A PHP Script to automatically clean files affected by the the eval(gzinflate(base64_decode…) hack

Posted by Trav

In late April, my server got hacked. Most of my php files had code that looked like this placed at the top:

eval(gzinflate(base64_decode('DZZFssRYokOX... long string of gzipped-base64-encoded php code);

I’m not sure how the bad guys got in, but I changed all my passwords and updated all the software on the server. Then, like any obsessive programmer, I set forth making a script to clean up the mess programatically. My solution was a two-step process. I used GNU find command to find all my php scripts with the code “eval(gzinflate” in them. I chose to search by this code because I can’t think of too many legitimate reasons to do this, and it matched all the infections I found manually. The full command I used for this was:

find /full/path/to/public_html -name "*.php" -exec grep -li "eval(gzinflate" {} \;

This command finds all php files then uses grep to look inside each file for “eval(gzinflate”.

I copied the results of this command to a text file called fullInfected.txt .

After I had a list of infected files, I wrote a php script that’ll go through each file on the list, do a search, and remove all lines with the infected code in it. I saved the script in the same directory as my fullInfected.txt file. You can get that file (with a few sample supporting files) here: CleanEvalBase64_decodeHack script.

There are two variables that can be set at the top of the file: One for the name of the file with the list of infected files in it ($listOfFiles) and another for the text to search for ($findWhat). I uploaded the script to the server and ran it via SSH:

php clean.php

When the script runs, it will log a list of which files were cleaned.

This script is released as-is, with no implied warranty whatsoever under the Creative Commons Attribution-ShareAlike 3.0 Unported License. Make a backup of your server before using this and test this very thoroughly on a small sample of infected files.

I’m sure there’s more efficient ways to do with with shell commands and/or regex, but I didn’t know how to do it that way. Good luck getting cleaned up!

Browsers, browsers, browsers!

Posted by Trav

Nerds of the world: rejoice! The browser wars are ablaze for the first time in over a decade. Microsoft, Mozilla, Google, Apple, and Opera are duking it out, feature-for-feature and there’s no clear winner. For the record, I don’t want anyone to win because competition makes software better since developers have to work hard to keep and maintain their market share. While the four major players volley for our affections, Netizens all over the world win! As I mentioned in a recent post, most of what we do with computers is moving to the net. Therefore, the availability of quality browsers is a big deal for techies and Luddites alike.

The First Browser Wars

The First Browser Wars ended around 1997 with the release of Internet Explorer 5. At the time, there was IE, Netscape, and (to a much lesser extent) Opera. When Microsoft decided to unload its war chest in 1995 with the intent of destroying Netscape, it was a matter of time before the boys of Redmond stomped Netscape into the ground. In the span of 2 and a half years, the battle was over.

In 1997, I was just learning how to make web pages. I couldn’t have been happier that Internet Explorer was the winner since that meant I didn’t have to work so hard trying to make my pages look the same on both browsers.  I still tested my sites in Netscape Communicator, but IE was the only browser I really worried about. Life as a budding web designer was good.

My happiness was ill-founded, though, because without competition, Microsoft stopped updating Internet Explorer after the release of IE 6 in September 2001. It would be seven and a half years before Balmer and company decided to release a new version. During IE 6, there were security threats uncovered at least every couple months. While it was nice having only one platform to worry about, it was frustrating and scary to have to worry about security every time you visited a page. Opera never went away during this time, but it never gained much traction in the U.S. at the end of the First Browser Wars

The Second Browser Wars and Beyond

A spunky upstart named Mozilla arose from the ashes of Netscape after Netscape’s Gecko source code was released in 2000. In 2004, Firefox 1.0 was officially released. I honestly never thought Firefox would gain as much traction as it did, but it turns out, FF 1.0 was the scout that signaled the beginning of the Second Browser Wars.

