Hacker for Hire

My First iPhone Hello World App

Wyatt • • Rants

I finally managed to get a functional “hello world” app created for the iPhone and added up on my site. The problem I was having was not only were several tutorials out on the Internet incorrect (i.e., using really old unsupported techniques), but Apple’s code didn’t quite seem to give me enough information.

I started mine completely from scratch with an Xcode iPhone view based application, went through the process of adding my IBOutlet connecting it up, and then took the extra step of exercising some memory management in Cocoa Touch (something I couldn’t find many places). I’ve tacked it up on my iPhone development section for your viewing pleasure.

Even The Big Guys Screw Up

Wyatt • • Rants

Apparently, Google.com has developed a small glitch for today. Twitter and Tech Crunch are reporting that Google has labeled even itself as a possible malware site. I think it’s probably due to their server that does the malware checking being down (giving me 502’s). Here’s hoping they get it fixed shortly.

All Google Results Are Malware

All Google Results Are Malware

Friends Don’t Let friends Use Dreamweaver

Wyatt • • Rants and Technology

Two of my friends and I have spent nearly 2 days fixing 5 pages that were "generated" by Dreamweaver

Quickie: XMBC/Boxee Created in Linux

Wyatt • • Technology and Tips from a Hack

Alright, I’m sure this will be documented much more clearly elsewhere and in a hacker-ish manner, but here’s the basic steps to make the atv-bootloader in a Linux environment so you can install Boxee or XBMC. Make sure you install the HFS/HFS+ tools for your Linux distribution.

  1. Open up the shell and roll up your sleeves
  2. Get the latest from svn <div class="codesnip-container" >
    wyatt@hax0red:~/ svn co http://atvusb-creator.googlecode.com/svn/trunk/atvusb-creator
    </div>
    
  3. Change into the atv-usbcreator directory and launch the creator <div class="codesnip-container" >
    wyatt@hax0red:~/atvusb-creator$ sudo ./atvusb-creator.py
    </div>
    
  4. Plug in a partitioned USB drive and create the patch stick with Boxee/XBMC/whatever (which will do it wrong, but that’s ok!)
  5. Now, write the real image to the device using dd like a good linux user <div class="codesnip-container" >
    wyatt@hax0red:~/atvusb-creator$ dd if=staging/atv_512MB.img of=/dev/sdb
    </div>
    
  6. Once that’s done, pop out the USB drive and plug it back in
  7. You should now be prompted to automount 2 partitions on the drive, the second should be empty
  8. Copy everything from payloads into this mounted directory <div class="codesnip-container" >
    wyatt@hax0red:~/atvusb-creator$ sudo cp -r payloads/patchstick/* /media/PATCHSTICK/.
    </div>
    

Hope it works for you! And if not, give it a few, they’ll have a Windows and Linux version working shortly.

Glad To Help

Wyatt • • Rants and Tips from a Hack

Every now and again, I get the chance to help someone out and I just thought I’d share this one for a couple of reasons. First, I like helping people. Second, it shows that there are solutions to common problems on the Internet that don’t require delving into the illegal and unethical side of things.

I received an email from Raili with the following:

Hi Wyatt

My name’s Raili and I’m in Thunder Bay, Ontario.

A new client of ours has a serious website conflict and I’m looking for advice. Several years ago a fly-by-night web guy bought them a domain, built them a terrible site and then, before even finishing it, left the country for parts unknown: no forwarding address. Since then the client’s bought a new domain and we’ve designed a nice site for them, but despite advertising efforts people are still stumbling across the old website which nobody can alter, take down, redirect or ANYTHING until 2010. We’ve got a massive fundraising effort underway for them and an important event about to be launched and I’m really worried that people are going to go to the old site and be baffled or turned off and we’ll miss our chance to collect their donations.

Client’s real site: [withheld]
Client’s unfixable site: [withheld]

Can you offer advice – we haven’t found anyone locally who can help us.

