Nasty Site Hack Leads to Phony Google Links
Thar be nasty scripts here!
Came across a dirty (but interesting) website hack today. Essentially when a person googled their domain name they discovered hundreds and hundreds of phony links pointing to a sub-directory of their site. (With various explicitly charming descriptions). Clicking on these links displayed a page full of advertisements.
Had a nose around the sub-directory in question and couldn't find any files corresponding to the links.
Eventually, I found a rogue PHP script (called report.php). Turns out that the .htaccess file in the directory had been modified to redirect any "404 Not Found" errors to the PHP script. Even dirtier still was that when you accessed the script directly in a browser it showed a typical default 404 error, a tactic I guess is there to add confusion when you are trying to find the cause of the hack. Bastards.
Script was base64'd and full of typical randomness meant to slow down those trying to figure out exactly what it's trying to do. As far as I can tell, it just serves up ad pages when it's redirected to and the 404 error page when accessed directly.
The ultimate bastardly thing about this hack is that even after you clean up your site, it'll be ages before the explicit phony links dissappear from Google. Another good reason to avoid 777 permissions of directories and keep your web software updated.
Just wanted to make people aware of it. If you come across something similar have a look in the .htaccess file first. 
***UPDATE***
The following bash one-liner can help find any files that contain a call to the base64_encode() method. Some legitimate files may be included, but this should help narrow down the list of dirty scripts.
$find . -type f | xargs grep -l base64_encode
Also worth checking out the following links for htaccess tips and tricks:
Webcam Motion Detection in Ubuntu Linux
I bought a cheap usb webcam to add to the list of devices for my fyp. The idea is to push presence updates when motion is detected. I'll be using Motion to handle motion detection. Detailed installation and configuration instructions can be found at InfectedProject.
You can set motion to run commands when certain events happen, such as an image is saved or a movie ends. For example, you could add the following to /etc/motion/motion.conf so that you get an email to you're email account when a movie ends.
# Command to be executed when a movie file (.mpg|.avi) is closed. (default: none)
# To give the filename as an argument to a command append it with %f
on_movie_end echo %f | mutt -s "[Motion]" -a %f joe@bloggs.com