonna be more than 2 or 3 fields containing the site url.. (images, content, etc.)
I’ve listed a few examples below:

*Example 1 [ superc00lsite.com - > superunc00lsite.com ]


1. mysqldump wpdb | tee wpdb.sql > wpdb.sqlbak
2. sed -i 's@http:\/\/superc00lsite.com@http:\/\/superunc00lsite.com@g' wpdb.sql
3. mysql -e "DROP DATABASE wpdb;"
4. mysql -e "CREATE DATABASE wpdb;"
5. mysql wpdb < wpdb.sql
6. test website

*Example 2 [ dev.mydogroofus.com - > mydogroofus.com + new directories + apache changes]


1. cp -r /var/www/vhosts/dev.mydogroofus.com /var/www/vhosts/mydogroofus.com
2. cp /etc/apache2/sites-enabled/dev.mydogroofus.com /etc/apache2/sites-enabled/mydogroofus.com
3. sed -i 's@dev.mydogroofus.com@mydogroofus.com@g' /etc/apache2/sites-enabled/mydogroofus.com
4. mysqldump roofus_devdb | tee r_devdb.sql > r_devdb.sqlbak
5. sed -i 's@http:\/\/dev.mydogroofus.com@http:\/\/mydogroofus.com@g' r_devdb.sql
6. mysql -e "DROP DATABASE roofus_devdb;"
7. mysql -e "CREATE DATABASE roofus_db;"
8. mysql roofus_db < r_devdb.sql
9. a2ensite mydogroofus.com
10. service apache2 reload
11. test site

Quick explanation of the sed command:


-i = edit the file in place
's@ = substitution begins, our delimiter inside of '' will be @
\/\/ = // you must escape your forward slashes, with a backslash
@ = delimiter mid point, separating the two data fields: old@new
@g' = substitution ends at the final delimiter

-crucif0rm

Permalink | Comment (0)
Linux

All of the Sar

January 10, 2013 – 10:15 pm

I’ve come to rely on sar for accurate performance statistics more and more as I grow in my Sysadmin role. I thought I’d share some of my notes.

To view process creation statistics, enter:
# sar -c 3 10

To view I/O and transfer rate statistics, enter:
# sar -b 3 10

To view paging statistics, enter:
# sar -B 3 10

To view block device statistics, enter:
# sar -d 3 10

To view statistics for all interrupt statistics, enter:
# sar -I XALL 3 10

To view device specific network statistics, enter:
# sar -n DEV 3 10
# sar -n EDEV 3 10

To view CPU specific statistics, enter:
# sar -P ALL

Only 1st CPU stats:
# sar -P 1 3 10

To view queue length and load averages statistics, enter:
# sar -q 3 10

To view memory and swap space utilization statistics, enter:
# sar -r 3 10
# sar -R 3 10

To view status of inode, file and other kernel tables statistics, enter:
# sar -v 3 10

To view system switching activity statistics, enter:
# sar -w 3 10

To view swapping statistics, enter:
# sar -W 3 10

To view statistics for a given process called Apache with PID # 3256, enter:
# sar -x 3256 3 10

-crucif0rm

Permalink | Comment (0)
Database Linux

Change MySQL timezone

January 8, 2013 – 3:32 pm

Yo!

Clients application was having wonky problems cause timezones were all out of whack. Reading the MySQL documentation I was able to help him out and change it without any issues.

View your current timezone:

mysql> SELECT @@global.time_zone, @@session.time_zone;

Change your timezone (GMT in this example):

mysql> SET GLOBAL time_zone = '+00:00';

Keep in mind this wont be persistent on a application restart, so throw this in your my.cnf:

default-time-zone = '+00:00'

-crucif0rm

Permalink | Comment (0)
Linux

proftpd user management

October 16, 2012 – 1:29 am

I actually wrote this script because I couldn’t find a proftpd user management script/app for non system users.

crucif0rm what the hell are you talking about?

You can configure proftpd to read it’s access list from a separate file, rather than using the UNIX system users (/etc/passwd), this is useful in several scenario’s, the one I used it for was:

I have 20+ domains hosted on my Linux device, and there’s some people that need access to a few of the directories to make mild/moderate changes whenever they need, but I do NOT want them to have an actual local user account for security reasons.

