Finally got enough time to bring up the blog online again.
Anyway so i put the files up and the database file as well.
And restored them via command line.
You need to edit USERNAME, DATABASE_NAME, USER_PASSWORD, file.sql in the following commands.
Login as root for mysql:
mysql -p
Then enter password then edit and post the following.

CREATE DATABASE DATABASE_NAME;
CREATE USER ‘USERNAME‘@’localhost’ IDENTIFIED BY ‘USER_PASSWORD‘;
GRANT ALL PRIVILEGES ON `DATABASE_NAME`.* TO ‘USERNAME‘@’localhost’ WITH GRANT OPTION;
FLUSH PRIVILEGES;
USE DATABASE_NAME;
SOURCE file.sql;
That will create the database, create the user with password and assign it to the database, then restore the …

My friend Denis Laskov asked if that was possible.
Youtube HTML5 video download without toolbars and extentions? #help
— Denis Laskov (@it4sec) August 22, 2012

After few minutes of trying (and optimizing) i got it working.
Copy and paste that into the URL bar or drag this and use it as a bookmarklet.
javascript:void(str=decodeURIComponent(yt.playerConfig.args.url_encoded_fmt_stream_map));document.write(‘<a href=\”+str.substr(4,str.indexOf(‘quality’)).replace(‘&sig=’,'&signature=’)+’\'>download</a>’);
Tested working in Opera 11 but it should work on all decent browsers.
And OFC on HTML5 youtube not the flash one.
PS: The reason why all youtube downloading services are mostly in java and need to run on your machine is that …

The “URL Cloak & Encrypt” wordpress plugin is vulnerable to cross site scripting.
Vulnerable code:
if(strpos($url,’http://’)===false&&strpos($url,’https://’)===false) $url = base64_decode($url);
POC:
http://{SITE_URL}/wp-content/plugins/url-cloak-encrypt/url.php?id=Ij48c2NyaXB0PmFsZXJ0KCdYU1MnKTwvc2NyaXB0PjwhLS0=
(base64 encoded value of “><script>alert(‘XSS’)</script><!–)
How to fix:
Edit this
echo ‘<meta http-equiv=”refresh” content=”‘.(html_entity_decode($wp_letsfxurl_arr['red'])).’;url=http://j.letsw.com/?’.$url.’”>’;
$aurl = “<a href=\”http://j.letsw.com/?$url\” style=\”text-align:center;\” rel=\”nofollow\”>$url</a><br>”;
To
echo ‘<meta http-equiv=”refresh” content=”‘.(html_entity_decode($wp_letsfxurl_arr['red'])).’;url=http://j.letsw.com/?’.str_replace(‘”‘,”,strip_tags($url)).’”>’;
$aurl = “<a href=\”http://j.letsw.com/?”.str_replace(‘”‘,”,strip_tags($url)).”\” style=\”text-align:center;\” rel=\”nofollow\”>$url</a><br>”;
Advice:
Remove that plugin, it’s not only bad for your SEO but it’s also full of hidden iframes and redirect to the author site (or affiliated with him).
Plus the URL is predictable, doesn’t really “cloak” the url it just obfuscate it which is useless.

Hello people (And bots) i got this game “LIMBO” (and others) via the humble bundle.
You can pay $1 to get the 4 games on steam, and if you pay more than average (~$7.80) you get the extra game “Bastion”, but you shouldn’t be cheap pay more to support indie game developers and charity.
It really widens your imagination everyone should play it (13+ ,i don’t recommend it for 6 yrs olds).
And it works in Mac, Windows, and Linux!
I played it for an hour or so and i LOVE IT!
The game is …

I was thinking about wordpress version enumeration and while the meta generator tag is very explicit but it’s not always showing since some (most?) public/custom themes don’t show that meta tag.
So while playing with wordpress i discovered a way of enumerating the version.
If you request domain.com/wp-login.php you will get this in the HTML response:
<link rel=’stylesheet’ id=’colors-fresh-css’ href=’ $ DOMAIN/wp-admin/css/colors-fresh.css?ver= $VERSION ‘ type=’text/css’ media=’all’ />
(or in older versions)
<link rel=’stylesheet’ id=’login-css’ href=’$DOMAIN/wp-admin/css/login.css?ver=$VERSION’ type=’text/css’ media=’all’ />

Each $VERSION relates to a different wordpress version.

With the help of core.svn.wordpress.org/tags/2.7/wp-includes/script-loader.php
(2.8/wp-includes/script-loader.php.. etc) i made a list

WP-version $colors_version
2.7 …