I’ve updated the modsec.sh script to include some new rules from gotroot.com.
Check out its new permanent page at http://www.skyhorse.org/web-server-administration/auto-update-modsecurity-rules-modsecsh/
Tags: cPanel, Downloads, hacking, hosting, mod-security, WHMRelated posts:
Reports have been surging recently of some form of “hacked” — especially prepared — software that enables anyone with an internet connection to send free sms’s to any mobile phone in the world.
After intensive investigation, our research department (i.e. me) has come across such program and can confirm the rumours: it works.
In the 90′s, after the original idea, if I’m not mistaken by Mirabilis (ICQ), the concept of pc-to-mobile messages has sprung dozens of online companies willing to offer the service free of charge. In return, advertisement was placed either on the provider’s website or embedded on the messaging application. After the .com burst, like most other “genius” ideas, it went bust and most services closed their doors due to the high cost charged by mobile operators.
More recently, SMS.ac started to offer the same kind of service: free sms texts to anyone in the world. It even includes your own contacts book and also a poor attempt at replicating the flourishing “social-networking” services, such as Orkut or Hi5. The downside of their product is a very low reliability (90% of my texts don’t get delivered) and an annoying obsession with self-promoting the service by automatically sending invitation e-mails to anyone on your address book, just a thin line below being considered an internet spamming worm.
Now, there have *always* been ways to send free sms messages. There are several open-relay gateways on the internet, just no one seems to know about them. The protocols used also only allow savvy computer experts to usefully use them anyway. The software in question here is probably using one or more of these “hidden” gateways to deliver the service, but however it does it, it delivers results. It also installs an annoying tool bar to your web browser, if you are not careful enough to remove that option on install.
I feel tempted to post a direct URL to download the aforementioned software, but after seeking legal and expert advice I have to refrain from doing so for the time being.
(I’ll give a hint to those computer hackers to try to decipher it: d3d3LmNyYWNrc29mdC5uZXQ=)
Meanwhile, our Chief Reengineering Officer (i.e. Bytter) is in charge of looking inside this system and extrapolating exactly what it does, what servers and protocols it uses.
If we ever get that we might, maybe, just share it with you!
–
Update:
Well, the reverse engineering seems to reveal the sms messages are not free. It is even worse than we expected: they are charged to the recipient.
The software seems to route information through a pay service, charging £0.35 or €0.50 per message received. I cannot imagine the consequences if this kind of software fell on the wrong hands (it must have already). I would really advise everyone to contact their mobile phone operator and request these kind of messages to be blocked before reaching their mobile straight away. Mobile phone operators, at least in the UK, are not responsible and will not refund any charges for the reception of value-added messages such as this one (or any other one for that matter, including ringtones).
Update 2:
Found out about a FireFox extension that allows you to send SMS’s within the award-winning browser.
Update 3 (03/04/2006):
The same service that brings you mobile phone location tracking in the UK promises to deliver up to 10 free sms messages a day. What’s the catch I ask? Lost of privacy probably… http://traceamobile.fonetastic.com/sms/v1/
Related posts:
For all South Park and / or Futurama fans (like me) there is a Russian server hosting most of the episodes with fantastic dvd quality. Grab them while you can!!! (I suspect it will go down fairly soon!)
South Park and Futurama episodes in avi with dvd quality download links
Tip: copy and paste this link into a new browser window, they have restricted deep-linking in their pages…:
http://www.mrtwig.net/board/viewtopic.php?t=899
Related posts:
Based on an existing script (which didn’t work very well for me) I have come up with one that should cater for everyone’s needs with minimal changes.
Modsecurity’s main website is http://www.gotroot.com
Click here to download modsec.sh
Related posts:
I’m one of those who spent hours moving from DirectAdmin to cPanel, and in the meantime I’ve developed a couple of usefull tools to help me do it.
For the sanity of everyone ever trying to achieve this, forget googling because there is no tool available ATM. No one has ever started a script simply because the transition from DA to CP are so different that it is unthinkable.
There are scripts to move from cPanel to DirectAdmin though
I’ve started a BASH script that basically takes the files already available under the directories “backup” and “domains”, puts them nicely under one directory and tar-gzips it all. (the backup and domains directories come from untaring the User Backup created under DirectAdmin)
you then have to upload the resulting tar-gzip to the newly created cPanel account and untar-zip it. The file manager in cPanel does this with a click.
This script still has LOADS of problems, and if you’re unexperienced with the linux FS, permissions, etc… don’t come this way
What this does, however, is saving a lot of time if the accounts in question have many e-mails accounts (I did this because some of my clients had 100+ emails), and also takes care of the user files (public_html and everything else)
Resuming, this is what the script does:
- copy the quota file
- copy the IMAP folders and inbox folder of the main account
- copy the squirrelmail settings
for EACH e-mail account it does this:
- generate the entry and update the shadow and passwd file with its username and password (you keep everyone’s passwords!)
