First, install vsftpd

sudo apt-get install vsftpd

Configure your installation.

sudo nano /etc/vsftpd.conf
or
sudo vi /etc/vsftpd.conf

You need to have these to uncommented (Delete the initial “#”)
local_enable=YES
write_enable=YES

Setup password for your ubuntu user name
sudo passwd ubuntu

Give the permissions.
chown -R ubuntu /var/www/
Obviously, you can change the path with your requirement.

Restart the FTP service
sudo /etc/init.d/vsftpd restart

This enables the Uncomplicated Firewall built-in to Ubuntu on port 21. Don’t know about others.
sudo ufw allow 21

That’s it. Login to your FTP with “ubuntu” username and your password.

All I needed to do was to enable the ICMP requests:

1) Log into AWS account.
2) Click on “Security Groups”. Choose the required security group.
3) Click on the “Inbound” tab.

Create a new rule: Custom ICMP rule
Type: Echo request
Source: 0.0.0.0/0

0.0.0.0 will allow everyone to ping your server. You can specify your own addresses if you want.

That’s it.

I’m open sourcing my txtweb app @pushmail – An app that’ll send push email notifications via SMS.

I’m still a noob. This is the first time I’m open sourcing my project. Hopefully, someone will review my code and provide some constructive criticism.

What is @pushmail

It is an SMS app on the txtweb.com platform with which users can get instant email notifications via SMS. If they choose to, they can read full emails and reply to them. The user just has to setup a simple email forwarder. http://suhastech.com/mail

The “I just want to get this working” guide:

I have spent a few extra hours to make sure this can be setup quickly. I try not to just dump the code. So, you can find some comments explaining the mechanism.

Download the source.

1. Fill the common.php files with the constants. The comments will guide you through.
2. Setup a catch all email daemon and pipe it to the file “fetch_email_from_pipe.php”. Make sure it’s executable (chmod 755).
3. Install the Zend PHP framework.
4. Setup a cron that executes “database_cleanup.php” regularly. It prunes old emails from the database.
5. Install the MySQL schema by running install/install.php
6. Fork and improve the code.

Brief Overview of “How this works” (Just for the curious ones)

Read the txtweb documentation to get the complete picture. http://www.txtweb.com/tutorials-and-resources

In this system, user’s email username/password, mobile number or other information are not accessible even to the admin.

I have two tables.

Table 1 has two column, one the “user identifier” (integer, which is really an auto incremented index) and the other with the “mobile number hash” (encrypted form of the mobile number) which is sourced from the txtweb APIs. This is later used to send push email notifications using the txtweb APIs.

When you send “@pushmail” (or whatever app handle you have registered) to the txtweb mobile number, the app generates a unique user identifier integer, converts the integer to a unique alpha ID (say xyz) and saves the mobile hash in the above mentioned table. Sends you back a text message to the user with instructions to setup a forwarder to the email address xyz@yourdomain.com

I have a daemon setup which catches all emails to yourdomain.com.

As soon as the user forwards an email to xyz@yourdomain.com, it catches the email, looks for the user identifier code, converted back to integer. If a match is found in table 1, the mobile hash is extracted and sends a message “Reply Z to open this email… Subject, From Address”. It saves the email on another table with columns “auto incremented index” and “encrypted email body”.

It generates a unique ID (auto incremented) for the email and saves the email encrypted with the user identifier integer as the key.

When user replies Z, it goes to another page with GET request, ?id=1234&txtweb-mobile=the_mobilehash.

It looks for the table where id=1234 (that was generated when you got the email), fetches whatever is in your encrypted email body column). It then fetches the User identifier integer using the mobile hash (the first column). Decrypts (symmetric decryption) the email using the unique identifier interger, this ONLY works if the user identifier code is right, else you will find gibberish text. So, only the user can open the email.

The unsolvable problems (Atleast, for me)

1. If a hacker somehow gets all my database files and wants to open 1 of your emails (There’s nothing more he can do, trust me), he could try a simple “for loop” that tries to decrypt trying all the unique identifier integer (currently 6000). Difficult but still doable with some crunching power. So, make sure you have secured your servers. Still, the hacker has no way of telling what’s who’s. Not a big security hole I guess.
2. The email parsing technique. With literally thousands of RFC rules, different email clients sending in their own standards, I just couldn’t write a “one code fits all” code to parse the emails. Hopefully, someone will improve this.

change directory to the PHP folder. You might have a different version.
cd C:\wamp\bin\php\php5.3.5

Run your PHP command like “php -l file” etc.

The pretty permalinks on my wordpress installation stopped working. Most Google searches told me to change the AllowOverride None to AllowOverride All. I tried numerous files. Finally, it seems there were 2 occurrences of the same  string in the httpd.conf file.

