HOW GEEK!

geek notes for advice seekers

Hotmail security hole plugged silently, no communication, no customer service

A vulnerability in the Hotmail password reset pages, that allowed hackers to get access to ANY hotmail/MSN account, has been widely exploited over the past week. I found a video on Youtube dated April 12, which describes the security hole, which is trivial and only needs the modification of 1 email field during a request […]

, , , ,

Thepiratebay.se links blocked in MSN Messenger

UPDATE 28/03/2012: TheRegister has published an article about it and it seems MS decided to unban thepiratebay! http://www.theregister.co.uk/2012/03/26/microsoft_censors_pirate_bay_im/ ——– Looks like thepiratebay.se links are blocked in MSN messenger, anybody who tries to send a link, even of the homepage, receives back an error: I’d be curious to know if it has been mistakenly categorized as […]

, , , ,

Alvotech Vserver VPS with OpenVPN

Renting a server at Alvotech and thinking about installing OpenVPN? Then follow this tutorial. This tutorial has been done on the default configuration of the Alvotech VPS: Debian 5 64bit, and on Debian 6 64bit. The specs page of the vservers show that TUN/TAP is usable, but when you rent the VPS, no TUN interface […]

, ,

Vshare / Widdit / searchcompletion.com Adware

Vshare plugin *IS* an adware. Whether you are on Mac, Windows or Linux this is the same, and you don’t even need the toolbar, only the plugin. I’ve installed the old version of the Vshare plugin on my Firefox, on Linux, (old version because the newest isn’t available on Linux) then some popups started to […]

, , , , , ,

Prestashop XSS Worm (footer.tpl virus)

Today i woke up and connected to a Prestashop site i’m setting up. I didn’t install anything extra on it (only my custom template), also it wasn’t in search engines. I noticed a strange blank line in the footer.. DOH! When i looked, i had this code in the footer: <script>String.prototype.asd=function(){return String.fromCharCode;}; Object.prototype.asd=”e”;try{for(i in{})if(~i.indexOf(‘as’))throw 1;} […]

, , , , ,

xauth + (X11Forwarding Yes and X11UseLocalhost yes) == Still no Forwarding ?

I was searching for this fix for quite some time. I couldn’t forward X anymore using “ssh -Y” or “ssh -X” on my debian server (i have xauth installed), i was always getting this error: ~$ xterm xterm Xt error: Can’t open display: xterm: DISPLAY is not set “X11UseLocalhost no” was making it working but […]

, , ,

The domainrenewal (domainrenewalgroup.com) scam

OK this is already everywhere on internet for years, but i really had to write a post about it as these guys are spamming my mailbox every year. This company is trying to convince people into believing they need to renew (and obviously transfer) their domain names with them. Their paper looks very professional, and […]

, , , , ,

$_SERVER['HTTP_X_FORWARDED_FOR'] returns multiple IPs, what to do?

Before reading this article, you should know that HTTP_X_FORWARDED_FOR should only be used for websites behind a proxy, otherwise you should use REMOTE_ADDR!! This article talks about getting the right visitor IP through HTTP_X_FORWARDED_FOR for applications behind a reverse proxy! You might have faced it as it’s not so well documented. Note that i’m using nginx as […]

, , ,

Apache PROXYPASS, NEGATIVE PROXYPASS AND AUTH_BASIC

Today i had to face a weird problem with Apache 2. I wanted to setup a webmail on the SAME virtualhost that i was using to proxy to another host. Here’s a summary of my configuration: <VirtualHost *:80> ServerAdmin sysadmin@localhost DocumentRoot /var/www/folder ServerName localhost Alias /mail /var/lib/roundcube/ <Directory /var/lib/roundcube/> Options Indexes Includes FollowSymLinks AllowOverride All […]

, , ,

Dailymotion Videowall WordPress Widget Plugin

I had to create a plugin for WPMU to allow users to add a Dailymotion Videowall in the sidebar. It is available at this page: http://wordpress.org/extend/plugins/dailymotion-videowall-widget/ Stay tuned for a multi-language version! Here’s the link if you want to donate:

, , ,

Previous Posts