This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* Plugin Name: Lynt WP Installer Security PoC1 | |
* Author: Vladimir Smitka | |
* Author URI: https://lynt.cz/ | |
* License: GNU General Public License v3 or later | |
* License URI: http://www.gnu.org/licenses/gpl-3.0.html | |
*/ | |
if ( defined( 'WP_SETUP_CONFIG' ) && !empty( $_POST['dbhost'] ) ) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<html> | |
<body> | |
<script> | |
var serverport = '<?php echo intval($_SERVER['SERVER_PORT']);?>'; | |
var browserport = window.location.port || (window.location.protocol === 'https:' ? '443' : '80'); | |
var color = (serverport === browserport ? 'green' : 'red'); | |
var text = "<pre style='color:#color'>Server port: "+serverport+"<br>Browser port: "+browserport+"</pre>"; | |
document.write(text.replace("#color",color)); | |
</script> | |
<pre> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
64.78.149.164 - - [13/Jul/2022:08:00:04 +0000] "GET /.well-known/acme-challenge/gd22ntR9D4t5fTtZGFIvnGXZ_ufFAgwOxBmelQ1Sq40 HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)" "-" | |
172.105.5.120 - - [13/Jul/2022:08:01:21 +0000] "GET / HTTP/1.1" 302 145 "-" "-" "-" | |
172.105.5.120 - - [13/Jul/2022:08:01:24 +0000] "GET /server-status HTTP/1.1" 302 145 "-" "Go-http-client/1.1" "-" | |
172.105.5.120 - - [13/Jul/2022:08:01:24 +0000] "GET /telescope/requests HTTP/1.1" 302 145 "-" "Go-http-client/1.1" "-" | |
172.105.5.120 - - [13/Jul/2022:08:01:24 +0000] "GET /?rest_route=/wp/v2/users/ HTTP/1.1" 302 145 "-" "Go-http-client/1.1" "-" | |
172.105.5.120 - - [13/Jul/2022:08:01:24 +0000] "GET /s/3133382e36382e39362e3830/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties HTTP/1.1" 302 145 "-" "Go-http-client/1.1" "-" | |
172.105.5.120 - - [13/Jul/2022:08:01:24 +0000] "GET /info.php HTTP/1.1" 200 96474 "-" "Go-http-client/1.1" "-" | |
172.105.5.120 - - [13/Jul/2022:08: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* Retrieves and creates the wp-config.php file. | |
* | |
* The permissions for the base directory must allow for writing files in order | |
* for the wp-config.php to be created using this page. | |
* | |
* @package WordPress | |
* @subpackage Administration | |
*/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* @package ZeroSpam | |
* @version 6.0.0 | |
*/ | |
/* | |
Plugin Name: Zero Spam for WordPress | |
Plugin URI: https://www.highfivery.com/projects/zero-spam/ | |
Description: Tired of all the ineffective WordPress anti-spam & security plugins? Zero Spam for WordPress makes blocking spam & malicious activity a cinch. <strong>Just activate, configure, and say goodbye to spam.</strong> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
95.211.187.223 - [01/Jul/2022:13:45:58 +0000] "GET /index.php HTTP/1.1" 302 2048 "-" "Go-http-client/1.1" | |
95.211.187.223 - [01/Jul/2022:13:45:58 +0000] "GET /index.php HTTP/1.1" 302 2048 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.54 Safari/537.36" | |
95.211.187.223 - [01/Jul/2022:13:45:58 +0000] "GET /wp-admin/setup-config.php HTTP/1.1" 200 4096 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.54 Safari/537.36" | |
95.211.187.223 - [01/Jul/2022:13:45:59 +0000] "POST /wp-admin/setup-config.php?step=2 HTTP/1.1" 200 4096 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.54 Safari/537.36" | |
95.211.187.223 - [01/Jul/2022:13:46:00 +0000] "POST /wp-login.php HTTP/1.1" 302 2048 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.54 Safari/537.36" | |
95.211.187.223 - [01/Jul/2022:13:46:00 +0000] "GET /wp-admin/i |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* | |
Plugin Name: Ukazka vlozeni skriptu na thankyou page | |
*/ | |
function lynt_ukazkova_akce( $order_id ) { | |
?> | |
<script> | |
console.log("thank you!"); | |
</script> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
if (!function_exists('putenv')) { | |
function putenv($string){ | |
return false; | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* Plugin Name: Managed plugins | |
* Description: Managed plugins detection | |
* Author: Vladimir Smitka | |
* Author URI: https://lynt.cz/ | |
* License: GNU General Public License v3 or later | |
* License URI: http://www.gnu.org/licenses/gpl-3.0.html | |
*/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
7zip coreutils dig gawk git github greenshot grep gzip heidisql irfanview jq mpc-hc-fork netcat nmap pspad sed sumatrapdf totalcommander touch vim vscode wget winbox windows-terminal winmerge winscp xmlstarlet |