Warm regards,
Raili

My reply:

Raili,

I pulled the whois information on the unfixable domain and I found the
following:

[– lots of whois information –]

While it seems like a lot of information, it does provide you with some important details. First, you domain registrar is InnerWise Inc. Since your organizational information matches the domain information, you should be able to contact them and tell them you’ve had an administrative change and that Ning Zhang is no longer your administrator and you need to resolve the issue that he has the passwords to this domain. It will take several phone calls and you sending in your information in paper form in more ways that will be pleasent; however, if you are persistent and can provide all the proof that you are your organization, you should be able to regain control of the domain since it has been registered to your organization.

I hope this helps and remember, be persistent. Talk to managers, talk to phone representatives, and re-enforce the fact that you are a non-profit organization and above all, do not give up. This process is painful for your protection (say someone tries to pretend to be you and steal the domain) but it is not impossible.

Good luck,

Wyatt

The success in the response:

Wyatt-
Thanks so much for your help. The WHOIS info got me to the registrar and they were very helpful. (nice tech support folx!) We had things sorted out by the afternoon. If by some weird twist you ever meet [name withheld] please take a few of his teeth out for me and tell him that was from [business name withheld].

I’ve read a couple of the postings on your site and have to tell you how impressed I am by your command and consistent defense of the English language. Hope your business is doing well – you deserve it.

Again – thanks, it was totally unexpected and gratifying to have your help.

Raili

I’m really glad I could help Raili out and actually see it happen for a change. Normally, I never get a response back from the first email. This also points out a few good points to keep in mind from a business / web-perspective.

  1. If you’re a business owner, make sure your domain names are registered in your business’s name. Raili was able to get the domain information changed because he could provide business charter information and validate ownership of the business
  2. Make sure you buy the all domain names (.org, .net, .com) when you start :-)
  3. Persistence pays off

Power Goes Down, HTG Stays Up

Wyatt • • Rants

Well, this has been the first disaster / power outage HTG has weathered since we’ve moved to Profitability.net and I have to say I’m stunned. More than 600,000 people are currently without power all over the tri-county area thanks to Hurricane Ike … but HTG has had zero down time.

Kudos Profitability.net, you guys rock.

Too Good To Be True

Wyatt • • Rants and Tips from a Hack

Some would think this is success, but I like to check again just to make sure ...

That’s It

Wyatt • • Evil and Rants

I’m really, really tired one of our ex-customers. I have allowed to this charade continue on long enough by allowing myself to be over-ruled in decisions on how to handle this situation we have gotten ourselves into. Basically, we have taken the approach that we can be successful in business by being appeasing people. While I’m not opposed to being nice to customers or people, I refuse to yield to threats or attempts to exploit work. That being said, this is the email I considered sending back to Paul, who has been attempting to steal services over the past two years from my team under the guise that he would “sue us for not signing another contract to work with him.”

Do you guys still have that front website design you created when we first began? I finally found someone from china that understands the program.

No. We don’t have it. We didn’t have it the last time you asked either. Read your damned emails for once in you life. If that’s too hard, get your kid to read them to you. You seem to write emails at the level of a 4th grader, maybe a 4th grader could make you understand it. As mentioned the last time, the “front website design” was not part of the initial contract. The site was also specifically written to interface with our billing API. Being as you probably won’t read anything unless it’s in giant AOL-asshole letters, let see if you can read:

NO, WE DON’T HAVE IT! IF WE DID HAVE IT, I WOULDN’T GIVE IT TO YOU! AND THEN, EVEN IF I DID GIVE IT TO YOU, IT WOULD BE IN THE FORM OF ME PLACING IT IN YOUR JAIL CELL AFTER THE COPS ARRESTED YOU!!!

One question I had is the software program you used to upload the pictures will not do any other application ex. (Word,excel,pdf’s). Do you know were you got it at and what would you recommend me to use for that feature.

Yeah, I know where we got it. We wrote from scratch you fucking numb-knuckle. It’s an “image uploader” it’s not going to upload your cluster-fuck of PDF-s that you somehow cobble together into a business unless you have your new Chinese business partner build it in. You’re new Chinese buddy should be able to see that. If he doesn’t see that, he doesn’t understand the program and he’s probably ripping you off. But I hope you’ve already advanced him some cash because I’d love nothing more than to see you go bankrupt again.

Email me again and I swear I’ll call the cops for harassment, the FBI for Internet-cyber-stalking, the IRS for you not paying your taxes you fucking thief, Microsoft for an software-piracy suit against all you for all your stolen software, and the local news station to tell everyone how you screw your clients out of real estate deals and steal stuff from BPO houses.

