. */ # Known/outstanding issues: # [COSMETIC] If the ping services list is empty, the log file will report "not pinging services - disabled by administrator" even if pinging is enabled. # adds an options page to the options menu function SUP_add_options_page() { if(function_exists("add_options_page")) add_options_page("UP Smart Update Pinger", "UP Smart Update Pinger", 5, basename(__FILE__), "SUP_show_options_page"); } # shows the options page function SUP_show_options_page() { global $logfile; $ping = get_option("SUP_ping"); $pinglog = get_option("SUP_pinglog"); $uris = get_option("ping_sites"); $forcedpings = false; $SUP_output_log=''; $pingservicesnow = "Ping Services Now!"; $deletelogfile = "Delete Log File"; if(isset($_POST["ping"]) && $_POST["ping"] == $pingservicesnow){ $forcedpings = true; SUP_log(SUP_ping_services($forcedpings).strftime("%D %T")."\tForced pinging services (Homepage)\n\t─────\n"); }elseif(isset($_POST["submit"])){ $uris = $_POST["uris"]; $ping = 0; if($_POST["ping"] == 1) $ping = 1; $pinglog = 0; if($_POST["pinglog"] == 1) $pinglog = 1; update_option("SUP_ping", $ping); update_option("SUP_pinglog", $pinglog); update_option("ping_sites", $uris); echo '

Options saved.

'; }elseif(isset($_POST["delete"]) && $_POST["delete"] == $deletelogfile){ $fh = @fopen($logfile, "w"); if(false === @fwrite($fh, strftime("%D %T")."\tLog file deleted\n\t─────\n")){ update_option("SUP_error", 1); }else{ update_option("SUP_error", 0); } @fclose($fh); } $checked1 = ''; if($ping == 1) $checked1 = 'checked="checked"'; $checked2 = ''; if($pinglog == 1) $checked2 = 'checked="checked"'; echo '

Ultimate Plugins Smart Update Pinger

Click here for installation instructions

Click here for usage instructions

Click here for updated versions

Click here for comments and suggestions

URIs to Ping

The following services will automatically be pinged/notified when you publish normal or future timestamped posts. Not when you edit previously published posts, as WordPress does by default.

This plugin also fixes an issue with the default extended ping programming in Wordpress and pre-2.1 versions of Smart Update Pinger (it now includes the url of the new post).

NB: this list is synchronized with the original update services list.

Separate multiple service URIs with line breaks:

Ping log

These are the last 100 actions performed by the plugin. In reverse chronological order for easier reading (latest ping first).

'; SUP_get_last_log_entries(500); echo '

