Archive for March, 2008

Heavy encrypting files on your linux box

After some nasty run-in with reality I decided to day to take better care of my passwords. By encrypting them with GnuPG, I thought I would stand a much better chance when my laptop gets stolen. I am lazy so I already have my HD encrypted, but, for the super paranoid, as I am becoming more and more, I now also have my passes seperate encrypted in a vault file with 4096 gpg encryption.

How? Very simple; first generate a pub/priv key pair;

gpg –gen-key

then add two files to your path;

enc;


#!/usr/bin/perl

$file = $ARGV[0];
$file1 = $ARGV[1];

if (!$file or !$file1) {
print "Usage: ./enc input outputn";
exit;
}

print `gpg --encrypt --recipient 'Your Name' -o $file1 $file`;

dec;


#!/usr/bin/perl

$file = $ARGV[0];

if (!$file) {
print "Usage: dec inputn";
exit;
}

print `gpg --decrypt $file`;

Then make sure you have zero writing tool to delete the original, to be encrypted, file and you’re all done 🙂

Mysql (or other) dump in PHP

I a lot of sourcode I see the calling of mysqldump to dump tables. Doing so needs all kind of OS dependent path settings and so on, so I thought I share a simple function for dumping a table from MySQL in PHP:


function _mysqlDump($table, $toFile) {
$f = fopen($toFile, "w");
$qry = "select * from $table";
$q = mysql_query($qry);
if (!$q) {
echo "Could not dump $tablen";
return;
}
while($r = mysql_fetch_assoc($q)) {
$i1 = ""; $i2 = "";
foreach($r as $k=>$v) {
if ($i1) {$i1.=","; $i2.=",";}
$i1.=$k;
$v = mysql_real_escape_string($v);
$i2.="'$v'";
}
fputs($f, "insert into $table ($i1) values ($i2);n");
}
fclose($f);
}

The advantage of this is that it creates total inserts which is handy when you want to recreate the database with the content intact.

Inserting the content back into the database is trivial ofcourse:


$f = fopen($toFile, "r");
while($s=fgets($f, 128000)) {
if (trim($s)) mysql_query($s);
}
fclose($f);

Commandline Rapidshare.com downloader

Sometimes you would want to download files from rapidshare via the commandline because the webinterface sucks. Did I say sometimes? You *never* want to use the webinterface 🙂

You have to have a premium account to use it.


#!/usr/bin/perl

$user = $ARGV[0];
$pass = $ARGV[1];
$file = $ARGV[2];

`mkdir ~/.cookies; wget --save-cookies ~/.cookies/rapidshare --post-data "login=$user&password=$pass" -O - https://ssl.rapidshare.com/cgi-bin/premiumzone.cgi > /dev/null`;

open(F, $file);
while() {
chomp;
next if /^$/;
print `wget -c --load-cookies ~/.cookies/rapidshare $_`;
}

Automatic destruction of phishing sites

The Americans are getting worse with their phishing ‘resolutions’; a lot of provider down your server and others implement draconian measures like giving you less than 1 hour to remove the site before they shutdown your equipment. Because we are a small company, we cannot sit behind email 24/7. So we had to be smart instead of hiring more people.

How does it work? Make an ‘abuse’ gmail account, have your mailsystem forward all abuse mails to it. Then run the below program in CRON */5. It’ll basically remove all scamming sites from existence after a complaint.

Ofcourse you need to tweak it for your purpose/host.


#!/usr/bin/php

$mbox = imap_open ("{pop.gmail.com:995/pop3/ssl/novalidate-cert}INBOX",
"xxyyzzaabbccdd@gmail.com", "yourpass");

$msgs=imap_headers($mbox);
foreach ($msgs as $index=>$header) {
$content = imap_body($mbox, $index+1);
$header = imap_fetchheader($mbox, $index+1);
$msg = $content;
$content = $header.$content;

$res = array();

preg_match("/Subject: (.*)/", $content, $res);
$res = $res[1];
if (strpos($res, "Abuse")!==false) {
$res1=array();
preg_match_all("/(.*.yourdomain.com)/", $content, $res1);

foreach($res1 as $r) {
foreach($r as $r1) {
$i = strpos($r1, ".yourdomain.com")-1;
$user= "";
for(;$i>0;$i--) {
if (in_array($r1[$i], array(' ', '/', 'n', 'r'))) break;
$user=$r1[$i].$user;
}
kill_user($user);

mail("abuse@yourhoster.com", "Re: $res",
"Dear,nThis account has been removed.nnThank you,nA Friendnnn$msg",
"From: afriend@yourdomain.comn");
}
}

}

}
imap_expunge($mbox);
imap_close($mbox);
?>

postfix, cannot connect to mysql server localhost

When trying to run Postfix with virtual maps in MySQL, you can get the following error:


connect to mysql server localhost: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' postfix

This error is because postfix is running in chroot /var/spool/postfix. So it cannot find the unix socket for MySQL.

If you have the option to run mysql on 127.0.0.1 or on another IP, simply go to;

/etc/postfix

run;

grep localhost *

and replace all localhost to 127.0.0.1 or the IP in all files starting with mysql-virtual.

If you insist on running via unix sockets, you can simply fix it by running;

mkdir /var/spool/postfix/var
mount –bind /var /var/spool/postfix/var

Ater this, all will work fine.