How to remove exif metadata from jpegs using php or command line

There is a method of hacking php using a security flaw in php in how it handles exif meta data embedded in jpeg, png or gif images. You describe this as an EXIF injection attack. As a precaution it is a good idea to strip all EXIF information from any images that are uploaded to your website.

I have found these two tools really useful to do this and this is a quick outline of how we used them:

Removing EXIF meta data from .jpg on Ubuntu / PHP
There is a really good tool called exiftool. There is a version in the Ubuntu repositories – so it is super easy to install.

apt-get install libimage-exiftool-perl

You can then strip exif meta from a jpeg using the command:

exiftool -all=  filename.jpg

So in php this would look like this:

$output = exec(sprintf("exiftool -all= %s", escapeshellarg($_image_path)));

Removing EXIF meta data from .png images on Ubuntu / PHP
The best tool for removing exif information from .pngs is Optipng. You can install optipng on Ubuntu from source using this recipe.

apt-get install optipng

and so again in php it would look something like this:

$output = exec(sprintf('optipng -strip all %s', escapeshellarg($_image_path)));

I hope this helps someone.

How to batch rename files in Ubuntu

You can batch rename files in Ubuntu using the “rename” command. It should be installed by default – so no need to apt-get install.

The command is quite simple:

rename s/"SEARCH"/"REPLACE"/g *

For example renaming:

google_marker_green.png
google_marker_blue.png
etc…

To:

map_marker_green.png
map_market_blue.png
etc…

rename s/"google"/"map"/g *

Hope this helps someone.

Networking disconnects with libvirt (kvm) and vm still running on Ubuntu

We’ve had a problem with some of our KVM Virtual machines where the network connection just disappears. The vm is still running but essentially it’s unreachable over the network (just like if you have pulled out the network cable of real computer). Until, I found the fix, I had to connect to the VM using VNC and then reboot it and everything works for a little while again. This happened on both Ubuntu 12.04 and 13.04 machines which and been completely updated.

I found it really hard to diagnose and searched endless for “kvm libvirt networking problem” or “kvm libvirt networking disappeared” or “kvm libvirt networking failure” etc.

However after trial and error, I found that the virtio virtual network driver was to blame. Changing it to the e1000 virtual network driver solved the problems.

So…

virsh edit vm-name

And change…

<interface type='bridge'>
    <mac address='xx:xx:xx:xx:xx:xx'/>
    <source bridge='br0'/>
    <model type='virtio'/>
    <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
</interface>

to

<interface type='bridge'>
    <mac address='xx:xx:xx:xx:xx:xx'/>
    <source bridge='br0'/>
    <model type='e1000'/>
    <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
</interface>

Hope this helps someone.

PHP CURL SSL Not working Ubuntu 12.04

We have been trying to make a curl requested to login to a secure website from within PHP on Ubuntu 12.04. However, curl was hanging and responding with a nothing.

After much debugging, it turns out the curl was failing to negoitiate the correct ssl protocol to use. You can test if you have the same bug as follows. Open a terminal in Ubuntu

Try:

curl https://the.secure.website.com

If it fails then try setting the SSL version to 3.

curl -3 https://the.secure.website.com

If this goes then set the SSL version in your PHP script.

curl_setopt($ch, CURLOPT_SSLVERSION, 3);

Hope this helps someone.