In ProFTPD I configured it to read from an alternate user list:

AuthOrder             mod_auth_file.c                     #enables the alternate auth config file
AuthUserFile             /etc/ftpasswd                 #sets the file you want to read from

The cool thing about this setup is how ProFTPD parses the file, it reads it EXACTLY like the /etc/passwd file. ProFTPD comes with a nice application called “ftpasswd” which has tons of features, but I used it in my script to format my input:

#!/bin/bash
#script to add new users to proftpd /etc/ftpasswd
read -p “Enter username: ” username
read -p “Enter password: ” password
read -p “Enter home (/data/www/www.example.com): ” ftpdir
#read -p “Enter GID (home dir group)” gid
grep -q ^$username /etc/ftpasswd

if [ $? -eq 0 ]
then
echo “$username exists!”
exit 1
else
gid=709
uid=”$(tail -1 /etc/ftpd.passwd | cut -d’:’ -f3 | awk ‘{printf $0+1}’)”
part2=”$(echo “$password” | ftpasswd –stdin –passwd –file=/etc/ftpasswd –name=$username –uid=$uid –gid=$gid –home=$ftpdir –shell=/bin/false 2>&1)”

if [ $? -eq 0 ]
then
final=”$(tail -1 /etc/ftpasswd)”
echo -e “# Account created succesfully #\n\n Username: $username\n Password: $password\n UID/GID: $uid $gid\n home DIR: $ftpdir\n entry: $final”
else
echo -e “ERROR:\n $part2″
fi
fi

How it works:

1. Request the username, password, home dir
2. check the current custom Auth file for an existing entry
3. parse the most recently added users 'UID' and create the new one with a new increment of 1.
4. convert all the previously input information into 'passwd' format into the ftpasswd file.
5. Report if the user creation was successful, with a detailed report and also report if it failed.

If you look at the GID it sets, it’s configured to 709, specifically because all the users i’ll be adding will need the same permissions as the 709 group.
wait, crucif0rm.. what about security?
DefaultRoot ~

We’re able to securely lock any user to their home directory specified (in /etc/ftpasswd) when they were added to the config.
They will be blind to any other directory behind it and in the FTP client. The initial home folder would show as ‘ / ‘ directory.

-crucif0rm

Permalink | Comment (0)
Music

sick remixes

September 27, 2012 – 6:36 pm

I was browsing YouTube last night and found this user who made a few remixes of songs with videos of him actually making it on his mixing equipment. This guy is for sure a sorcerer, these remixes are badass:

Here’s an original song he made:

If you support real talent LIKE his videos/subscribe to him, he also has a website hosting the remixes as .mp3 for free

http://itsmetrognome.com/

 -crucif0rm
Permalink | Comment (0)
Linux Security

false authentication failures in secure log

August 15, 2012 – 1:33 am

I noticed even though commands I was running with sudo I was still seeing something odd in my secure log.

Aug 10 11:29:13 examplesrvr1 sudo: pam_unix(sudo:auth): authentication failure; logname=test1 uid=0 euid=0 tty=/dev/pts/0 ruser= rhost= user=test1
Aug 10 11:29:13 examplesrvr1 sudo: test1 : TTY=pts/0 ; PWD=/home/test1 ; USER=root ; COMMAND=/bin/su -
Aug 10 11:29:13 examplesrvr1 su: pam_unix(su-l:session): session opened for user root by test1(uid=0)

After reading a few articles I discovered the default configuration for PAM authentication tries to match the user name who is “sudo’ing” on the unix configured user list.

If you only have this user in LDAP it will spit these errors out.

/etc/pam.d/system-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
1st –> auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
2nd –> auth sufficient pam_ldap.so use_first_pass
auth required pam_deny.so

To get rid of these, just swap these two directives:

/etc/pam.d/system-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
1st –> auth sufficient pam_ldap.so use_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
2nd –> auth sufficient pam_unix.so nullok try_first_pass
auth required pam_deny.so

no more errors!

