WordPress WP Live Chat Plugin is massively exploited in the wild and redirects to other spam websites

Any versions below 8.0.27 is vulnerable to this security issue and websites using older versions are likely hacked.

Hackers are exploiting it and injecting their malicious javascripts into files and database mainly in the “siteurl” and “home” rows in your wp_options table to cause redirects to other malicious websites such as:

letsmakesomechoice[.]com
garrygudini[.]com
blackawardago[.]com
detectnewfavorite[.]com
traveltogandi[.]com
funnwebs[.]com
destinylocation[.]info
leftoutsidemyprofile[.]info
yourservice[.]live
letstakemetoad[.]com

And many others.

Signup and Try our malware removal service and let’s clean & protect your websites!

You can check your website securityby using this website malware scanner

https://scan.attacker.net

WordPress Blog Designer plugin vulnerability Redirecting to Malicious websites


Any versions below 1.8.10 is vulnerable to this security issue and websites using older versions are likely hacked.

Hackers are exploiting it and injecting their malicious javascripts into files and database mainly in the “siteurl” and “home” rows in your wp_options table to cause redirects to other malicious websites such as:

letsmakesomechoice[.]com
garrygudini[.]com
blackawardago[.]com
detectnewfavorite[.]com
funnwebs[.]com
destinylocation[.]info
leftoutsidemyprofile[.]info
yourservice[.]live
letstakemetoad[.]com

And many others.

Signup and Try our malware removal service and let’s clean & protect your websites!

You can check your website securityby using this website malware scanner

https://scan.attacker.net



Stored XSS vulnerability found in Social Warfare plugin causing Redirects to Malicious websites

If you use the Social Warfare plugin for WordPress then you are likely vulnerable to this security issue or already hacked.

You can check your website security by using this free website malware scanner https://scan.attacker.net

The vulnerability was mainly found in version v 3.5.2 and it’s being exploited for some time.

Hackers are exploiting it and injecting javascripts into files and database mainly in the social_warfare_settings in your wp_options table to cause redirects to other malicious websites such as:

setforspecialdomain[.]com

setforconfigplease[.]com

getmyfreetraffic[.]com

redrentalservice[.]com

strangefullthiggngs[.]com

and many others.

Signup and Try our malware removal service and let’s clean & protect your websites!

You can check your website securityby using this website malware scanner

https://scan.attacker.net

Vulnerability found in WordPress Easy WP SMTP plugin causing Malicious Redirects to other sites

If you use Easy WP SMTP plugin for wordpress then you are likely vulnerable to this security issue or already hacked.

You can check your website security by using this free website malware scanner https://scan.attacker.net

The vulnerability was mainly found in version v 1.3.9 and it’s being exploited for some time.

Hackers are exploiting it and injecting javascripts into files and database to cause redirects to other malicious websites such as:

setforspecialdomain[.]com

setforconfigplease[.]com

getmyfreetraffic[.]com

redrentalservice[.]com

strangefullthiggngs[.]com

and many others.

Signup and Try our malware removal service and let’s clean & protect your websites!

You can check your website securityby using this website malware scanner

https://scan.attacker.net

How To: Install memcached on CentOS 6

Memcached is a distributed, high-performance, in-memory caching system that is primarily used to speed up sites that make heavy use of databases. It can however be used to store objects of any kind. Nearly every popular CMS has a plugin or module to take advantage of memcached, and many programming languages have a memcached library, including PHP, Perl, Ruby, and Python. Memcached runs in-memory and is thus quite speedy, since it does not need to write to disk. Here’s how to install it on CentOS 6:

 

Memcached does have some dependencies that need to be in place. Install libevent using yum:

yum install libevent libevent-devel

The memcached install itself starts with

To start installing memcached, change your working directory to /usr/local/src and download the latest memcached source:

cd /usr/local/src
wget http://memcached.googlecode.com/files/memcached-1.4.15.tar.gz

Uncompress the tarball you downloaded and change into the directory that is created:

tar xvzf memcached-1.4.15.tar.gz
cd memcached-1.4.15

Memcached is actively developed, so the version used in this tutorial may be out of date by the time you read this. As of this writing, 1.4.15 is the latest stable version. Check memcached.org for a newer version before proceeding with the installation.

