Skip to content

APT: KEYERROR: GRAFANA: W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://packagecloud.io jessie InRelease: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 285D5812F5A66BFE

This is normal because of the migrated repo URLs.. so and the keys wouldn’t work…
The Packagecloud.io grapfana repo is moved to packages.grafana.com from 01.05.2019 !!! OFFICIALLY !

deb https://packages.grafana.com/oss/deb stable main
Advertisements

APT: W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: …… jessie InRelease: The following signatures were invalid: KEYEXPIRED ….. KEYEXPIRED 1550….32 KEYEXPIRED 15……832

apt error message when try to apt update mysql repo:

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://repo.mysql.com jessie InRelease: The following signatures were invalid: KEYEXPIRED 1550412832 KEYEXPIRED 1550412832 KEYEXPIRED 1550412832

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://packagecloud.io jessie InRelease: Clearsigned file isn’t valid, got ‘NODATA’ (does the network require authentication?)

W: Failed to fetch https://packagecloud.io/grafana/testing/debian/dists/jessie/InRelease
W: Failed to fetch http://repo.mysql.com/apt/debian/dists/jessie/InRelease

 

The you have to:

The one-liner that fixes this is the following:

sudo apt-key adv --recv-keys --keyserver ha.pool.sks-keyservers.net 5072E1F5

Which basically fetches the new key and installs it into the keyring.

A bit more detail:
You can find the expired key by executing the following command:

LANG=C apt-key list | grep expired

Which outputs something like this: pub 1024D/5072E1F5 2003-02-03 [expired: 2019-02-17] 5072E1F5 is the key ID, which we used in the command above.

 

Originally found in serverfault discussion here:

https://serverfault.com/questions/955299/mysql-repository-key-expired

QUICK FFMPEG: convert .m4a files to .mp3 with metadata!

Used tools: ffmpeg, libid3-tools

### convert m4a audio files to mp3 with id3 v2 metadata only!
find . -type f -iname '*.m4a' -exec ffmpeg -i {} -n -vsync 2 -map_metadata 0 -id3v2_version 3 {}.mp3 \;
### copy id3v2 metadata to id3v1 metadata id3 fields!!! For radio streaming only id3v1 metadata us used!
find . -type f -iname '*.m4a.mp3' -exec id3convert -1 {} \;

That’s all.

Quick FFMPEG CheatSheet: Uno Lainero generate slideshow-like mp4 from images with fade-in/out

c=0; gigaram_id=11103 ; wget -q “https://gigaram.bg/index.php?route=product/product&product_id=$gigaram_id” -O-|grep ‘cache/catalog/products’|grep 1000×1000|sed ‘s/^.*data-zoom-image=”//g’|grep ^http|sed ‘s/”.*$//g’ |sort|uniq |while read line; do let c=$c+1 ;wget “$line” -O /tmp/$gigaram_id-$c.jpg;done ; pics=`ls /tmp/$gigaram_id-*.jpg|wc -l`;pic_id=1; while [ $pic_id -le $pics ]; do cp /tmp/$gigaram_id-$pic_id.jpg /tmp/$gigaram_id-100.jpg;ffmpeg -r 1/5 -pattern_type glob -i “/tmp/$gigaram_id-{$pic_id,100}.jpg” -c:v libx264 -r 30 -y -pix_fmt yuv420p $gigaram_id-$pic_id.mp4; ffmpeg -i $gigaram_id-$pic_id.mp4 -y -vf fade=in:0:30 $gigaram_id-$pic_id-fade_in.mp4; ffmpeg -i $gigaram_id-$pic_id-fade_in.mp4 -y -vf fade=out:120:30 $gigaram_id-$pic_id-out.mp4;let pic_id=$pic_id+1;done; echo ” > $gigaram_id-list.txt;for a in $gigaram_id-*-out.mp4; do echo “file $a” >> $gigaram_id-list.txt; done; ffmpeg -f concat -i $gigaram_id-list.txt -y -c copy $gigaram_id.mp4; rm -f $gigaram_id-*.mp4; rm -f /tmp/$gigaram_id-*.jpg; rm -f $gigaram_id-list.txt

 

и понеже съм пиян, та ви го показвам как…:)))))

MiniHOWTO Fix Windows Server 2016 unlicensed self-shutdown every hour

Windows Server just self-shutdowns when all trial periods expired.
You can power it on without any problem but it will shutdowns again after 1 hour.
So , there is a workaround not-a-soution you can make: extend 180 days trial period for 6 times per bare-metal installation + 3 times rearm.. not sure exactly how much days this will works. 🙂

PowerShell Commands to check and extend your trial and rearm:

slmgr -dli  # Check License State – use for after-fix confirmation
slmgr -dli          # Can be done 6 times at all per hardware installation
slmgr -rearm    # reloads 180 days license .. but I dont know yet what’s happen next 🙂

That’s all.

