Skip to content

Instantly share code, notes, and snippets.

@chapov
Created August 23, 2014 17:57
Show Gist options
  • Save chapov/c0d6fb5531d18a5d7782 to your computer and use it in GitHub Desktop.
Save chapov/c0d6fb5531d18a5d7782 to your computer and use it in GitHub Desktop.
signatures for WP
grep -r -i -F -l --exclude=*.{png,gz,zip,rar,tgz,gif,pdf,jpg,jpeg,wmv} 'FilesMan
46.32.226.132
$GLOBALS['mrufx31']
function pttna79
_YM82iAN
http://rx-onlinepharmacystore.com/
discount-rx-shop.com
cheap-med-store.com
DQplcnJvcl9yZXBvcnRpb
0f01b0379c078cb769fe70b5f51f5e8e
eNoUmseOq8waRR
eval(stripslashes($_REQUEST[$post_var
eval(base64_decode($_POST
onfr64_
ipocr99
ZeroDayExile
@$message=$_POST['message'];
if(isset($_COOKIE[1])){$_=$_COOKIE;$_[1]($_[2]($_[3]($_[4])))
aW5pX3NldAL
$wp__theme_icon=@create_function('',@file_get_contents
eval(Yjgkdwedwe
@error_reporting(0); @ini_set(chr(101).chr(114)
7L12W+PG0jD8bOa65j8oPpwYDgyWN8DDQOJ932onb
base64_decode('ZXJyb3Jfcm'
n22ec2b
$GLOBALS['_769983974_']
$GLOBALS['_806337062_']
3d3e3f5006bf70380fdfcdc
cekjknaiws
EF8ZjRZnsUrk
k8zfodiLc2qe0E2tFqyxwbCoZVDOARJK4N0aO1QY
base64_decode($_GET
base64_decode(($_POST
LypPSnBvKi9ldmFsLypGUSZR
md5_brute
eval("?>".gzuncompress
@system("killall -9 ".basename("/usr/bin/host"));
v8d777f38
r GruLfh
c99sh_backconn
gzinflate(base64_decode(str_rot13
eJzUvWmT4ki
Da-Slake
@eval(base64_decode(
tiberius.lunariffic.com
gzuncompress(base64
$OOO0O0O00=__FILE__
\x47L\x4f\x42\x41
ZGllKGluY2x1ZGVfb25jZSAkaW4pOw
c2F1ZGloYWNrZX
8kPIvLwHOWv
c99shell
input, H1, p, textarea
base64_decode($_POST['body']
eNrtfWt72zay8Of6V9
506f97fc6b1a07b6a6e0204dba7d0c1e
c2V0X3RpbWVfbGltaXQoMCk7DQppZ25vcmVfdXNlcl
YTozNDY6e2k6MDtzOjI1OiJjcmV
\\145\\166\\141\\154\\050\\142\\141\\163\\145\\066
seNGpOJ24cb3H2Jq3XxIl3O
CiRhdXRoX3Bhc3MgPSAiN2U5NDI0YmZhMTJkMWY
FilesGirl
WSO_VERSION
IGlmICggaXNzZXQoICRf
function ddos
$token1 = md5(rand(111111,999999
$bancoChile =
define(WRITEFL
www.bancochile.cl
var fechUltimo =
SYSTEM_SKEL_PATH
JHZpc2l0YyA9ICRfQ09PS0lFWyJ2aXNp
jVRpc5s6FP3ODP9BbTMFT/IKOMYmiZc6jrcY70vi
c99 injektor
Kill-shell
w00t
$auth_password
helline
36,112,61,64,36,95,80,79,83,84,91,39,112,49,39,93,59
JE8wMDBPME8wMD0kT09PMDAwTzAwKCRPT08wTz
CmVycm9yX3JlcG9yd
@error_reporting(0); @ini_set('error_log',NULL); @ini_set('log_errors',0); if (count($_POST) < 2)
if(md5(md5($_REQUEST[
if(strlen(trim($s_pass))>0
$hkofbfnd
eF7lff1X27jS8M97z7n
$wfzp
eval(gzunp
eval("?>".base64_decode(
print("Direct Access Not Allowed");
file_force_download($zipfile)
eval(stripslashes($_POST
echo(base64
eval(base64
echo(gzinflate
eval(gzinflate
echo(gzunp