-crucif0rm

Permalink | Comment (0)
Linux Music

fun with BEEP

April 23, 2012 – 4:56 am

#Install beep
yum install beep
apt-get install beep
pacman -S beep

~ Random beep tones
while(true); do RAND=`od -An -N1 -i /dev/random`; sudo beep -f${RAND}; done &

~ Axel Foley song
beep -f 659 -l 460 -n -f 784 -l 340 -n -f 659 -l 230 -n -f 659 -l 110 -n -f 880 -l 230 -n -f 659 -l 230 -n -f 587 -l 230 -n -f 659 -l 460 -n -f 988 -l 340 -n -f 659 -l 230 -n -f 659 -l 110 -n -f 1047-l 230 -n -f 988 -l 230 -n -f 784 -l 230 -n -f 659 -l 230 -n -f 988 -l 230 -n -f 1318 -l 230 -n -f 659 -l 110 -n -f 587 -l 230 -n -f 587 -l 110 -n -f 494 -l 230 -n -f 740 -l 230 -n -f 659 -l 460

~Super Mario song
beep -f 330 -l 137 -n -f 330 -l 275 -n -f 330 -l 137 -d 137 -n -f 262 -l 137 -n -f 330 -l 275 -n -f 392 -l 550 -d 550 -n -f 262 -l 412 -n -f 196 -l 137 -d 275 -n -f 164 -l 137 -d 137 -n -f 220 -l 275 -n -f 247 -l 137 -d 137 -n -f 233 -l 137 -n -f 220 -l 275 -n -f 196 -l 205 -n -f 330 -l 205 -n -f 392 -l 275 -n -f 440 -l 275 -n -f 349 -l 137 -n -f 392 -l 137 -d 137 -n -f 330 -l 275 -n -f 262 -l 137 -n -f 294 -l 137 -n -f 247 -l 412 -n -f 262 -l 412 -n -f 196 -l 137 -d 275 -n -f 164 -l 275 -d 137 -n -f 220 -l 275 -n -f 247 -l 137 -d 137 -n -f 233 -l 137 -n -f 220 -l 275 -n -f 196 -l 205 -n -f 330 -l 205 -n -f 392 -l 275 -n -f 440 -l 275 -n -f 349 -l 137 -n -f 392 -l 137 -d 137 -n -f 330 -l 275 -n -f 262 -l 137 -n -f 294 -l 137 -n -f 247 -l 412 -d 275 -n -f 392 -l 137 -n -f 370 -l 137 -n -f 349 -l 137 -n -f 311 -l 275 -n -f 330 -l 137 -d 137 -n -f 207 -l 137 -n -f 220 -l 137 -n -f 262 -l 137 -d 137 -n -f 220 -l 137 -n -f 262 -l 137 -n -f 294 -l 137 -d 275 -n -f 392 -l 137 -n -f 370 -l 137 -n -f 349 -l 137 -n -f 311 -l 275 -n -f 330 -l 137 -d 137 -n -f 523 -l 275 -n -f 523 -l 137 -n -f 523 -l 550 -n -f 392 -l 137 -n -f 370 -l 137 -n -f 349 -l 137 -n -f 311 -l 275 -n -f 330 -l 137 -d 137 -n -f 207 -l 137 -n -f 220 -l 137 -n -f 262 -l 137 -d 137 -n -f 220 -l 137 -n -f 262 -l 137 -n -f 294 -l 137 -d 275 -n -f 311 -l 275 -d 137 -n -f 294 -l 275 -n -f 262 -l 550 -d 550

~Victory song
beep -f 784 -r 3 -l 100; sleep .1; beep -f 784 -l 600; beep -f 622 -l 600; beep -f 698 -l 600; beep -f 784 -l 200; sleep .2; beep -f 698 -l 200; beep -f 784 -l 800