Next, configure your Makefile. The simplest way is to run:

./configure

Additional configure flags are available and can improve performance if your server is capable. For 64-bit OSes, you can enable memcached to utilize a larger memory allocation than is possible with 32-bit OSes:

./configure --enable-64bit

If your server has multiple CPUs or uses multi-core CPUs, enable threading:

./configure --enable-threads

If your server supports it, you can use both flags:

./configure --enable-threads --enable-64bit

n.b.: if the configure script does not run, you may have to install compiling tools on your server. That is as simple as

yum install gcc
yum install make

Once the configure script completes, build and install memcached:

make && make install

Last but not least, start a memcached server:

memcached -d -u nobody -m 512 -p 11211 127.0.0.1

Put another way, the previous command can be laid out like this:

memcached -d -u [user] -m [memory size] -p [port] [listening IP]

Let’s go over what each switch does in the above command:

-d
Tell memcached to start up as a backgrounded daemon process
-u
Specify the user that you want to run memcached
-m
Set the memory that you want to be allocated my memcached
-p
The port on which memcached will listen.

 

How to adjust the time zone of your webmail client (Roundcube, SquirrelMail, Horde)

SquirrelMail

To change time zones in SquirrelMail:

  1. Access SquirrelMail.
  2. Click Options link at the top of the page.
  3. Click the Personal Information link.
  4. Under Timezone Options, from the Your Current Timezone drop-down, select your preferred time zone.
  5. Click Submit.

Horde

To change time zones in Horde:

  1. Access Horde.
  2. Click the Options icon at the top of the page.
  3. Under Your Information, click the Locale and Time link.
  4. Under Your current time zone, select your preferred time zone from the drop-down menu.
  5. Click Save Options.

RoundCube

To change time zones in RoundCube:

  1. Access RoundCube.
  2. Click the Settings icon in the top-right corner of the page.
  3. Select Preferences tab.
  4. Under the Section column, select User Interface.
  5. Select your preferred time zone from the Time zone drop-down menu.
  6. Click Save.

MySQL Socket errors

This is an error that many people who run PHP and MySQL are familiar with:

ERROR 2002: Can’t connect to local MySQL sever through socket

‘/var/lib/mysql/mysql.sock’ (2)

Luckily, this is relatively easy to solve in most cases. Here’s what to do.

·First of all, we need to decide where the MySQL socket file should be. For this text we will assume that you would like the socket file to be placed in the MySQL default location for a Redhat system which is /var/lib/mysql/mysql.sock.

·Second, is MySQL running? This is easily overlooked, but check and make sure that MySQL is running with a command such as:

[[email protected] ~]# ps aux | grep mysql

root67220.00.146561132 ?S08:200:00 /bin/sh /usr/bin/mysqld_safe –datadir=/var/lib/mysql –socket=/var/lib/mysql/mysql.sock –log-error=/var/log/mysqld.log –pid-file=/var/run/mysqld/mysqld.pid

mysql67640.12.6 128328 16904 ?Sl08:200:01 /usr/libexec/mysqld –basedir=/usr –datadir=/var/lib/mysql –user=mysql –pid-file=/var/run/mysqld/mysqld.pid –skip-external-locking –port=3306 –socket=/var/lib/mysql/mysql.sock

root70510.00.14044676 pts/0R+08:400:00 grep mysql

Good, it’s running so we can move on. If MySQL is not running, try to start it with “/etc/init.d/mysqld start”

·Alright, so MySQL is humming along, but it is pretty useless if we cannnot connect to it. The easiest way to see what MySQL thinks it should be using for socket file is by running the following command:

[[email protected] ~]# /usr/libexec/mysqld –print-defaults

/usr/libexec/mysqld would have been started with the following arguments:

