PageRenderTime 62ms CodeModel.GetById 23ms RepoModel.GetById 0ms app.codeStats 0ms

/2012/01/03/index.html

https://gitlab.com/whilefalse/whilefalse.net
HTML | 133 lines | 98 code | 30 blank | 5 comment | 0 complexity | 18543a51608e802b6b2902621fb4bbdb MD5 | raw file
  1. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML+RDFa 1.0//EN"
  2. "http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd">
  3. <html xmlns="http://www.w3.org/1999/xhtml"
  4. xmlns:foaf="http://xmlns.com/foaf/0.1/"
  5. xmlns:dc="http://purl.org/dc/elements/1.1/"
  6. version="XHTML+RDFa 1.0"
  7. xml:lang="en">
  8. <head>
  9. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  10. <meta name="verify-v1" content="fzFgq5wVfygUVAohjoZoq6Z7qQbxtRbFjCBEQQ/iRtI=" />
  11. <title>while(false){.net}: </title>
  12. <meta name="description" property="dc:description" content="The web home and blog of Steven Anderson, web developer and standard nerd." />
  13. <meta name="keywords" content="Steven,Anderson,web,developer,python,cakephp,physics" />
  14. <meta property="dc:language" content="en"/>
  15. <meta property="dc:title" content="while(false){.net}"/>
  16. <link rel="dc:RightsHolder" resource="/steve/"/>
  17. <meta property="dc:creator" content="Steven Anderson"/>
  18. <link rel="dc:rights" resource="http://creativecommons.org/licenses/by/3.0/"/>
  19. <link rel="alternate" type="application/atom+xml" title="while(false){.net} feed" href="/feed.xml" />
  20. <link rel="foaf:maker" href="/steve/"/>
  21. <!-- CSS stuff -->
  22. <link href='http://fonts.googleapis.com/css?family=Ubuntu' rel='stylesheet' type='text/css'>
  23. <link href='http://fonts.googleapis.com/css?family=Droid+Sans:400,700' rel='stylesheet' type='text/css'>
  24. <link rel="stylesheet" href="/css/blueprint/screen.css" type="text/css" media="screen, projection" />
  25. <link rel="stylesheet" href="/css/blueprint/print.css" type="text/css" media="print" />
  26. <!--[if IE]><link rel="stylesheet" href="/css/blueprint/lib/ie.css" type="text/css" media="screen, projection" /><![endif]-->
  27. <link rel="stylesheet" href="/css/style.css" type="text/css" media="screen, projection" />
  28. <link rel="stylesheet" href="/css/comments.css" type="text/css" media="screen, projection" />
  29. <link rel="stylesheet" href="/css/pygments.css" type="text/css" />
  30. <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
  31. <script type="text/javascript" src="/js/jquery.jslatex.js"></script>
  32. <script type="text/javascript" src="/js/site.js"></script>
  33. </head>
  34. <body>
  35. <!-- Head begins -->
  36. <div id="head">
  37. <div class="inner-body">
  38. <div id="login-controls"></div>
  39. <div>
  40. <h1 id="site-title"><a href="/">while(false){.net}</a></h1>
  41. <div id="site-description">rantings with various degrees of mindfulness</div>
  42. </div>
  43. <div id="static-pages-links">
  44. <a href="/">blog</a>
  45. <a href="/steve/">about</a>
  46. <a href="/cats/">cats</a>
  47. </div>
  48. </div>
  49. </div>
  50. <div class="inner-body">
  51. <div id="content">
  52. <div class="inbox">
  53. <h1>Archive of posts from 03 January 2012</h1>
  54. <div class="post" about="/2012/01/03/timthumb-hack-check-script">
  55. <h2>
  56. <a content="TimThumb Hack Check Script" property="dc:title" href="/2012/01/03/timthumb-hack-check-script">TimThumb Hack Check Script</a>
  57. </h2>
  58. <div class="metadata">
  59. <span content="2012-01-03" property="dc:created">
  60. <a class="archive" href="/2012/">2012</a>-<a class="archive" href="/2012/01">01</a>-<a class="archive" href="/2012/01/03/">03</a>
  61. </span>
  62. </div>
  63. <div class="text-short">
  64. <span class="dc:description">
  65. I was recently a victim of the [timthumb vulnerability](http://duckduckgo.com/?q=timthumb+vulnerability). At first I noticed some rogue PHP in all my index.php files, which I cleaned up. But it turned out they had already got in enough to re-hack in no time at all. This time it was my javascript files which all had some obstruficated code in them, causing every page load to make a request to some random site.
  66. </span>
  67. </div>
  68. <div class="read-more">
  69. <a href="/2012/01/03/timthumb-hack-check-script">continue reading</a>
  70. </div>
  71. </div>
  72. </div>
  73. </div>
  74. </div>
  75. <!-- Footer begins -->
  76. <div id="footer">
  77. <div class="inner-body">
  78. <div>
  79. <div class="copyrights">
  80. All content licensed under <a rel="license" href="http://creativecommons.org/licenses/by/3.0/">Creative Commons 3.0 Attribution</a> (unless otherwise stated).
  81. <br/>Please reference <strong>Steven Anderson</strong> if you
  82. re-use any content.<br/>
  83. </div>
  84. <div><a href="http://www.w3.org/RDF/Validator/ARPServlet?URI=http%3A%2F%2Fwww.w3.org%2F2007%2F08%2FpyRdfa%2Fextract%3Furi%3Dhttp://www.whilefalse.net%26format%3Dpretty-xml%26warnings%3Dfalse%26parser%3Dlax%26space-preserve%3Dtrue%26submit%3DGo%21%26text%3D&amp;PARSE=Parse+URI%3A+&amp;TRIPLES_AND_GRAPH=PRINT_BOTH&amp;FORMAT=PNG_EMBED">View RDF Graph...</a></div>
  85. <div><a href="http://www.openrightsgroup.org/support-org" title="Support ORG"><img src="http://www.openrightsgroup.org/badges/org_protect_150.gif" alt="Support the Open Rights Group" /></a></div>
  86. </div>
  87. <div class="right">
  88. <!-- Google analitics counter -->
  89. <script type="text/javascript">
  90. var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
  91. document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
  92. </script>
  93. <script type="text/javascript">
  94. try {
  95. var pageTracker = _gat._getTracker("UA-3568549-8");
  96. pageTracker._trackPageview();
  97. } catch(err) {}</script>
  98. </div>
  99. <div class="clear"></div>
  100. </div>
  101. </div>
  102. </body>
  103. </html>