Fast forward 7 more years since FF 1.0 was released and Google has entered the market with Chrome, which shares common roots with Apple’s Safari (via the Webkit engine). It’s apparent that all are scrambling for more market share if you consider that the browser version numbers are increasing at an alarming rate. While some of the version incrementing is for marketing purposes (because we all know higher version numbers mean a better product…), the browsers really are getting better from all the vendors.  Here’s my quick breakdown of the strengths of each browser:

  • Internet Explorer 9 – Microsoft has gone out of its way to make IE safer to use for everyday surfing. It automatically checks for phishing attacks, warns users if it detects so much as a mouse fart on a website, and integrates with MS Security Essentials. While it’ll take awhile to shed its reputation as the insecure kid on the block, Microsoft is trying hard to prove otherwise.
  • Firefox 5 – Firefox is my favorite because of its vast library of plugins, especially plugins that make life easy for web developers. Mozilla keeps making Firefox faster and has taken an aggressive stance toward security since version 3.5.
  • Chrome 12 – Google’s brainchild is the fastest kid on the block. It’s super clean interface and seamless updating architecture has appealed to millions since its debut in late 2008. Google is showing its serious about being the one and only browser folks turn to for their Internet needs.
  • Opera 11 – The underdog of the roundup, the Scandinavian wonder invented tabbed browsing in 1996 and continues to set the bar for standards compliance, and it manages to be incredibly fast as well. The only browser found on the Wii, Opera can also be found on PCs, Macs, iPod/iPad, and mobile phones. Opera is the most hardware-agnostic of the bunch.
  • Safari  5 – Admittedly, Safari is my least favorite, however, it is by far the best mobile browser in existence, as it renders pages on the iPod Touch and iPad perfectly. Safari is what all mobile browsers should strive to be.

I hope the Second Browser Wars rage on for a long time and we, the consumers of Internet goodness, continue to reap the benefits of the battle. Unlike the First Browser Wars, the current struggle is being fought on technical merit and security. Neither Microsoft nor anyone else can crush the competition strictly with wads of money. No matter who you choose as your browser, I wish everyone happy surfing!

Re-Register Apache and Mysql as Services After Moving Zend Server Directory to a New Computer

Posted by Trav

I recently got a new Toshiba A665-S5183X Core i7 laptop and I really love it.  The only thing about getting a new computer (especially if you’re a geek) is transferring files and settings from the old machine to the new one. I used Windows 7’s Easy Transfer to move over all the usual documents (pictures, papers, etc), and I also transferred about 15 GB of programs that are not registry dependent. One of the folders I transferred was my Zend Server CE installation. Zend Server includes the Apache Web Server as well as Mysql Server. I wanted the two installed as a service, but I didn’t want to have to reinstall, since I had customized many settings in several places in the installation and didn’t want to start over. So how hard is it to reinstall the two servers as a service? As it turns out, not hard at all.

First, open an Administrative Windows Command Prompt. The rest is as easy as follows.

Install Apache As a Service

cd into your Apache2 bin directory and type

httpd -k install -n “Zend-Apache2” -f “C:\program files (x86)\C:\Program Files (x86)\Zend\Apache2\conf\httpd.conf"

This command will install Apache 2 as a service named Zend-Apache2 in  your services.msc service control utility (where you can start/stop your Apache service). Additionally, it will tell the service to use the specified httpd.conf file (which can be anywhere you want). The service installer will even be nice enough to warn you of errors or warnings in your specified conf file.

Install Mysql As a Service

cd to your Mysql bin directory and type:

“mysqld” –install MySQL-Zend –defaults-file=”C:\Program Files (x86)\Zend\MySQL51\my.cnf”

As above, whatever the word you type after the install directive will be the name of your service in services.msc. The defaults file represents the path to your Mysql cnf file.

Happy web developing with Zend framework running as services on your new box!

Should You Buy a Mac or a PC?

Posted by Trav

In the last couple years, more and more folks have been asking me whether a Mac or a PC is the better computer. In case you don’t know, a Mac is a type of computer made by Apple, the same company that makes iPods and iPhones. A PC, on the other hand, refers to a computer that runs Microsoft Windows. When you’re standing there holding your credit card deciding which to buy, which is best?

Apple would have you believe that Macs are far superior to the old stalwart PC. You may have seen the Apple ads on TV that portray the Mac as a coolguy 30-something with all the answers. He has conversations with PC, who is a middle-aged nerd in an ill-fitting business suit that is always having problems.  According to Apple, the purchase of a new Mac will change your life forever.