Then, after something about 3 to 9 years you will be forced to pay your license if you want your windows server up again :)…

but remember: REMOTE-ADMINS can help you and your server! Contact us:

HACKED: find evil code in php files , find StealRat, find hacked php files

Finding StealRat or any other file self-injecting CMS rat:

Step 1: find+grep

Finding Stealrat can be as simple as running the following command on UNIX-like systems:

   find . -print | xargs -d'\n' grep -r 'die(PHP_OS.chr(49).chr(48).chr(43).md5(0987654321'

Other things to try:

   find . -type f -name '*.php' -print | xargs grep -i x29
   find . -type f -name '*.php' -print | xargs grep -E '[0-9a-zA-Z/]{80}'

Both of the above commands find .php files with high-UTF-8 characters or base64 encoding which is usually suspicious.

Here is a perl search script originally provided by abuseat.org: https://www.abuseat.org/findbot.pl , and a mirror link to pelr findbot script on our website can be found here: http://remote-admins.com/scripts/security/findbot.pl

Step 2: lsof+grep

You may see a number of lines, such as (example.com takes the place of your machine’s name):

   lsof -i | grep smtp

The first line, for example, is your sendmail mail software “LISTEN”ing (as userid root) for inbound email connections – this is normal… You may see similar lines with “exim” or “postfix” or “smtpd” or “qmail” instead of sendmail – all depending on what mail server you run – example – the third line is an Exim listener. The important thing that indicates that it’s normal is that the userid is “mail” or “mailman” or something like that – NOT an ordinary user.
 The fourth line is a program called “find”, running under userid “foo” making a connection to an AOL server.
And the fourth line you’re looking for – it tells you the userid of the infected user. In this case it also indicates that the infection is masquerading as the program “find”. There will often be more than one of these.

Step 3: file

“ELF 32-bit and “corrupted section header size” from the example below means that you’ve probably found the right file:

   file sshd
   sshd:  ELF 32-bit LSB executable, Intel 80386, version 1 (FreeBSD), statically
   linked, corrupted section header size

The above test can be used in bulk, using either of the following two commands:

   file /path/to/directory/* | grep 'corrupted section'
   find /path1 /path2 -print | xargs -d'\n' file | grep 'corrupted section'

Be Aware!!!!
If you find such a file, you are 100% hacked and trojaned ( a.k.a. OWNED! ).

 

All Detailed Info for this post  can be found on TrendMicro Blog!
 The Research Paper here: https://www.trendmicro.de/cloud-content/us/pdfs/security-intelligence/white-papers/wp-stealrat.pdf
and the blog Post here: https://blog.trendmicro.com/trendlabs-security-intelligence/how-to-check-if-your-website-is-part-of-the-stealrat-botnet/

REMOTE-ADMINS can help removing Rats or Trojans from your server! To contact us, please use the form below:

Thank you.

 

There is More disinfection Info: Read more…

No Title Post – just found it in drafts.. do not trust this post!

The Problem:

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://repo.mysql.com jessie InRelease: The following signatures were invalid: KEYEXPIRED 1487236823 KEYEXPIRED 1487236823 KEYEXPIRED 1487236823

W: Failed to fetch http://repo.mysql.com/apt/debian/dists/jessie/InRelease

The Solution:

# apt-key adv --keyserver pgp.mit.edu --recv-keys A4A9406876FCBD3C456770C88C718D3B5072E1F5


Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --homedir /tmp/tmp.dIIJX65rZC --no-auto-check-trustdb --trust-model always --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-jessie-stable.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-stretch-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-stretch-security-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-stretch-stable.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-wheezy-stable.gpg --keyserver pgp.mit.edu --recv-keys A4A9406876FCBD3C456770C88C718D3B5072E1F5
gpg: requesting key 5072E1F5 from hkp server pgp.mit.edu
gpg: key 5072E1F5: "MySQL Release Engineering <mysql-build@oss.oracle.com>" 72 new signatures
gpg: Total number processed: 1
gpg: new signatures: 72

 

Thats all.

Original bug at: bugs.mysql.com/bug.php?id=85029