james

How to remove exif metadata from jpegs using php or command line

January 1, 2014May 24, 2015 james 1 Comment

There is a method of hacking php using a security flaw in php in how it handles exif meta data embedded in jpeg, png or gif images. You describe this as an EXIF injection attack. As a precaution it is a good idea to strip all EXIF information from any images that are uploaded to your website.

I have found these two tools really useful to do this and this is a quick outline of how we used them:

Removing EXIF meta data from .jpg on Ubuntu / PHP
There is a really good tool called exiftool. There is a version in the Ubuntu repositories – so it is super easy to install.

apt-get install libimage-exiftool-perl

You can then strip exif meta from a jpeg using the command:

exiftool -all=  filename.jpg

So in php this would look like this:

$output = exec(sprintf(&quot;exiftool -all= %s&quot;, escapeshellarg($_image_path)));

Removing EXIF meta data from .png images on Ubuntu / PHP
The best tool for removing exif information from .pngs is Optipng. You can install optipng on Ubuntu from source using this recipe.

apt-get install optipng

and so again in php it would look something like this:

$output = exec(sprintf('optipng -strip all %s', escapeshellarg($_image_path)));

I hope this helps someone.

How to install optipng on Ubuntu from source

January 1, 2014January 1, 2014 james 1 Comment

Optipng is in the Ubuntu repositories but is you want an up to date version then it can be worth installing Optipng from source. This is essentially a script but you can use the commands on there own if you want.

wget --quiet http://downloads.sourceforge.net/project/optipng/OptiPNG/optipng-0.7.3/optipng-0.7.3.tar.gz
tar xf optipng-0.7.3.tar.gz

cd /root/scripts/optipng-0.7.3
./configure > /dev/null 2>&1
make > /dev/null 2>&1

cp /root/scripts/optipng-0.7.3/src/optipng/optipng /usr/bin/
ln -s /usr/local/bin/optipng /usr/bin/optipng

rm /root/scripts/optipng-0.7.3.tar.gz
rm -rf /root/scripts/optipng-0.7.3

A Review of Pokki – Windows 8 Start Menu

December 26, 2013December 26, 2013 james Leave a comment

I just wanted to review Pokki – Windows 8 start menu replacement which I installed to replace the deeply broken Windows 8 Metro interface.

Pros

It is free

Cons

It is really slow and takes ages to load up.
It has privacy problems – i.e. it records everything you type into the search and send it to their webservers.
It mixes the Pokki app store results into the search results which is confusing and introduces lag into the process.
It doesn’t automatically launch the desktop on startup.

Basically, the solution is to use Start8 which is much faster and doesn’t have any privacy problems.

How to make Windows 8 behave and feel like Windows 7

December 26, 2013December 26, 2013 james Leave a comment

I hate the Metro interface that Windows have introduced in Windows 8. It is totally confusing to have both the desktop and Metro to launch applications from. Basically, the solution is install:

Start8

This basically fixes Windows.

How to install Postgres 9.3 with headers on Ubuntu 13.10

December 23, 2013February 17, 2014 james 7 Comments

If you need to install Postgres 9.3 with development headers (i.e. so that you can compile extensions to Postgres) then hopefully this post can help you. Firstly – don’t use the official Postgres PPA because it only provides binaries and not sources.

So, use Chris-Les Postgress PPA found here:

https://launchpad.net/~chris-lea/+archive/postgresql-9.3

sudo add-apt-repository ppa:chris-lea/postgresql-9.3
sudo apt-get update
sudo apt-get install postgresql-server-dev-9.3

I hope this help someone.

How to send a test email from the command line Ubuntu

December 23, 2013October 23, 2015 james 5 Comments

If you have just installed Postfix or Sendmail it can be helpful to test if everything is configured correctly. Often you want to do this from the commandline without having to install an entire email client. You can do this by installing a few simple command line mail utilities.

apt-get update
apt-get install mailutils

Then pipe a message to the command:

echo testing | mail -s test_subject myemail@example.com

If the mail doesn’t arrive then you can reconfigure postfix and try again.

dpkg-reconfigure postfix

I hope this helps someone.

Weird ssl_error_rx_record_too_long error after upgrading from Ubuntu 13.04 to Ubuntu 13.10

December 18, 2013September 3, 2014 james 5 Comments

I upgrade one of our servers from Ubuntu 13.04 to Ubuntu 13.10 and immediately one of the apache sites went wrong. It is was an odd problem because the Apache configuration had not changed and there was nothing unusual about it. I was getting and SSL error like so:

ssl_error_rx_record_too_long error

It turns out that all I needed to do was rename the configuration file (adding .conf). I.e.

/etc/apache2/sites-available/old_name

/etc/apache2/sites-available/old_name.conf

How strange!

How to list what Apache modules are enabled in Ubuntu

December 18, 2013December 18, 2013 james Leave a comment

If you are trying to configure Apache, it can be handy to see what Apache modules are enabled Ubuntu. Here is how to check which apache modules are enabled/installed.

apache2ctl -M

This will provide a list the apache modules which are enabled like so:

Loaded Modules:
 core_module (static)
 so_module (static)
 watchdog_module (static)
 http_module (static)
 log_config_module (static)
 logio_module (static)
 version_module (static)
 unixd_module (static)
 access_compat_module (shared)
 alias_module (shared)
 auth_basic_module (shared)
 authn_core_module (shared)
 authn_file_module (shared)
 authz_core_module (shared)
 authz_host_module (shared)
 authz_user_module (shared)
 autoindex_module (shared)
 deflate_module (shared)
 dir_module (shared)
 env_module (shared)
 expires_module (shared)
 filter_module (shared)
 mime_module (shared)
 mpm_prefork_module (shared)
 negotiation_module (shared)
 php5_module (shared)
 rewrite_module (shared)
 setenvif_module (shared)
 socache_shmcb_module (shared)
 ssl_module (shared)
 status_module (shared)

Ansible htpasswd – this module requires the passlib python library

December 18, 2013December 18, 2013 james Leave a comment

I just tried to use the Ansible htpasswd and it said:

msg: This module requires the passlib Python library

You just need to check that python-passlib is installed like so:

action: apt pkg=python-passlib state=latest install_recommends=yes

a2ensite ERROR: Site www.example.com does not exist! Ubuntu 13.10

December 16, 2013January 1, 2014 james 4 Comments

On our Ubuntu 13.10 server, I had created an apache configuration file for a virtual host however, I could not enable it using a2ensite. The file was here:

/etc/apache2/sites-available/www.example.com

I tried to enable it:

a2ensite www.example.com

However, the command complained that ERROR: Site www.example.com does not exist! The files clearly exists. It turns out the this command only works if the file ends with .conf. So

mv www.example.com www.example.com.conf
a2ensite www.example.com.conf

Voila it now work. Why or why doesn’t the developer give useful error messages. For example they should have write. Error – the files doesn’t have a .conf on the end!