Matt Miller MillerMedia
MillerMedia
/ volusion-product-page-reload-options.js
Last active
May 23, 2018 19:32
Volusion - Reload selected product options when clicking back to product page from Shopping Cart
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| if(!VOLUSION_HELPERS){ | |
| throw new Error('Volusion Helpers functions not available. Aborting.'); | |
| } | |
| var PRODUCT_PAGE_OPTIONS = PRODUCT_PAGE_OPTIONS || {}; | |
| PRODUCT_PAGE_OPTIONS.ajax = { | |
| updateOptions: function( cartItemUrl ){ | |
| jQuery.get( cartItemUrl, function( data ) { | |
| // Parse the list items |
MillerMedia
/ wordpress-install.sh
Created
January 7, 2022 21:29
Command line WordPress download/install (single line)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| wget http://wordpress.org/latest.tar.gz;tar xfz latest.tar.gz;mv wordpress/* ./;rmdir ./wordpress/;rm -f latest.tar.gz; |
MillerMedia
/ twitter_search.js
Last active
November 23, 2022 12:26
Quick and Dirty Twitter Search Improvement
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| MIT License | |
| Copyright (c) 2022 Matt Miller | |
| Permission is hereby granted, free of charge, to any person obtaining a copy | |
| of this software and associated documentation files (the "Software"), to deal | |
| in the Software without restriction, including without limitation the rights | |
| to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
| copies of the Software, and to permit persons to whom the Software is |
MillerMedia
/ cloudflare-wordpress-php-hardening
Last active
March 31, 2023 20:24
Custom Cloudflare WAF Rule - WordPress .php request hardening. To use, log into Cloudflare -> Click on your domain -> Security -> WAF -> Custom Rules -> Create Rule -> Edit Expression -> Paste the code -> Deploy
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (http.request.uri.path contains "php" and not http.request.uri.path contains "wp-login" and not http.request.uri.path contains "wp-cron" and not http.request.uri.path contains "wp-admin/" and not http.request.uri.path contains "wp-admin/a" and not http.request.uri.path contains "wp-admin/c" and not http.request.uri.path contains "wp-admin/e" and not http.request.uri.path contains "wp-admin/f" and not http.request.uri.path contains "wp-admin/i" and not http.request.uri.path contains "wp-admin/l" and not http.request.uri.path contains "wp-admin/m" and not http.request.uri.path contains "wp-admin/n" and not http.request.uri.path contains "wp-admin/o" and not http.request.uri.path contains "wp-admin/p" and not http.request.uri.path contains "wp-admin/r" and not http.request.uri.path contains "wp-admin/s" and not http.request.uri.path contains "wp-admin/t" and not http.request.uri.path contains "wp-admin/u" and not http.request.uri.path contains "wp-admin/w" and not http.request.uri.path contains "/php/") |
MillerMedia
/ tryhackme-bypass-shell.py
Created
April 5, 2024 20:25
This is a Python shell that can be used with TryHackMe's Bypass room (https://tryhackme.com/r/room/bypass). This is assumed that you use cctv.thm in your /etc/hosts file. You may also need to update your PHPSESSID.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| from bs4 import BeautifulSoup | |
| import sys | |
| import urllib3 | |
| urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) | |
| # Check for command argument | |
| if len(sys.argv) != 2: | |
| print("Usage: python script.py <command>") | |
| sys.exit(1) |
MillerMedia
/ scripting.py
Created
April 7, 2024 06:17
Task 3 - Scripting Room (TryHackMe; https://tryhackme.com/r/room/scripting)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import socket | |
| import logging | |
| import re | |
| from cryptography.hazmat.primitives.ciphers.aead import AESGCM | |
| import hashlib | |
| # Configure logging | |
| logging.basicConfig(level=logging.INFO) | |
| # Server details |
MillerMedia
/ emergency.php
Created
July 29, 2024 19:10
— forked from eduardopintor/emergency.php
Emergency Password Reset Script
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* | |
| This program is free software; you can redistribute it and/or modify | |
| it under the terms of the GNU General Public License as published by | |
| the Free Software Foundation; either version 2 of the License, or | |
| (at your option) any later version. | |
| This program is distributed in the hope that it will be useful, | |
| but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
MillerMedia
/ gist:882a28c1d30d883cfbff195f4efbcfcc
Last active
September 20, 2024 07:37
My Shodan Dorks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| GraphQL Playgrounds: | |
| http.title:"GraphQL Playground" | |
| http.title:"GraphiQL" |
MillerMedia
/ gist:9fb5f1dc251af92b2e3f03d0a8bcc195
Last active
October 14, 2024 18:34
Cloudflare Custom Rules for WordPress
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| These are settings that I like to use for WordPress sites to mitigate common malicious traffic. These generally get around the Cloudflare WAF so are good supplemental rules to add. | |
| These can be created by going to Security -> WAF, click the 'Custom Rules' tab and then click 'Create Rule' | |
| ___ | |
| # Title | |
| Challenge all PHP page requests that aren't wp-admin or wp-login | |
| ## Conditions |