Archive for the ‘Web Design’ Category
GeoTheme.com
Monday, January 16th, 2012
GeoTheme has been under development for about a year and since partnering with an Italian web marketing agency it’s development has progressed more quickly and was officially launched in December 2011.
GeoTheme is what can be called a wordpress Yelp clone . The theme has been developed to create beautiful Geo Portals and Directories just like Yelp or Trip Advisor.
We have added some awesome features to the theme and we are constantly updating and improving it. We have both Iphone and Android app’s under development to make this a complete package.
GeoTheme can be bought for only $85, yes $ dollars, this is because it is the most Internationally used currency and GeoTheme is a global product.
I am very excited about this project and things have started of well for us, you can view the demo here http://demo.geotheme.com/
Here you can also view some example of sites users have made: GeoTheme Showcase
TimThumb Exploit and Fix Package Tim-Scan
Friday, August 12th, 2011This is a HUGE EXPLOIT first discovered at the start of August 2011. This exploit affects timthumb.php up to version 1.33, timthumb is a PHP image resizing script that is used by thousands of websites and is included in alot of wordpress themes. Basically if a hacker finds a vulnerable version of this script on your site they can do almost anything including steal your whole database and deface or delete or spam hijack your site.
The Exploit
This is surprisingly simple, i must admit the after reading about the exploit i decided to see if i could re-create it and started messing with trying to fool the script into thinking my .php file was an image by changing the mime type – that didn’t work, i then tried inserting some PHP code into the end of a small image, i had some success with that but i then realised it is even more simple than that.
The whole reason for the exploit is that the script allows you to use images from a few other sites such as flickr.com and picasa.com, bu the check on these domains is easily fooled, so you could throw together a few sub-domains and have http://flickr.com.thebaddies.com/MyBadFile.php If you then tell timthumb.php to use that as an image it will first copy the file to a /temp/ folder and then throw the error “Unable to open image” the script then tells you the location of the PHP file and you can go execute it. (i’m leaving out a little detail so Jo Blogs can’t do it it his mate Dave’s site)
I run a load of wordpress sites and after having a go at the exploit and realising how easy it was, i wrote a script to check for vulnerable versions and update them and also scan for any nasty code left by any hackers.
If you are interested my script is available here ~> http://code.google.com/p/timthumb-updater/downloads/list
EDIT* i have added a video with basic instructions, as requested…
Jquery Menu Delay
Tuesday, March 30th, 2010
Spent the last few hours integrating a jquery delay onto the portfolio menu on http://www.swinkyphotography.co.uk was taking a while trying to get the menu compatible with IE6 in the end i ended up scraping my custom work and using superfish jquery menu which is compatible with IE6 out of the box, then it was just a cast of styling the menu which wasn’t too bad, thought it would be worse.. Now the when you hover over the portfolio and the mouseout the menu stays for 800 ms, so thanks to http://users.tpg.com.au/j_birch/plugins/superfish/#examples
-
You are currently browsing the archives for the Web Design category.