Skip to content

Instantly share code, notes, and snippets.

View PhilETaylor's full-sized avatar

Phil E. Taylor PhilETaylor

59 followers · 0 following
View GitHub Profile
@PhilETaylor
PhilETaylor / gist:80cec12f9148c6a2dda9f3c9529261d3
Created September 22, 2019 10:22
[2019-09-22 10:21:14] api-debugger.INFO: >>>>>>>>
POST /wp-content/plugins/mywpguru/bfnetwork/bfAudit.php HTTP/1.1
Content-Length: 1276
Referer: https://myjoomla.com/
User-Agent: myJoomla/2.0 (myJoomla.com)
X-MyJoomla-FAQ: For full details see myJoomla.com or email phil@phil-taylor.com
Content-Type: application/x-www-form-urlencoded
Host: wyspataichi.waw.pl
X-MYJOOMLA-HMAC: fXg+tYMbjw2C0ZH7tuj6lzMh8/s8efUX1dIkzrajl2E=
X-MYJOOMLA-TIME: 1569147553
@PhilETaylor
PhilETaylor / gist:951dbdc1a090138f71c33cb254e3d38f
Created September 22, 2019 10:16
[2019-09-22 10:15:27] api-debugger.INFO: >>>>>>>>
POST /wp-content/plugins/mywpguru/bfnetwork/bfAudit.php HTTP/1.1
Content-Length: 658
Referer: https://myjoomla.com/
User-Agent: myJoomla/2.0 (myJoomla.com)
X-MyJoomla-FAQ: For full details see myJoomla.com or email phil@phil-taylor.com
Content-Type: application/x-www-form-urlencoded
Authorization: Basic amVzdGVtOmN6bG93aWVraWVt
Host: al-halo-echo.pl
X-MYJOOMLA-HMAC: hZ1YO92IsUXfXUbdGqhLxfwY3Gq7XiAQQqqnJEiE9ho=
@PhilETaylor
PhilETaylor / gist:1a0fd253e64f32ea0ef32d5db2822cb7
Created September 22, 2019 10:16
[2019-09-22 10:15:27] api-debugger.INFO: >>>>>>>>
POST /wp-content/plugins/mywpguru/bfnetwork/bfAudit.php HTTP/1.1
Content-Length: 658
Referer: https://myjoomla.com/
User-Agent: myJoomla/2.0 (myJoomla.com)
X-MyJoomla-FAQ: For full details see myJoomla.com or email phil@phil-taylor.com
Content-Type: application/x-www-form-urlencoded
Authorization: Basic amVzdGVtOmN6bG93aWVraWVt
Host: al-halo-echo.pl
X-MYJOOMLA-HMAC: hZ1YO92IsUXfXUbdGqhLxfwY3Gq7XiAQQqqnJEiE9ho=
@PhilETaylor
PhilETaylor / gist:666ffa220ce5cb0620c0973eba24ba17
Created September 22, 2019 10:10
[2019-09-22 10:10:00] api-debugger.INFO: >>>>>>>>
GET /wp-login.php?redirect_to=http%3A%2F%2Fal-halo-echo.pl%2Fwp-admin%2F&reauth=1 HTTP/1.1
Host: al-halo-echo.pl
User-Agent: myJoomla/2.0 (myJoomla.com)
X-MyJoomla-FAQ: For full details see myJoomla.com or email phil@phil-taylor.com
<<<<<<<<
HTTP/1.1 401 Unauthorized
Date: Sun, 22 Sep 2019 10:10:00 GMT
@PhilETaylor
PhilETaylor / gist:8bd8aaefc1bbd763fa2daae33036066f
Created September 9, 2019 17:01
[2019-09-09 17:00:59] api-debugger.INFO: >>>>>>>>
POST /plugins/system/bfnetwork/bfnetwork/bfTools.php HTTP/1.1
Content-Length: 923
Referer: https://mysites.guru/
User-Agent: mySites/3.0 (mySites.guru)
Accept: application/json
X-MyJoomla-FAQ: For full details see mySites.guru or email phil@phil-taylor.com
Content-Type: application/x-www-form-urlencoded
Host: www.apecs.org
X-MYJOOMLA-HMAC: 5picr+I4nWZUlPGd4izSMbVzm9mEhNxWKx5B7QeBzQ0=
@PhilETaylor
PhilETaylor / gist:c8722d79f014c07263162b6f362d0e93
Created July 6, 2019 13:28