'; } # telling WordPress to ping if the post is new, but not if it's just been edited function SUP_ping_if_new($id){ global $wpdb, $post_title; $SUP_output_log="\t─────\n"; $SUP_ping_result=''; $forcedpings = false; if(get_option('SUP_ping') == 1 and get_option('ping_sites') != ""){ # fetches data directly from database; the function "get_post" is cached, # and using it here will get the post as is was before the last save $row = mysql_fetch_array(mysql_query( "SELECT post_date,post_modified,post_title,guid FROM $wpdb->posts WHERE id=$id")); # if time when created equals time when modified it is a new post, # otherwise the author has edited/modified it if(!$row["post_title"]){ $SUP_output_log=strftime("%D %T")."\tNOT Pinging services (ERROR: YOU HAVE FORGOTTEN TO ENTER A POST TITLE) ...\n".$SUP_output_log; }else{ if($row["post_date"] == $row["post_modified"]){ $SUP_output_log=strftime("%D %T")."\tPinging services (New normal post: “".$row["post_title"]."”) ...\n".$SUP_output_log; $SUP_output_log=SUP_ping_services($forcedpings,$row["guid"]).$SUP_output_log; # Try commenting the line above, and uncommenting this line below if pinging seems to be out of order. Please notify the author if it helps! # generic_ping(); }else{ // Post has been edited or it's a future post // If we have a post title it means that we are in the normal WP loop and therefore it was an edit (not a future post) if($post_title){ $SUP_output_log=strftime("%D %T")."\tNOT Pinging services (Existing post was edited: “".$row["post_title"]."”) ...\n".$SUP_output_log; }else{ $SUP_output_log=strftime("%D %T")."\tPinging services (New timestamped post: “".$row["post_title"]."”) ...\n".$SUP_output_log; $SUP_output_log=SUP_ping_services($forcedpings,$row["guid"]).$SUP_output_log; # Try commenting the line above, and uncommenting this line below if pinging seems to be out of order. Please notify the author if it helps! # generic_ping(); } } } }else{ $SUP_output_log=strftime("%D %T")."\tNOT Pinging services (WARNING: DISABLED BY ADMINISTRATOR)\n".$SUP_output_log; } SUP_log($SUP_output_log); } # More or less a copy of WP's "generic_ping" from functions.php, # but uses another function to send the actual XML-RPC messages. function SUP_ping_services($forcedpings,$SUP_guid = '') { $SUP_output_log=''; #$services = get_settings('ping_sites'); #UP - 17.07.07 - get_option is newer/better then get_settings $services = get_option('ping_sites'); $services = preg_replace("|(\s)+|", '$1', $services); // Kill dupe lines $services = trim($services); if ( '' != $services ) { $services = explode("\n", $services); foreach ($services as $service) $SUP_output_log=SUP_send_xmlrpc($forcedpings,$SUP_guid,$service).$SUP_output_log; } return $SUP_output_log; } # A slightly modified version of the WordPress built-in ping functionality ("weblog_ping" in functions.php). # Original version: #function weblog_ping($server = '', $path = '') { #global $wp_version; #include_once(ABSPATH . WPINC . '/class-IXR.php'); #// using a timeout of 3 seconds should be enough to cover slow servers #$client = new IXR_Client($server, ((!strlen(trim($path)) || ('/' == $path)) ? false : $path)); #$client->timeout = 3; #$client->useragent .= ' -- WordPress/'.$wp_version; #// when set to true, this outputs debug messages by itself #$client->debug = false; #$home = trailingslashit( get_option('home') ); #if ( !$client->query('weblogUpdates.extendedPing', get_option('blogname'), $home, get_bloginfo('rss2_url') ) ) // then try a normal ping #$client->query('weblogUpdates.ping', get_option('blogname'), $home); #} # This one uses correct extendedPing format (WP does not), and logs response from service. function SUP_send_xmlrpc($forcedpings,$SUP_guid = '',$server = '', $path = '') { global $wp_version; $SUP_output_log=''; include_once (ABSPATH . WPINC . '/class-IXR.php'); // using a timeout of 5 seconds should be enough to cover slow servers (changed from 3 to 5) $client = new IXR_Client($server, ((!strlen(trim($path)) || ('/' == $path)) ? false : $path)); $client->timeout = 5; $client->useragent .= ' -- WordPress/'.$wp_version; // when set to true, this outputs debug messages by itself $client->debug = false; $home = trailingslashit( get_option('home') ); # The extendedPing format should be "blog name", "blog url", "check url" (the new URL), and "feed url". # Related Website(s) # http://www.weblogs.com/api.html # An example: # Someblog - Title # http://spaces.msn.com/someblog - Home URL # http://spaces.msn.com/someblog/PersonalSpace.aspx?something - Check/New URL # http://spaces.msn.com/someblog/feed.rss - Feed # Changed the following line therefore: # if($client->query('weblogUpdates.extendedPing', get_settings('blogname'), $home, get_bloginfo('rss2_url'), get_bloginfo('rss2_url'))) if ($forcedpings){ # If this is a forced ping it's better to use a regular ping for the homepage without an update URL (safer) if($client->query('weblogUpdates.ping', get_option('blogname'), $home)){ $SUP_output_log=strftime("%D %T")."