You had to change the one inside this

<Directory "/opt/bitnami/apache2/htdocs">
    #
    # Possible values for the Options directive are "None", "All",
    # or any combination of:
    #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
    #
    # Note that "MultiViews" must be named *explicitly* --- "Options All"
    # doesn't give it to you.
    #
    # The Options directive is both complicated and important.  Please see
    # http://httpd.apache.org/docs/2.2/mod/core.html#options
    # for more information.
    #
    Options Indexes MultiViews +FollowSymLinks
    #
    # AllowOverride controls what directives may be placed in .htaccess files.
    # It can be "All", "None", or any combination of the keywords:
    #   Options FileInfo AuthConfig Limit
    #
    AllowOverride All

    #
    # Controls who can get stuff from this server.
    #
    Order allow,deny
    Allow from all

</Directory>

The httpd.conf file is present inside the apache2/conf directory. Some articles say that it is apache2.conf. It depends, I guess.

There was also no permission prompt to install the Chrome Plugin, that’s not right. And the Plugin doesn’t list in the Extension settings.

Anyways, You can disable the Plugin by typing “about:plugins” in the address bar. There, disable the “Skype Toolbar”.

I was recently hacked by this website “sweepstakesandcontestsinfo.com” which was adding a little javascript just before </body> tag that was leading the visitors to download a malware filled flash player. I got to know about this when this particular finnish site was discussing about this (Thank god, I check stats).

Anyways, I did a little searching around. Seems that every single PHP file of mine was appended with the cheesy base64_encode’ed code.

My crappy webhost doesn’t provide SSH Access.  I couldn’t use my favorite command line. So, had to write some PHP code. Though it’s not the most efficient script, does the job well.

Ok, Here’s how you get rid of it.
1) Extract and upload this to your root directory.

2) Open one of your PHP file, on the top you’ll have a code similar to <?php eval(base64_decode(‘shit’)); ?>, copy and paste it into the ‘replace.txt’ file.

3) Open yoursite.com/replace.php. It’ll take a few minutes. Scroll down, it would’ve replaced the malicious code.

And oh, you need to have File_SearchReplace PEAR package installed on your host for this script to work.

Also, Sucuri says that these website also do the same crap.

sokoloperkovuskeci.com
sweepstakesandcontestsnow.com
sweepstakesandcontestsinfo.com
sweepstakesandcontestsdo.com

For http://suhastech.com/mobile/how-to-manage-emails-with-sms/

function get_string_parameters($string) {
$result = array();
if( empty($string) || !is_string($string) ) return $result;
$string = str_replace('&', '&', $string);
$params_array = explode('&', $string);
foreach($params_array as $value) {
$tmp_array = explode('=', $value);
if( count($tmp_array) != 2) continue;
$result[$tmp_array[0]] = $tmp_array[1];
}
return $result;
}

$getstuff = get_string_parameters($_SERVER['QUERY_STRING']);
$paragraphs = explode("%OA", $getstuff['YOUR-GET-FIELD']); // edit here
$yourmessage = "";
foreach ($paragraphs as $paragraph)
{
 $yourmessage = $yourmessage.urldecode($paragraph)."n";
}

“ipad stuck in dfu mode after restore”

“iphone stuck in dfu mode”

“itunes restore 1600 error”

“redsnow stuck at installing bundles”

The power button on my iPad was not working. I knew it was not a hardware problem because the it wasn’t stuck or anything. It was on iOS 4.2.1. Thought this was a good time to restore to 4.3.3 and ‘get updated’ to the new features like nitro JS engine, multitouch gestures etc.

This is not a tutorial but a story of screw ups. If you are facing the same issues, you might follow this if you like but I’m not responsible for any damages.

Here’s what I did.

1) I downloaded the 4.3.3 IPSW (Thankfully, I had the .shsh file saved through TinyUmbrella).

2) I opened TinyUmbrella and started the TSS server to fool iTunes to believing that my computer is the Apple’s verification server. Internally, this is done by the DNS hosts file.

3) Opened iTunes. Shift + Click on restore. Loaded the 4.3.3 IPSW.

4) As you might expect, it didn’t work. Error 1600 / 1601 / 1603 / 1604 . I’m not sure.

5) Put my iPad into DFU mode and tried. It restored it alright but it was back to DFU mode after that.

6) As it was on DFU. I built a custom IPSW using SnowBreeze and tried. Same result.

7) Tried with RedSn0w. It booted by got stuck at “Installing Bundles”.

Tried booting RedSn0w tethered. Small success, it went to recovery mode. Unplug and replug. Go to iTunes, name the iPad and I’m in.

9) Now, the problem, as soon as I power off, It went to DFU mode no matter what. Guess the Boot Sectors were screwed up.

10) This might be the crucial step towards the fix.

Went to ‘jailbreakme.com’ on Mobile Safari and installed the jailbreak. Once, I powered down, screwed, even the display stopped working. Was hearing sound on the headphones that’s all.

11) I still had the Sn0wBreeze IPSW. So, used iREB to go to DFU mode (the iPad was working without display).

12) Went to iTunes and Pressed Shift + Restore with finger crossed and Tada! Apple logo on the pad. Yay!