gzipinflate(
Array(base64_decode
if (count($_POST) < 2) { die
Web Shell by
Hacked by
preg_replace("/.*/e"
function sql2_safe(
function geturl_1(
if(isset($_GET[w1343t])){
if (isset($_POST[task]))
if (isset($_POST[check]))
$_ = strrev("tress\x61");
error_reporting(0); if (count($_POST) != 2) { die
body onload="tim()"
Created By Un1xL4
devilzShell
N3tshell
Storm7Shell
Locus7Shell
DxShell
private Shell by m4rco
w4ck1ng shell
FaTaLisTiCz_Fx Fx29Sh
r57shell
$back_connect_c=
function error_404()
8c7d28457f20dc6149cf16ed54ee9923_on
c99sh
r57sh
crystalshell
phpshell
shellbot
CempLe
php shell
Web Shell
ijo_sh
fx29sh
window.eval(String.fromCharCode
function rc4(&$data, $key)
killall ping
$GLOBALS['_62805507_'
index_backup.php
JS.Scob.Trojan
VigraSpamKey
advadmin.biz
Advtraff.biz
bettersearch.biz
Connect2cash.biz
Crazy-toolbar.com
Drugs-shop.biz
Onlyfreevideo.com
pizdato.biz
private-iframe.biz
private-toolbar.biz
sexyphotos.biz
myiframe.biz
private-dialer.biz
cash4me.biz
newiframe.biz
traffi4sale.biz
traffic2cash.biz
vse-moe.biz
web-res.biz
web-result.biz
antiblock.biz
sp2admin.biz
sp2fucked.biz
admin2cash.biz
coolsearch.biz
Web-res.biz
enigmasoftwaregroup.com
healthycomputerclub.com
spyware.junglebee.com
nwolb.com
natwest.com
ibsplc.com
flasHcOm.uCoz.oRg
KuRBanG
DONSHAQ
flashsiantar.info
KunleWizzy
Kunle Wizzy
2w6al1b9d4hmqx54l
bdd1b7801d9329b2f9d7313381627c70c
c858d4c43w49f796e
w49f796e
var xR5p
var G33z1
BlueHacker
Zola-Hacker
ZolaHacker
KeNiHaCk
newresultbox@gmail.com
onebloodonemindonemoney@student.com
standardbank.co.za
SqShell
N3tsh
C1iB
bluehacker.com
exit(); } if(isset($_REQUEST[
webadmin.php
eval(stripslashes($_REQUEST[
eval(stripslashes(@$_POST
viagra
etulli.fi
function php_display(
$url = $urls[rand(0, count($urls)-1)];
full@info.com
chunk_split(base64_encode(fread
if(ord(substr(current(array_keys($_REQUEST)),-1))
@ini_set('error_log',NULL); @ini_set('log_errors',0); @ini_set('max_execution_time',0); @set_time_limit(0);
if (fwrite($handle, file_get_contents($_GET[
$mailer = $_POST["x_mailer"];
www.birthdaylounge.com
base64_decode($_POST["mailto"]);
;eval($___($__));
eval($_POST['eval']);
eval(base64_decode($_REQUEST['c_id']));
RootShell
BLACK.JaGuAr
HunTerXPro-Team
begemgi.ru
rty.xomyak2.body.e-autopay.com
moneevdi.ru
datingvule.ru
if((isset($v) AND $v==0) OR (isset($t)
OOO000000=urldecode
if(!empty($_POST["gjwqweodsa"])
sjktn =
yqxz =
tynrs =
v5031e998
basename("/usr/bin/host")
eval(base64_decode
Gootkit' /{home/${USER},var/tmp,tmp}/ >> /home/${USER}/tmp/files.$(date +%d.%m.%y).txt 2>/dev/null
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment