Dec 18

1.First rewrite url:

        modify nginx.conf config file and add fllow line in server keyword.

if (!-e $request_filename) { 
          rewrite ^/(.*)$ /index.php/$1 last;
}

2.modify php resolve

location ~ .*\.php($|/) {
          fastcgi_pass 127.0.0.1:9000;
          fastcgi_index index.php;
          include fastcgi.conf;
}

3.modify fcgi.conf config file

#set $path_info "";
#set $real_script_name $fastcgi_script_name;
#if ($fastcgi_script_name ~ "^(.+?\.php)(/.+)$") {
#set $real_script_name $1;
# set $path_info $2;
#}
#fastcgi_param PATH_INFO $path_info;

if ($request_filename ~* (.*)\.php) {
set $php_url $1;
}
if (!-e $php_url.php) {
return 403;
}

fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;

fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;

fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;

fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;

# PHP only, required if PHP was built with –enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;

Tagged with:
Jun 21

/root/php-5.2.12/ext/iconv/iconv.c:2615: undefined reference to `libiconv’

/root/php-5.2.12/ext/iconv/iconv.c:2615: undefined reference to `libiconv’

ext/iconv/.libs/iconv.o:/root/php-5.2.12/ext/iconv/iconv.c:2537: more undefined references to `libiconv’ follow

ext/iconv/.libs/iconv.o: In function `php_iconv_stream_filter_ctor’:

/root/php-5.2.12/ext/iconv/iconv.c:2491: undefined reference to `libiconv_open’

ext/xmlrpc/libxmlrpc/.libs/encodings.o: In function `convert’:

/root/php-5.2.12/ext/xmlrpc/libxmlrpc/encodings.c:73: undefined reference to `libiconv_open’

/root/php-5.2.12/ext/xmlrpc/libxmlrpc/encodings.c:81: undefined reference to `libiconv’

/root/php-5.2.12/ext/xmlrpc/libxmlrpc/encodings.c:101: undefined reference to `libiconv_close’

collect2: ld returned 1 exit status

make: *** [sapi/cli/php] ?.. 1

 

fix:

edit makefile

vi Makefile

add follow parameters:

EXTRA_LIBS = –lcrypt

Tagged with:
Jun 17

 

#!/bin/bash

function backup(){
HOST=$1
USERNAME=$2
PASSWD=$3
DBNAME=$4
BACKUPDIR=$5
TAG=$6

mkdir -p  "$BACKUPDIR"tmp
NUM=`/usr/local/mysql/bin/mysql -h"$HOST" -u"$USERNAME" -p"$PASSWD"  -s -vv -e "show tables" -D "$DBNAME"|wc -l`
HEADNUM=`expr ${NUM} – 3`
TAILNUM=`expr ${NUM} – 7`
ARR1=`/usr/local/mysql/bin/mysql -h"$HOST" -u"$USERNAME" -p"$PASSWD" -s -vv -e "show tables" -D "$DBNAME"| head -n"$HEADNUM" | tail -n "$TAILNUM"`
ARR2=($ARR1)
i=0
while [ "$i" -lt "${#ARR2[@]}" ]
do
tmpFileName=${ARR2[$i]}

/usr/local/mysql/bin/mysqldump -h"$HOST" -u$USERNAME -p"$PASSWD" "$DBNAME" "$tmpFileName" > "$BACKUPDIR"tmp/"$tmpFileName"
let "i++"
done

tar czvf "$BACKUPDIR"/"$TAG"`date ‘+%Y%m%d’`.tgz "$BACKUPDIR"tmp/*

rm -rf "$BACKUPDIR"tmp
}

backup

Tagged with:
Jun 13

Error information:

/usr/local/mysql/bin/mysqlhotcopy -u root -p  –addtodest –noindices –flushlog -q qeedoo /tmp/bak

install_driver(mysql) failed: Can’t load ‘/usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/auto/DBD/mysql/mysql.so’ for module DBD::mysql: libmysqlclient.so.15: cannot open shared object file: No such file or directory at /usr/lib/perl5/5.8.8/i386-linux-thread-multi/DynaLoader.pm line 230.
at (eval 7) line 3
Compilation failed in require at (eval 7) line 3.
Perhaps a required shared library or dll isn’t installed where expected
at /usr/local/mysql/bin/mysqlhotcopy line 194

 

fix:

