who needs social life when you have broadband?

This is a proof of concept of a DOS in misconfigured SSH daemons (which is default in some distros), an example is the OpenSSH (any version, any plataform) with no definition of MaxStartups in sshd_config, to read about problem, see my post on:

http://archive.netbsd.se/?ml=secureshell&a=2006-08&t=2257506
or
http://www.derkeiler.com/Mailing-Lists/securityfocus/Secure_Shell/2006-08/msg00030.html

Well, with this DOS, you can block any user to login on remote machine, a big problem for some admins which are isolated from machine =)

To use the PoC:

~# python poc.py –help

Screenshot

Download PoC: SSHD PoC

Requirements: Python 2.3+ / Linux or Windows

Yours,

- Perone

Hello, the screenshot says everything:

MSN Python BOT Download

To install:

~# apt-get install python-msn

~# ./mon.py or python mon.py

Enter your account and enjoy.
The source is a mess, but it’s just a PoC; the idea is to use this bot to show linux alerts.

Yours,

- Perone

Good morning everyone,

I’m releasing the first public version of the Magento/Joomla! integration using JFusion 1.0.5e. This plugin has been designed for work with Joomla! 1.5.2 and Magento 1.0. I hope you can help me testing and improving it.

I’ve set up a testing matrix with some test cases, you can access it through Google Docs and help me fill the “gray” boxes ;P.

To test, use the following instructions:
- Download JFusion 1.0.5e, install, configure and publish everything that should be published. (if you need help, read the docs at http://www.jfusion.org )
- Download my new plugin
- Remove the default Magento plugin (under “Integration Config”: select “magento” and remove)
- Click on “upload” under the “Integration Config” screen to upload the new version of magento.tar.gz, click on “Install” and smile.
- Go back to “Integration config”, edit the new “magento” plugin according to your STORE configuration.
- Test and give some feedback: bigodines #at@ joomla.com.br

please help me fill the test matrix!!

Cheers
-bigodines

This morning I managed to authenticate against magento’s database (using salted and non-salted passwords). So, the testable version of the plugin is ready. I have found a small bug during the re-login (after logout) which I still didn’t find a generic workaround.

People whiling to test, please contact me. (I need TECHNICAL testers that can setup everything and track [eventual] errors without assistance). Just drop a comment or mail me: bigodines #at# joomla.com.br

-bigo

Hello guys!

I have some news for all those wanting Magento 1.0 and Joomla! 1.5.2 integration. I started working on it today.

I manage to hijack the magento session, the only missing part is to automatically identify the authentication method and generate the hash to authenticate against magento’s database (if you missed the new feature: magento now allows SHA1 and MD5). Then I’ll pack a new version of Magento plugin for JFusion so you can use it with our favorite Joomla! extension

Now, the bad news (which aren’t THAT bad). We are rewriting most of JFusion’s framework, and old plugins should stop working. That said, I’m not sure if its worth to create a Magento 1.0 plugin for the current version of JFusion (1.0.5) or if it is best to wait for the next version :). I’m going to talk to Marius tomorrow about this to see when he plans to release the next version of JFusion.

Oh, and I will need people to test in different environments. I hope I can count on you to help me (I will provide a Test-Matrix so we avoid redundant testing :P).

Gotta take some rest now. Stay tunned (I recommend you to subscribe to the RSS as I haven’t been able to update this blog very often lately…).

-bigo

Yay! Have you seen the announcement at Joomla.org about Google Summer of Code? Well, as I cannot participate as a student (not a student anymore ) I think I will help as a mentor. If you have a nice idea for a killer feature in Joomla!, want to earn some money (US$ 4.500,00 to be precise) and would like to be involved in a great open source project, this is your chance!

Tell us about your project and let’s have some fun

I’m very happy with opensource lately. I’m enjoying the feedback received with BigoCaptcha and I discovered that hacking JFusion is fun!