Well, Apple’s claim is true in some ways, but it’s mostly marketing hype. The truth is that for 95% of computer users, all tasks they want to do can be done on either a Mac or a PC. The difference lies in how the total cost of each of the machines is spread out. Macs are great for creating audio, video, and DVDs right out of the box. It’s easy to make your own custom recordings or photo albums. Also, you don’t have to buy antivirus software for Macs. The catch to all this is that Macs cost about twice as much (or more) than a PC with the same amount of processing power, memory, and storage space.

PC owners won’t pay as much up front, but they will have to spend $400-$500 to buy software that offers features equivalent to what a Mac can do out of the box. (Some users won’t spend a dime on extra software because they will never need these capabilities.)  Then, there’s the $30-$50 per year you’ll have to spend on a good antivirus program, since Windows PCs are vulnerable to many types of viruses and other malware. PCs outshine Macs in the area of choice. For any given thing you might want to do on a PC (such as create scrapbooks), there may be 4-5 good programs to choose from for getting it done. On the other hand, a Mac might only have 1-2 programs for any given purpose. Macs and PCs can’t run the same software, so any software you want to use has to be written for one or the other.

Which Do I Think is Best?

I have used PCs for 15 years and Macs for 8 years. My personal take on it is as follows:

Buy a PC: If you favor a lot of choices, buy a PC. As for software, there still is no where near the amount of software available for Macs as PCs. Why? Apple makes up 10% of the computer market, so there aren’t as many people buying software for Macs. Therefore, more developers (the people who create computer programs) write code for PCs. I would feel guilty if I didn’t state outright that I think Windows 7 is great. It’s the best thing Microsoft has cranked out in a long time. As an example, AreoSnap and the way Libraries work allow me to get more done faster. It’s all the small touches like this that makes Windows 7 great.

On the hardware side, Apple doesn’t offer a lot of variation in hardware configuration or style. When’s the last time you saw a red or blue Macbook? Some people love the clean, white lines of a Mac. Others abhor them. Unless you buy a PC, you’re out of luck.

Buy a Mac: If you are willing to pay a little more and don’t want to worry about so many choices, a Mac is the way to go. Most of the software that’s available for the Mac is pretty high quality, as long as it always has the features you need.  Macs come with iLife, which comes with some of the best consumer-grade audio and video creation tools out there.  More and more developers are being drawn to write software for Macs, because there market share is growing very quickly (due in part to the iPod, iPad, and iPhone). Also, Macs are easier to maintain. Macs do get slower over time like PCs, however, it  takes much longer. As of now, you really don’t have to worry about viruses on a Mac, though I suspect that will change as more and more people buy Macs. The more people using a system, the more appealing it is for virus programmers to get to work.

With the Web, Who Cares?

I can’t really say a Mac or a PC is better. It all depends on what you value. Each is great in its own way. Mac vs. PC has been, is, and will be one of the biggest geek holy wars.

Most PC users I know right now are really into sharing things on sites like Facebook, Flickr, or Twitter. All this communal goodness takes place in a web browser. The sites don’t care what browser you use, and both Macs and PCs have several great browsers available. So, for most people, the choice of Mac or PC is moot. Both cost about the same in the long run, and both do a good job getting things done, howbeit in different ways. Some things are easier on a Mac and some things are easier on a PC, but you really can’t go wrong either way.

In the last couple years, more and more folks have been asking me whether a Mac or a PC is the better computer. In case you don’t know, a Mac is a type of computer made by Apple, the same company that makes iPods and iPhones. A PC, on the other hand, refers to a computer that runs Microsoft Windows. When you’re standing there holding your credit card deciding which to buy, which is best?

Apple would have you believe that Macs are far superior to the old stalwart PC. You may have seen the Apple ads on TV that portray the Mac as a coolguy 30-something with all the answers. He has conversations with PC, who is a middle-aged nerd in an ill-fitting business suit that is always having problems.  According to Apple, the purchase of a new Mac will change your life forever.

Well, Apple’s claim is true in some ways, but it’s mostly marketing hype. The truth is that for 95% of computer users, all tasks they want to do can be done on either a Mac or a PC. The difference lies in how the total cost of each of the machines is spread out. Macs are great for creating audio, video, and DVDs right out of the box. It’s easy to make your own custom recordings or photo albums. Also, you don’t have to buy antivirus software for Macs. The catch to all this is that Macs cost about twice as much (or more) than a PC with the same amount of processing power, memory, and storage space.