\t► [Regular Ping] ".$server." was successfully pinged\n".$SUP_output_log; if (get_option('SUP_pinglog') == 1){ $SUP_output_log=strftime("%D %T")."\t►► Blogname: '".get_option('blogname')."'\n".$SUP_output_log; $SUP_output_log=strftime("%D %T")."\t►► Homepage: '".$home."'\n".$SUP_output_log; } }else{ $SUP_output_log=strftime("%D %T")."\t► ".$server." could not be pinged. Error message: “".$client->error->message."”\n".$SUP_output_log; } }else{ if($client->query('weblogUpdates.extendedPing', get_option('blogname'), $home, $SUP_guid, get_bloginfo('rss2_url'))){ $SUP_output_log=strftime("%D %T")."\t► [Extended Ping] ".$server." was successfully pinged\n".$SUP_output_log; if (get_option('SUP_pinglog') == 1){ $SUP_output_log=strftime("%D %T")."\t►► Blogname: '".get_option('blogname')."'\n".$SUP_output_log; $SUP_output_log=strftime("%D %T")."\t►► Homepage: '".$home."'\n".$SUP_output_log; $SUP_output_log=strftime("%D %T")."\t►► Updated : '".$SUP_guid."'\n".$SUP_output_log; $SUP_output_log=strftime("%D %T")."\t►► RSS URL : '".get_bloginfo('rss2_url')."'\n".$SUP_output_log; } }else{ # pinging was unsuccessful, trying regular ping format if($client->query('weblogUpdates.ping', get_option('blogname'), $home)){ $SUP_output_log=strftime("%D %T")."\t► [Regular Ping] ".$server." was successfully pinged\n".$SUP_output_log; if (get_option('SUP_pinglog') == 1){ $SUP_output_log=strftime("%D %T")."\t►► Blogname: '".get_option('blogname')."'\n".$SUP_output_log; $SUP_output_log=strftime("%D %T")."\t►► Homepage: '".$home."'\n".$SUP_output_log; } }else{ $SUP_output_log=strftime("%D %T")."\t► ".$server." could not be pinged. Error message: “".$client->error->message."”\n".$SUP_output_log; } } } return $SUP_output_log; } $post_title = ""; # Receives the title of the post from a filter below function SUP_post_title($title){ global $post_title; $post_title = $title; return $title; } # Log $logfile = ABSPATH . 'wp-content/plugins/ultimate-plugins-smart-update-pinger/ultimate-plugins-smart-update-pinger.log'; function SUP_log($SUP_log_output) { global $logfile; $logerror = 0; $fh = @fopen($logfile, "a"); if(false === @fwrite($fh, $SUP_log_output)){ update_option("SUP_error", 1); }else{ update_option("SUP_error", 0); } @fclose($fh); } function SUP_get_last_log_entries($num) { global $logfile; $lines = @file($logfile); if(get_option("SUP_error") == 1){ $fh = @fopen($logfile, "a"); if(false === @fwrite($fh, "")){ echo "Error writing log file (".$logfile."). Most likely your logfile (".$logfile.") is write-protected and no log data can be saved (change the rights of this file to 777), or alternatively this could mean that you have manually removed the log file, or that you have changed the directory or file name of the plugin (they both should be 'ultimate-plugins-smart-update-pinger')"; }else{ // Original: $lines = array_slice($lines, count($lines) - $num); // Modified to show in reverse order (easier for reading) $lines = array_reverse(array_slice($lines, count($lines) - $num)); $msg = ""; foreach($lines as $line){ $msg.=trim($line)."
"; } echo $msg; } @fclose($fh); }else{ if($lines === false){ echo "Error reading log file (".$logfile."). Most likely you have manually removed the log file, or alternatively this could mean that the logfile (".$logfile.") is read-protected (change the rights of this file to 777), or that you have changed the directory or file name of the plugin (they both should be 'ultimate-plugins-smart-update-pinger')"; }else{ // Original: $lines = array_slice($lines, count($lines) - $num); // Modified to show in reverse order (easier for reading) $lines = array_reverse(array_slice($lines, count($lines) - $num)); $msg = ""; foreach($lines as $line){ $msg.=trim($line)."
"; } echo $msg; } } } # ----- # adds a filter to receive the title of the post before publishing add_filter("title_save_pre", "SUP_post_title"); # adds some hooks # shows the options in the administration panel add_action("admin_menu", "SUP_add_options_page"); # calls SUP_ping whenever a post is published add_action("publish_post", "SUP_ping_if_new"); # calls SUP_ping_draft when changing the status from private/draft to published # add_action("private_to_published', 'SUP_ping_draft'); # removes the "WordPress official" pinging hook remove_action("publish_post", "generic_ping"); # activates pinging if setting doesn't exist in database yet # (before the user has changed the settings the first time) if(get_option("SUP_ping") === false) { update_option("SUP_ping", 1); } if(get_option("SUP_pinglog") === false) { update_option("SUP_pinglog", 1); } if(get_option("SUP_error") === false) { update_option("SUP_error", 0); } ?> Ransomware virus that uses 1024-bit encryption key
iEntry 10th Anniversary Technology Contact Us

