Watch this :

You need a basic LAMP stack and “mp3info” – should be available in your repo’s.

This is totally open – if anyone wants to help out with development leave a comment or send me a message.

The goal is to stream remote media over the web with an intuitive web interface.

Installation :

apt-get install mp3info

cd /var/www

wget https://downloads.sourceforge.net/project/cimediaplayer/Media.tar.gz?r=https%3A%2F%2Fsourceforge.net%2Fprojects%2Fcimediaplayer%2Ffiles%2F&ts=1282412797&mirror=master

tar -zxvf Media.tar.gz

Add an Apache virtual host.

create a database : mysqladmin -u root -p create media

edit application/config/database.php using your database creds.

That should be about it – I know these instructions are lazy but it is Saturday… Leave comments if you need help.

I have received 6 calls over the past month from readers who are having difficulty provisioning their VoIP hardware (specifically Cisco endpoints) and in most cases was able to help get the devices registered – mind you it was quite a hassle over the phone.  The biggest problem is that for the non-geeks this can be a daunting task and many don’t care to spend the time.

The good news is that we have gathered a team of developers to write a totally web based app for provisioning your endpoints with ease.  To start we will support the devices that we actually have and can test.  Within the week we plan to support the following models :

• Grandstream GXP XXXX & Budgetone Models
• Cisco 79XX series
• Several Aastra models (53i, 9143i, 480i)
• Linksys SPA94X
• Sipura SPA2102 (AKA Linksys PAP2)
• Whatever else can be found or generously donated.

We began development on the frontend which has two modes – wizard (basic) and advanced.  We have also constructed working templates for many models listed above which is probably the most tedious task.  We will offer HTTP and TFTP provisioning totally free! as well as the option to download your entire endpoint configuration to place on your own network (if you so choose).

A word on security :

Any and all data you submit to this application will be passed through an extensive encryption / decryption process and stored in the database – thus no one but you will have access to the private information.  You will actually have the ability to set your own security salt and change it if you suspect foul play (which is very unlikely).  We may also buy a CA for that extra peace of mind.

We will be adding this functionality as a module at ENUMPlus so sign up to catch first glimpse.

Anyone looking to help either with a donation of hardware or Paypal is of course much appreciated.  The more devices we can get our hot little hands on – the more we will be able to support.

Today (June 23rd) at 8:00 PM I will be hosting a 1 1/2 hour DimDim meeting for anyone interested in getting started with CodeIgniter.  I am by no means a CodeIgniter “guru” but  I love sharing knowledge and feel that this could be a beneficial webinar to attend.

Schedule:

Part I – Basic Principles and Standards

Part II – Open Q&A

Once again this is a Basic introduction so there are no stupid questions – looking forward to seeing you there!

I will be accepting 20 participants (first come – first serve).

ENUMPlus has forced me to take a long hard look at DNS and security – with the publicly controlled records and what not – you can imagine what I was up against.  DNS configuration has always been very foggy to me.  Even after reading several books on the subject, I have never really been able to latch on and make it do exactly what I want.

This has all changed now that I have been working under the hood.  Let me take a moment to explain how I went from dreading configuration to not thinking twice.

As always I started with the basics in a safe development environment – Bind9 and vi on a minimal Lenny VM.  I started playing with it locally – setting my desktop resolv.conf to my dev box and modifying one line at a time of example configurations to see what they did and more importantly what they didn’t do.

After about 20 hours of research, probing, testing and … well … smoking – I was ready to start writing the nameserver module for ENUMPlus.  I had a brilliant working model in a few hours – returning NAPTR records and all.  The problem was scalability.  My initial code would curl the web server, writing the NAPTR records to a local file.  I then had a cron job that would cat the SOA, NS, A, MX & CNAME records to a new file – copy the contents of the NAPTR records files created by the web server – then run sed to remove any empty lines and move the file into place (with a reload of course).

It worked like a charm, I mean I was VERY impressed with what I had accomplished, but as always I knew there was a better way.  I started to think how heavy it would be on the host writing out the file, sed, cat, mv blah blah then on top of that reload bind, so I looked for alternative solutions.  After just a few minutes of googling – I ran into PowerDNS, which just happens to support a MySQL backend (the exact same animal running ENUMPlus Web UI).  This was ideal as end users could immediately add their validated records without having to wait for the cron job to advance the SOA serial, write out the new records and reload.  Immediate results are definitely what is going to push ENUMPlus over the top in my opinion.

Anyway we have our hosting in order and are just waiting for DNS to propogate.  We are working on a distributed solution for others to join in the hosting fun (slave boxes for replication and redundancy).  If you own a box and would like to dedicate some cycles – feel free to contact me or come say hi at #pbxinaflash (I live there).

There are tons of giveaways and contests out there that make you jump through hoops filling out way too much information only to receive a million unwanted emails.  I have set my browser homepage to one I really do not like in order to remind myself to fill out the form every day (I will not tell you which one because I want to win!).

A Quick Briefing : cURL is used to send / receive data to and from other computers via command line.  Since I know PHP quite well I decided to install the php-curl module and instantly got an automated spambox, data grabber, post submitter and whatever else one can do with a normal browser – the best part is I only have to set it up once.

I now have a crontab installed to spoof a web server into thinking I am being referred from an affiliate link, in which it then sends my information as well as some hidden values and instantly generates a report (which is emailed to me).  I know this is shady business however the last thing I won was a Nevada pull ticket when I was 8 and I couldn’t claim the winnings – fuck you world LOL.

Here is just a taste of something you can set up yourself – should be quite simple to modify to your needs.


#!/usr/bin/php
$name = "Gregory";
$email = array("email1@gmail.com", "email2@yahoo.com", "email3@slopsbox.com");
$zip_code = "90210";
$url = 'http://the-url-to-post-to.com';
$user_agent = "Mozilla/5.0 (compatible; MSIE 5.01; Windows NT 5.0)";
$referer = 'http://crappy-affiliate-program.com/index.php?affiliate=poor_sucker";
foreach ($email as $mail) {
$params = "name=$name&email=$mail&zip_code=$zip_code&hidden_value1=someValue";
$ch = curl_init();
curl_setopt($ch, CURLOPT_REFERER, $referer);
curl_setopt($ch, CURLOPT_POST,1);
curl_setopt($ch, CURLOPT_POSTFIELDS,$params);
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
$result=curl_exec ($ch);
curl_close ($ch);
}
?>


Really all you have to do is investigate the <form…> on the page you are attempting to post to – examine all text inputs, textareas, checkboxes, radio buttons and hidden values. You should be able to form the POST data string, similar to JSON (key=>value pairs).

As for captcha, just hope your target is either lazy or stupid – most of those things are a pain in the rear end.

Enjoy!