Truly. Madly. Completely.

Nuff Said.

Fix the Permission Denied (13) After Domain Moving to Other Users on Dreamhost

Apr 20, 2013 / No Comments / Posted in: Technology

I encountered a small problem after I moved my domain to another user today. The PHP warning as follow:

Warning: session_start() [function.session-start]: open(/tmp/sess_xxx, O_RDWR) failed: Permission denied (13) in /home/xxx/wp-content/themes/xxx/xxx.php on line 16

I googled for a while and couldn’t really find a solution, not even the one on DreamHost Wiki.

Here’s how I manage to have it fixed eventually. Go to your phpMyAdmin or other MySQL tool, search in the database for your old user name. There should be 3 or 5 of them as path. Change them to your newly moved user path. After that, just simple clean your cookie and re-login as admin.

It should work like it was before the moving. Cheers! :)

Make otx work with the new otool shipped with Xcode 4.2+

Apr 19, 2013 / No Comments / Posted in: Technology

otx is a front-end of otool and one of the most wonderful tools ever created for software reverse engineering on Mac OS X.

Unfortunately, Apple made changes to the otool and broke it’s layout. That left us two ways, either downgrade the otool or otx no more.

I tried to contact the original developer of otx but can’t get him in touch, so I decided to push a fixed version on GitHub so everyone can keep using it after upgrading to Xcode 4.

Here’s the link to the repo with precompiled binaries: https://github.com/Cai-/otx.

Enjoy!

DVDPlayback.framework Hack: A Revere Engineering Manipulation

Apr 10, 2013 / No Comments / Posted in: Technology

It’s quite sad that I haven’t seen anyone came out with a good solution for the Mac OS X built-in DVD Player to work with Mac’s internal SuperDrive removed for so many years since the Hackintosh was out. The old method I found on the Internet was by patching the “Internal” string in DVDPlayback.framework to “External”, which makes the device check result reversed. However, this will make the internal SuperDrive useless if you manage to get it back.

Also, beside the DVD discs, the built-in DVD Player supports the DVD Media File (.dvdmedia) playback as well. But as we already know, it won’t let you play it without a proper DVD drive installed, which is absolutely pointless in this case.

So, my aim here is simple, to create a version of DVDPlayback framework that will support any situation – with internal SuperDrive, external 3rd party DVD drives, or even without a DVD drive at all. Continue Reading…

All About UUID

Apr 6, 2013 / No Comments / Posted in: Technology

In case you still have no idea what an UUID is, here’s a link for it’s entry on Wikipedia.

We developers know the value of UUIDs when it comes to data storage or software license management . Here are 3 useful code snippets to show you how to get hardware/system related UUIDs from a Mac with Objective-C. (They may work for iOS too, with minor changes to the snippets.)

- (NSString *)getUUID
{
    CFUUIDRef uuidRef = CFUUIDCreate(kCFAllocatorDefault);
    CFStringRef uuidStringRef = CFUUIDCreateString(kCFAllocatorDefault, uuidRef);
    if (uuidRef) CFRelease(uuidRef);
    return [NSMakeCollectable(uuidStringRef) autorelease];
}

The above code snippet will generate you random 36-digits UUIDs like the Mac hardware UUID in your system profiler. (e.g. BD9C047B-FB6D-2D4E-B661-9BB61487FE34) Continue Reading…

LDAP Bypass: An Example

Apr 3, 2013 / No Comments / Posted in: Technology
更新:看來學校網管有看到這篇了,此方法已失效。

這篇文章是寫給中國醫藥大學的學生看的,請不要轉貼這篇的內容到公開的地方,因為這可能會讓此方法被修正後失效,且此方法並不適用於其他學校。

中國醫藥大學數位學習系統採用 iCan5,而 iCan5 需要透過校園入口網站進行 LDAP(Lightweight Directory Access Protocol,我們常說的單一簽入系統就是) 認證。一旦校園入口網站發生異常,即使 iCan5 的主機處於正常運作中,仍無法進行登入。(依照往年經驗,這種情況通常會在期中、期末考前發生)

下面是透過中國醫藥大學 LDAP 設計缺陷來跳過 iCan5 登入認證的方法以及其原理。

為什麼 iCan5 在登入校園入口網站的情況下不需要另外登入?

登入校園入口網站以後,點選 iCan5 連結時,你的電腦會向學校 LDAP 伺服器要求 iCan 的授權。這個授權每個人都是不同且唯一的一個字串,並且暫時透過 Cookie 保留至登出數位學習系統或關閉瀏覽器為止。所以,一旦關閉了視窗,就必須要重新透過校園入口網站才能再次獲得這個「授權」代碼。當你瀏覽 iCan5 時,iCan5 會去檢查你的 Cookie 中是否有這個授權代碼的欄位,如果有,會把該欄位的內容跟伺服器內的資料庫比對,來確定你是否有權限使用或是現在該顯示為是誰在使用 iCan5。

突破限制:自行「重建」授權

通常,這個授權的值是會隨時間和使用的電腦而變動的,因為那是一個時間和唯一硬體代碼(UUID)的函數來確保安全性。不過很顯然的,如果這個值是固定的話,那我們就有機會在不透過校園入口網站來直接授權 iCan5。 Continue Reading…

← Older Entries