Firefox Developer Edition

Firefox Developer Edition 

https://www.mozilla.org/en-US/firefox/developer/

Colapsar mostrar lista desplegable

Colapsar mostrar lista desplegable



Fuente:
http://jsfiddle.net/KyleMit/f8ypa/

Uboxing Mobo Cargador USB

https://youtu.be/GlFx9sRw35s

Convatiendo el SPAM buscando en X-PHP-Originating-Script: 1000:object.php(1953) : eval()'d code

Un par de veces me han llamado para investigar un servidor web, ejecutar una aplicación PHP como WordPress, que está enviando correo spam y eliminar la función responsable.
En primer lugar, necesitamos saber de qué guión se origina el mensaje.

Abrir php.ini

vi /etc/php.ini

Agregue la línea siguiente y guarde

mail.add_x_header = On

Reiniciar el servicio de php

service httpd restart

Esto agregará el encabezado siguiente a todos los mensajes que se originan desde el servidor que define el UID y el nombre de archivo del script.

X-PHP-Originating-Script: 1000:object.php

Si no tiene los encabezados del mensaje entonces tendremos que investigar.

Este ejemplo usa Exim , pero el proceso es similar para otros servidores de correo como Postfix o Sendmail.

Quiero intentar localizar el mensaje o los mensajes ofensivos así que tendré que comprobar los registros. Sé que el mensaje era reciente por lo que en este caso sólo quiero cola el final del registro.

tail /var/log/exim/main.log

Cada mensaje tiene una ID única que suele ser la tercera columna después de la fecha y la hora.
2015-11-18 10:58:38 1Zz0Nc-00067L-1N spamming@to.com [111.111.111.111]

Puedo revelar los encabezados de ese mensaje como si

/usr/sbin/exim -Mvh 1Zz0Nc-00067L-1N

Y tendrás los encabezados mostrados en tu terminal junto con X-PHP-Originating-Script
Digamos que sabemos que el archivo ofensivo es object.php y se está enviando a través de nuestra aplicación, ahora tenemos que finalizar y eliminar el script.

find /home/mysite.com -iname "object.php"

el resultado obtendrá la lista de archivos donde se encuentra la incidencia

Para el caso de:
X-PHP-Originating-Script: 1000:object.php(1953) : eval()'d code

1000 se  refiere al uid de quien lo mandó, para esto hay que checar el /etc/passwd
object.php es el archivo malicioso
(1953) al parecer son las líneas de código

Para averiguar las cuantas líneas de código y la ruta del archivo se puede usar los siguientes comandos en terminal

find / -iname "object.php" -exec wc -l {} +

o

find /var/www/html/ -iname "object.php" -exec wc -l {} +

Fuente: https://joebuckle.me/quickie/php-find-which-script-is-sending-spam-mail/

Añadir botón de compartir a Facebook en Blogspot

How to Add a Facebook Share Button to Blogger Posts

Allowing others to easily share your content on social media is something that is always important. Thankfully, many of the services we use for our online promotion have social sharing buttons that we can implement into our websites. Adding a Facebook Share button to Blogger is a little different than some other sites because we want the button to automatically insert the URL of the page the visitor is currently on, or the post they want to share, without having to update this link manually.

Adding a Share button to your blog’s template will ensure that it stays in place at the bottom of every post, and with the code below, the link will be automatically inserted into the button.

Let’s get started

Login to your Blogger account and backup your template in case something goes wrong. You can do this by clicking the Backup/Restore button in the top corner and saving the file to your computer.

Go to Template > Edit HTML.

Click inside the editor text area and press CTRL + F (or CMD + F if you’re on a Mac) to open up the “find” search box in the top right corner.

In the search box, paste this code and press enter:

<div class='post-footer-line post-footer-line-1'> 

It should find one instance of it, but that will be for mobile view. Press enter again to skip to the second instance of it instead. This is your normal blog view.

Directly above that line of code, paste this code:

<div class="facebook-share">
<a expr:share_url='data:post.url' name='fb_share' rel='nofollow' type='BUTTON-TYPE'/><script src='http://static.ak.fbcdn.net/connect.php/js/FB.Share' type='text/javascript'/>
</div>

If you want it to appear at the top of your post instead, jump back to the top of the editor and search for the SECOND instance of:

<data:post.body/>

Insert the code above that.

Choosing the button type

Facebook has 6 types of buttons that you can choose from. You can see them here in the “Layout” dropdown. In the “BUTTON-TYPE” part of the code above, enter one of the following as shown:

• box_count
• button_count
• button
• icon_link
• icon
• link

Save your template

The script will not appear in Preview mode, so save your template and check your live blog for your new Share button!

Fuente: http://icanbuildablog.com/2014/12/how-to-add-a-facebook-share-button-to-blogger-posts/

Cambiar entre Mail Transfer Agent (MTA) en Fedora, CentoOS

Un Mail Transfer Agent (MTA) es un software que transfiere mensajes de correo electrónico de un equipo a otro utilizando una arquitectura de aplicación de servidor de cliente (client server application architecture).

Un MTA también se llama por algunos otros nombres como - un agente de transferencia de mensajes (Message Transfer Agent), un reenvío de correo (Mail Relay) y agente de transporte de correo (Mail Transport Agent).

Switch between MTAs

Method 1 : alternatives command

In Fedora or Red Hat, you can change the default MTA by using the alternatives command.

