PHPPwner3000

PHPPwner3000 is the ultimate PHP exploit tool. Utilizing fundamental vulnerabilities in ALL versions of PHP, it is able to upload files, query databases, and even slurp shadow files no matter what user php is running as. Using stealth sql injection, it can even bypass the protections provided by prepare/execute structures.

PHPPwner3000 is also completely fictitious. It is a honeypot entry in a job posting.  I use it to determine if a candidate does sufficient recon and is capable of going the extra mile when they see a term with which they are unfamiliar.

If you have found this page because you saw an unfamiliar tool in a job posting, congratulations. You’ve just earned brownie points with one of the interviewers. It’s up to you to figure out which one.

iMac video glitches, and useless fixes

Several years ago I bought Mel an iMac. It was a 27″, top of the line, all the bells and whistles. I secretly replaced her existing 21″ iMac with the new one after she had gone to bed one night. It took her several pre-coffee minutes to realize something wasn’t quite the same the next morning. Hilarity ensued.

After two and three quarter years, the video started glitching. Little pink artifacts that would dance around the screen, especially after long sessions playing World of Warcraft. Apple Care to the rescue, we took it in. They replaced the video card, and all was well. For a few weeks. Then they came back. Took it in again. This time they said they were going to replace the motherboard. When we picked it up, they told us they had just replaced the screen instead. No worries, we took it home and it worked flawlessly. Right until the Apple Care expired. Then it started flaking out with the same glitches. Two very expensive repairs, had they not been covered under Apple Care, and it looked like we were going to have to foot the bill on the last option: the mother board replacement they had opted out of on the last repair.

We made an appointment. We hoped to plead that this was a recurring issue that hadn’t been previously fixed, and maybe we could get out of an expensive repair.

We had several days before our appointment, and I kept thinking about why the previous repairs had worked temporarily. It couldn’t be that they had replaced the correct parts, and yet the symptoms had gone away. A loose, and/or oxidizing, connection could explain it. I took apart the front display, and disconnected the data and power connectors on the LCD. After putting it back together, the video glitches are gone again. This may only last a few weeks or months, but now I know how to fix it for free.

The moral of the story? Don’t be afraid to take your stuff apart!

How to keep Mavericks’ App Nap from biting you.

Mavericks has a lot of nifty features, and because Apple thinks everything they do is nifty these features are turned on by default. A co-worker of mine recently upgraded to Mavericks on his work machine (I won’t do that until 10.9.1 is released next week), and he discovered that every time he walked away from his computer he lost most of his SSH sessions. He did some testing, and found that only SSH connections in SecureCRT were dropping, while test connections in Terminal were not.

Long story short, since I don’t want to blow up Gene’s ego in regards to his work diagnosing this, the problem turned out to be App Nap. App Nap is a new feature that puts applications into a suspended state while the screen saver is active, thereby reducing power consumption.

Why wasn’t Terminal affected? Apple engineers are well aware that sleeping a terminal app will cause dropped connections, so they completely removed the App Nap option from Terminal. You can’t turn it on if you wanted to. All other apps default to enabled.

So, if you are having issues with dropped connections, or other application wonkiness when your screen saver kicks in, head on over to here for the fix:

http://www.tekrevue.com/tip/disable-app-nap-os-x-mavericks/