Matt Miller MillerMedia
MillerMedia
/ gist:882a28c1d30d883cfbff195f4efbcfcc
Last active
September 20, 2024 07:37
My Shodan Dorks
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| GraphQL Playgrounds: | |
| http.title:"GraphQL Playground" | |
| http.title:"GraphiQL" |
MillerMedia
/ emergency.php
Created
July 29, 2024 19:10
— forked from eduardopintor/emergency.php
Emergency Password Reset Script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* | |
| This program is free software; you can redistribute it and/or modify | |
| it under the terms of the GNU General Public License as published by | |
| the Free Software Foundation; either version 2 of the License, or | |
| (at your option) any later version. | |
| This program is distributed in the hope that it will be useful, | |
| but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
MillerMedia
/ scripting.py
Created
April 7, 2024 06:17
Task 3 - Scripting Room (TryHackMe; https://tryhackme.com/r/room/scripting)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import socket | |
| import logging | |
| import re | |
| from cryptography.hazmat.primitives.ciphers.aead import AESGCM | |
| import hashlib | |
| # Configure logging | |
| logging.basicConfig(level=logging.INFO) | |
| # Server details |
MillerMedia
/ tryhackme-bypass-shell.py
Created
April 5, 2024 20:25
This is a Python shell that can be used with TryHackMe's Bypass room (https://tryhackme.com/r/room/bypass). This is assumed that you use cctv.thm in your /etc/hosts file. You may also need to update your PHPSESSID.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| from bs4 import BeautifulSoup | |
| import sys | |
| import urllib3 | |
| urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) | |
| # Check for command argument | |
| if len(sys.argv) != 2: | |
| print("Usage: python script.py <command>") | |
| sys.exit(1) |
MillerMedia
/ cloudflare-wordpress-php-hardening
Last active
March 31, 2023 20:24
Custom Cloudflare WAF Rule - WordPress .php request hardening. To use, log into Cloudflare -> Click on your domain -> Security -> WAF -> Custom Rules -> Create Rule -> Edit Expression -> Paste the code -> Deploy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (http.request.uri.path contains "php" and not http.request.uri.path contains "wp-login" and not http.request.uri.path contains "wp-cron" and not http.request.uri.path contains "wp-admin/" and not http.request.uri.path contains "wp-admin/a" and not http.request.uri.path contains "wp-admin/c" and not http.request.uri.path contains "wp-admin/e" and not http.request.uri.path contains "wp-admin/f" and not http.request.uri.path contains "wp-admin/i" and not http.request.uri.path contains "wp-admin/l" and not http.request.uri.path contains "wp-admin/m" and not http.request.uri.path contains "wp-admin/n" and not http.request.uri.path contains "wp-admin/o" and not http.request.uri.path contains "wp-admin/p" and not http.request.uri.path contains "wp-admin/r" and not http.request.uri.path contains "wp-admin/s" and not http.request.uri.path contains "wp-admin/t" and not http.request.uri.path contains "wp-admin/u" and not http.request.uri.path contains "wp-admin/w" and not http.request.uri.path contains "/php/") |
MillerMedia
/ twitter_search.js
Last active
November 23, 2022 12:26
Quick and Dirty Twitter Search Improvement
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| MIT License | |
| Copyright (c) 2022 Matt Miller | |
| Permission is hereby granted, free of charge, to any person obtaining a copy | |
| of this software and associated documentation files (the "Software"), to deal | |
| in the Software without restriction, including without limitation the rights | |
| to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
| copies of the Software, and to permit persons to whom the Software is |
MillerMedia
/ wordpress-install.sh
Created
January 7, 2022 21:29
Command line WordPress download/install (single line)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| wget http://wordpress.org/latest.tar.gz;tar xfz latest.tar.gz;mv wordpress/* ./;rmdir ./wordpress/;rm -f latest.tar.gz; |
MillerMedia
/ volusion-product-page-reload-options.js
Last active
May 23, 2018 19:32
Volusion - Reload selected product options when clicking back to product page from Shopping Cart
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| if(!VOLUSION_HELPERS){ | |
| throw new Error('Volusion Helpers functions not available. Aborting.'); | |
| } | |
| var PRODUCT_PAGE_OPTIONS = PRODUCT_PAGE_OPTIONS || {}; | |
| PRODUCT_PAGE_OPTIONS.ajax = { | |
| updateOptions: function( cartItemUrl ){ | |
| jQuery.get( cartItemUrl, function( data ) { | |
| // Parse the list items |