Wisetechie Blog : Ctrl your Tech Life

If you want to forward all your emails from your Rediffmail account to any other email account, simply follow the steps below:

1. Go to the classic version of your Rediffmail account. This is important else you will get an error “You have not specified any email address to which you would like your emails forwarded “ You can do this from the new version by clicking "Back to Classic" on the top right corner of the webpage.
2. The browser location will look like http://f1mail.rediff.com/prism/maillist". Replace maillist with forwardyourmails?action=forwardmails&email=YOUR_EMAIL_ADDRESS&leavecopy=1
3. Enter the email ID that you want to forward your Rediffmail email to and you are done!

I am a part time moderator/web administrator on our unofficial college website. Last year our website had been hacked and some malicious script had been placed on it which was causing redirection of some Google referred traffic. It would not resend all Google referred traffic though, it even placed its own cookie in the malicious script to ensure that people are not sent to the offending site every time but only once every 86400 seconds.

For days I searched the internet desperately to find out if it was a known thing, most sites suggested it was a .htaccess attack, but I had already suspected that and our .htaccess file was squeaky clean. Just to be sure I also checked all the .htaccess files above and below out root level and they were clean. So I was sure it was a script. If your site is hacked via the .htaccess method, there would be entries like :

RewriteEngine On
RewriteCond %{HTTP_REFERER} .*google.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*aol.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*msn.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*altavista.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*ask.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*yahoo.*$ [NC]
RewriteRule .* http://newaddress [R,L]

After the .htaccess files were found clean, I tried some workarounds to prevent the redirection, like setting server referrer variable to null and trying to make all URLs 301 redirects but that didn’t work since the script was still able to detect the referrer as Google and redirect the website to tinyurl4.info which probably paid them a lot to get this done. It would be sent to random addresses on the tinyurl4.info site. Since the site may be hosting malware, I would request you not to go there. So this method of cloaking the referrer at my side clearly wasn’t working.

Next I created a zip file from the offending folder of the site and downloaded the whole thing using my 3G connection photon+ connection (wanted to finish it off ASAP). Once the folder was downloaded, I ran a McAfee scan of the whole thing hoping that the anti virus would be able to detect the offending code as it would be obfuscated. But I was wrong McAfee was terribly incompetent. So it was plan B , I started searching for strings like .js and tinyurl4.info to try and find the redirecting code. Windows search wasn’t very helpful here and couldn’t even find base64 which was one of the strings I searched for and was a part of the offending code.

So now it was plan C , this one worked. I listed all files in the site which had been modified within the past one year. Here is where I was able to find the culprit. One PHP file global_lang.php  had been edited in 2009 while all its peers were not listed. I grew suspicious and opened the file. To my shock, horror and relief I found the following piece of code :

which when translated turned out to be malicious code. I am not displaying the malicious code here should you get any ideas. What it was doing was checking if the person was referred by Google, Yahoo etc. and if that was true and there existed no cookie it would redirect that person after setting a cookie. The cookie ensured that once a person was redirected to the fake site, he wouldn’t be redirected for some time.

I have listed these steps here so that webmasters might be able to get a hint of how to recover from this particular type of  injection on their sites. Ofcourse, always take backups, backups ensure you can just dump them on and the malicious code is removed.

Future Proofing

There is probably no way to protect yourself from the super hackers , however you can always take precautions. First and foremost, always take backups and multiple backups. you should ideally have 12 backups from the past 12 months.

Apart from backups, ensure that the permissions on your website are always set correctly. 777 is really the devil .Never grant write permissions to outside users. 755 for folders and 644 for .php files usually works. Incase you suspect hacking, contact your host at the earliest.

Also turn off all directory listing.

Hoping you found this article helpful

A video showing you how to replace/upgrade/remove/add RAM to your DELL Inspiron Laptop. The laptop in the video is the DELL Inspiron 1525 in which i am replacing the original Kingston RAM with Crucial high performance RAM memory. If you too are looking to replace your RAM, please look at the video carefully :

I pity all of you who dont know about GPS and Geotagging photos. I have been hooked ever since i discovered it. I use the Locr utility in my windows mobile cellphone (also works in Symbian phones). Your phone must have GPS or you must have a Bluetooth GPS receiver.

That way, the photos you take will be implanted with GPS co-ordinates of the location you took the photos at. Its accurate to about 50 metres or so. See the dot highlighted in the photo above, it should have been in the bottom right building. So it essentially means if someone wants to nuke the NSIT COE block using GPS, he/she will hit the library instead

This way when you share photos, you can share the photos using a map with your friends and family. That way they will be able to see where the photos were taken.

Locr is an amazing software. I first discovered it in my father’s Nokia E71 (review soon). Anyway, i installed it on my Asus P320′s windows mobile, thank god the version worked on my phone also even though it was meant for windows mobile 5 and my phone has windows mobile 6.1.

So it has versions for both windows mobile and symbian, so far so good. So the long and short of it. The software allows you to easily embed the information about the GPS coordinates of the location you took your photo. This info is easily recognised by Flickr and Zooomr. So you can actually see the photos you took on a map (and trust me it looks awesome).

Currently i have taken only photos at my house, so i cant show you the feature for privacy’s sake. So i will show you the photos in locations when i go out. Your phone must have GPS for this feature.

There is really only 1 way to install the Realtek HD Audio drivers properly. No matter what all other forums say. Service Pack 3 is the main culprit as the drivers see that its above SP2 and dont install. I personally face this situation and was really distressed because it looked like either i will have to reinstall Windows Xp or have my new supercool and super monster computer without sound. Imagine having a monster PC with a motherboard with HD Audio and your driver doesnt install.

Both scenarios were something which i would never have approved of. Anyway so i Googled. I got 10s of solutions but most didnt work. Only 1 worked and i will put it here hoping that Google dear will catch it and people who face this problem installing the Realtek HD Audio 0xE000027.

1. First Step is to make sure all instances Realtek Audio and its associative softwares are uninstalled from add remove programs and device manager. This includes Intel High Definition audio.
2. On your PC change the CSDVersion registry key to Windows XP SP2:
   HKLM\SYSTEM\CurrentControlSet\Control\Windows\CSDVersion value=200

This problem arises as the patch thinks that SP3 includes a better version of the patch itself and hence doesn’t install itself.

3. Download the latest drivers from the Intel website, navigate to the KB888111 patch.

4. But before installing the patch, goto your device manager and disable the UAA. Now uninstall the UAA.

5. Install your patch now.

6. Install the Realtek drivers now and things should work.

7. Change the SP version to 300 again.

If it didnt work, try once again. I can enjoy 7.1 channel high definition sound from my Intel Original motherboard now. Realtek HD Audio now works fine. Hopefully Error 0xE000027 is fixed now.

If this helped solve your problem, consider making a small donation($1 even ) via paypal button below towards the maintenance of this website (hosting + domain name). All proceeds will be directly spent on bringing you more such helpful posts.

Disclaimer : Advice on as is basis, this worked for me, may or may not work for you, but it should