Skip to content

Instantly share code, notes, and snippets.

🎯
Focusing

Phil Taylor PhilETaylor

🎯
Focusing
Block or report user

Report or block PhilETaylor

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View example_auditrow.json
{
"data":
[
{
"id": 1,
"site_id": 1,
"user_id": 1,
"status": "BLOB",
"scanspeed": "FAST",
"retrycount": null,
View gist:80cec12f9148c6a2dda9f3c9529261d3
[2019-09-22 10:21:14] api-debugger.INFO: >>>>>>>>
POST /wp-content/plugins/mywpguru/bfnetwork/bfAudit.php HTTP/1.1
Content-Length: 1276
Referer: https://myjoomla.com/
User-Agent: myJoomla/2.0 (myJoomla.com)
X-MyJoomla-FAQ: For full details see myJoomla.com or email phil@phil-taylor.com
Content-Type: application/x-www-form-urlencoded
Host: wyspataichi.waw.pl
X-MYJOOMLA-HMAC: fXg+tYMbjw2C0ZH7tuj6lzMh8/s8efUX1dIkzrajl2E=
X-MYJOOMLA-TIME: 1569147553
View gist:951dbdc1a090138f71c33cb254e3d38f
[2019-09-22 10:15:27] api-debugger.INFO: >>>>>>>>
POST /wp-content/plugins/mywpguru/bfnetwork/bfAudit.php HTTP/1.1
Content-Length: 658
Referer: https://myjoomla.com/
User-Agent: myJoomla/2.0 (myJoomla.com)
X-MyJoomla-FAQ: For full details see myJoomla.com or email phil@phil-taylor.com
Content-Type: application/x-www-form-urlencoded
Authorization: Basic amVzdGVtOmN6bG93aWVraWVt
Host: al-halo-echo.pl
X-MYJOOMLA-HMAC: hZ1YO92IsUXfXUbdGqhLxfwY3Gq7XiAQQqqnJEiE9ho=
View gist:1a0fd253e64f32ea0ef32d5db2822cb7
[2019-09-22 10:15:27] api-debugger.INFO: >>>>>>>>
POST /wp-content/plugins/mywpguru/bfnetwork/bfAudit.php HTTP/1.1
Content-Length: 658
Referer: https://myjoomla.com/
User-Agent: myJoomla/2.0 (myJoomla.com)
X-MyJoomla-FAQ: For full details see myJoomla.com or email phil@phil-taylor.com
Content-Type: application/x-www-form-urlencoded
Authorization: Basic amVzdGVtOmN6bG93aWVraWVt
Host: al-halo-echo.pl
X-MYJOOMLA-HMAC: hZ1YO92IsUXfXUbdGqhLxfwY3Gq7XiAQQqqnJEiE9ho=
View gist:666ffa220ce5cb0620c0973eba24ba17
[2019-09-22 10:10:00] api-debugger.INFO: >>>>>>>>
GET /wp-login.php?redirect_to=http%3A%2F%2Fal-halo-echo.pl%2Fwp-admin%2F&reauth=1 HTTP/1.1
Host: al-halo-echo.pl
User-Agent: myJoomla/2.0 (myJoomla.com)
X-MyJoomla-FAQ: For full details see myJoomla.com or email phil@phil-taylor.com
<<<<<<<<
HTTP/1.1 401 Unauthorized
Date: Sun, 22 Sep 2019 10:10:00 GMT
View gist:8bd8aaefc1bbd763fa2daae33036066f
[2019-09-09 17:00:59] api-debugger.INFO: >>>>>>>>
POST /plugins/system/bfnetwork/bfnetwork/bfTools.php HTTP/1.1
Content-Length: 923
Referer: https://mysites.guru/
User-Agent: mySites/3.0 (mySites.guru)
Accept: application/json
X-MyJoomla-FAQ: For full details see mySites.guru or email phil@phil-taylor.com
Content-Type: application/x-www-form-urlencoded
Host: www.apecs.org
X-MYJOOMLA-HMAC: 5picr+I4nWZUlPGd4izSMbVzm9mEhNxWKx5B7QeBzQ0=
View gist:c8722d79f014c07263162b6f362d0e93
34.201.72.165 - - [02/Jul/2019:14:21:30 -0500] "GET /administrator/ HTTP/1.1" 200 2016 "-" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"
34.201.72.165 - - [02/Jul/2019:14:21:30 -0500] "POST /administrator/index.php HTTP/1.1" 303 20 "https://refugecountryclub.com/administrator/" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"
34.201.72.165 - - [02/Jul/2019:14:21:31 -0500] "GET /administrator/index.php HTTP/1.1" 200 6592 "https://refugecountryclub.com/administrator/" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"
34.201.72.165 - - [02/Jul/2019:14:21:33 -0500] "GET /administrator/index.php?option=com_templates HTTP/1.1" 200 8114 "https://refugecountryclub.com/administrator/index.php" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"
34.201.72.165 - - [02/Jul/2019:14:21:34 -0500] "GET /administrator/index.php?option=com_templates&view=template&id=10000++ HTTP/1.1" 200 24129 "https://refugecountryclub.com/administrator/index.php?optio
@PhilETaylor
PhilETaylor / sql.sql
Created Jun 20, 2019
myJoomla Speedup SQL
View sql.sql
UPDATE bf_files AS NEWTABLE
INNER JOIN (
SELECT
bf_files_last.filewithpath, bf_files_last.suspectcontent, bf_files_last.falsepositive, bf_files_last.encrypted FROM bf_files_last
LEFT JOIN
bf_files ON bf_files_last.filewithpath = bf_files.filewithpath
WHERE
bf_files_last.currenthash = bf_files.currenthash
AND
bf_files_last.filemtime = bf_files.filemtime
View gist:26e59abfa4a0bd081267ea019795bf04
UPDATE bf_files AS NEWTABLE
INNER JOIN (
SELECT
bf_files_last.filewithpath,
bf_files_last.suspectcontent, bf_files_last.falsepositive,
bf_files_last.encrypted FROM bf_files_last
LEFT JOIN
bf_files ON
bf_files_last.filewithpath = bf_files.filewithpath
WHERE
View gist:e0d106001cd90946111f1c26b2f5049b
Delivered-To: phil@phil-taylor.com
Return-Path: <abler54@lxvm3.neteffx.net>
Delivered-To: phil+spam@phil-taylor.com
Received: from director12.mail.ord1d.rsapps.net ([172.30.191.6])
by backend37.mail.ord1d.rsapps.net with LMTP id cIZhDLUq5VzKUwAAXiPxRA
for <phil+spam@phil-taylor.com>; Wed, 22 May 2019 06:55:49 -0400
Received: from proxy13.mail.ord1d.rsapps.net ([172.30.191.6])
by director12.mail.ord1d.rsapps.net with LMTP id ECR0DLUq5VyJPAAAIasKDg
; Wed, 22 May 2019 06:55:49 -0400
Received: from smtp13.gate.ord1d ([172.30.191.6])
You can’t perform that action at this time.