jesvs – tech + stuff

Non-mainstream artists

Published on by

Here a small list (in no particular order) of lesser known artists that are worth a listen.

Actually I’m just using this list as an excuse to create a YouTube player. I’ve always found it cumbersome to click through a lot of YouTube links. This is how I think is a better way of playing videos, instead of reloading or opening a new window, the video opens and plays right in here. Pretty nifty ain’t it?

Note: there are some unplayable videos in the list due to restrictions from the publisher, can’t do anything about it (sadface).

Update:Check out my jQuery plugin: jquery-youtubepler it's the easiest way to create a YouTube player from links.

Zero 7 – Destiny (Cover)

Published on by

A great cover of Zero 7’s flawless song, enjoy.

Found a PHP trojan on a client's server

Published on by

During a recent security audit I found a PHP script obfuscated inside a filename called social.png, that was used via an include call from another PHP file. This script came inside a pirated version of a commercial plugin for WordPress. The file is identified as Trojan.PHP.Shell.W or PHP/Alter.A by some malware checking tools (ESET-NOD32, BitDefender).

Inside the script I decoded the following data: domain names, emails and a public key. They are being used for malicious purposes (spread malware) mostly on WordPress.

Once your server has been compromised it sends a message to ALL the email addresses informing the attacker(s) that they have shell access to your machine.

Luckily for my client his server is configured to send emails only by authenticated clients, so my client was never exposed.

Suggestions

  1. Check your logs for any activity on these domains and addresses, or better yet, block them on your server's firewall if possible.
  2. Check you WordPress database inside the (wp)_options table for the field WP_CLIENT_KEY, remove it if it matches the malicious public key posted above or if you don't use an external admin panel for your site.
  3. Avoid installing plugins from untrustworthy sources (pirate sites, nulled scripts, et al.)