Hell has a special place reserved for you. It’s going to be the spot where I put my boot up your ass every 5 minutes for all of eternity.

Go rot.

Love to hate, don’t hate to love,

Wyatt

Virus Emails

Wyatt • • Rants

Today, I got an email with a file attached asking me to open it to view some “pictures.” Man … I was so excited. I very rarely get viruses or spyware sent to me these days since the email servers clean most of them out … but I got one!!!

The zip file contained one file, film.src. A careful user would have hopefully just deleted this email, being as they didn’t expect it and it came from an unknown person … take that as a security tidbit for free. The observant, yet careless user, would have opened the email looking for picture and saw a screen saver and wondered what the hell was up. This user opened up the file and tossed it into IDA Pro :-)

I’ll update if I find anything cool :-)

Hsphere 3.1 Update From 3.0 – UPDATED

Wyatt • • Rants

OK, so this went painfully … very painfully. Let me reiterate … I flipping HATE H-Sphere and refused to pay $70+ for a service incident that shouldn’t happen because their crew didn’t do their homework with testing and didn’t provide a “here’s what to do if things go wrong” section.

Followed the instructions here.

Did a cpupdate and received this error:

> Temporary directory = [ /var/hsphere/update/U31.0.18078 ]
> Current directory === [ /root ]
> Extracting …
=================================================================
+ UPDATE TO U31.0 2008-06-28.12:03
=================================================================
/var/hsphere/update/U31.0.18078
+ Executing …
########################################
=================================================================
+ COMMAND=’cpupdate’
=================================================================