With alternatives, an executable with a generic name on the file system is used to access a particular service. This executable is really a symbolic link to another symlink in the /etc/alternatives/ directory. For example, the /usr/bin/sendmail is actually a symbolic link to /etc/alternatives/mta . In order to select between Sendmail or Postfix, we just change the symlink for the /etc/alternatives/mta . This is normally done with the alternatives command. Here are some examples:

To display which MTA alternative is in use:

# alternatives --display mta

To choose from the available MTA alternatives from the command line :

# alternatives --config mta

To setup Postfix as the default mail system:

# alternatives --set mta

Method 2 : system-switch-mail

Another method of changing your default MTA in Fedora is to use the /usr/sbin/system-switch-mail or /usr/sbin/system-switch-mail-nox tool. You will first have to install the system-switch-mail package using Yum as follows.

$ su -c 'yum install system-switch-mail'

Once you have installed the system-switch-mail package, you can run one of the corresponding tools to switch between the different MTAs installed in your system. When you run the system-switch-mail[-nox] command, you will see a self-explanatory selection dialog that allows you to switch to another MTA installed in your system.

Verify that the MTA is running

To verify that the MTA of your choice has started running, open system-config-services in Fedora and see if it lists your MTA in the services that are running on your system.

List of services running in Fedora

Fuente: http://www.aboutlinux.info/2005/06/change-your-mail-transport-agent-mta.html

Unboxing Mobo Air Car Holder Portateléfono de ventilador para Auto Modelo 7

Unboxing
Mobo
Air Car Holder
Porta-teléfono de ventilador para Auto
Modelo 7

https://youtu.be/K7w1hwgKWNA

Instalar SpamAssassin on CentOS

How to install SpamAssassin on a CentOS 6 VPS

The following article is part 4 of our mailserver set-up with virtual users and domains using Postfix and Dovecot on a CentOS 6 VPS, followed by part 2 which explains how to install and set-up the Roundcube webmail interface on a linux vps server and then part 3 which is all about how to set-up an SSL encrypted connection in Postfix, Dovecot and Apache using SSL certificates.

In this tutorial we are going to set-up SpamAssassin on one of our CentOS 6 linux virtual servers and integrate it into our Postfix mailserver set-up so it can scan and mark the emails detected as SPAM.
What is SpamAssassin?
It is a program released under the Apache License 2.0 used for e-mail spam filtering based on content-matching rules.

UPDATE THE SYSTEM

As usual, make sure your CentOS 6 linux vps is fully up to date by executing:

## screen -U -S spamc-screen
## yum update

INSTALL SPAMASSASSIN

Install the SpamAssassin package using yum by running:

## yum install spamassassin

SET-UP USER

create spamfilter group used for the user that will run the spamassassin service

## groupadd spamfilter

create new user spamfilter with a home directory of /usr/local/spamassassin and add it to the spamfilter group you just created

## useradd -g spamfilter -s /bin/false -d /usr/local/spamassassin spamfilter
## chown spamfilter: /usr/local/spamassassin

CONFIGURE SPAMASSASSIN

next, configure spamassassin by editing /etc/mail/spamassassin/local.cf and adding/setting the following

## vim /etc/mail/spamassassin/local.cf

## Required_hits: This determines the filter balance; the lower the score the more aggressive the filter.
# A setting of 5.0 is generally effective for a small organisation or a single user.
# Adjust the strictness score to your organization's needs - a large medical organisation might want  to let email items
# through that are trying to sell pharmaceuticals, so we might increase the level to a more modest 8.0.
required_hits 5
## Report_safe:  This line determines whether to delete the item or to move the item to the inbox whilst appending
# a spam notice to the subject line. The levels for this line are set to either a 1 or 0. A score of 1 will delete the spam item,
# whereas a score of 0 will send the item to the inbox and rewrite the subject line.
report_safe 0
rewrite_header Subject [**SPAM**]
## Required_score: This line sets the spam score for all email allowed through to your domain, with levels of certainty set from 0 to 5.
# Zero would be classified as a legitimate email item, whereas 5 would be an definite 'SPAM' item.  If we set the score to 3 we would catch a
# lot of unsolicited emails but quite a few false positives would still get through. For our example email server we will use the score of 5,
# but you can of course set this value according to your preference.
required_score 5.0

before we proceed with starting-up the spamassassin service, we need to make sure it runs with our newly created spamfilter user by editing /etc/sysconfig/spamassassin and setting-up the following:

## vim /etc/sysconfig/spamassassin

# Options to spamd
SAHOME="/usr/local/spamassassin"
SPID_DIR="/var/run/spamassassin"
SUSER="spamfilter"
SPAMDOPTIONS="-d -c -m5 --username ${SUSER} -H ${SAHOME} -s ${SAHOME}/spamfilter.log"

with all that in place, we are ready to start and enable the spamassassin service on system startup using:

## service spamassassin start
## chkconfig spamassassin on

Fuente: https://www.rosehosting.com/blog/how-to-install-and-integrate-spamassassin-with-postfix-on-a-centos-6-vps/

$_POST y $_GET con filter_input en PHP

El código en PHP para $_POST y $_GET en las mejores prácticas de programación es el siguiente:

Para POST

$varAlmacenada = $_POST["varEnviada"]


Lo sustituye:

$varAlmacenada = filter_input(INPUT_POST, 'varEnviada', FILTER_SANITIZE_SPECIAL_CHARS );


Para GET

$varAlmacenada = $_GET["varEnviada"]

Lo sustituye:

$varAlmacenada = filter_input(INPUT_GET, 'varEnviada', FILTER_SANITIZE_SPECIAL_CHARS );