PC owners won’t pay as much up front, but they will have to spend $400-$500 to buy software that offers features equivalent to what a Mac can do out of the box. (Some users won’t spend a dime on extra software because they will never need these capabilities.)  Then, there’s the $30-$50 per year you’ll have to spend on a good antivirus program, since Windows PCs are vulnerable to many types of viruses and other malware. PCs outshine Macs in the area of choice. For any given thing you might want to do on a PC (such as create scrapbooks), there may be 4-5 good programs to choose from for getting it done. On the other hand, a Mac might only have 1-2 programs for any given purpose. Macs and PCs can’t run the same software, so any software you want to use has to be written for one or the other.

Which Do I Think is Best?

I have used PCs for 15 years and Macs for 8 years. My personal take on it is as follows:


Buy a PC: If you favor a lot of choices, buy a PC. As for software, there still is no where near the amount of software available for Macs as PCs. Why? Apple makes up 10% of the computer market, so there aren’t as many people buying software for Macs. Therefore, more developers (the people who create computer programs) write code for PCs. I would feel guilty if I didn’t state outright that I think Windows 7 is great. It’s the best thing Microsoft has cranked out in a long time. As an example, AreoSnap and the way Libraries work allow me to get more done faster. It’s all the small touches like this that makes Windows 7 great.

On the hardware side, Apple doesn’t offer a lot of variation in hardware configuration or style. When’s the last time you saw a red or blue Macbook? Some people love the clean, white lines of a Mac. Others abhor them. Unless you buy a PC, you’re out of luck.


Buy a Mac: If you are willing to pay a little more and don’t want to worry about so many choices, a Mac is the way to go. Most of the software that’s available for the Mac is pretty high quality, as long as it always has the features you need.  Macs come with iLife, which comes with some of the best consumer-grade audio and video creation tools out there.  More and more developers are being drawn to write software for Macs, because there market share is growing very quickly (due in part to the iPod, iPad, and iPhone). Also, Macs are easier to maintain. Macs do get slower over time like PCs, however, it  takes much longer. As of now, you really don’t have to worry about viruses on a Mac, though I suspect that will change as more and more people buy Macs. The more people using a system, the more appealing it is for virus programmers to get to work.

With the Web, Who Cares?

Most PC users I know right now are really into sharing things on sites like Facebook, Flickr, or Twitter. All this communal goodness

Netbook Plunge

Posted by Trav

Last night, I decided it was time that I get myself a netbook. These tiny form-factor laptops have been around for a while now, however, I initially brushed them off as an underpowered machine that casual computer users would buy to avoid breaking the bank while still having basic Internet and emailing abilities.

I’ve changed my mind about who needs a netbook after lugging my 17″ hoss of a laptop for the past 13 months.  Don’t get me wrong:  I love the power of my full-sized portable. I have been using it as my primary machine to teach online courses, create websites, and wrangle technology since I got it. It’s fast, full-featured, and gets the job done.  Its weight, though, leaves something to be desired when I just need to check email or or look up some basic information while I’m not at home. A lighter weight, lighter duty machine would fill the bill. This type of machine is a netbook.

After weighing the build quality and price of several netbooks that Best Buy had to offer, I decided to go with the Asus Eee PC 1015PE. So far, I have been very happy with my choice. The little netbook boots fast, is snappy, and gets about 8 hours of battery life  while surfing and checking email. Typing on the 85% chicklet-style keyboard takes a little getting used to, but after about 12 hours of exposure, my fingers are having little trouble touch typing. The trackpad is spacious and responsive, and the click button that sits below it works well enough for right and left clicking.

On the comical side, the text in most of the Asus-created apps features poorly-translated English. For example, after finishing with the registration app, the congratulatory text said, “Now your new machine can get your downloads from us.” I’ve been using products from Taiwanese companies for years and this is expected. I don’t think this diminished the overall experience and I’m not judging at all: I cannot imagine becoming even semi-fluent in any Asian language, as the speech patterns and tones are beyond me. Nonetheless, it is pleasantly comical to read when feeling out a new gadget.