# http://search.cpan.org/~capttofu/DBD-mysql-3.0008/

wget http://search.cpan.org/CPAN/authors/id/C/CA/CAPTTOFU/DBD-mysql-4.020.tar.gz

tar zxvf DBD-mysql-4.020.tar.gz

cd /tmp/DBD-mysql-4.020

perl Makefile.PL --mysql_config=/usr/local/mysql/bin/mysql_config

make

make install

other error:

install_driver(mysql) failed: Can't load '/usr/lib/perl5/site_perl/5.8.8/i386-linux-thread-multi/auto/DBD/mysql/mysql.so' for module DBD::mysql: libmysqlclient.so.16: cannot open shared object file: No such file or directory at /usr/lib/perl5/5.8.8/i386-linux-thread-multi/DynaLoader.pm line 230.

at (eval 7) line 3

Compilation failed in require at (eval 7) line 3.

Perhaps a required shared library or dll isn't installed where expected

at /usr/bin/mysqlhotcopy line 177

create file of /etc/ld.so.conf.d/dbd.conf and add follow line:

echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf.d/dbd.conf

ldconfig

Finish, Hope to help you.

Tagged with:
Jun 07

mysqlslap is a diagnostic program designed to emulate client load for a MySQL server and to report the timing of each stage. It works as if multiple clients are accessing the server. mysqlslap is available as of MySQL 5.1.4.
–defaults-file,config file path
–concurrency,connect in same time
–engines,engines
–iterations,perform times
–socket,socket file

auto test:
–auto-generate-sql,auto generate SQL
–auto-generate-sql-load-type,test sql types.The types have mixed,update,write,key,read。
–number-of-queries,perform times total
–number-int-cols,the table include cols colums number
–number-char-cols,the table include char colums number

example:
shell>mysqlslap –defaults-file=/u01/mysql1/mysql/my.cnf –concurrency=50,100 –iterations=1 –number-int-cols=4 –auto-generate-sql –auto-generate-sql-load-type=write –engine=myisam –number-of-queries=200 -S/tmp/mysql1.sock
Benchmark
Running for engine myisam
Average number of seconds to run all queries: 0.016 seconds
Minimum number of seconds to run all queries: 0.016 seconds
Maximum number of seconds to run all queries: 0.016 seconds
Number of clients running queries: 50
Average number of queries per client: 4

Benchmark
Running for engine myisam
Average number of seconds to run all queries: 0.265 seconds
Minimum number of seconds to run all queries: 0.265 seconds
Maximum number of seconds to run all queries: 0.265 seconds
Number of clients running queries: 100
Average number of queries per client: 2

special database

–create-schema,database name

–query,test sql file

example:
shell>mysqlslap –defaults-file=/u01/mysql1/mysql/my.cnf –concurrency=25,50 –iterations=1 –create-schema=test –query=/u01/test.sql -S/tmp/mysql1.sock
Benchmark
Average number of seconds to run all queries: 0.018 seconds
Minimum number of seconds to run all queries: 0.018 seconds
Maximum number of seconds to run all queries: 0.018 seconds
Number of clients running queries: 25
Average number of queries per client: 1

Benchmark
Average number of seconds to run all queries: 0.011 seconds
Minimum number of seconds to run all queries: 0.011 seconds
Maximum number of seconds to run all queries: 0.011 seconds
Number of clients running queries: 50
Average number of queries per client: 1

Tagged with:
Jun 03

#!/usr/bin/php -q
<?php

/*————————————————————————
#Flash file xss check script 2010/6/3
#check process:
#run ExternalInterface.call and by loaderInfo.parameters get parameters
#Usage:
./scan.php /as[code dir]>log
--------------------------------------------------------------------------*/

set_time_limit(0);

function find($directory)
{
$mydir=dir($directory);
while($file=$mydir->read()){
if((is_dir("$directory/$file"))&&($file!=".")&&($file!=".."))
{
find("$directory/$file");
}
else{
if($file != "." && $file != ".."&&eregi(".as",$file)){
$fd=realpath($directory."/".$file);
$fp = fopen($fd, "r");
$i=0;
while ($buffer = fgets($fp, 128)) {
$i++;
if(eregi("ExternalInterface.call",$buffer))
{
echo "Line".$i.":".$buffer."\r\n\r\n";
preg_match("/\((.*)\)/i", $buffer, $match);
if (strstr($match[1],"("))
{
preg_match("/\((.*)\)/i", $match[1], $newmatch);
echo "get parameter again include :".$newmatch[1]."\r\n\r\n";
$oldfp = ftell($fp);
fseek($fp, 0);
$p = 0;
while ($newbuffer = fgets($fp, 128))
{
$p++;
if(eregi("loaderInfo.parameters",$newbuffer))
{
//echo "Line".$p.":".$newbuffer."\r\n";
if (strstr($newbuffer,$newmatch[1]))
{
echo $newmatch[1]."vuln\r\n\r\n";