–port=3306 —socket=/var/lib/mysql/mysqld.sock –skip-locking –key_buffer=16K

–max_allowed_packet=1M –table_cache=4 –sort_buffer_size=64K –read_buffer_size=256K

–read_rnd_buffer_size=256K –net_buffer_length=2K –thread_stack=64K –server-id=1

–port=3306 –socket=/var/lib/mysql/mysql99999.sock –skip-locking –key_buffer=16K

–max_allowed_packet=1M –table_cache=4 –sort_buffer_size=64K –read_buffer_size=256K

–read_rnd_buffer_size=256K –net_buffer_length=2K –thread_stack=64K –server-id=1

[[email protected]  ~]#

I’ve highlighted the part that you should look at to find what you need to know. It looks like I must have had a bad keystroke when editing my “/etc/my.cnf” the other day.

·Here’s an excerpt from my “/etc/my.cnf”. Make sure that when you edit this file that you update the correct socket specification. You will notice that there two of them, one of them is for the MySQL client, the second is for the MySQL daemon. Update the one from the “[mysqld]” section.

——-cut———

[client]

#password= your_password

port= 3306

socket= /var/lib/mysql/mysql.sock

# Here follows entries for some specific programs

# The MySQL server

[mysqld]

port= 3306

socket= /var/lib/mysql/mysqld.sock

skip-locking

key_buffer = 16K

max_allowed_packet = 1M

——-cut———

Change it to:

——-cut———

[client]

#password= your_password

port= 3306

socket= /var/lib/mysql/mysql.sock

# Here follows entries for some specific programs

# The MySQL server

[mysqld]

port= 3306

socket= /var/lib/mysql/mysql.sock

skip-locking

key_buffer = 16K

max_allowed_packet = 1M

——-cut———

·Okay, now that this is updated, we should restart MySQL.

[[email protected] ~]# /etc/init.d/mysqld restart

Stopping MySQL:[OK]

Starting MySQL:[OK]

[[email protected] ~]#

·Okay, is everything working now? If you were using the command line mysql client, give it a try. If you were using php, try your webpage again. If you are still experiencing problems with php not being able to find the socket, then you should check where php thinks the socket file lives.

[[email protected] ~]# php -i | grep mysql.default_socket

mysql.default_socket => no value => no value

[[email protected] ~]# php -i | grep php.ini

Configuration File (php.ini) Path => /etc

Loaded Configuration File => /etc/php.ini

It appears that php does not have a socket location set, meaning that it will use what MySQL tells it is the default (in this case being /var/lib/mysql/mysql.sock), but to make sure lets specify a location.

·Notice that in the last step, we also wanted to find out where php’s php.ini configuration file is located and we know that it is in “/etc/php.ini”. Let’s fire up our favorite text editor and fix this.

——-cut———

; compile-time value defined MYSQL_PORT (in that order).Win32 will only look

; at MYSQL_PORT.

mysql.default_port =

; Default socket name for local MySQL connects.If empty, uses the built-in

; MySQL defaults.

mysql.default_socket =

; Default host for mysql_connect() (doesn’t apply in safe mode).

mysql.default_host =

; Default user for mysql_connect() (doesn’t apply in safe mode).

mysql.default_user =

——-cut———

Changes to:

——-cut———

; compile-time value defined MYSQL_PORT (in that order).Win32 will only look

; at MYSQL_PORT.

mysql.default_port =

; Default socket name for local MySQL connects.If empty, uses the built-in

; MySQL defaults.

mysql.default_socket = “/var/lib/mysql/mysql.sock”

; Default host for mysql_connect() (doesn’t apply in safe mode).

mysql.default_host =

; Default user for mysql_connect() (doesn’t apply in safe mode).

mysql.default_user =

——-cut———

Now both the command line MySQL client as well as php should be able to connect to MySQL just fine!

 

Welcome to our blog

This blog will cover the following topics:

  • Attacker.NET offers & News
  • Security Advisories
  • Tutorials & How-To’s
  • Genetal IT news, Issues and Best practices