The 1015PE comes with Windows 7 Starter, which I’ve heard many people complain about. My take on it is that Starter is perfect for a netbook. Many of the customization options are disabled and it doesn’t have Media Center enabled, but given the limited power of a netbook, this is a virtue.  You don’t need all the bells and whistles of the more fully-featured versions on a netbook. If you think you do, you probably don’t need a netbook in the first place.  I have no intentions on upgrading from Starter: Its light-and-lean feature set is exactly what this lilliputian machine needs.

To sum up, I’m happy with the 1015PE and would recommend it to anybody who needs a small machine with good battery life that is capable of consuming basic information.

Life with a Kindle

Posted by Trav

I’ve had my Amazon Kindle (Wi-Fi only) e-reader for a little over a week now. I don’t regret my purchase at all. It’s an absolute joy to use.  The screen is so good that I’m not sure how you could make it look more like paper.

The Kindle solves a couple problems for me. For one, I’m running out of room for new books. I have a lot of books I may never open again, for for some reason, I feel compelled to keep them. Storage is even harder considering that many of my books are programming and tech books that are thick and heavy. I have a couple cheap bookshelves that probably couldn’t take another pound. With the Kindle, I could fit every book I own into it’s light, 7-inch frame. Granted, there aren’t many of the books I will repurchase for the Kindle, but considering I’ll be buying new tech books for the rest of my life, the Kindle will be hosting thousands of pages of silicon-derived goodness before you know it.

The second problem my Kindle solves is the closest bookstore is an hour and half away. I know I can buy books online, straight from Amazon, but I really like the fact that I can get previews of books right on the Kindle. I realize Amazon has allowed you look inside books on it’s website for a long time, but I really do prefer the Kindle’s paper-like screen for reading longer works. There’s also the instant-gratification aspect of having a book in under a minute. That will come in very handy the next time I get stuck trying to configure a Squid proxy server and need to figure out the problem 10 minute ago.

I think the Kindle will even allow me to start reading more fiction, since it’s so easy to tote around. While I’m waiting for Beck to come out of Bath and Body Works, I can catch up on some reading. I’m currently working my way through Terry Goodkind’s Wizard’s First Rule, the first book in the Sword of Truth series. And since the Kindle has a decent WebKit-based web browser built-in, I can always catch up on the latest news or Facebook gossip anywhere I can snag some free wi-fi.

If anybody has been sitting on the fence as to whether an e-reader is worth it, I can tell you they are if you like reading at all. As always, your mileage may vary, but for me, it was a very wise purchase.

Powell County Distance Earning Forum

Posted by Trav

This news release may be of interest to anyone who is interested in a sustainable mode of employment in Eastern Kentucky:

Distance Earning Telework Forum planned for Stanton
STANTON – Have you ever wanted the ultimate work-life balance, a rewarding career working from the comfort of your own home, or wished you could utilize your education and work experience to its fullest potential?

The Eastern Kentucky Distance Earning Initiative will sponsor a free Telework Forum at the Powell County Library, located at 725 Breckenridge Street in Stanton, Ky., at 6 p.m., Wednesday, February 16, 2011. This free event will highlight a new and innovative job creation plan in Eastern Kentucky. Participants can learn about the thousands of telework career opportunities and receive information on the Distance Earning initiatives skills inventory, which it plans to roll out in the coming months to target large scale telework job creation across the region.

Sponsored by a consortium of Kentucky Community and Technical College (KCTCS) member schools, businesses and the Eastern Kentucky Concentrated Employment Program, Inc. (EKCEP), the Eastern Kentucky Distance Earning Initiative is an aggressive economic development strategy that aims to bring sustainable wage jobs that can be performed at home or from a business incubator.

“Work is no longer a place you go, it’s something you do,” said

Joshua Ball, who coordinates the program for KCTCS. “This program is not about job creation, it is about creating opportunities for Eastern Kentuckians to work for progressive and innovative companies that are leading the charge to compete in the global marketplace.”

There are currently thousands of jobs available in a variety of different fields like: data entry, clerical, medical transcription and coding, IT support, computer programming, sales, tutoring and teaching, and a variety of management.

According to the U.S. Census Bureau, more than 8 million people worked from home in 2005. Companies like IBM, Dell, American Express and Lockheed Martin have employees who telework.