}
}
}
fseek($fp, $oldfp);
unset($oldfp);
} elseif(strstr($match[1],","))
{
echo "多个参数:$match[1]\r\n";
if (strstr($match[1],"loaderInfo.parameters")){
echo $match[1]."Please run loaderInfo.parameters submit vuln\r\n\r\n";
}
$var_array = array();
$var_array = explode(",",$match[1]);
$oldfp = ftell($fp);
fseek($fp,0);
while ($newbuffer = fgets($fp, 128))
{
if(eregi("loaderInfo.parameters",$newbuffer))
{
//echo "Line".$p.":".$newbuffer."\r\n\r\n";
foreach ($var_array as $value)
{
if (strstr($newbuffer,$value))
{
echo trim($value)."vuln exists\r\n\r\n";
}

}

}
}
fseek($fp, $oldfp);
unset($oldfp);
}else
{
echo "unique parameter:".$match[1]."\r\n";
if (strstr($match[1],"loaderInfo.parameters")){
echo $match[1]."Please run loaderInfo.parameters submit vuln\r\n\r\n";
}
$oldfp = ftell($fp);
fseek($fp,0);
while ($newbuffer = fgets($fp, 128))
{
if(eregi("loaderInfo.parameters",$newbuffer))
{
//echo "Line".$p.":".$newbuffer."\r\n\r\n";
if (strstr($newbuffer,$match[1]))
{
echo trim($match[1])."vuln exists\r\n\r\n";
}
}
}
fseek($fp, $oldfp);
unset($oldfp);
}
}
}
fclose($fp);

}
}
}
$mydir->close();
}
function all()
{
static $count = 1;
echo $count;
$count++;
}
find($argv[1]);
?>

Tagged with:
Apr 25

Rsync is a fast and extraordinarily versatile file copying tool. It can copy locally, to/from another host over any remote shell, or to/from a remote rsync daemon. It offers a large number of options that control every aspect of its behavior and permit very flexible specification of the set of files to be copied. It is famous for its delta-transfer algorithm, which reduces the amount of data sent over the network by sending only the differences between the source files and the existing files in the destination. Rsync is widely used for backups and mirroring and as an improved copy command for everyday use.

rsync by ssh but sshd not listen port 22
rsync -zvrtopg -e ‘ssh -p port’

Jan 10

Its a common misconception that as MongoDB does not use SQL it is not vulnerable to SQL injection attacks. PHP uses objects rather than SQL to pass queries to the MongoDB server; for example the following script selects an item form MongoDB where the username equals ‘bob’ and the password equals ‘password’.

$collection->find(array(

       "username" => $_GET['username'],

       "passwd" => $_GET['passwd']

));

This is equivalent to the SQL syntax

mysql_query("SELECT * FROM collection
       WHERE username=" . $_GET['username'] . ",
       AND passwd=" . $_GET['passwd'])

In a normal SQL injection attack we can replace either of the two input parameters with a string such that the SQL query always returns true. e.g.

login.php?username=admin&passwd=" OR 1 --

That wont work with MongoDB; however if we can pass in an object to the PHP MongoDB driver we could alter the query in a similar fashion. Luckily PHP provides us with a way to pass objects as GET or POST parameters:

login.php?username=admin&passwd[$ne]=1

This creates the MongoDB query

$collection->find(array(
     "username" => "admin",
     "passwd" => array("$ne" => 1)
));

Which is the equivalent to the following SQL statement which, unless the password is “1″ will always return true.

mysql_query("SELECT * FROM collection
    WHERE username="admin",
    AND passwd!=1

The solution is to ensure your variables are properly typed before they are passed into the MongoDB driver. The following code is not vulnerable to MongoDB injection:

$collection->find(array(
     "username" => (string)$_GET['username'],
     "passwd" => (string)$_GET['passwd']
));

Tagged with:
Dec 06

The recently released Fedora 11(CentOS 5) Leonidas has some issues with it’s regular update process. Many users are getting a strange error which complains about the inability of the update system to retrieve the repository metadata, namely repomd.xml. You can see the error as attached in this inlet below:

Error: Cannot retrieve repository metadata (repomd.xml) for repository: fedora. Please verify its path and try again

When we tried to install Fedora 11(CentOS5) for the first time, we also faced a similar problem. A quick twitter search brought us to a conclusion that we were not alone. But a little tweaking of a few system files brought us back on track. In this article we tell you, how to go about resolving the problem in case you face it too.

