Salvador Aguilar malwador
⚔️
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| +------------------------------------------------+----------+--------+------------+ | |
| | name | status | update | version | | |
| +------------------------------------------------+----------+--------+------------+ | |
| | acf-content-analysis-for-yoast-seo | active | none | 2.0.1 | | |
| | acf-option-pages | inactive | none | 1.1.0 | | |
| | acf-to-rest-api | inactive | none | 3.1.0 | | |
| | user-role-field-setting-for-acf-o | inactive | none | 2.1.12 | | |
| | adminimize | inactive | none | 1.11.4 | | |
| | acf-2way-pr | inactive | none | 1.0.3 | | |
| | acf-field-date-time-picker | inactive | none | 2.1.5 | |
malwador
/ gist:29a9b925deaa8b00e35b7178d445714b
Last active
August 9, 2017 02:13
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo su | |
| apt-get update | |
| apt-get install nginx php5-fpm mariadb-server php5-mysql curl php5-curl fail2ban iptraf mtr monit git vim | |
| curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar | |
| chmod +x wp-cli.phar | |
| sudo mv wp-cli.phar /usr/local/bin/wp |
malwador
/ gist:7b6582fd4e07f6b39972cf4ff252e978
Created
July 17, 2017 18:45
UK IPs Attacking discoversjds.com XMLRPC
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@discoversjds:/var/log/nginx# tail -f access.log | |
| 185.188.204.27 - - [17/Jul/2017:14:43:59 -0400] "POST /xmlrpc.php HTTP/1.0" 499 0 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.25 - - [17/Jul/2017:14:44:00 -0400] "POST /xmlrpc.php HTTP/1.0" 502 568 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.27 - - [17/Jul/2017:14:44:00 -0400] "POST /xmlrpc.php HTTP/1.0" 502 568 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.25 - - [17/Jul/2017:14:44:04 -0400] "POST /xmlrpc.php HTTP/1.0" 499 0 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.27 - - [17/Jul/2017:14:44:04 -0400] "POST /xmlrpc.php HTTP/1.0" 502 568 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.25 - - [17/Jul/2017:14:44:07 -0400] "POST /xmlrpc.php HTTP/1.0" 499 0 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.27 - - [17/Jul/2017:14:44:08 -0400] "POST /xmlrpc.php HTTP/1.0" 502 568 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows |
malwador
/ index.php-original
Created
July 15, 2017 09:19
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * Front to the WordPress application. This file doesn't do anything, but loads | |
| * wp-blog-header.php which does and tells WordPress to load the theme. | |
| * | |
| * @package WordPress | |
| */ | |
| /** | |
| * Tells WordPress to load the WordPress theme and output it. |
malwador
/ flushcache.php
Created
October 19, 2016 00:48
Simple Script in PHP to clear sucuri's cloudproxy cache via php
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * Simple Script in PHP to clear sucuri's cloudproxy cache via php | |
| * | |
| * Author: Salvador Aguilar | |
| * Email: [email protected] | |
| * Web: salrocks.com | |
| */ | |
| $curl = curl_init(); | |
| curl_setopt_array($curl, array( |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@alcazar-nicaragua:~# apt-get install apache2 php-mysql php-curl mysql-server fail2ban git vim imagemagick php-memcached curl | |
| Reading package lists... Done | |
| Building dependency tree | |
| Reading state information... Done | |
| git is already the newest version (1:2.7.4-0ubuntu1). | |
| curl is already the newest version (7.47.0-1ubuntu2.1). | |
| vim is already the newest version (2:7.4.1689-3ubuntu1.1). | |
| The following additional packages will be installed: | |
| apache2-bin apache2-data apache2-utils fontconfig fontconfig-config fonts-dejavu-core ghostscript gsfonts hicolor-icon-theme imagemagick-6.q16 imagemagick-common libaio1 libapr1 libaprutil1 | |
| libaprutil1-dbd-sqlite3 libaprutil1-ldap libavahi-client3 libavahi-common-data libavahi-common3 libcairo2 libcgi-fast-perl libcgi-pm-perl libcroco3 libcups2 libcupsfilters1 libcupsimage2 libcurl3 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Desactivamos la opción que los usuarios puedan editar archivos de plugins y temas desde Wordpress | |
| define('DISALLOW_FILE_EDIT',true); | |
| // Desactivamos que se puedan hacer actualizaciones, instalaciones o desinstalaciones desde Wordpress | |
| define('DISALLOW_FILE_MODS',true); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # #BlogsNI - Taller sobre Wordpress Avanzado | |
| # .htaccess seguro para proteger tu Wordpress | |
| # | |
| # Desactivamos el listado de archivos en directorio cuando no haya index.html o index.php | |
| Options All -Indexes | |
| # Bloqueamos el acceso directo al folder wp-includes | |
| <IfModule mod_rewrite.c> | |
| RewriteEngine On | |
| RewriteBase / |
malwador
/ gist:5d525c9afe74137cfe692cbe8ce0c398
Created
September 3, 2016 03:50
Log of migration SPT
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@ubuntu:~# php -v | |
| PHP 5.5.9-1ubuntu4.19 (cli) (built: Jul 28 2016 19:31:33) | |
| Copyright (c) 1997-2014 The PHP Group | |
| Zend Engine v2.5.0, Copyright (c) 1998-2014 Zend Technologies | |
| with Zend OPcache v7.0.3, Copyright (c) 1999-2014, by Zend Technologies | |
| == | |
| root@ubuntu:~# apache2 -v | |
| Server version: Apache/2.4.7 (Ubuntu) |
malwador
/ upgrade log
Created
July 28, 2016 03:50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@discoversjds:~# apt-get upgrade | |
| Reading package lists... Done | |
| Building dependency tree | |
| Reading state information... Done | |
| Calculating upgrade... Done | |
| The following packages have been kept back: | |
| linux-generic linux-headers-generic linux-image-generic | |
| The following packages will be upgraded: | |
| apache2 apache2-bin apache2-data apport apt apt-transport-https apt-utils | |
| bash-completion bind9-host binutils biosdevname ca-certificates |