“Even during a time when jobs are scarce, IBM has over 2,000 telework opportunities available,” Ball added. “This strategy helps eliminate some of our region’s greatest barriers when it comes to job creation: geography and infrastructure.”
Interested individuals will receive free resume and interview coaching. Additionally, they will receive twice-a-week telework job postings emails from the program.

“It’s critical that we do everything we can to link our talented workforce to the many telework jobs that are available,” Ball said. “We know that that there are a lot of people looking for work, and a large number of talented workers who are underemployed.”

The Eastern Kentucky Distance Earning Initiative will roll out phase 2 of its plan in the coming months: a proactive blitz to use a skills inventory taken from forums held across the region to form partnerships with national companies to develop a pipeline to our workforce.

Companies across the globe are seeing the vast benefits to telework. Studies suggest that employees who work from home are more productive and tend to miss work less. It also has massive benefits to the environment. According to the Telework Exchange, if white-collar Americans would telework just one day a week, they would avoid driving 134 billion miles, eliminate 120 tons of pollutants from the air and save nearly $162 billion.

For more information about the program, contact Ball at (606) 487-3205 or 800-246-7521, ext. 73205.

Our Destiny is NOT Free Enough

Posted by Trav

I just caught the tail-end of President Obama’s 2011 State of the Union Address. He said something to the effect of “our destiny is still ours to make.” It is with a heavy heart that I must disagree with him.

Slowly but surely, our ability to shape our destiny is being eroded, statute by statute and tax by tax.  President Obama is an advocate of some of the most oppressive legislation of my lifetime. For example, small business will cease to exist in this country as most will be cannibalized by mandatory healthcare supplements for all employees. On paper, this sounds like a great thing, especially for the employees. However, what this will actually do is discourage small business investment because it will create such a high barrier to market entry. Therefore, instead of having a job without insurance, many workers will have no job at all because the small businesses will be forced into extinction.  Therefore, the destinies of thousands of small business owners is now at the mercy of some misconceived, fairy tale legislation.

Furthermore, Obama’s hatred of coal-generated electricity is beyond logic. Yes, coal is a dirty way to generate electricity. Yes, strip mining has some negative effects of the environments. Yes, coal miners face peril and risk life and limb on a daily basis. BUT, do we have another viable alternative that can generate the amount of electricity needed in America today? BUT, is President Obama doing anything to keep lobbyists and utility companies from impeding these alternatives? I think not. I hope that coal can eventually be replaced, but until its replacement is viable, I think mining should continue uninhibited.

The saddest part about my objections listed above is that I, an average person, has no ability to bring about change. My elected officials don’t seem to be listening, or are afraid to do what I (and many others like me) want for fear of retaliation by the majority. I can get on this little website and air my grievances, but that’s not going to do much good (beyond therapeutic value for me). I often wish they’d put some big issues to popular vote, but that wouldn’t do much good. Some self-important, power-monger judge would just overturn whatever we decided if he didn’t like the decision. What this all means is that I hate my destiny but can’t change it because of my government. If that’s not a reason to be sad, I don’t know what is.

Right-Clicking with a Broken Right-Mouse Button

Posted by Trav

I was working on the Health Science teacher’s laptop yesterday and discovered the right mouse button on the touch pad is broken. Since the Commonwealth is broke, replacing the out-of-warranty laptop is out of the question just to enable right-clicking again. (And no, the keyboard for this laptop is devoid of a right-click button.)

I started Googling to find a utility that would simulate a right click. Come to find out, Windows 2000/XP/Vista/7 all support right-clicking using the keyboard without having to do anything special. The magic command is to simultaneously press Shift + F10 at the same time. The right-click will register wherever your mouse cursor happens to be.

Obviously, this isn’t something you’ll need to do all the time, but in a pinch with a busted mouse, this tidbit can come in very handy!

To All US Veterans

Posted by Trav

I want to say thanks to all my friends and family, past and present, who are veterans. America couldn’t be America without you.

This country is a little shaky at the moment, but because of your willingness to sacrifice, we all have the right to try to change things without fear of oppression. That right is a priceless gift that we owe in no small part to you, the men and women of the Armed Forces. God bless you all!