  • You need to edit two of your repository files: /etc/yum.repos.d/fedora.repo and /etc/yum.repos.d/fedora-updates.repo. Now un-comment all the lines that start with  the term baseurl and place a comment before all lines that start with mirrorlist. This should be done for both the above files.

Now edit your /etc/hosts file and append the following to it’s contents:

80.239.156.215 mirrors.fedoraproject.org

OR you can close yum-updatesd daemon on runlevel 3

chkconfig level 3 yum-updatesd off

/etc/rc.d/init.d/yum-updatesd stop

Now try updating your system or installing any software via Yum. You will see, the error is now resolved and the error message is not shown anymore.

Tagged with:
Dec 06

on a Dell PowerEdge 2950 I am using the Centos 5.x packages for x86_64 powered by the
OpenVZ kernels.
After the last update to the (as of Centos 5.2) latest kernel
2.6.18-92.1.1.el5.028stab057.2
I got alerted by the same kernel ERROR messages shown in the dmesg output:
….
Fusion MPT base driver 3.04.05
Copyright (c) 1999-2007 LSI Corporation
Fusion MPT misc device (ioctl) driver 3.04.05
mptctl: Registered with Fusion MPT base driver
mptctl: /dev/mptctl @ (major,minor=10,220)
mptctldrivers/message/fusion/mptctl.c::mptctl_ioctl() @596 – ioc0 not found!
mptctldrivers/message/fusion/mptctl.c::mptctl_ioctl() @596 – ioc1 not found!
mptctldrivers/message/fusion/mptctl.c::mptctl_ioctl() @596 – ioc2 not found!
….
These error messages seem to get triggered by IOCTL operations on the
device /dev/mptctl; you can reproduce them by doing a
/usr/bin/srvadmin-services.sh restart
srvadmin-services.sh is part of the Dell Server Management software
(Vers-5.2_rev-A00_Apr-2007 for the PowerEdge 2950; to be installed optionally);
the process behind dsm_sa_datamgr32d seems to be the only reader/writer
of the device file:
[root@d2950]# fuser /dev/mptctl
/dev/mptctl: 19331 22642
[root@d2950]# ps -flp 19331 22642
F S UID PID PPID C PRI NI ADDR SZ WCHAN STIME TTY TIME CMD
5 S root 19331 1 0 78 0 – 34354 stext 11:49 ? 0:04 /opt/dell/srvadmin/dataeng/bin/dsm_sa_datamgr32d
5 S root 22642 19331 0 78 0 – 31537 – 11:49 ? 0:00 /opt/dell/srvadmin/dataeng/bin/dsm_sa_datamgr32d
When rebooting the box with the formerly used kernel (as of Centos 5.1):
2.6.18-53.1.6.el5.028stab053.6xen
I see in dmesg output:
Fusion MPT misc device (ioctl) driver 3.04.04
mptctl: Registered with Fusion MPT base driver
mptctl: /dev/mptctl @ (major,minor=10,220)
–> so the new kernel (2.6.18-92.1.1.el5.028stab057.2) comes with a
new driver release … inspecting/comparing the source files for
the kernel module mptctl.ko we see:
=====File: /usr/src/redhat/BUILD/ovzkernel-2.6.18-53.1.6.el5.028stab053.6/\
linux-2.6.18.x86_64/drivers/message/fusion/mptctl.c
=================SNIP-START==
static long
__mptctl_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
{
mpt_ioctl_header __user *uhdr = (void __user *) arg;
mpt_ioctl_header khdr;
int iocnum;
unsigned iocnumX;
int nonblock = (file->f_flags & O_NONBLOCK);
int ret;
MPT_ADAPTER *iocp = NULL;
dctlprintk(("mptctl_ioctl() called\n"));
if (copy_from_user(&khdr, uhdr, sizeof(khdr))) {
printk(KERN_ERR "%s::mptctl_ioctl() @%d – "
"Unable to copy mpt_ioctl_header data @ %p\n",
__FILE__, __LINE__, uhdr);
return -EFAULT;
}