Marius has just released a new version of JFusion which adds two new [and exciting] features: user synchronization between external apps and joomla and a plugin installation (by bigo :P) whichi will allow people to install new plugins without need to hack the code. I hope this helps JFusion to gain even more popularity among devs.

I’m glad Marius decided to add my Magento plugin in the default package (although I know it probably won’t work with the latest version of magento).

Now, while I wait for my UK visa, I’ll work on a new Magento plugin for JFusion and help Marius and the other devs hunting some bugs before JFusion goes stable

hello guys!

this morning I’ve uploaded the first preview version of my personal site. This is something I did just to play with ZendFramework, YUI and jQuery togheter (it’s slow and buggy, but I like it and I hope you like my idea as well).

Check http://www.bigodines.com/zf/ (I haven’t tested with IE yet…). And try to navigate inside the directories and explore some commands. There are only two files availble, both are inside “projects/zf/” and are just a PoC to show it works.

I’m working on a better admin area now and then I’ll add content e more commands (and webservice access).

comments are always welcome!

-bigo

Here's a short text explaining how to get Magento and Joomla! user integration using a plugin I wrote for JFusion.

UPDATE 2: There is a brand new version of this plugin (much simplier and should work with magento 1.0), please fallow the development process here and help me testing!! FEEDBACK IS APPRECIATED!

UPDATE: Magento plugin is, now, packed with JFusion versions higher than 1.0.5. You just need to install JFusion and enable Magento plugin. Cheers

Before we start:
This is not a user synchronization method. It validades all users (except backend users) against your Magento database. That's how JFusion 1.0.4 works so if you want user synchronization between Joomla! and Magento you'll have to wait for next releases of JFusion (we are working on this feature!).

What you will need:
- Joomla! 1.5.0+ installed and configured (1.5.1 strongly recommended)
- JFusion 1.0.4 installed and configured! (jfusion has plenty of documentation on how to get it working. please use it!)
- Magento eCommerce 0.7.1548 installed and configured (I can't say if this works with the latest version!! I promise I will release an up to date plugin as soon as Magento 1.0 stable goes public)
- My Magento Plugin for JFusion! (yay!)
- cURL extension for PHP (check your phpinfo(); if its not enabled, I'm almost sure there is a php5-curl package for your favorite linux distro, or a commented dll in your php.ini)

Once Joomla!, JFusion and Magento are running smoothly, extract my plugin (magento.tar.gz) inside JFusion's admin folder (yousite/administrator/components/com_jfusion/). This will create a yousite/administrator/components/com_jfusion/magento/ folder with two files in it: admin_forum.php and jfusion.xml

Missing information (thanks unleash.it):

add the new files to the com_jfusion.xml:

PLAIN TEXT

HTML:

1. <filename>magento/admin_forum.php</filename>
2. <filename>magento/jfusion.xml</filename>

Then manually add a new row for Magento in the jfusion table of the Joomla DB. You can do this simply copying one of the existing (forum) rows and change the name to "magento".

Now login in your joomla backend (using the "admin" username), go to components -> jfusion and configure your "magento" plugin.. that's it.

you should be able to login in joomla with your Magento users (the username is a e-mail address) and link to your magento site without need to restart the session

Warning:
This is a pre-alpha public release (magento plugin hasn't been released with jfusion yet). Use for testing purposes only and let me know if it worked as expected

Submit your comments here, here or by mail: bigodines ~@ ~ joomla.com.br

Hello,

I forgot to blog about this here (posted only in my portuguese blog :/) but I've been working in a Magento+Joomla! integration using JFusion. I'm coding this in my free time, as a hobby. This morning I've managed to get login working and I would love if some of you could help me testing before releasing anything to public.

As this a pre-alpha version, there won't be a "one-click install" or anything. So, I expect that experience programmers could help me test and improve this plugin. Credits will be given, of course.

If you are interested in help, drop me a line: bigodines ~at~ joomla.com.br