__ Update physical boxes.
|
|– Current CP version: 3.0.828
|– Current CP Postgres version: 7.4.19.
|
|– Update of CP box started.
| |– Install local package updater.
| |– Update cp box related software.
| | |– Sat Jun 28 12:03:27 EDT 2008
| | |– Downloading pkglist (64.131.90.141).
| | | |– 100% 88,482 –.–K/s
| | | `– Downloaded pkglist.
| | |– Downloading subpkglist (64.131.90.141).
| | | |– 100% 4,700 –.–K/s
| | | `– Downloaded subpkglist.
| | |
| | |– Identifying required packages.
| | |– OS: CentOS release 4.6 (Final).
| | |– Perl version: 5.8.5.
| | |– CP Postgres version: 7.4.19.
| | |– Downloading hsphere-info-1-14.rpm (64.131.90.141).
| | | |– 100% 93,483 334.84K/s
| | | `– Downloaded hsphere-info-1-14.rpm.
| | |– Installing hsphere-info-1-14 package.
| | | |– Checked system configuration files.
| | | |– Formed ips and interface files.
| | | |– Additional MANPATH entries checked.
| | | |– TimeZone files checked.
| | | |– H-Sphere related cron tasks added.
| | |– Downloading hsphere-utils-1-8.rpm (64.131.90.141).
| | | |– 100% 2,163,621 3.48M/s
| | | `– Downloaded hsphere-utils-1-8.rpm.
| | |– Installing hsphere-utils-1-8 package.
| | | `–Installing hsphere-utils-1-8 package.
| | |
| | |– Check whether logical servers are completely configured.
| | | |– List of identified logical servers: dns, cp.
| | | `– Check whether logical servers are completely configured.
| | |
| | |– Check required system packages.
| | | `– Check required system packages.
| | |
| | |– Check/download pre-install hsphere core package list.
| | | |– Downloading hsphere-sudo-1.6.9p14-1.rpm (64.131.90.141).
| | | | |– 100% 131,287 –.–K/s
| | | | `– Downloaded hsphere-sudo-1.6.9p14-1.rpm.
| | | |– hsphere-script-runner-1-10.rpm with the same md5sum exist.
| | | |– hsphere-oscommerce-2.2ms2-3.rpm with the same md5sum exist.
| | | |– hsphere-phpBB-2.0.22-1.rpm with the same md5sum exist.
| | | |– hsphere-jdk-1.5.0-13.rpm with the same md5sum exist.
| | | |– Downloading hsphere-cpanel-javart-3.1-904.rpm (64.131.90.141).
| | | | |– 100% 24,017,794 2.10M/s ETA 00:00
| | | | `– Downloaded hsphere-cpanel-javart-3.1-904.rpm.
| | | |– Downloading hsphere-jakarta-6.0.14-0.rpm (64.131.90.141).
| | | | |– 100% 4,794,818 4.46M/s
| | | | `– Downloaded hsphere-jakarta-6.0.14-0.rpm.
| | | |– Downloading hsphere-cpanel-apache2-2.2.8-2.rpm (64.131.90.141).
| | | | |– 100% 2,107,508 2.75M/s
| | | | `– Downloaded hsphere-cpanel-apache2-2.2.8-2.rpm.
| | | |– Downloading hsphere-core-3.1-904.rpm (64.131.90.141).
| | | | |– 100% 12,229,070 3.62M/s ETA 00:00
| | | | `– Downloaded hsphere-core-3.1-904.rpm.
| | | |– hsphere-aspell-0.60.3-1.rpm with the same md5sum exist.
| | | |– hsphere-oscommerce-2.2ms2-3.rpm with the same md5sum exist.
| | | |– hsphere-phpBB-2.0.22-1.rpm with the same md5sum exist.
| | | |– postgresql-libs-7.4.19-1.rpm with the same md5sum exist.
| | | |– postgresql-7.4.19-1.rpm with the same md5sum exist.
| | | |– postgresql-server-7.4.19-1.rpm with the same md5sum exist.
| | | |– postgresql-contrib-7.4.19-1.rpm with the same md5sum exist.
| | | |– Downloading hsphere-config-pgsql-1.1-5.rpm (64.131.90.141).
| | | | |– 100% 10,185 –.–K/s
| | | | `– Downloaded hsphere-config-pgsql-1.1-5.rpm.
| | | |– hsphere-sudo-1.6.9p14-1.rpm with the same md5sum exist.
| | | |– hsphere-script-runner-1-10.rpm with the same md5sum exist.
| | | `– Check/download pre-install hsphere core package list.
| | |
| | |– Check presence of the deprecated hsphere packages.
| | | `– Check presence of the deprecated hsphere packages.
| | |
| | |– Deleting deprecated hsphere packages.
| | | |– Deleting hsphere-apache-1.3.37-6 package.
| | | | `– hsphere-apache-1.3.37-6 package deleted.
| | | |– Deleting hsphere-cpanel-apache-1.3.41-1 package.
| | | | `– hsphere-cpanel-apache-1.3.41-1 package deleted.
| | | |– Deleting hsphere-php4-4.4.4-2 package.
| | | | `– hsphere-php4-4.4.4-2 package deleted (nodeps).
| | | |– Deleting hsphere-php4-plugins-4.4.4-2 package.
| | | | `– hsphere-php4-plugins-4.4.4-2 package deleted.
| | | |– Deleting hsphere-php5-5.2.0-1 package.
| | | | `– hsphere-php5-5.2.0-1 package deleted (nodeps).
| | | |– Deleting hsphere-php5-plugins-5.2.0-1 package.
| | | | `– hsphere-php5-plugins-5.2.0-1 package deleted.
| | | `– Deleting deprecated hsphere packages.
| | |
| | |– Check/Installing pre-install hsphere core package list.
| | | |– Deleting hsphere-sudo-1.6.9p6-1 package.
| | | | `– hsphere-sudo-1.6.9p6-1 package deleted (nodeps).
| | | |– Installing hsphere-sudo-1.6.9p14-1 package.
| | | | `–Installing hsphere-sudo-1.6.9p14-1 package.
| | | |– Deleting hsphere-cpanel-javart-3.0-828 package.
| | | | `– hsphere-cpanel-javart-3.0-828 package deleted.
| | | |– Installing hsphere-cpanel-javart-3.1-904 package.
| | | | |– removing redundant jar files
| | | | `–Installing hsphere-cpanel-javart-3.1-904 package.
| | | |– Deleting hsphere-jakarta-5.5.16-0 package.
| | | | `– hsphere-jakarta-5.5.16-0 package deleted (nodeps).
| | | |– Installing hsphere-jakarta-6.0.14-0 package.
| | | | |– Existing cpanel user changed.
| | | | |– *** Conversion has not been done. ***
| | | | `–Installing hsphere-jakarta-6.0.14-0 package.
| | | |– Installing hsphere-cpanel-apache2-2.2.8-2 package.
| | | | |– Temporary certificate assigned self-signed CA Certificate created.
| | | | |– Cpanel apache started.
| | | | `– hsphere-cpanel-apache2-2.2.8-2 package installed.
| | | |– Deleting hsphere-core-3.0-828 package.
| | | | `– hsphere-core-3.0-828 package deleted.
| | | |– Installing hsphere-core-3.1-904 package.
| | | | |– Existing cpanel user changed.
| | | | |– Existing cpanel user changed.
| | | | `–Installing hsphere-core-3.1-904 package.
| | | |– Deleting postgresql-libs-7.4.19-1.el4_6.1 package.
| | | | `– postgresql-libs-7.4.19-1.el4_6.1 package deleted (nodeps).
| | | |– Deleting postgresql-7.4.19-1.el4_6.1 package.
| | | | `– postgresql-7.4.19-1.el4_6.1 package deleted (nodeps).
| | | |– Deleting postgresql-server-7.4.19-1.el4_6.1 package.
| | | | `– postgresql-server-7.4.19-1.el4_6.1 package deleted (nodeps).
| | | |– Deleting postgresql-contrib-7.4.19-1.el4_6.1 package.
| | | | `– postgresql-contrib-7.4.19-1.el4_6.1 package deleted.
| | | |– Deleting hsphere-config-pgsql-1.1-4 package.
| | | | `– hsphere-config-pgsql-1.1-4 package deleted.
| | | |– Installing hsphere-config-pgsql-1.1-5 package.
| | | | |– **** Can not find startup file.
| | | | `– hsphere-config-pgsql-1.1-5 package installed.
| | | |– Deleting hsphere-sudo-1.6.9p6-1 package.
| | | | `– *** hsphere-sudo-1.6.9p6-1 package deletion error! For more details see /hsphere/pkg/updates/U31.0//U31.0/update_28.06.08_12_03.log file (209.173.159.100) ***
| | |
| | |– Sat Jun 28 12:07:21 EDT 2008 (update time: 3 min, 54 sec)
| | `– *** Update cp box related software problems ***.
=================================================================
+ COMMAND=’cpupdate’
=================================================================