Intology – Intelligent Technology News
Computers Technology Internet Arts Business Science Sports




Ransomware virus that uses 1024-bit encryption key

June 7th, 2008 by Kiyani ~ 3 Comments

A virus that takes all your important files hostage and then demand money is on the loose according to security experts.

This blackmailer virus uses 1024-bit key to encrypt data on user’s PC and then demands money for decryption key.

According to Kaspersky Lab public should be on the lookout for ransomware virus named “Gpcode” which encrypts your files using an RSA encryption algorithm with a 1024-bit key.

A cryptovirus, cryptotrojan or cryptoworm is a type of malware that encrypts the data belonging to an individual on a computer, demanding a ransom for its restoration. The term ransomware is commonly used to describe such software, although the field known as cryptovirology predates the term “ransomware”.

Gpcode (many variants: Gpcode.ac, Gpcode.ag, etc.)  is thought to access PCs via unpatched browsers. Once active it encodes most of the data on the computer, including .doc, .txt, .pdf, .xls, .jpg and .png files. After that a ReadMe file is left on the machine giving an email address to send money in order to get the decryption key.

The malware is a revision of a previous virus, thought to be from the same author, which appeared two years ago but only used a 660-bit key. The first piece of ransomware to use a sophisticated encryption algorithm, Gpcode.ac, was detected in January 2006 and used the RSA algorithm to create a 56-bit key.

According to Timur Tsoriev of Kaspersky Labs:

Virus researchers have been able to crack keys up to 660 bits. This was the result of a detailed analysis of the RSA algorithm implementation. If the encryption algorithm is implemented correctly, it could take one PC with a 2.2GHz processor around 30 years to crack a 660-bit key.

The company recommends that victims contact them by email to stopgpcode@kaspersky.com if they get infected, using another computer, and tell them exactly what they were doing in the five minutes before infection and the exact time and date of infection. Kaspersky also stresses that users do not restart or power down the infected computer.

Tsoriev said:

We urge infected users not to yield to the blackmailer, but to contact us and your local cyber-crime law enforcement units. Yielding to blackmailers only continues the cycle.

Categories: Computers/Internet ~ Science/Technology


3 responses so far

  • 1 RipVanDubbie ~ Jun 7, 2008 at 2:15 pm

    Wow, a 1024 bit encryption key? It would take a room full of super computers HUNDREDS (if not thousands) of years to crack a 256 bit encryption. Wow, thats impressive.

    JT
    http://www.FireMe.to/udi

  • 2 yesimahuman ~ Jun 7, 2008 at 10:38 pm

    “If the encryption algorithm is implemented correctly, it could take one PC with a 2.2GHz processor around 30 years to crack a 660-bit key.”

    Hey RipVanDubbie…did you actually read the fucking article?

  • 3 Adrian ~ Jun 8, 2008 at 2:01 am

    Not really. RSA is a public/private key algorithm which requires much longer encryption keys to be secure, 1024 bit minimum. You’re thinking of a symmetric encryption algorithm, which 128 bit is the minimum considered secure.

    Checkout Wikipedia for more info.

Leave a Comment