SSHing from a compromised machine

December 25th, 2009

Often, when working with compromised machines, as a security consultant, I find a malicious SSH binary. The malicious SSH binary generally logs all usernames, passwords and hosts connected to from the compromised machine, and usually in /tmp/. The attacker can then log back into the machine and collect this file at a later date.
Read the rest of this entry »

PHP Programmer – Logical Operators

December 17th, 2009

PHP allows the use of boolean operators.

AND, OR, XOR and NOT. We can combine NOT with AND and OR to form the NAND and NOR operators respectively.

$a = ($b and $c); will return TRUE if both $b AND $c are TRUE, otherwise, it will return FALSE. This can also be specified as $a = ($b && $c)

$a = ($b or $c); will return TRUE if $b OR $c are TRUE, otherwise, it will return FALSE. This can also be specified as $a = ($b || $c);

$a = ($b xor $c); will return TRUE if $b OR $c are TRUE, but not if they are both TRUE, otherwise, it will return FALSE.

$a = (! $b); will return TRUE if $b is NOT TRUE.

$a = (!($b && $c)); will form NAND (NOT + AND)
$a = (!$b || $c)); will form NOR (NOT+AND);
Read the rest of this entry »

PHP Programmer – Numeric Shorthand

December 14th, 2009

PHP 4 and 5 offer a few shorthand methods for basic numeric operations:

$n = $n + 1; can be specified as $n++;
$n = $n – 1; can be specified as $n–;
$n = $n + 10; can be specified as $n += 10;
$n = $n – 10; can be specified as $n -= 10;

On the subject of shorthand, also check out the PHP Ternary Operator

PHP Programmer – Reading from files

December 3rd, 2009

Here I’ll give some file reading examples. There’s a few different ways to do this. I’m going to focus on plain text files only, as opposed to binary files.

If you just want to read the contents of a file into a string variable, then the easiest thing to do is use $mystring = file_get_contents(“/home/adam/myfile”);

For more control over what you’re doing, or if you want to do anything more than reading a file into a string, you’ll need to use the fopen, fread and fclose functions.

To read everything in one go:
Read the rest of this entry »