ret = -ENXIO; /* (-6) No such device or address */
/* Verify intended MPT adapter – set iocnum and the adapter
* pointer (iocp)
*/
iocnumX = khdr.iocnum & 0xFF;
if (((iocnum = mpt_verify_adapter(iocnumX, &iocp)) < 0) ||
(iocp == NULL)) {
-> dctlprintk((KERN_ERR "%s::mptctl_ioctl() @%d – ioc%d not found!\n",
-> __FILE__, __LINE__, iocnumX));
return -ENODEV;
}
=================SNIP-END==
=====File: /usr/src/redhat/BUILD/ovzkernel-2.6.18-92.1.1.el5.028stab057.2/\
linux-2.6.18.x86_64/drivers/message/fusion/mptctl.c
=================SNIP-START==
static long
__mptctl_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
{
mpt_ioctl_header __user *uhdr = (void __user *) arg;
mpt_ioctl_header khdr;
int iocnum;
unsigned iocnumX;
int nonblock = (file->f_flags & O_NONBLOCK);
int ret;
MPT_ADAPTER *iocp = NULL;
if (copy_from_user(&khdr, uhdr, sizeof(khdr))) {
printk(KERN_ERR MYNAM "%s::mptctl_ioctl() @%d – "
"Unable to copy mpt_ioctl_header data @ %p\n",
__FILE__, __LINE__, uhdr);
return -EFAULT;
}
ret = -ENXIO; /* (-6) No such device or address */
/* Verify intended MPT adapter – set iocnum and the adapter
* pointer (iocp)
*/
iocnumX = khdr.iocnum & 0xFF;
if (((iocnum = mpt_verify_adapter(iocnumX, &iocp)) < 0) ||
(iocp == NULL)) {
-> printk(KERN_DEBUG MYNAM "%s::mptctl_ioctl() @%d – ioc%d not found!\n",
-> __FILE__, __LINE__, iocnumX);
return -ENODEV;
}
=================SNIP-END==
we see that the newer (Centos 5.2 release) release of the mptctl.c changed
the ‘dctlprintk()’ statement into a ‘printk()’ … this means that a formerly
ONLY when compiling with DEBUG FLAGS ON (i.e. the module Makefile contains:
CFLAGS_mptctl.o += -DMPT_DEBUG_IOCTL)
active debug message print statement got enabled per default … and now we
get a whole lot of messages … it is not clear whether __mptctl_ioctl() should
really be that verbose …
Finally, on our Centos powered box, I was able to compile a more silent mptctl.ko:
[root@d2950]# diff drivers/message/fusion/mptctl.c drivers/message/fusion/mptctl.c-original
595,607c595,596
< #ifdef _MeJ__wants__MPT_DEBUG_IOCTL
< /* MeJ 02-Oct-2008
< we want to get rid of a whole lot of kernel error messages like:
< mptctldrivers/message/fusion/mptctl.c::mptctl_ioctl() @596 – ioc0 not found!
< mptctldrivers/message/fusion/mptctl.c::mptctl_ioctl() @596 – ioc1 not found!
< …..
< i.e. we disable the error message … in former versions of mptctl.c this
< printk() was active only when compiled with:
< CFLAGS_mptctl.o += -DMPT_DEBUG_IOCTL
< */
< printk(KERN_DEBUG MYNAM "%s::mptctl_ioctl() @%d – ioc%d not found!\n",
< __FILE__, __LINE__, iocnumX);
< #endif

> printk(KERN_DEBUG MYNAM "%s::mptctl_ioctl() @%d – ioc%d not found!\n",
> __FILE__, __LINE__, iocnumX);
and after
make
srvadmin-services.sh stop
rmmod mptctl
mv /lib/modules/2.6.18-92.1.1.el5.028stab057.2/kernel/drivers/message/fusion/mptctl.ko \
/lib/modules/2.6.18-92.1.1.el5.028stab057.2/kernel/drivers/message/fusion/mptctl.ko-original
cp drivers/message/fusion/mptctl.ko \
/lib/modules/2.6.18-92.1.1.el5.028stab057.2/kernel/drivers/message/fusion/mptctl.ko
modprobe -a mptctl
srvadmin-services.sh start
the problem is fixed … opensource is simply great ;-))))
Last but not least: Thanks to all of you for providing such a great distro like Centos to the
community!

Tagged with:
preload preload preload