Computer Tips -Tech Info

Tag: scripting

  • Various Notes | Morse Code Ringtones | Java updates | More Pages on the Way

    Sorry for the vague title, but there are various thoughts floating around at the moment. The first is a big thanks to the support at Westhost for recovering my VPS over the last weekend. I had started an automatic upgrade of wordpress in one of the sites hosted in this vps, it hung… so I ssh’ed in and found the vps was essentially ruined – it managed to wipe out quite a bit. I’m not sure if it was a coincidence or if the wordpress upgrade was really the culprit, but it managed to destroy quite a bit. The support at westhost though had things back up within 24 hours. It wasn’t just a matter of the site and database getting deleted, but files in /etc were gone (mail configuration hostname resolution wasn’t working, scp wasn’t working…. it was trashed in a bad way.)

    Anyway, I’ve still been tinkering with the free morse code mp3 ringtones. In particular I’ve been tinkering with the Text to morse code mp3 generator. I’ve been trying to add utf support. The backend generator does interpret morse for utf characters, I’ve managed to get a way to decode the url encoding if they’re placed in the text box, my big challange at the moment is the file name. I have to truncate the filename so that it’s not too long, but most everything I’ve tried to truncate counts bits instead of characters. Some, even if I tell it to count characters will assume that 1 character=1bit and I wind up with some of the utf characters cut short which gives unusual filename results. In the testing version of the script I’ve just decided to sanitize things by replacing an extended character with an x….

    (more…)

  • Mail command missing in ubuntu by default

    Not really, news, but I was reminded again this evening that mail is not available at the command line in recent default installs of Ubuntu (or kubuntu /xubuntu). If you’re like me and make use of this for scripting notifications…. you’ll need to sudo apt-get install mailx (and a MTA like postfix.) Mailx requires postfix/sendmail/qmail and that’s why it’s not installed by default so users don’t have an MTA sitting on their system for no good reason.

  • Quickbooks “An error has occurred in the script on this page”

    I ran into an install of Quickboos Pro 2005 that was having a peculiar problem. When any company file was opened I was seeing an Internet Explorer Script Error message (quickbooks uses Internet Explorer to parse the company page ( Usually C:\Program Files\Intuit\Quickbooks\Components\Pages\Comppage.qpg ) The error basically said “An error has occurred in the script on this page” it gave a line and char number and there were three different Error: messages. One was Object Required and another was Class not registered. This is a Windows XP Pro system with all current updates for windows AND quickbooks.

    (more…)

  • IE phishing exploit..

    There is ANOTHER IE vulnerability that’s come across the news in the last week. It seems that this is currently only a Proof of Concept, I’ll have to check and see if anyone’s reported seeing this in the wild…, but essentially a race condition between a Macromedia flash file and web content can allow a forged address bar location… in other words it might say www.google.com in the address bar, but you’re actually looking at www.evilhackerplayground.org….

    (more…)

  • IE exploit unofficial patches

    While we wait for Microsoft to release a patch for the MOST recent Internet Explorer vulnerability….. it looks as though MS is “planning” to release a patch on their routine patch day of April 11th. (However they could always change their mind…) As before though there are some 3rd party patches. I’ve got to say I’m slightly uncomfortable with the prospect of a third party patch when there are workarounds (use another browser, disable active scripting….) However, for some those aren’t enough options. I know of two unofficial patches.

    (more…)

  • Update on Internet Explorer Exploit in the wild

    If you use Internet Explorer to browse the web, I’d suggest finding the instructions to disable active scripting, or drop it and use something else in light of the recent exploit floating around. It seems that in spite of Microsoft’s infinite wisdom that “Microsoft has determined that an attacker who exploits this vulnerability would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker’s Web site”…. the reality is that legitimate sites have been hacked and the malicious code has been added. (Over 200 legit sites…)

    (more…)

  • Another critical IE flaw

    I should mention a fairly big Windows vulnerability (which involves active scripting). Apparently there are proof-of-concept exploits circulating that do innocent things like open up the calculator. Unfortunately, once exploits are out that can do this, it’s trivial for them to do worse. The bottom line is, be careful what sites you visit, beware of “driveby downloads” using this tactic consider alternative browsers until you’re patched. (Although in reality, with IE’s integration in Windows, it’s hard to be completely safe this way with other apps using IE to view html objects….)

    (more…)

  • Automatically downloading a file mp3 with a bash script

    Linux systems give you many possibilities and one of them is good scheduling (cron), another is good scripting capabilities. I’ve done things with linux fairly easily that with Windows would have been next to impossible and required me to download several other things to make it happen. Anyway, I recently saw mention of a linux, bash scripted podcatching client. Basically you tell what podcasts you subscribe to and it downloads them on a schedule. It reminded me of a couple scripts I’ve got running that do similar things, but not from a true rss/podcast feed.

    (more…)

  • Serious PHP flaw

    PHP which is a widely used scripting language for webpages has been found to have a serious vulnerability. The Inquirer is reporting on the announcement at hardened-php.net that the vulnerabilities are in the XML-RPC for PHP and PEAR XML-RPC libraries. This is apparently an eval() vulnerability similar to one earlier in the year.

    (more…)