34.201.72.165 - - [02/Jul/2019:14:21:30 -0500] "GET /administrator/ HTTP/1.1" 200 2016 "-" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"
34.201.72.165 - - [02/Jul/2019:14:21:30 -0500] "POST /administrator/index.php HTTP/1.1" 303 20 "https://refugecountryclub.com/administrator/" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"
34.201.72.165 - - [02/Jul/2019:14:21:31 -0500] "GET /administrator/index.php HTTP/1.1" 200 6592 "https://refugecountryclub.com/administrator/" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"
34.201.72.165 - - [02/Jul/2019:14:21:33 -0500] "GET /administrator/index.php?option=com_templates HTTP/1.1" 200 8114 "https://refugecountryclub.com/administrator/index.php" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"
34.201.72.165 - - [02/Jul/2019:14:21:34 -0500] "GET /administrator/index.php?option=com_templates&view=template&id=10000++ HTTP/1.1" 200 24129 "https://refugecountryclub.com/administrator/index.php?optio
@PhilETaylor
PhilETaylor / sql.sql
Created June 20, 2019 12:17
myJoomla Speedup SQL
UPDATE bf_files AS NEWTABLE
INNER JOIN (
SELECT
bf_files_last.filewithpath, bf_files_last.suspectcontent, bf_files_last.falsepositive, bf_files_last.encrypted FROM bf_files_last
LEFT JOIN
bf_files ON bf_files_last.filewithpath = bf_files.filewithpath
WHERE
bf_files_last.currenthash = bf_files.currenthash
AND
bf_files_last.filemtime = bf_files.filemtime
@PhilETaylor
PhilETaylor / gist:26e59abfa4a0bd081267ea019795bf04
Created May 25, 2019 11:56
UPDATE bf_files AS NEWTABLE
INNER JOIN (
SELECT
bf_files_last.filewithpath,
bf_files_last.suspectcontent, bf_files_last.falsepositive,
bf_files_last.encrypted FROM bf_files_last
LEFT JOIN
bf_files ON
bf_files_last.filewithpath = bf_files.filewithpath
WHERE
@PhilETaylor
PhilETaylor / gist:e0d106001cd90946111f1c26b2f5049b
Created May 22, 2019 11:16
Delivered-To: phil@phil-taylor.com
Return-Path: <abler54@lxvm3.neteffx.net>
Delivered-To: phil+spam@phil-taylor.com
Received: from director12.mail.ord1d.rsapps.net ([172.30.191.6])
by backend37.mail.ord1d.rsapps.net with LMTP id cIZhDLUq5VzKUwAAXiPxRA
for <phil+spam@phil-taylor.com>; Wed, 22 May 2019 06:55:49 -0400
Received: from proxy13.mail.ord1d.rsapps.net ([172.30.191.6])
by director12.mail.ord1d.rsapps.net with LMTP id ECR0DLUq5VyJPAAAIasKDg
; Wed, 22 May 2019 06:55:49 -0400
Received: from smtp13.gate.ord1d ([172.30.191.6])
@PhilETaylor
PhilETaylor / gist:e60cfb7a07abb49c68fe0be89b90f377
Created May 22, 2019 11:15
Delivered-To: phil@phil-taylor.com
Return-Path: <seasontickets@seasonticketfinance.com>
Delivered-To: phil+spam@phil-taylor.com
Received: from director9.mail.ord1d.rsapps.net ([172.30.191.6])
by backend37.mail.ord1d.rsapps.net with LMTP id ODxyHg0j5Vz+UQAAXiPxRA
for <phil+spam@phil-taylor.com>; Wed, 22 May 2019 06:23:09 -0400
Received: from proxy11.mail.ord1d.rsapps.net ([172.30.191.6])
by director9.mail.ord1d.rsapps.net with LMTP id 4Ft9Hg0j5VxgTwAAalYnBA
; Wed, 22 May 2019 06:23:09 -0400
Received: from smtp14.gate.ord1d ([172.30.191.6])