__ Update physical boxes.
|
|– Current CP version: 3.1.904
`– *** CP Postgres version: authentication access problem! ***
=================================================================
+ COMMAND=’x’
=================================================================
+ Cleaning …
+ Finished

Well, that didn’t work, so lets just try it again:

=================================================================
+ COMMAND=’cpupdate’
=================================================================

__ Update physical boxes.
|
|– Current CP version: 3.1.904
`– *** CP Postgres version: authentication access problem! ***
=================================================================
+ COMMAND=’x’
=================================================================
+ Cleaning …
+ Finished

Unfortunately, searching the Internet and H-Sphere’s site turned up nothing helpful on the issue except this thread … which didn’t match my situation and didn’t have anything in it except telling me to buy a new support request.

So since I refuse to pay for something I’ve already paid for, here’s the solution to fix it for the rest of you:

rpm -qa |grep postgresql |xargs rpm -e –nodeps
rpm -Uvh /hsphere/pkg/postgresql*19*.rpm
rpm -Uvh –force /hsphere/pkg/hsphere-config-pgsql-1.15.rpm

Then back into the H-Sphere updater:

sh /hsphere/U31.0
cpupdate

And the peasants rejoice … until they try to SSH in. The stupid jaild package that’s provided is busted in so may ways. The easiest solution is to just edit /etc/passwd to a real shell location; however, you’ll give up security to make this happen so I’ll leave the choice to you.

Update 07/12/2008:
Fixed the jaild issue. Apparently, when you do the update, if ANY user is logged in and has an actively running process (yes, I tried it multiple ways) … the jail setup fails oddly and doesn’t allow ANY user to log into the system. The solution? Boot all the users off the box:

/etc/init.d/sshd stop
killall sshd

Reconfig the jaild:

/hsphere/local/config/jail/scripts/config_jail

H-sphere’s attempt here