- copy the IMAP folders and inbox to the respective directory
to the domain files, it does this also:
- update references in every file (php, html, etc) by removing “domains/domain.net”
(ie /home/skyhorse/domains/skyhorse.org/public_html becomes /home/skyhorse/public_html)
This does not handle FTP settings, subdomain settings, dns settings, or anything else.
But hey, it saved me hundreds of hours of pain…
It is easily improved, so if you do, please send it back to me
BTW, the scripts assumes you’re using the SAME username in directadmin and in cpanel for each account, and the same domains as well.
It can also take a bit of hard disk space, since it literally duplicates the accounts files. If this is an issue, script around it to use the /tmp directory or even better, do some pipelining with tar
One last thing, although you see the CHMOD command being used, when untaring all files loose the damn permissions.
you NEED to change the permissions manually (inbox NEEDS to be group writable) or find a way to resolve the issue, which I couldn’t.
Here it is anyway, remember to replace the variables with your own settings:
# bash
# Copyleft (C) SkyHorse 2004
# for each account:
# put passwd as passwd + shadow
# quota (if != 0)
# into ~/etc/%domain%
GENDOMAIN=domain.com
GENUSERNAME=accuser
NEWACCPASS=accpass
MYFILESPATH=/home/skyhorse/temp_sites
mkdir result
mkdir result/mail
mkdir result/mail/$GENDOMAIN
mkdir result/etc
mkdir result/etc/$GENDOMAIN
cp $MYFILESPATH/$GENUSERNAME/backup/$GENDOMAIN/email/quota result/etc/quota
chmod 644 result/etc/quota
touch result/etc/shadow
chmod 640 result/etc/shadow
touch result/etc/passwd
chmod 644 result/etc/passwd
chmod 660 $MYFILESPATH/$GENUSERNAME/backup/email_data/imap/*
cp $MYFILESPATH/$GENUSERNAME/backup/email_data/imap/* result/mail
cp $MYFILESPATH/$GENUSERNAME/backup/email_data/pop/$GENUSERNAME result/mail/inbox
chmod 660 result/mail/inbox
mkdir result/.sqmaildata
cp $MYFILESPATH/$GENUSERNAME/backup/email_data/squirrelmail/* result/.sqmaildata
ENTRY=`cat $MYFILESPATH/$GENUSERNAME/backup/$GENDOMAIN/email/passwd`
for line in $ENTRY
do
login=`echo $line | sed s/[:].*//`
pass=`echo $line | sed s/.*[:]//`
mkdir result/mail/$GENDOMAIN/$login
mkdir result/mail/$login
echo $login:x:32120:622::/home/$GENUSERNAME/mail/$GENDOMAIN/$login:/usr/local/cpanel/bin/noshell >> result/etc/passwd
echo $login:$pass::::::: >> result/etc/shadow
chmod 750 result/mail/$GENDOMAIN/$login
cp $MYFILESPATH/$GENUSERNAME/backup/$GENDOMAIN/email/data/pop/$login result/mail/$GENDOMAIN/$login/inbox
chmod 660 result/mail/$GENDOMAIN/$login/inbox
cp $MYFILESPATH/$GENUSERNAME/backup/$GENDOMAIN/email/data/imap/$login/.mailboxlist result/mail/$GENDOMAIN/$login/
cp $MYFILESPATH/$GENUSERNAME/backup/$GENDOMAIN/email/data/imap/$login/mail/* result/mail/$GENDOMAIN/$login/
touch result/mail/$login/inbox
chmod 660 result/mail/$login/inbox
done
cp result/etc/* result/etc/$GENDOMAIN/
#domain files
cd domains/$GENDOMAIN
#update file references – this one liner deletes domains/domain.net in every file of the tree.
# efectively changes:
#/home/username/domains/domain.net/public_html into
#/home/username/public_html
find ./ -type f -exec sed -i ‘s/domains\/$GENDOMAIN\///’ {} \;
cp -R * ../../result
cd ../../result
tar –owner=$GENUSERNAME –group=$GENUSERNAME -czf ../$GENUSERNAME-$GENDOMAIN.tar.gz *
cd ..
#upload tar.gz
#I have ncftpput installed, but because most people don’t, I’ve commented it out
#ncftpput -u $GENUSERNAME -p $NEWACCPASS localhost / $GENUSERNAME-$GENDOMAIN.tar.gz
#database:
#mysql
#subdomains
#ftp
Tags: cPanel, directadmin, Downloads, hosting, Programming, scripts, Web Design, WHMRelated posts:
ExchangeWire.com Lies, Damned Lies… iMedia Connection: Consumer Strategies Segmentacion por comportamiento Sandlines Adotas NMA Brand Republic MarketingVox Behavioural Targeting news