~star wars
beep -l 350 -f 392 -D 100 -n -l 350 -f 392 -D 100 -n -l 350 -f 392 -D 100 -n -l 250 -f 311.1 -D 100 -n -l 25 -f 466.2 -D 100 -n -l 350 -f 392 -D 100 -n -l 250 -f 311.1 -D 100 -n -l 25 -f 466.2 -D 100 -n -l 700 -f 392 -D 100 -n -l 350 -f 587.32 -D 100 -n -l 350 -f 587.32 -D 100 -n -l 350 -f 587.32 -D 100 -n -l 250 -f 622.26 -D 100 -n -l 25 -f 466.2 -D 100 -n -l 350 -f 369.99 -D 100 -n -l 250 -f 311.1 -D 100 -n -l 25 -f 466.2 -D 100 -n -l 700 -f 392 -D 100 -n -l 350 -f 784 -D 100 -n -l 250 -f 392 -D 100 -n -l 25 -f 392 -D 100 -n -l 350 -f 784 -D 100 -n -l 250 -f 739.98 -D 100 -n -l 25 -f 698.46 -D 100 -n -l 25 -f 659.26 -D 100 -n -l 25 -f 622.26 -D 100 -n -l 50 -f 659.26 -D 400 -n -l 25 -f 415.3 -D 200 -n -l 350 -f 554.36 -D 100 -n -l 250 -f 523.25 -D 100 -n -l 25 -f 493.88 -D 100 -n -l 25 -f 466.16 -D 100 -n -l 25 -f 440 -D 100 -n -l 50 -f 466.16 -D 400 -n -l 25 -f 311.13 -D 200 -n -l 350 -f 369.99 -D 100 -n -l 250 -f 311.13 -D 100 -n -l 25 -f 392 -D 100 -n -l 350 -f 466.16 -D 100 -n -l 250 -f 392 -D 100 -n -l 25 -f 466.16 -D 100 -n -l 700 -f 587.32 -D 100 -n -l 350 -f 784 -D 100 -n -l 250 -f 392 -D 100 -n -l 25 -f 392 -D 100 -n -l 350 -f 784 -D 100 -n -l 250 -f 739.98 -D 100 -n -l 25 -f 698.46 -D 100 -n -l 25 -f 659.26 -D 100 -n -l 25 -f 622.26 -D 100 -n -l 50 -f 659.26 -D 400 -n -l 25 -f 415.3 -D 200 -n -l 350 -f 554.36 -D 100 -n -l 250 -f 523.25 -D 100 -n -l 25 -f 493.88 -D 100 -n -l 25 -f 466.16 -D 100 -n -l 25 -f 440 -D 100 -n -l 50 -f 466.16 -D 400 -n -l 25 -f 311.13 -D 200 -n -l 350 -f 392 -D 100 -n -l 250 -f 311.13 -D 100 -n -l 25 -f 466.16 -D 100 -n -l 300 -f 392.00 -D 150 -n -l 250 -f 311.13 -D 100 -n -l 25 -f 466.16 -D 100 -n -l 700 -f 392

-crucif0rm

Permalink | Comment (0)
Linux Security

messing with your classmates

April 16, 2012 – 3:27 pm

these only work if they have GNOME and somehow installed xdotool

floating fish across their screen
export DISPLAY=:0.0; xdotool key alt+F2 f r e e space t h e space f i s h Return

weird space mini game
export DISPLAY=:0.0; xdotool key alt+F2 g e g l s space f r o m space o u t e r space s p a c e Return

-crucif0rm

Permalink | Comment (0)
Exploits Linux Security

PCI scans in PDF are annoying..

April 4, 2012 – 4:13 am

Lately I’ve been getting frustrated with the PDF documents PCI compliance companies send you.

I found a quick way that gets the job done to pull what you need.

Grab all the IPs pertaining to the scan itself

strings massivepdfwithmostlyuselessstuff.pdf| grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}'| sort | uniq -c | sort -rn

5 192.168.1.2
2 192.168.1.3
1 192.168.1.9
1 192.168.1.19

strings massivepdfwithmostlyuselessstuff.pdf | grep -o 'CVE-[0-9]\{1,4\}\-[0-9]\{1,4\}' | sort | uniq -c | sort -rn

5 CVE-2000-0000
3 CVE-3000-0000
1 CVE-1000-0000
1 CVE-0000-0000

-crucif0rm

Permalink | Comment (0)
Linux

view the important stuff from a config file

April 1, 2012 – 9:35 pm
grep -v ^\# /etc/postfix/main.cf | grep -v ' #' | grep -v '^$'

Example:

queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
inet_interfaces = all
mydestination = hash:/etc/postfix/mydomains
unknown_local_recipient_reject_code = 550
mynetworks = 192.168.0.1/32, 127.0.0.0/8
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
home_mailbox = Maildir/

smtpd_banner = $myhostname ESMTP $mail_name
debug_peer_level = 2
debugger_command =
     PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
     xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.3.3/samples
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
virtual_alias_maps = hash:/etc/postfix/virtual
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtp_sasl_security_options = noplaintext
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
mailbox_size_limit = 256000000

-crucif0rm
Permalink | Comment (0)
Page 1 of 212

Next Page »